Skip to main content

Financial Services IT 2015: Avoidance of Risk


Speaker(s): Ieuan G. Mahony, James Coplit, Jeremy Pomeroy, John Rogers, John Gliedman, John J. Burke, Orrie Dinstein, Patrick Turner, Paul E. Nolting, Peter Taub, Rashmi Chandra, Sofia S. Rahman, Steven B. Roosa, Vivian L. Hanson
Recorded on: May. 20, 2015
PLI Program #: 58879

Steven B. Roosa is a partner in Holland & Knight's New York office and co-chair of the Data Privacy and Security Team. He is also a fellow emeritus at the Center for Information Technology Policy (CITP) at Princeton University. His practice focuses on advising companies on a wide spectrum of technology and legal issues pertaining to privacy and data security. Representative issues include: mobile app privacy compliance; leveraging anonymity solutions to help clients safely unlock the value of large data sets; Internet tracking; web security; geo-fencing; data breach and incident response; Children's Online Privacy Protection Act (COPPA); Computer Fraud and Abuse Act (CFAA); FTC compliance; privacy considerations of modified network protocols; California best practices for websites and mobile apps; compliance with wiretap statutes and the Electronic Communications Privacy Act (ECPA); public-key infrastructure (PKI); certification authority matters pertaining to online trust; and web-based reputation and defamation issues.

Mr. Roosa's day-to-day practice includes helping companies better understand the privacy profile of their websites and mobile apps and translating that knowledge into actionable risk management options. He has helped infuse the Holland & Knight Team with a tech-focused approach in which law firm privacy counseling to clients includes:

  • proxying network traffic
  • analyzing the use of unique device identifiers for iOS, Android, and Windows 8 platforms
  • reviewing the privacy profiles of websites and mobile apps;
  • cataloging and evaluating the privacy characteristics and risks associated with third party hosted solutions, advertisers, and analytics companies
  • using specialized software and tools to understand the tracking implications of local storage
  • conducting cookie audits
  • providing advice on offensive and defensive cybersecurity measures

Because privacy and security matters often relate directly to a company's industry-specific, core business model or threat landscape, Mr. Roosa actively partners with Holland & Knight's national caliber attorneys and professionals in the following areas:

  •  intellectual property
  • energy
  • venture capital funding
  • legislative affairs
  • mergers and acquisitions
  • healthcare and life sciences
  • crisis communications
  • financial services industry

In the courtroom, Mr. Roosa represents a diverse array of companies in matters relating to consumer protection, online defamation, commercial disputes, and state and federal administrative law. He also works extensively on defending putative class actions involving Flash cookies and has been instrumental in obtaining voluntary dismissals for three large clients in these recent proceedings.

Typical clients include Fortune 500 corporations, privately held companies, large retailers, technology companies and nonprofit entities.

Mr. Roosa is the co-author of "Trust Darknet: Control and Compromise in the Internet's Certificate Authority Model," appearing in the May 2013 issue of the IEEE's Internet Computing. He is also a regular contributor to Holland & Knight's Privacy Blog.

 

Experience
Privacy-Related Class Action Litigation Defense and Regulatory Defense: represented companies in relation to FTC inquiries, Civil Investigative Demands (CIDs), subpoenas and investigations

Privacy-Related Class Action Litigation Defense and Regulatory Defense: represented companies in litigation resulting from data breach and security incidents

Privacy-Related Class Action Litigation Defense and Regulatory Defense: represented companies in relation to state attorneys general inquiries, Civil Investigative Demands (CIDs), subpoenas and investigations

Privacy-Related Class Action Litigation Defense and Regulatory Defense: represented mobile app companies in relation to privacy-related class action

Technical and Specialized Engagements: for large communications company, conducted quarterly website reviews, analyzing network traffic and assist in developing controls and revising disclosures

Technical and Specialized Engagements: for numerous companies including mobile app developers, conducted deep-dive mobile app privacy reviews, analyzing network traffic and assisted in developing controls and disclosures

Privacy-Related Class Action Litigation Defense and Regulatory Defense: represented several companies in class action litigation related to the use of cookies and flash cookies General Compliance and Corporate Governance: provided advice to large retailers with respect to geo-fencing projects

General Compliance and Corporate Governance: provided strategic advice and counsel on local, national and international privacy and data protection and data transfer laws for numerous companies

Contracting and Due Diligence: for numerous companies, negotiated service level agreements in a range of privacy and security-related circumstances, including those related to data centers,  cloud computing services, IT outsourcing and PCI-DSS compliance

General Compliance and Corporate Governance: assisted numerous companies in drafting,

design and implementation of internal company policies, including information security, data and records management and retention, data classification and handling, device management and Bring Your Own Device policies, codes of conduct, white papers, marketing materials, vendor white lists and internal policies on Internet tracking

General Compliance and Corporate Governance: provided counseling for large communication provider, software companies and mobile app developers with respect to issues pertaining to security, encryption and authentication

General Compliance and Corporate Governance: provided advice to numerous companies with respect to the use of geo-location information

General Compliance and Corporate Governance: developed privacy training programs

 

Honors & Awards
Outstanding Lawyer, Nightingale's Healthcare News, 2009 Top 40 Under 40, New Jersey Law Journal, 2008

 

Publications
The Most Important Issue Involving Superfish Isn’t Superfish, Holland & Knight Privacy Blog, February 26, 2015

Lab Tuesday - How Not to Use iOS’s Identifier for Advertising (IDFA/IFA), Holland & Knight Privacy Blog, February 10, 2015

