Photograph of Jarno Vanto, CIPP/E, CIPP/US Download V-card

Jarno Vanto, CIPP/E, CIPP/US

Phone: +1 212.803.4025
590 Madison Avenue, 20th Floor
New York, NY 10022-2544

Jarno Vanto (CIPP/E, CIPP/US) is a partner in the Privacy & Cybersecurity Group in Crowell & Moring’s New York office. With an extensive understanding of the complex international regulatory environment and cross-industry technologies, he provides a differentiated global perspective to clients on personal information privacy, cybersecurity, technology transactions, and corporate matters.

With a keen understanding of client risk level and risk tolerance, he partners with clients to help them achieve their business goals and provides a range of legal services, including privacy and cybersecurity compliance counseling, complex cross-border and domestic technology and data transactions, data and software licensing, other technology and data transfer agreements, as well as regulatory investigations involving personal information. Jarno frequently serves as counsel for foreign technology companies on the legal issues they encounter in the U.S. market, advising on their U.S. corporate presence and acting as outside general counsel. Additionally, he counsels cross-industry clients on global privacy and cybersecurity compliance programs for companies ranging from advertising to health technology to industrial machinery, as well as corporate restructuring for venture finance and IP management purposes.

Jarno has advised companies ranging from venture-backed startups to Fortune 50 companies on their compliance with personal information and information security laws such as the EU General Data Protection Regulation, the California Consumer Privacy Act, and emerging state laws. He provides privacy compliance counseling to companies that provide software-as-a-service, data-as-a-service, automotive and connected vehicle technologies, mobile applications, location-based technologies, financial services, server technologies, HR services, and health care technologies. Additionally, Jarno holds CIPP/E and CIPP/US information privacy professional certifications and has received a legal certification to evaluate information technology products and services with the intent of awarding companies with the EuroPrise European Privacy Seal.

He is fluent in Finnish, Swedish, and German. He has a working knowledge of Dutch.

Prior to joining the firm, he was a partner in the New York office of another AmLaw 100 firm.

Representative Matters

Privacy and Cybersecurity

  • Advised an HR-services vendor on the use of software-generated data for purposes of COVID-19 tracking and tracing tools for its customers.
  • Advised a data aggregator on the use of aggregated location data for purposes of COVID-19-related restriction measure compliance monitoring.
  • Advised a mobile app developer on compliance issues related to developing a COVID-19 tracking and tracing app and an associated data platform.
  • Advised an industrial conglomerate on privacy and labor & employment issues relating to deploying a COVID-19 tracking and tracing app, related vendor agreements.
  • Advised a hospital system on COVID-19 contact tracking and tracing application development.
  • Advised an online health information vendor on COVID-19-related product privacy issues.
  • Advised a provider-focused health information platform on COVID-19-related aggregate diagnostics data.
  • Advised a location technology company on their GDPR and CCPA compliance.
  • Advised a mobile advertising platform on their CCPA compliance.
  • Advised a clinical trial technology platform on their global privacy compliance.
  • Advised a field service management software company on their GDPR compliance.
  • Advised a mobile gaming company on their GDPR and CCPA compliance.
  • Advised a sensor technology company on GDPR compliance.
  • Advised a mobile advertising technology company on consent management platform development.
  • Advised a game streaming platform on privacy compliance.
  • Advised a fashion online retail technology company on GDPR and CCPA compliance.
  • Advised a product data platform company on GDPR compliance.
  • Advised an online and mobile fraud detection platform on GDPR and CCPA compliance.
  • Advised a globally operating fabric materials company on international transfers of personal data.
  • Advised a globally operating industrial conglomerate on international transfers of personal data.
  • Advised a location technology company on building a global privacy program.
  • Advised a health care app provider on HIPAA compliance.
  • Advised a communications app developer on privacy.
  • Advised an international mobile gaming company on international transfers of personal data.
  • Performed privacy due diligence of target companies for a European venture capital fund.

Technology Transactions

  • Advised an advertising technology company on demand and supply side data licensing agreements, SDK licensing and development.
  • Advised an industrial equipment manufacturer on machine-generated data rights and licensing.
  • Advised a sensor technology manufacturer on data rights and licensing.
  • Advised a global vehicle manufacturer on connected vehicle data rights and licensing.
  • Advised an indoor positioning company in its licensing and Platform-as-a-Service deals with Yahoo! Japan and a Korean technology conglomerate.
  • Advised a location data platform vendor on their Platform-as-a-Service agreement with a large European telecom.
  • Advised tens of companies on mobile app and website terms of use and privacy policies.
  • Advised an education technology platform on licensing and distribution agreements.
  • Advised a restaurant management platform on its master services agreement.
  • Advised an education media platform on service terms and conditions.

