Professionals >

Crowell & Moring’s Privacy & Cybersecurity Group guides colleges, universities, academic medical centers, research institutes and those who service them through the myriad federal and other laws governing the collection, use, and protection of data. Our goal is to help our higher education clients further their unique role in facilitating the flow and use of information, while ensuring its utmost security.

Our approach is holistic and draws from experience across the firm. We integrate our understanding of intellectual property, trade secrets, health care, government contracts, corporate, and white collar law to address the most pressing privacy and cybersecurity issues facing educational institutions. Our cross-disciplinary team is devoted to innovative, cost-effective, and sustainable solutions, in partnership with each institution, tailored to its needs.  

On the front end, we counsel and train institutions on how to strengthen their security, develop and implement privacy and data protection programs, and comply with applicable laws. On the back end, we have extensive experience managing the crises that can arise in the event of a breach, including those involving personal information, trade secrets, and other proprietary information at the heart of university research. We are on the ground from initial internal investigations to notifications, and we routinely interface with federal and state enforcement agencies and defend against class actions. Data infiltration need not spell catastrophe.  Rather, proper crisis management, including timely remedial action and accurate assessments of harm, can mitigate and even salvage a breach crisis. We counsel our clients through every step, all while appreciating the exceptional issues raised by the multitude of academic stakeholders.

In addition to our extensive experience with U.S. federal and state privacy laws, we have a wealth of experience regarding global privacy issues that aids our educational clients who are looking to capitalize their assets by venturing into the global market. Our European practice is focused on current and proposed EU privacy laws, and is experienced in conducting data protection audits and dealing with government authorities to implement and maintain annual registrations of data practices. We also work closely with our affiliate, C&M International, which is deeply involved with the privacy laws of Pacific Rim nations, including South Korea and China. 


We have counseled and defended clients regarding issues in the following areas:

  • Family Educational Rights and Privacy Act (FERPA)
  • Fair Credit Reporting Act
  • Computer Fraud and Abuse Act
  • CAN-SPAM Act
  • Telephone Consumer Protection Act (TCPA)
  • Fair and Accurate Credit Transactions Act (including Red Flags Rule)
  • Federal Trade Commission Act
  • State notification and encryption laws
  • Global privacy policies and procedures
  • EU Data Protection Directive
  • EU E-Commerce Directive
  • Internet privacy statements
  • Data management
  • Compliance audits
  • Contracts for cross-border transfers of data
  • Safe Harbor Program certifications
  • FISMA and NIST standards
  • SAFETY Act
  • Cloud computing
  • Trade secrets protection and litigation
  • Intellectual property (IP) security
  • Federal and state law coordination

Click here to view representative engagements.

View More

"California Attorney General Releases Proposed Updates to CCPA Regulations," Privacy Law Alert (February 11, 2020). Contacts: Jeffrey L. Poston, Kristin J. Madigan, CIPP/US, Paul M. Rosen, Lee Matheson, CIPP/US/E/A, CIPM, PCIP, Jarno Vanto
Client Alert/Newsletter
Energy Cybersecurity Act of 2019 (February 10, 2020). Authors: Evan D. Wolff, Jeffrey L. Poston, Kate M. Growley, CIPP/G, CIPP/US, Maida Oringher Lerner, Tyler A. O'Connor and Amber Mulcare, CIPP-US.
Domen Zavrl: Cryptography & Data Protection Laws BlockPublisher (February 6, 2020)
In the News
"What Does a Better Cyberworld Look Like in Practice and What Role Does Inclusion Play?" Global Cybersecurity Forum, Riyadh, Saudi Arabia (February 5, 2020). Distinguished Speaker: Evan D. Wolff.
"Coronavirus: DHS Announces New Travel Restrictions on Certain Inbound U.S. Flights and Travelers from China, Including Medical Screening and Quarantine," International Trade Bulletin (February 3, 2020). Contacts: Paul M. Rosen, Robert Holleyman, Alex Rosen, Nicole Janigian Simonian, Evan Y. Chuck
Client Alert/Newsletter
"No More "Wait & See" for CMMC: DoD Releases Final Cybersecurity Maturity Model Certification," Government Contracts Bullet Points (February 3, 2020). Contacts: Evan D. Wolff, Kate M. Growley, CIPP/G, CIPP/US, Maida Oringher Lerner, Michael G. Gruden, CIPP/G
Client Alert/Newsletter
"Federal Circuit Adds New Guidelines to its Oral Argument Guide," (February 3, 2020). Contacts: Ali Tehrani, Benjamin Christoff, Terry Rea
Client Alert/Newsletter
How Coronavirus Could Disrupt The Auditing Of Companies Wall Street Journal (February 3, 2020)
In the News
"NIST Floats Revised IoT Guidance as California Law Goes Into Effect," Privacy Law Alert (January 28, 2020). Contacts: Jeffrey L. Poston, Kate M. Growley, CIPP/G, CIPP/US, Cheryl A. Falvey, Kristin J. Madigan, CIPP/US, Paul M. Rosen
Client Alert/Newsletter
Google's Move To Restrict Web-Cookies Signals Need To Re-Think Post-Regulatory Internet Legaltech News (January 27, 2020)
In the News

To view more News & Events for this area, please go to our desktop site.

Crowell & Moring LLP is an international law firm with more than 500 lawyers representing clients in litigation and arbitration, regulatory, and transactional matters. The firm is internationally recognized for its representation of Fortune 500 companies in high-stakes litigation, as well as its ongoing commitment to pro bono service and diversity. The firm has offices in Washington, DC, New York, Los Angeles, San Francisco, Orange County, London, and Brussels.

View Desktop Site | Mobile Sitemap

Contact | Subscribe | Terms of Use | Privacy Statement | Alumni

© Crowell & Moring LLP 2020
Attorney advertising - prior results do not guarantee a similar outcome.