BBB Issues OBA Warning: What You Should Know and What to Do About It, Holland & Knight Privacy Blog, December 19, 2014

EU Cookie Sweep Initiative, Holland & Knight Privacy Blog, September 23, 2014

Why Are Companies Getting Sued Under the Video Privacy Protection Act?, Holland & Knight Alert, September 16, 2014

Why Are Companies Getting Sued Under the Video Privacy Protection Act?, September 16, 2014 Getting to the Real Issue on the Senate Subcommittee's Advertising Report, Holland & Knight Privacy Blog, May 15, 2014

Getting a Handle on VPPA Risk - A Data Driven Approach, Holland & Knight Privacy Blog, May 12, 2014

FTC Changes COPPA FAQ to Provide New Guidance on Consent and Data Collection in Educational Settings, Holland & Knight Privacy Blog, April 24, 2014

More Permissive Standard for Standing in Plaintiffs' Data Breach Suits, Holland & Knight Privacy Blog, April 23, 2014

FTC Provides Guidance on Obtaining Parental Consent under COPPA, Holland & Knight Privacy Blog, April 14, 2014

Heartbleed - A Picture is Worth a Thousand Words, Holland & Knight Privacy Blog, April 11, 2014 Heartbleed SSL/TLS Vulnerability, Holland & Knight Privacy Blog, April 10, 2014

Three Important TCPA Developments, Holland & Knight Privacy Blog, April 10, 2014

How Much Does Cybercrime Threaten Latin American Companies?, Inter-American Dialogue Financial Services Advisor, March 20-April 2, 2014

Where the Real Danger Lies: Media Focuses on a Real Concern But Misses the Key Point on "Flashlight Free" FTC Settlement, Holland & Knight Privacy Blog, December 9, 2013

The New COPPA FAQ's Clarify "Actual Notice" and the Responsibilities of 3rd Parties, Holland & Knight Privacy Blog, July 26, 2013

The FTC’s HTC Action: The Most Significant FTC Case in 5 Years, Co-Author, Holland & Knight Privacy Blog, March 1, 2013

Nothing Personal: Multiple Mobile Best Practices, and the Many Changing Faces of Personal Information, Co-Author, Holland & Knight Privacy Blog, February 19, 2013

Mobile App Privacy: The Hidden Risks, Co-Author, Practical Law Company, January 31, 2013 A Critical Appraisal of California AG’s "Privacy to Go" Best Practices for Mobile Apps, Holland & Knight Privacy Blog, January 14, 2013

The New COPPA Rule Announced Today: Big Changes Handed Down by the FTC, Co-Author,

Holland & Knight Privacy Blog, December 19, 2012

The Center for Digital Democracy Urges FTC to File Complaint Against Mobbles, Holland & Knight Privacy Blog, December 12, 2012

FTC Announces COPPA Enforcement Campaign with Second Report on Kids' Apps, Holland & Knight Privacy Blog, December 10, 2012

The NSA and Cybersecurity, Holland & Knight Privacy Blog, December 5, 2012

Study Criticizing Android Apps Was Pretty Lame, Co-Author, Law360, December 3, 2012

Safe Prediction for 2013: Significant Expansion of Mobile App Regulation (FDA and COPPA), Co- Author, Holland & Knight Privacy Blog, November 28, 2012

Tough Cop at the FTC: Commissioner Brill Gives Insight On COPPA Rule and Enforcement,

Holland & Knight Privacy Blog, November 21, 2012

Privacy Candy From Apple, Holland & Knight Privacy Blog, November 19, 2012

FTC Publishes New Privacy Guidelines for Mobile Apps, Co-Author, Holland & Knight Digital Technology & E-Commerce Blog, November 15, 2012

Insights From A Scandal: The Fundamentals Of On-Line Security And Privacy, Holland & Knight Privacy Blog, November 14, 2012

Study Criticizing Android Apps Was, Well, Pretty Lame, Holland & Knight Privacy Blog, November 12, 2012

Think You Won’t be Covered by the New COPPA Rule? Think Again!, Holland & Knight Privacy Blog, November 9, 2012

Corporate Privacy Compliance Becomes More Tech-Focused, Holland & Knight Privacy Blog, November 5, 2012

Complying with the California Attorney General's Statement on Mobile Apps: Don't Rely on Website Privacy Policies, Holland & Knight Alert, November 2, 2012

Complying with the California Attorney General's Statement on Mobile Apps, Holland & Knight Privacy Blog, November 2, 2012

Privacy and Security in Mobile Apps, the Cloud, and the Internet of Things: The Role of In-House Counsel in Mitigating New Class Action and Regulatory Risks, Co-Author, October 1, 2012

COPPA May Now Apply to You: FTC Proposes Additional Revisions to Children's Online Privacy Protection Rule and Seeks Public Comment, Holland & Knight Alert, August 9, 2012

The New Corporate Approach To Privacy Compliance, Co-Author, Law360, July 31, 2012

SSL Hacked: 2011 Proved That The Enterprise Can't Rely On Encrypted Communications; But Corporate Counsel Can Champion a Fix, Corporate Counsel, law.com, September 28, 2011

Information Security and Privacy: A Practical Guide for Global Executives, Lawyers, and Technologists, Science and Technology Law Section, American Bar Association, February 17, 2011

The Flawed Legal Architecture of the Certificate Authority Trust Model, Freedom to Tinker Blog, December 15, 2010

The Devil Is in the Indemnity Agreements: A Critique of the Certificate Authority Trust Model's Putative Legal Foundation, Presentation to the Center for Information Technology Policy at Princeton University, December 9, 2010

