Photograph of Jarno Vanto, CIPP/E, CIPP/US Download V-card

Jarno Vanto, CIPP/E, CIPP/US

Phone: +1 212.803.4025
590 Madison Avenue, 20th Floor
New York, NY 10022-2544

Jarno Vanto (CIPP/E, CIPP/US) is a partner in the Privacy & Cybersecurity Group in Crowell & Moring’s New York office. With an extensive understanding of the complex international environment and cross-industry technologies, he provides a differentiated perspective to clients on privacy, cybersecurity, technology transactions, intellectual property, and corporate matters.

He partners with clients to help them achieve their business goals and provides a range of legal services, including privacy and cybersecurity compliance counseling, complex cross-border and domestic technology transactions, intellectual property and data licensing, and other technology transfer agreements. Jarno frequently serves as counsel for foreign technology companies on the legal issues they encounter in the U.S. market, advising on their U.S. corporate presence and acts as outside general counsel. Additionally, he counsels cross-industry clients on global privacy and cybersecurity compliance programs for companies ranging from advertising to health technology to industrial machinery, as well as corporate restructuring for venture finance and IP management purposes.

Jarno has advised over 80 companies ranging from startups to Fortune 50 companies on their General Data Protection Regulation compliance and hundreds of companies on compliance with the EU Data Protection Directive, the predecessor to GDPR. He provides GDPR counseling to companies that provide software-as-a-service, data-as-a-service, automotive and connected vehicle technologies, mobile applications, location-based technologies, financial services, server technologies, HR services, and health care technologies. Additionally, Jarno has received a legal certification to evaluate information technology products and services with the intent of awarding companies with the EuroPrise European Privacy Seal.

He is fluent in Finnish, Swedish, and German. He has a working knowledge of Dutch.

Prior to joining the firm, he was a partner in the New York office of another AmLaw 100 firm.

Representative Matters

Privacy and Cybersecurity

  • Advised an HR-services vendor on the use of software-generated data for purposes of COVID-19 tracking and tracing tools for its customers.
  • Advised a data aggregator on the use of aggregated location data for purposes of COVID-19-related restriction measure compliance monitoring.
  • Advised a mobile app developer on compliance issues related to developing a COVID-19 tracking and tracing app and an associated data platform.
  • Advised an industrial conglomerate on privacy and labor & employment issues relating to deploying a COVID-19 tracking and tracing app, related vendor agreements.
  • Advised a hospital system on COVID-19 contact tracking and tracing application development.
  • Advised an online health information vendor on COVID-19-related product privacy issues.
  • Advised a provider-focused health information platform on COVID-19-related aggregate diagnostics data.
  • Advised a location technology company on their GDPR and CCPA compliance.
  • Advised a mobile advertising platform on their CCPA compliance.
  • Advised a clinical trial technology platform on their global privacy compliance.
  • Advised a field service management software company on their GDPR compliance.
  • Advised a mobile gaming company on their GDPR and CCPA compliance.
  • Advised a sensor technology company on GDPR compliance.
  • Advised a mobile advertising technology company on consent management platform development.
  • Advised a game streaming platform on privacy compliance.
  • Advised a fashion online retail technology company on GDPR and CCPA compliance.
  • Advised a product data platform company on GDPR compliance.
  • Advised an online and mobile fraud detection platform on GDPR and CCPA compliance.
  • Advised a globally operating fabric materials company on international transfers of personal data.
  • Advised a globally operating industrial conglomerate on international transfers of personal data.
  • Advised a location technology company on building a global privacy program.
  • Advised a health care app provider on HIPAA compliance.
  • Advised a communications app developer on privacy.
  • Advised an international mobile gaming company on international transfers of personal data.
  • Performed privacy due diligence of target companies for a European venture capital fund.

Technology Transactions

  • Advised an advertising technology company on demand and supply side data licensing agreements, SDK licensing and development.
  • Advised an industrial equipment manufacturer on machine-generated data rights and licensing.
  • Advised a sensor technology manufacturer on data rights and licensing.
  • Advised a global vehicle manufacturer on connected vehicle data rights and licensing.
  • Advised an indoor positioning company in its licensing and Platform-as-a-Service deals with Yahoo! Japan and a Korean technology conglomerate.
  • Advised a location data platform vendor on their Platform-as-a-Service agreement with a large European telecom.
  • Advised tens of companies on mobile app and website terms of use and privacy policies.
  • Advised an education technology platform on licensing and distribution agreements.
  • Advised a restaurant management platform on its master services agreement.
  • Advised an education media platform on service terms and conditions.

