Scott T. Lashway

Partner

Privacy and Data Security

Contact

slashway@manatt.com
Phone: 617.646.1401

Services

Industries

Manatt Digital and Technology

Cybersecurity, Data Privacy and Technology-Focused Litigation

Counsel companies on the full spectrum of cyber and privacy matters, from proactive preparedness and compliance to reactive investigations, incident response, regulatory enforcement matters and litigation, including class actions and business-to-business disputes
Conduct internal investigations for companies in various industries into matters involving unauthorized access of systems; violations of data security laws and regulations; the theft or misuse of data, intellectual property, and confidential and proprietary business information; and the theft of or damage to critical business infrastructure
Successfully defended a purported class action against a global risk intelligence company alleging violation of state law regarding the alleged display of consumers’ Social Security numbers
Successfully defended a purported class action, on an issue of first impression in the Eleventh Circuit concerning Article III standing and requirements adequately to plead harm, brought against a healthcare facility alleging that patient data had been accessed, stolen and posted to the Internet
Conducted an internal investigation and counseled a global restaurant chain on incident response involving concerns of credit card theft
Representing clients in a federal court action involving alleged violations of the Computer Fraud and Abuse Act and the Stored Communications Act in connection with an alleged scheme to clone a state-owned petrochemical company’s electronic infrastructure
Litigates matters—both affirmatively and defensively—involving allegations of unlawful access to or use of trade secrets and proprietary business information, enforcing or resisting enforcement of restrictive covenants, and protecting other electronic assets
Advises and counsels clients on compliance programs and regulatory requirements involving data security, data privacy, data management and data access protocols, including on the California Consumer Privacy Act (CCPA), the General Data Protection Regulation (GDPR), and requirements and applicability of state and federal security and privacy laws
Counseled a global financial services company on the redesign and rebuild of its digital forensics and cybersecurity functions to improve the company’s efficiency and efficacy in responding to disputes, investigations and compliance risks
Advises companies as to cyber and privacy risk in mergers and acquisitions and private equity transactions

Business Litigation, Financial Institution Litigation, Class Actions and Crisis Management

Counseled various clients on dozens of pre-dispute and litigation matters involving claims of consumer protection violations under Massachusetts Consumer Protection Act, Chapter 93A
Secured a defense verdict, as first-chair trial counsel, on all counts after a two-week federal court bench trial involving allegations of violations of intellectual property rights and a Massachusetts consumer protection statute
Defended a Fortune 100 life insurance company in a purported class action challenging the company’s retention of surplus profits and alleged failure to comply with Massachusetts law concerning the distribution of dividends to policyowners, with alleged damages well into the billions of dollars
Represented a mutual life insurance company—and obtained a motion-to-dismiss victory—in a purported class action concerning members’ voting rights to elect the company’s board of directors, which presented matters of first impression under Massachusetts law and which upheld the company’s 160-year-old practice
Defended a financial services company in a purported class action challenging the legality of the company’s bylaws and recent amendments thereto, which presented matters of first impression, and counseled the company and its board of directors through a second round of bylaw amendments
Counseled financial services companies in the evaluation and risk assessment of financial and life insurance products, including the design, sale and reinsurance of products such as variable annuities and long-term care insurance; counseled a financial services company in obtaining regulatory approval of new-to-market securities and life insurance products
Represented numerous related financial services companies in affirmative litigation in Delaware state courts and in international arbitration to recover insurance proceeds from a “tower” of insurance carriers in connection with losses suffered through one of the largest Madoff feeder funds
Counseled a foreign-based asset manager and U.S. parent on the acquisition of a Korean asset manager, and served as the company’s representative in Korea to gain approval by the Korean government’s securities regulator
Advises companies as to litigation risk and exposure with respect to significant merger, acquisition and investment activity

Internal Investigations, Government Enforcement and White Collar Defense

Conducted an investigation of accounting irregularities for a client preparing for initial public offering (IPO) or acquisition
On behalf of a life insurance company, resolved a Securities and Exchange Commission (SEC) enforcement matter and other regulatory inquiries—informed by allegations of a purported Dodd-Frank Act whistleblower—related to the disclosure of certain variable annuity features
Represented financial service companies (including life insurance companies and broker-dealers) in response to regulatory inquiries, including by the SEC, the Financial Industry Regulatory Authority (FINRA), state regulatory authorities (including the Massachusetts Division of Securities, the Massachusetts Division of Insurance, the Massachusetts Attorney General and the New York State Department of Financial Services), involving alleged sales practice violations as well as product design and disclosure matters
Represented an asset manager responding to requests from the Financial Crisis Inquiry Commission (FCIC) regarding mortgage-backed securities and the asset manager’s involvement in the management of the products
Defended employees of a mutual fund adviser subject to investigations by the SEC, the Department of Justice and FINRA—and defended a client in connection with a related SEC administrative proceeding—concerning alleged violations of federal securities laws for the alleged receipt of gifts and gratuities from brokerage firms
Defended the general counsel of a public company in SEC litigation involving the disclosure of the Food and Drug Administration’s review of its product

Speaking Engagements

Panelist, “Cybersecurity: Current Law and Trends Impacting the Insurance Industry,” American Council of Life Insurers’ Annual Legal and Compliance Conference, July 16, 2019.