The 'Certificate Authority' Trust Model for SSL: A Defective Foundation for Encrypted Web Traffic and a Legal Quagmire, Intellectual Property & Technology Law Journal, Vol. 22, No. 11, November 2010

Encryption Is Not Enough: Why It's Time for General Counsel to Weigh In on Authentication Practices Associated With Secure Communications, e-Commerce Law Report, Vol. 12, Issue 11, West Publications, November 2010

The Next Generation of Artificial Intelligence in Light of In re Bilski, The Intellectual Property & Technology Law Journal, Vol. 21, No. 3, March 2009

 

Speaking Engagements
Mobile Apps and Network-Aware Devices: Legal Exposure in the Collection of Data and What to Do About It, AdvaMed Webinar, November 4, 2014

IP Trademark, Copyright & Licensing Counsel Forum, Cyber Security Risks that Threaten Corporate Intellectual Property and Client Confidentiality, October 28-29, 2014

Financial Services IT – Avoidance of Risks, Information Security Issues, Practising Law Institute, May 21, 2014

IP Trademark, Copyright & Licensing Counsel Forum, Moderator, Mobile Apps and Privacy: The Hidden Risks, October 22, 2013

Compromise and Control at the Perimeter of the Network: Online Trust, Mobile Security and Mitigating Risk in Mergers and Acquisitions, Moderator, North Virginia Technology Council General Counsel Committee Event, June 7, 2013

How to Prepare for New Corporate Cybersecurity Risks, Holland & Knight Webinar, May 15, 2013 Mobile Privacy and Security, The Current Regulatory Landscape and New Risk Threat Model, April 16, 2013

Mobile Privacy and Monetization: Risks and Opportunities in the Era of Networked Data, L2 Blog Social CRM Clinic, April 4, 2013

Data Security and Data Breaches: How to Avoid an Attack and Be Prepared When One Strikes & Observations from a Fortune 500 General Counsel, ACC and Holland & Knight Panel, March 20, 2013

COPPA Boot Camp - Practical Steps Towards Compliance, January 28, 2013

Privacy and Security in Mobile Apps, the Cloud, and the Internet of Things: The Role of In-House Counsel In Mitigating New Risks, Association of Corporate Counsel, Northeast Chapter, October 3, 2012

Mobile Security & Privacy Best Practices, Online Trust Alliance's Forum, October 1-4, 2012

 

Education
Rutgers University School of Law-Camden, J.D. Cornell University, B.A.


Bar Admissions
New Jersey New York

District of Columbia


Primary Areas of Practice: Technology Transactions

Law School/Graduate School:       Columbia Law School

Work History:

Partner, Technology Transactions Group of Morrison & Foerster LLP in New York Office

Co-Head of U.S. Sourcing Group of Morrison & Foerster LLP

Vivian Hanson is a partner in the Technology Transactions Group of Morrison & Foerster LLP in New York and is the co-head of the firm’s U.S. Sourcing Practice.  Her practice is focused primarily on complex, large-scale outsourcing transactions, as well as domestic and cross-border transactions involving technology transfers, licensing and other intellectual property transactions.  Vivian has also worked extensively on joint ventures, strategic alliances, mergers, acquisitions and general corporate matters, and is fluent in Japanese.  Her experience crosses a variety of industries, including entertainment, media, information services, information technology, consumer electronics, transportation and health care.  She has consistently been recognized as a leading expert in the field of technology and outsourcing by such organizations as Chambers, Legal 500, Best Lawyers and Super Lawyers.

Professional Memberships:

International Association of Outsourcing Professionals (IAOP)


Ieuan G. Mahony is a partner in Holland & Knight's Boston office. He concentrates his practice in intellectual property (IP) licensing and development, data privacy and security, and information technology (IT). Mr. Mahony combines his transactional and compliance work with dispute resolution and litigation matters. His substantial background in transactional and litigation practice areas helps clients receive high-quality advice in the dynamics of reaching an agreement as well as the realities  of combating an adversary. Mr. Mahony is co-chair of the firm's Data Privacy and Security Team and a member of the firm's three partner Information Technology Governance Committee.

Mr. Mahony was previously a law clerk to Chief Justice Edward F. Hennessey of the Massachusetts Supreme Judicial Court from 1988 to 1999.

The following is a sample of recent matters that Mr. Mahony has handled:



Cloud Computing
Representing an international software integrator in a transaction with a cloud service provider and a state agency concerning a state-wide cloud solution for procurement process. The representation included a detailed focus on service level agreements (SLAs) as well as data privacy

Advising a leading global software provider in moving elements of its operating system to the cloud

 

Cross-Border Data Flows
Representing an international company in an email migration project, including providing  guidance for compliance with the EU Data Protection Directive, assisting with self-certification to the U.S. Safe Harbor, and overseeing and managing foreign counsel to obtain advice concerning compliance with foreign national data protection and privacy laws

 

Crowdfunding
Representing a client in establishing a legal model for crowdfunding of local real estate development projects. The representation includes the creation of contract structures and online agreements to foster an ecosystem of community activists, interested citizens, merchants and investors


Representing a company in the creation and implementation of a crowdsourcing structure, including consumers, merchants, advertising agencies and others in an incentive-based process of targeting advertising with benefits to charitable and other causes



Data Rights and Interest-Based Advertising
Representing an owner of a shopping history and loyalty card data set in development agreements designed to commercialize the data set in a privacy- compliant structure. The representation includes a significant focus on interest-based and online behavioral advertising, consent mechanisms, de-identified data and data rights



