Kevin J. Angle
Kevin Angle is counsel in the privacy & cybersecurity group, based in Ropes & Gray’s Boston office. He represents a broad range of companies on privacy and cybersecurity matters, guiding clients through the existing patchwork of U.S. federal and state laws as well as the European Union’s comprehensive General Data Protection Regulation (GDPR) and other international privacy and cybersecurity laws. In that context, Kevin advises clients on privacy and cybersecurity matters arising in corporate transactions. He also assists clients in responding to data breach incidents, helping clients in assessing their legal obligations following a breach and in responding to regulatory authorities and others.
Kevin advises clients in instituting comprehensive privacy and cybersecurity compliance programs. Kevin represents U.S.-based clients in understanding their obligations and meeting the requirements of the GDPR as well as the California Consumer Privacy Act. He also regularly assists clients in complying with marketing privacy laws such as the U.S. CAN-SPAM and Telephone Consumer Protection Act (TCPA).
A Certified Information Privacy Professional, Kevin leverages his prior experience in litigation to provide clients with risk-conscious advice. Kevin helps clients to anticipate and address potential areas of legal exposure and to structure breach responses and privacy programs to minimize potential liability.
- Advises companies on data privacy and cybersecurity issues, including compliance with FTC Act, TCPA, CAN-SPAM, HIPAA, state notification and data security laws, and PCI DSS.
- Advises companies on response to data loss and ransomware attacks, including third-party data losses.
- Develops policies for responding to cybersecurity incidents.
- Represented Fortune 500 Companies in responding to card brand and regulatory inquiries stemming from highly publicized data security breaches occurring in 2014 and 2015.
- Represented Fortune 100 Insurance Company in litigation and governmental inquiries in response to criminal cyber attack.
- Co-author, “Data Privacy Compliance Best Practices For Asset Managers,” Law360 (October 9, 2019)
- Quoted, “Sweeping New Privacy, Conduct Regs Loom for Fund Managers,” FundFire (October 2, 2019)
- Co-author, “US Litigation Considerations and Landscape,” The Guide to Cyber Investigations, first edition (2019)
- Co-author, “California Passes Consumer Privacy Act,” Westlaw Practitioner’s Insight (August 9, 2018) and Westlaw Journal of Computer & Internet (August 24, 2018)
- Co-author, “Increased Enforcement Activity Underscores Need for Firms to Conduct Rigorous Cybersecurity Oversight,” Wolters Kluwer’s Securities Regulation Daily (May 24, 2018)
- Quoted, “Inside Track,” Law.com (January 24, 2018)
- Author, “EU Privacy Regulator Group’s First Annual Privacy Shield Report—Ensuring a Future for the EU-U.S. Data Transfer Regime,” Bloomberg BNA’s Privacy Law Watch (January 22, 2018)
- Co-author, “Global Perspectives On High Court Microsoft Warrant Case,” Law360 (January 10, 2018)
- Speaker, “Alternative Data: How to Harness the Power and Manage the Risks of Third-Party Alternative Data,” Centerforce IP Strategy Summit (April 11, 2019)
- JD, Columbia University School of Law, 2009; James Kent Scholar; Columbia Law Review , Senior Editor
- AB (Government), cum laude, Harvard University, 2003
Admissions / Qualifications
- New York, 2012
- Massachusetts, 2010