Ropes & Gray Restructures Privacy & Cybersecurity Practice

December 18, 2018

Global law firm Ropes & Gray is announcing changes to its industry-leading privacy & cybersecurity practice that will sharpen the firm’s focus on its clients’ most critical needs in an evolving legal landscape and heightened awareness of cybersecurity risks.

The practice is led by Rohan Massey, who has been co-leading the privacy & cybersecurity practice from London, and litigation veteran Mark Szpak. Partners playing key roles include veteran partner Ed Black, who is co-head of the firm’s technology, media & telecommunications group and co-head of the firm’s FinTech initiative, and veteran litigation partner Chong Park.

Leaving the firm at the end of December is litigation partner Doug Meal, who decided to continue practicing past Ropes & Gray’s normal retirement age, along with some lawyers who work with him. He will, with Ropes & Gray’s consent, be transferring a part of his practice, which focuses on representing retailers in disputes with financial institutions related to credit card breaches, to another firm. “We thank Doug for his service to Ropes & Gray and support him in his efforts to continue practicing,” said Ropes & Gray chairman Brad Malt.

Ropes & Gray has been recognized as leader for data privacy and cybersecurity law by the Financial Times, Chambers and Law360. The 100-member team offers sophisticated legal counsel on privacy and cybersecurity issues to the world’s leading investment companies and public companies, especially in asset management (including hedge funds, private equity funds and mutual funds), health care, life sciences, banks and investment banks, and higher education.

“Our industry focus is one of the things that distinguishes Ropes & Gray,” said Mr. Massey. “Combining our in-depth knowledge of industry developments with our global reach and our deep experience in privacy and cybersecurity matters provides clients with robust, solution-oriented counsel.”

In all of these highly regulated industries, data privacy and cybersecurity issues permeate virtually all business activities. A recent Law360 survey found that expenditures by private companies in this area are projected to increase by 9 percent in 2019—from $2.07 billion to $2.16 billion. New regulatory regimes—such as the European Union’s General Data Protection Regulation and the California Consumer Privacy Act—are having an impact, along with heightened awareness of cybersecurity risks.

Ropes & Gray’s privacy & cybersecurity practice is structured to navigate clients through this complex environment. The firm’s lawyers focus on three key and related areas:

  • Compliance & counseling
  • Corporate / transactional
  • Enforcement & litigation

This framework addresses clients’ potential needs before, during or after a cybersecurity incident. For example, the compliance & counseling team ushers clients through a maze of intricate regulations they face simultaneously in multiple jurisdictions. The transactional team helps clients identify cybersecurity risks underlying potential transactions. The litigation & enforcement team advise clients when confronted with claims of privacy violations or cybersecurity breakdowns.

“We are set up to address clients’ pressing needs at various inflection points,” said Mr. Black. “Our global teams work together, bringing their particular areas of focus to bear to provide comprehensive counsel to our clients.”

The changes to Ropes & Gray’s practice take effect immediately.