Development of Common API and Creation of App Developer Ecosystem:
Representing a leading telecommunications carrier in developing and implementing a suite of application programming interfaces (APIs) for telecommunications industry solution providers. The representation includes carrier-to-carrier proof of concept and development agreements, open source and creative commons agreements with app developers, consent structures for subscribers and related elements



IP Licensing and Development:
Drafting IP, information security and service level agreements on behalf of the awarding authority in connection with a $4.25 billion contract award concerning a commuter rail system

Representing a leading international manufacturer of toys and games, and trademark licensor, in connection with a widely publicized licensing transaction with an online social gaming service provider

Representing an international high-tech manufacturer in national and cross-border development and licensing transactions concerning patented capacitor, chemical and related process technologies

Representing a technology company in negotiations with large global telecommunications   carriers and chip manufacturers with respect to technology that collects and reports mobile phone use, quality of service and other metrics



Litigation and Dispute Resolution
Representing a renowned hospital group in connection with a licensing dispute with an entity commercializing healthcare technology developed by hospital researchers. The dispute involved three significant patent portfolios, ongoing joint development work, claims by the licensee that it held exclusive rights to a broad category of additional hospital patents and two international pharmaceutical licensees downstream to the parties in dispute.

Representing an international software developer and integrator in arbitration over allegations by the hiring party that a customized software development and integration project was non- functional

Representing a public authority in connection with a hacker threat to disclose – at the world's largest hacker convention – information compromising its smartcard and magnetic stripe payment structures; relied on the Computer Fraud and Abuse Act to obtain an injunction preventing the presentation at the conference, based in part on "responsible disclosure" principles



M&A:
Responsible for IP and IT elements in the sale of an aftermarket services business to global providers of business process outsourcing for $725 million.

Responsible for IP elements of a transaction that combined institutional pharmacy businesses to create a $2 billion publicly traded company.

Responsible for IP and IT aspects of a transaction in which our client acquired a provider of manufactured precision plastic products for customers in the healthcare, packaging and consumer electronics industries for $660 million.

Responsible for IP licensing and privacy elements in a $200 million transaction whereby the firm's client – a developer of and service provider to fractional timeshare and whole ownership resorts – acquired and licensed a range of properties and IP assets from an international hotel chain.



Open Source Software:

Representing a leading global software provider in structuring a transaction to permit open source development and interoperability with elements of its proprietary software code base.

Advising a nationwide provider of location-based and emergency responder technology in connection with open source licensing and development, including addressing open source software elements in connection with acquisitions.



Privacy and Information Security:
Representing an international publisher of textbooks, fiction and non-fiction books, and other content in the creation of digital, interactive platforms for the distribution of its content. The representation includes significant attention to privacy and information security issues, including advice under the Children's Online Privacy Protection Act (COPPA) and Family Educational Rights and Privacy Act (FERPA), as well as online subscription agreements and related contract mechanisms.

Reviewing data flows and structures, and developing and implementing privacy and security policies for companies in the following representative industries: financial services providers; credit reporting and monitoring services; retirement fund services; pharmaceuticals; online consumer goods retailers; medical information and informatics providers; medical blood and tissue bank donation services; translation services (online and traditional); geospatial information services; real estate maintenance services; real estate brokerage services; electronics manufacturing and distribution; transportation services; political campaign organizing services; educational services (K-12 and college/university); for-profit distance education services; online music licensing services; online musical performance rights licensing services; and online dramatic rights performance licensing services.

 

Records Retention and Management:
Overseeing the preparation and implementation of a records management policy and a set of procedures for a retirement fund with over $1.5 billion in assets.

Drafting and advising with respect to the implementation of the core elements of a global and North America records retention policy for a worldwide producer and distributor of beverages.

Developing a suite of records management policies for a $3.8 billion technology services company for inclusion in service offerings. The package included comprehensive template policies and procedures, FAQs and sample retention schedules.



Honors & Awards
The Best Lawyers in America guide, Commercial Litigation, 2003-2015

Who's Who Legal 100: Information Technology, 2014


The International Who's Who of Information Technology Lawyers, 2013, 2014 Massachusetts Super Lawyers magazine, 2004-2006, 2010-2013

The International Who's Who of Internet, e-Commerce & Data Protection Lawyers, 2010 Opening Doors for Children Award, Holland & Knight, 2003

Boston's Best Lawyers, 2008, 2009 Alpha Sigma Nu Honor Society Order of the Coif

Boston College Law Review, Member (1986-1987)

Boston College Law Review, Executive Editor (1987-1988)

Boston College Law School, James W. Smith Award for Highest Academic Rank



Publications
Corporate Compliance Answer Book, Records Management Chapter, Privacy and Security of Personal Information Chapter, Procuring Computing Resources: IP Licensing, Outsourcing and Cloud Computing Chapter, Practising Law Institute, 2015 Edition

Corporate Compliance Answer Book, Chapters titled: "Privacy and Security of Personal Information," "Procuring Computing Resources: IP Licensing, Outsourcing and Cloud Computing," and "Records Management", Practicing Law Institute, 2010-2014 Editions

Corporate Compliance Answer Book, Chapters titled: "Privacy and Security of Personal Information," and "Records Management", Practicing Law Institute, 2009 Edition

No Claim Is Too Small: Copyright Office Proposes Small Claims Tribunal, Holland & Knight Alert, November 5, 2013