Moderator, “National Intelligence,” Boston Conference on Cyber Security 2019, March 6, 2019.

“Legal Considerations for Technology Contracts, Software Audits and Data Security Investigations,” February 12, 2019.

“Firm General Counsel Summit, Addressing Cybersecurity and Privacy Risk in Law Firms,” October 31–November 2, 2018.

“Safeguarding Data and Mitigating Cyber Risk in the Financial Services Industry,” ACA Aponix Annual Financial Services Forum, October 17, 2018.

“California Consumer Privacy Act: A U.S. Outlier or Start of a Trend?” Webinar, October 10, 2018.

“It’s Time to Get on Board With Cybersecurity: Effective Cyber Management,” Cyber Response Event, July 26, 2018.

“It’s Time to Get on Board With Cybersecurity: Effective Cyber Management,” Cyber Response Event, April 25, 2018.

“International Economic Forum of the Americas World Strategic Forum,” Mitigating Cyber Risk Roundtable, April 16–17, 2018.

“Latin America Wealth Management Roundtable,” February 28, 2018.

“Threat Actor Hunting & The Legal Context,” FireEye Cyber Defense Summit 2017, October 12, 2017.

“Building Cyber Response & Resilience,” Infosecurity North America 2017, October 5, 2017.

“Cybersecurity: The Role of Counsel, the Board and Executive Management in Assessing, Preparing for and Investigating the Risk,” International Bar Association’s Challenges for the Insurance Industry Conference, March 30–31, 2017.

“A Buyer’s Guide to Cyber Insurance,” International Bar Association’s Challenges for the Insurance Industry Conference, March 30–31, 2017.

“The Board’s Role in Cyber Risk Oversight,” National Association of Corporate Directors, November 16, 2016.

“Legal Implications of Cyber Security,” SIFMA Internal Auditors Society Annual Conference, October 26, 2016.

“Internal Investigations Conducted and Managed Internally,” American Bar Association’s Business Law Section Annual Meeting, September 8, 2016.

Panelist, “Protecting Enterprise Data Across Partners, Providers and the Planet,” Ing3nious East Coast eDiscovery & Information Governance Retreat, November 2015.

Panelist, “Cybersecurity and Information Governance: Is Your Company Prepared?” Association of Corporate Counsel, New York City Chapter, Corporate Governance Seminar, September 2015.

Panelist, “Threading the Needle: Skillfully Navigating the Ins and Outs of an Internal Investigation; Aligning People, Process and Technology to Optimize e-Discovery Management,” Consero Financial Services & Insurance Litigation Forum, May 2015.

Panelist, “National eDiscovery Leadership Institute,” University of Missouri-Kansas City School of Law, 2014.

Panelist, “Improving Client Outcomes With Discovery,” LegalTech NYC, 2013.

Panelist, “Strategically Managing Parallel Proceedings,” ALI-ABA Conference on Life Insurance Industry Class Actions & Complex Litigation, 2013.

Panelist, “Legal Developments and Strategy for Protecting Trade Secrets,” ALI-ABA Conference on Life Insurance Industry Class Actions & Complex Litigation, 2012.

Guest lecturer, “Cyber Security and Legal Risk,” Boston College’s Woods College of Advancing Studies Cybersecurity Policy & Governance Master’s Program.

Admitted to practice in Massachusetts, New York and the District of Columbia

Admitted to the U.S. Court of Appeals, First Circuit; U.S. District Court for the District of Columbia; and U.S. District Court for the District of Massachusetts

New England Legal Foundation, Advisory Council, Board Member, 2015–2016

Boston College’s Woods College of Advancing Studies Cybersecurity and Governance Master’s Program, Advisory Council

Co-author, “INSIGHT: Cybersecurity Attacks, Prevention Call for Attorneys, Rapid Response Teams,” Bloomberg Law, January 8, 2019.

Author, “U.S. Securities and Exchange Commission Updates Cybersecurity Disclosure Guidance,” Alert, February 22, 2018.

Author, “A Necessary Paradigm: Leveraging Legal Counsel to Mitigate Cyber Risk,” Insurance Law Committee Update of the International Bar Association Legal Practice Division, March 2017.

Author, “New York Department of Financial Services Revises Proposed Cybersecurity Rule,” Alert, January 12, 2017.

Author, “Tech Meets Legal Spotlight: Advice on Working With Information Security,” Vol. 3, No. 1, January 11, 2017.

Co-author, “The Sarbanes-Oxley Act of 2002: A Brief Summary of the New Professional Responsibility Obligations for Securities Attorneys, New Criminal Provisions, and Reforms to the Sentencing Guidelines,” ABA White Collar Crime Book, 2003.

Co-author, “The New Sentencing Guidelines for Corp. Crime,” New York Law Journal, Vol. 229, No. 20, January 30, 2003.

Author, “The Evolution of ‘Brady’ Continues,” New York Law Journal, Vol. 226, No. 10, July 16, 2001.