Corporate and Transactional

  • Acted as U.S. outside general counsel for manufacturers of non-woven fabrics, paper board, and wood products.
  • Advised a medical technology company on their Asian manufacturing agreements.
  • Acted as U.S. outside general counsel for a manufacturer of office meeting pods and phone booths.
  • Advised a mobile free-to-play social casino app developer in its $4 million Series A round of financing from Korea Investment Partners.
  • Advised a communications app developer on privacy and Series Seed and Series A financing.
  • Advised tens of foreign technology companies on structuring their U.S. presence.
  • Advised a Finland-based online retailer in their acquisition of a U.S. company’s assets.
  • Advised a human resources analytics startup in entity formation and SAFE note financing.
  • Represented a European venture capital fund in their seed-stage investment in a U.S. entity.
  • Advised a U.S. and Norway-based technology company in its $5 million Series A financing.
  • Advised a Korean entertainment company in its $4.5 million Series Seed investment in a Finnish e-sports company.


  • University of Turku, Master of Laws (2002) magna cum laude
  • New York University School of Law, LL.M. (2004)


Admitted to practice: New York

View More

"The Colorado Privacy Act Signed," Privacy Law Alert (July 20, 2021). Contacts: Paul C. Mathis, Jarno Vanto, CIPP/E, CIPP/US, Michael Yaghi
Client Alert / Newsletter
"Biden Executive Order on Competition Includes Recommended Action on Internet Platform Industries and Privacy," Privacy Law Alert (July 13, 2021). Contacts: Kristin J. Madigan, CIPP/US, Jeane A. Thomas, CIPP/E, Jeffrey L. Poston, Jarno Vanto, CIPP/E, CIPP/US
Client Alert / Newsletter
NYC's New Biometric Privacy Law 'An Indication of What Is to Come' (July 13, 2021)
Media Mentions
Why Cybersecurity Has Become Even More Challenging For Law Firms Legaltech New (July 6, 2021)
Media Mentions
"Just in Time - EU Adopts Adequacy Decisions for free flow of data with UK," International Dispute Resolution Alert (June 29, 2021). Contacts: Jeffrey L. Poston, Maarten Stassen, Frederik Van Remoortel, Jarno Vanto, CIPP/E, CIPP/US, Robert Weekes, Laurence Winston
Client Alert / Newsletter
"The New Standard Contractual Clauses for Transfers of Personal Data from the EU," Privacy Law Alert (June 7, 2021). Contacts: Jeffrey L. Poston, Maarten Stassen, Jeane A. Thomas, CIPP/E, Frederik Van Remoortel, Jarno Vanto, CIPP/E, CIPP/US, Laurence Winston
Client Alert / Newsletter
In-House Likes A CISO, But Not More Than Good Law Firm Cybersecurity Legaltech News (May 17, 2021)
Media Mentions
Data Vendors Used To Have 'Unlimited Liability' For Breaches—But Not Anymore LegalTech News (April 30, 2021)
Media Mentions
5 Issues To Watch As Data Privacy Laws Sweep The U.S. Property Casualty 360 (April 22, 2021)
Media Mentions
"Global Cross-Border Data Transfers (Part 3)," Crowell & Moring Webinar (April 15, 2021). Presenters: Ambassador Robert Holleyman, Jarno Vanto, Maarten Stassen, and Laurence Winston.

For all Highlights, News & Knowledge, please click here to view desktop bio.

Crowell & Moring LLP is an international law firm with offices in the United States, Europe, MENA, and Asia that represents clients in litigation and arbitration, regulatory and policy, and transactional and corporate matters. The firm is internationally recognized for its representation of Fortune 500 companies in high-stakes litigation and government-facing matters, as well as its ongoing commitment to pro bono service and diversity, equity, and inclusion.

View Desktop Site | Mobile Sitemap |

Contact | Subscribe | Terms of Use | Privacy Statement | Alumni

© Crowell & Moring LLP 2021
Attorney advertising - prior results do not guarantee a similar outcome.