Fair Use and the Digital Campus: Court Says University Doesn’t Need Permission from Publishers to Give Students Course Packs Via

E-Reserve System, Holland & Knight Alert, December 12, 2012

Privacy and Security in Mobile Apps, the Cloud, and the Internet of Things: The Role of In-House Counsel in Mitigating New Class Action and Regulatory Risks, Co-Author, October 1, 2012

Open Source Software: Fifteen Steps to Avoid a Software Disaster, Co-Author, Holland & Knight Digital Technology & E-Commerce Blog, September 24, 2012

Use Caution When Mixing Traditional and Online Contracts: Fadal Machining v. Compumachine, Holland & Knight Alert, January 17, 2012

Beware: .XXX Adult Community Domain Registration Opens September 7, 2011, Holland & Knight Alert, August 31, 2011

FTC Delays Enforcement of Red Flags Rule on Identity Theft Until Year’s End, Holland & Knight Alert, June 4, 2010

Massachusetts ID Theft Regulation Set to Take Effect on March 1, 2010: Potential Impact on Entities Across the United States, Holland & Knight Alert, February 26, 2010

FTC Indicates New Identity Theft Rules Apply to Health Care Providers; Delays Enforcement to Give Entities Time to Comply, Holland & Knight Alert, October 23, 2008

Intellectual Property Licensing Strategies: Do Your Homework Before Deeply Engaging Your Opponents, Inside the Minds: Leading Lawyers on Drafting IP Agreements, Negotiating Terms, and Evaluating Financial Implications, (Aspatore), 2007

Open Source Software Monetized: Out of the Bazaar and into Big Business, Co-Author, The Computer & Internet Lawyer, October 2004

Privacy Policies Challenged by Wireless Devices' Ability to Track User Location, Privacy Officers


Advisory (Aspen Publications), August 2001

Federal Financial Privacy Rules: Protection for Consumers, Pitfalls for Companies, Co-Author,

Business Crimes Bulletin (Leader Publications), December 2000

Financial Institutions Face Mandatory Compliance: Planning for Consumer Privacy Rules Must Start Now, Privacy Officers Advisory 1 (Aspen Publications), October 2000

Distance Learning Courses: Who Owns Them?, Holland & Knight Newsletter, August 1, 2000 Intellectual Property Licensing: Conditional Sales, The National Law Journal, April 2000

Cybersquatting: Courts, Lawmakers Forge Ahead, Mass High Tech: The Journal of New England Technology, October 1999

Legal Aspects of Consumer Transactions on the Internet, Lawyering in the International Market (Transnational Publishers, Inc.), 1999

Creating a New Legal Framework for Electronic Commerce, Boston Business Journal, August 1998 Copyright Infringement in the United States, Comparative Law Yearbook of International Business: Copyright Infringement (Kluwer Law International), 1998

United States On-Line Law, The Law of International On-Line Business: A Global Perspective (Sweet & Maxwell), 1998

Licensing Intellectual Property in the United States, International Licensing (BNA International Inc.), 1997

Intellectual Property Law and the National Information Infrastructure, Multimedia and Technology Licensing Law Report, July 1996

United States Intellectual Property Law, International Intellectual Property Law: Global Jurisdictions (J. Wiley & Sons), 1996

Title VII and Academic Freedom: The Authority of the EEOC to Investigate College Faculty Tenure Decisions, 28 B.C. Law Review 559, May 1987



Speaking Engagements

Protecting Student Data Privacy: Strategies and Best Practices in the Cloud and the Classroom, Lorman Webinar, November 5, 2014

Policing and Protecting Copyrights on the Internet: Latest Approaches and Developments, Strafford Webinar, November 4, 2014

Big Data/Big Target: Are You Ready? Managing the High Risk Security Breach, Association of Corporate Counsel, Northeast Chapter, February 4, 2014

Policing and Protecting Copyrights on the Internet: Latest Approaches and Developments, Strafford Webinar, August 1, 2013

Social Media: Best Practices in the U.S. Legal System, International Symposium for Justice and Law, November 11-14, 2012

Open Source Software: Striking the Elegant Balance, IP Trademark, Copyright, and Licensing Counsel Forum, October 25, 2012

Privacy and Security in Mobile Apps, the Cloud, and the Internet of Things: The Role of In-House Counsel In Mitigating New Risks, Association of Corporate Counsel, Northeast Chapter, October 3, 2012

The Importance of Framing Your Case: Lessons from the Bratz v. Mattel Wars, Holland & Knight Institute, September 27, 2012

Data Security: Public Contracts and the Cloud, American Bar Association, Public Contract Law Section - State and Local Division, July 27, 2012

Cyberliability: New Exposures, New Challenges, Holland & Knight Institute, May 1, 2012

Due Diligence Disclosure of Confidential and Sensitive Information: Addressing the Parties' Fears and Needs, Suffolk University Law School, Advanced Legal Studies, October 2011

Reducing Risk for Your Company Through Cloud Computing, Association of Corporate Counsel (ACC) Annual Meeting, October 24, 2010

Securing Your Digital Assets and File Transfers: Critical Legal and Technical Tools, Holland & Knight Webinar, October 18, 2010

Navigate the Cloud: Risks and Rewards in Cloud Computing, Holland & Knight Webinar, June 2010

When Good Licenses Go Bad, Holland & Knight Webinar, June 22, 2010

New Trends: Social Networking, Cyber-Security and Cloud Computing, Data Privacy & Information Security Forum, June 3, 2010