Corporate and Transactional

  • Acted as U.S. outside general counsel for manufacturers of non-woven fabrics, paper board, and wood products.
  • Advised a medical technology company on their Asian manufacturing agreements.
  • Acted as U.S. outside general counsel for a manufacturer of office meeting pods and phone booths.
  • Advised a mobile free-to-play social casino app developer in its $4 million Series A round of financing from Korea Investment Partners.
  • Advised a communications app developer on privacy and Series Seed and Series A financing.
  • Advised tens of foreign technology companies on structuring their U.S. presence.
  • Advised a Finland-based online retailer in their acquisition of a U.S. company’s assets.
  • Advised a human resources analytics startup in entity formation and SAFE note financing.
  • Represented a European venture capital fund in their seed-stage investment in a U.S. entity.
  • Advised a U.S. and Norway-based technology company in its $5 million Series A financing.
  • Advised a Korean entertainment company in its $4.5 million Series Seed investment in a Finnish e-sports company.


  • University of Turku, Master of Laws (2002) magna cum laude
  • New York University School of Law, LL.M. (2004)


Admitted to practice: New York

View More

SolarWinds Hack Won't Hurt In-House's Prospects With Regulators—But Won't Help Either Corporate Counsel (January 21, 2021)
Media Mentions
"Global Cross-Border Data Transfers (Part 2)," Crowell & Moring Webinar (December 3, 2020). Presenters: Kate M. Growley, Ambassador Robert Holleyman, Maarten Stassen, Jarno Vanto, Robert Clifton Burns and Zhiwei Chen.
Vendor Contracts Poised To Become 'Work Of Art' As Cybersecurity Dangers Grow Corporate Counsel (December 2, 2020)
Media Mentions
"Data Transfers from the EU: What Does "Good" Look Like?," Privacy Law Alert (November 17, 2020). Contacts: Maarten Stassen, Jeffrey L. Poston, Robert Holleyman, Jeane A. Thomas, CIPP/E, Frederik Van Remoortel, Jarno Vanto, CIPP/E, CIPP/US, Laurence Winston, Lee Matheson, CIPP/US/E/A, CIPM, PCIP
Client Alert / Newsletter
Post-Election Headache? Legal Departments on Possible Collision Course With Data Portability Corporate Counsel (November 12, 2020)
Media Mentions
"CCPA 2.0? California Adopts Sweeping New Data Privacy Protections," Privacy Law Alert (November 6, 2020). Contacts: Kristin J. Madigan, CIPP/US, Jeffrey L. Poston, Paul M. Rosen, Jarno Vanto, CIPP/E, CIPP/US, Lee Matheson, CIPP/US/E/A, CIPM, PCIP
Client Alert / Newsletter
This Is How Working In Silicon Valley During Korona: The Office Can Only Be Accessed On Request, Applications Follow The Movements Of Employees Helsingin Sanomat (October 11, 2020)
Media Mentions
"Return Ready Virtual Summit: Data Protection in the Covid-19 era," Proxyclick Webinar, Brussels, Belgium (September 29, 2020). Speakers: Frederik Van Remoortel, Jarno Vanto, and Stefanie Tack.
"Global Cross-Border Data Transfers (Part 1)," Crowell & Moring Webinar (September 16, 2020). Moderator: Kristin J. Madigan; Presenters: Ambassador Robert Holleyman, Maarten Stassen, Jarno Vanto, and Laurence Winston.
Do Employers Need-Or Just Want-Extended CCPA Exemptions? Legaltech News (September 9, 2020)
Media Mentions

For all Highlights, News & Knowledge, please click here to view desktop bio.

Crowell & Moring LLP is an international law firm with approximately 550 lawyers representing clients in litigation and arbitration, regulatory and policy, and transactional matters. The firm is internationally recognized for its representation of Fortune 500 companies in high-stakes litigation, as well as its ongoing commitment to pro bono service and diversity, equity and inclusion. The firm has offices in Brussels, Doha, London, Los Angeles, New York, Orange County, San Francisco, Shanghai, and Washington, D.C.

View Desktop Site | Mobile Sitemap

Contact | Subscribe | Terms of Use | Privacy Statement | Alumni

© Crowell & Moring LLP 2021
Attorney advertising - prior results do not guarantee a similar outcome.