Policing and Protecting Copyrights on the Internet: Evolving Approaches - Navigating Fair Use, Infringement Claims and Secondary Liability Issues, Strafford Publications teleconference, May 12, 2010

Security in the Cloud, Franklin W. Olin College of Engineering Olin Innovation Lab, Needham, Mass., March 22, 2010

New Data Security Rules and Best Practices, Presentation co-sponsored with Suffolk University Law School's Advanced Legal Studies, the Rappaport Center for Law and Public Service, The City Solicitors and Town Counsel Association Massachusetts Municipal Association, June 5, 2009

Managing Intellectual Property Assets, Purchasing Management Association of Boston, National Heritage Museum, Lexington, Mass., March 9, 2009

Red Flags with Minimal Red Tape, South Florida Hospital and Healthcare Association, February 13, 2009

Massachusetts Information Security Program, Massachusetts Data Protection Regulations Webinar, January 2009

Red Flags With Minimal Red Tape Webinar: Efficiently Implementing A Red Flags Program, Clinical Laboratory Management Association, December 15, 2008

Trade Secrets Unveiled: Defining, Protecting, and Challenging Trade Secret Assets, Holland & Knight Webinar, September 26, 2008

Trade Secrets Revealed, Co-Presenter, Holland & Knight Institute, May 30, 2008

How To Analyze A 'No Vehicles In The Park' Restriction, Speaker, Law Day at Massachusetts Supreme Judicial Court, May 1, 2008

Copyright Compliance: Red Light or Green Light?, Copyright & Intellectual Property Symposium, California State Polytechnic University, Pomona, Calif., March 24, 2008

Litigation Holds, Spoliation of Evidence, and the Brave New World of Electronic Discovery, Southern New England Colleges and Universities Professionals, December 2007

An Intellectual Property Treasure: The King Papers Collection, A Tribute to the Martin Luther King Papers, Morehouse College, Atlanta, Ga., February 28, 2007

E-Discovery in Healthcare: Implementing a Proactive Infrastructure, Stafford Publications Teleconference, February 1, 2007, October 16, 2006

Identity Theft: The Data Controller's Perspective, British American Business Council of New England, Inc. Boston, Mass., October 4, 2006

The Scope of Derivative Works When Applied to Re-Use of Source Code, Advanced Legal Topics in Open Source and Collaborative Development in the Global Marketplace, Shidler Center for Law, Commerce & Technology, University of Washington School of Law, Seattle, Wash., March 21, 2006

Managing the Digital Campus, New England Association of Schools and Colleges Boston, Mass., December 2005

The Software Developers' Open Source Playbook, Practicing Law Institute, New York, N.Y., November 2005

Overcoming Your Fears: Utilizing Technology in Litigation, National Business Institute, Providence, R.I., April 8, 2005

Business Models in Distance Education, Boston Bar Association, Boston, Mass., March 23, 2005 Intellectual Property Protection and Emerging Markets, British American Business Council, Boston, Mass., March 10, 2005

Piracy, Copyright & Digital Rights Issues in Digital Content, Software & Information Industry Association, New York, N.Y., January 14, 2004

Launching a Legal Services Website: Legal and Ethical Issues, Masters Marketing Group, Beverly Hills, Calif., October 2002

Strategic Technology Planning: Keeping Pace with the Future, Association of Legal Administrators, Boston, Mass., October 2002

The Use and Customization of ADR Clauses in Intellectual Property Disputes, Holland & Knight Institute, Tampa, Fla., September 2002

The Role of Copyright Law in Online Course Development, California State University, Digital Campus, Fresno, Calif., March 8, 2002

The Impact of Technology on Corporate Counsel, American Corporate Counsel Association (ACCA), Northeast Chapter, Boston, Mass., November 8, 2001

Telecommunications Access Rules: The Plaintiffs’ Perspective in Greater Boston Real Estate Board v. Massachusetts Department of Transportation and Energy, Boston Bar Association, Boston, Mass., October 17, 2001

Internet Litigation: Personal Jurisdiction, Regulatory Jurisdiction, and Online Contracting, Massachusetts Continuing Legal Education, Inc., Boston, Mass., October 10, 2001

When the Dust Settles: E-Commerce Laws and Policies, The Braun Executive Lecture Series, Northern Virginia Community College, Annandale, Va., October 2001

Privacy Law and the Wireless Revolution, Institute of Electrical and Electronics Engineers Third Workshop on Wireless, Newton, Mass., September 28, 2001

“Wired” Courses: Development, Instruction, and Library Reserves, 11th Annual e-Learning Conference, Washington, D.C., April 17, 2001

Is There Privacy in Wireless?, Software Industry Association, New York, N.Y., March 2001 Online Archives and the Case of the Generous Testatrix, Simmons College, Boston, Mass., December 2000

Online Privacy Developments: Web Bugs, Cookies, and Necessary Policies, American Corporate Counsel Association; Deerfield Beach, Fla., November 2000

Internet Litigation: What Law Applies; Which Court Has Jurisdiction; Who's In Control?, Massachusetts Continuing Legal Education, Inc., Boston, Mass., October 2000

The Wired Library and Copyright Law, Simmons College, Boston, Mass., October 2000

Staking Claims: Copyrights and Patents in the Online World, E-Commerce Strategies, Laws, and Policies, Fairfax County Chamber of Commerce, McLean, Va., September 2000

Privacy Online, Massachusetts Continuing Legal Education, Inc., Boston, Mass., July 2000 Navigating The Rapids: Online Course Development and the Law, Telecon East 2000, Washington D.C., March 2000

The Evolving Law of the Internet, New England Corporate Counsel Association, Waltham, Mass., October 1999

Spotting Issues and Staking Claims: Copyrights and Patents in the Software and High Tech Industries, Global Legal Services Professionals Conference, State Street Bank, Quincy, Mass., September 1999

Trademarks in Cyberspace, Fourth International Conference on Fraud and Counterfeiting in the Imaging Supplies Marketplace, Lexington, Ky., September 1999

Fast Times: Distance Education, New Relationships, and the Law, Special Issues in College and University Law, Massachusetts Continuing Legal Education, Inc., Boston, Mass., May 1999 Internet Litigation and Electronic Commerce: Where Are the Rules In Cyberspace?,

PricewaterhouseCoopers General Counsel Forum, Waltham, Mass., March 1999

Consumer Protection on the Internet: Telecommunications, Internet and Business Start-Ups, Monte Jade Science and Technology Association of New England and the New England Chinese Information and Networking Association, Chelmsford, Mass., January 1999

Electronic Litigation Tools for the Savvy Paralegal, Massachusetts Continuing Legal Education, Inc., Boston, Mass., December 1998

Fighting Cyber Pirates on the Internet, Third International Conference on Fraud and Counterfeiting in the Imaging Supplies Marketplace, Lexington, Ky., September 1998

Consumer Protection on the Electronic Frontier, Massachusetts Continuing Legal Education, Inc., Boston Mass., May 1998

Privacy and Security in Cyberspace, The Weizmann Institute for Science, Massachusetts Institute of Technology, Cambridge, Mass., October 1996

Intellectual Property Protection in Venture Capital Transactions, Taiwan Venture Capital Delegation, Boston, Mass., June 1996

The Evolving Law of the Internet, New England Corporate Counsel Association, Waltham, Mass., October 1999

Spotting Issues and Staking Claims: Copyrights and Patents in the Software and High Tech Industries, Global Legal Services Professionals Conference, State Street Bank, Quincy, Mass., September 1999

Trademarks in Cyberspace, Fourth International Conference on Fraud and Counterfeiting in the Imaging Supplies Marketplace, Lexington, Ky., September 1999

Fast Times: Distance Education, New Relationships, and the Law, Special Issues in College and University Law, Massachusetts Continuing Legal Education, Inc., Boston, Mass., May 1999 Internet Litigation and Electronic Commerce: Where Are the Rules In Cyberspace?,

PricewaterhouseCoopers General Counsel Forum, Waltham, Mass., March 1999

Consumer Protection on the Internet: Telecommunications, Internet and Business Start-Ups, Monte Jade Science and Technology Association of New England and the New England Chinese Information and Networking Association, Chelmsford, Mass., January 1999

Electronic Litigation Tools for the Savvy Paralegal, Massachusetts Continuing Legal Education, Inc., Boston, Mass., December 1998

Fighting Cyber Pirates on the Internet, Third International Conference on Fraud and Counterfeiting in the Imaging Supplies Marketplace, Lexington, Ky., September 1998

Consumer Protection on the Electronic Frontier, Massachusetts Continuing Legal Education, Inc., Boston Mass., May 1998

Privacy and Security in Cyberspace, The Weizmann Institute for Science, Massachusetts Institute of Technology, Cambridge, Mass., October 1996

Intellectual Property Protection in Venture Capital Transactions, Taiwan Venture Capital Delegation, Boston, Mass., June 1996



Education
Boston College Law School, J.D., summa cum laude

Harvard University, B.A., English, cum laude

 

Bar Admissions
Massachusetts

 

Court Admissions
U.S. District Court for the District of Massachusetts

U.S. Court of Appeals for the First Circuit


Jeremy Pomeroy, a Partner at the law firm of Pomeroy Law Group PLLC, focuses his practice in the areas of information technology, digital media, intellectual property, First Amendment and advertising law. His clients include Internet startups and established media and technology companies, among others.

Mr. Pomeroy previously worked as Vice President & Associate General Counsel at Reed Business Information, a division of Reed Elsevier, Inc. At Reed, Mr. Pomeroy spearheaded the company's expansion into China and India and provided counsel to data services and media properties, including Variety, Publishers Weekly and Interior Design magazines.

Before working at Reed, Mr. Pomeroy was the General Counsel at Dash.com, Inc., a venture-backed Internet company, where he managed all legal matters as a member of the senior management team.

Prior to Dash, Mr. Pomeroy worked at the then-leading information technology firm of Brown Raysman Millstein Felder & Steiner and at Willkie Farr & Gallagher in New York.

Mr. Pomeroy has written, counseled and presented on cutting edge legal issues relating to social media, copyrights, trademarks, blogging, licensing, software, podcasting, database protection, libel, marketing, advertising, sweepstakes, marketing, webcasting, and user-generated content, among other topics. Mr. Pomeroy has published articles on a wide variety of topics in numerous publications including the National Law Journal, New York Newsday, the Multimedia & Web Strategist, the Computer Law Strategist, and the New York University Law Review.

Mr. Pomeroy graduated from Yale College and the New York University School of Law, where he was an Articles Editor on the Law Review.

Work History: 

·         Associate at Willkie Farr & Gallagher

·         Associate at Brown Raysman Millstein Felder & Steiner

·         General Counsel, Dash.com, Inc.

·         VP & Associate General Counsel, Reed Business Information, a division of Reed Elsevier Inc.


Orrie Dinstein is the Global Chief Privacy Officer at March & McLennan Companies. He has global responsibility for data protection, and he works closely with the Legal & Compliance, IT and Information Security teams, as well as other functions, to establish policies, procedures, processes and tools related to privacy and data protection matters.  Prior to joining Marsh & McLennan, Orrie was the Chief Privacy Officer at GE Capital.

Orrie received an LL.M. degree in intellectual property from NYU School of Law and is a graduate of the Hebrew University of Jerusalem School of Law.  He is a member of the New York State Bar and the Israel Bar. He is a Certified Information Privacy Professional (CIPP) and a frequent speaker on privacy, security, technology and social media matters.


Rashmi heads the Intellectual Property/Information Technology law practice group at Aetna Inc., one of the nation’s premier providers of health care, dental, pharmacy, disability insurance.  She oversees all legal and strategic enforcement and maintenance issues relating to the Aetna enterprise and its subsidiaries’ intellectual property assets.  In addition, her work focuses on brand counseling, IP licensing, advertising reviews, data security, technology and software legal issues, oversight of the patent portfolio and social media.

Rashmi graduated with a J.D. as a Harlan Fiske Stone scholar from Columbia Law School.  She began her career at Kirkland & Ellis and subsequently joined W.W. Grainger, Inc. as Senior Corporate Counsel before joining Aetna.


Sofia heads up the Social Media Legal department at Citi globally and is also responsible for Privacy and Data Protection across the Operations & Technology group. 

Her practice areas also include mobile applications, online and offline marketing, advertising, intellectual property and promotions.

Sofia began her in-house career with Citi in 2004.  Prior to that, she was in private practice at Davis & Gilbert, LLP in New York City.  Sofia received her J.D. from Boston University School of Law and her B.A. from Columbia College, Columbia University.


Technology attorney responsible for negotiating complex multi-million dollar transactions across CBS Corporation involving cloud computing, outsourcing, hardware, software, professional services and telco services with major industry partners including: Accenture, Ariba, AT&T, Dell, Ernst & Young, Google, Hewlett Packard, IBM, Level 3, L&T Infotech, Microsoft, NetApp, Oracle, Sony, Teradata, and Verizon

  • Primary attorney on all NCAA Division I Men’s Basketball Championship sponsorship agreements for: Allstate, AT&T, Buffalo Wild Wings, Burger King, Capital One, Coca-Cola, Enterprise Rent-a-Car, General Motors, Hershey’s, Infiniti, LG Electronics, Lowe’s, Microsoft, Mondelez, Northwestern Mutual Life and Werner, including trademark licensing and media; annual revenue exceeds $500 million dollars
  • Advise on intellectual property matters involving trademark, copyright and patent; review of advertising copy to avoid deceptive advertising and illegal lotteries; and response to intellectual property infringement claims
  • Manage information security and privacy matters related to: consumer privacy; incident response; security audits; vulnerability analysis; penetration testing; hacking; social engineering; and risk management
  • Draft CBS Corporation company-wide standard forms for products, services, information security, confidentiality, human resources, purchase orders and claim resolution
  • Manage ongoing legal requirements for a joint venture between CBS, Deluxe and FOX including: financial contributions, insurance, tax matters, and technology licenses
  • Advise on strategic technology decisions, counsel executives on avoiding business risks in corporate transactions
  • Manage technology license audit responses with an aggregate savings of over $10 million dollars


John Burke is a Managing Director at UBS AG.  He is currently the Global Head of IT, Contracting and Shared Services Legal, a global shared services legal team within UBS that provides primary legal support across several practice areas, namely Information Technology; E-Commerce & New Media; Contracting; Intellectual Property; Offshoring & Outsourcing; Data Management & Protection; and Corporate Real Estate & Administrative Services.  Prior to his current role, John held the position of UBS Group Head of IT Risk Control based in Zurich, Switzerland.  In that role, he was responsible for the firm's global IT risk policies and standards, IT operational risk framework, investigations and IT risk assessment process. Before that, he served as the Chief Information Security Officer of UBS Wealth Management USA.  John began his in-house legal career with UBS in 1997, focusing on technology and intellectual property.  Prior to that, he was an Associate at Riker, Danzig, Scherer, Hyland & Perretti LLP in New Jersey. He received his Bachelor and Master of Engineering from Manhattan College and his Juris Doctor from Rutgers University School of Law where he was a Managing Editor of the Rutgers Law Review.  He is a member of the New York, New Jersey and District of New Jersey Bars.  He is also a licensed Professional Engineer in New York and New Jersey.


John Gliedman is in-house counsel with Buck Consultants. Buck Consultants is a 96-year old advisor to industry and finance in the area of benefits consulting, which includes corporate HR intranet portals. John manages Buck's legal matters.


John Rogers is the Managing Director and Chief Information Security Officer – Americas for BNP Paribas in New York City. Prior to that, he served as Chief Technologist for Booz Allen Hamilton in New York City. John has extensive information security experience in a variety of industries including financial services, retail, healthcare, higher education, insurance, non-profit, and technology services. John and his team focus on improving client cyber security programs, assessing such programs against industry standards, designing secure solutions, and performing cost/benefit analysis.


Paul Nolting has been a technology lawyer since the mid-1980’s and has worked in the wireless industry since 1993. He is currently Senior Legal Counsel in the commercial law group at Samsung Electronics America, where he advises the company’s mobile products business. He was previously Assistant General Counsel for Verizon Wireless and Counsel in the Princeton office of Hale and Dorr. Paul received a J.D. from the New York University School of Law and a B.A. from Columbia University and is admitted to practice in New York and New Jersey.