California-headquartered Morrison & Foerster (MoFo) brings together practitioners who can handle the full data life cycle spanning advisory, compliance, transactional and contentious matters. Its privacy and data practice is frequently cited as being among the best in the world and the firm boasts more than 60 data lawyers in offices in the US, Europe and Asia.
The MoFo team is stable and has serious senior talent: superstars Miriam Wugmeister and Alex van der Wolk jointly lead the global practice from New York and Brussels respectively. There is also a very strong roster of non-partner senior lawyers, such as Brussels-based of counsel Lokke Moerel, who is a particular expert on EU binding corporate rules and the GDPR’s one-stop-shop framework.
Multiple other lawyers are spread across the US, China, Japan, the UK, Germany and Hong Kong. Cynthia Rich is a notable non-lawyer senior privacy adviser in Washington, DC, who previously helped develop the US-EU Safe Harbor while at the US Department of Commerce. She has spent more than 20 years at the firm and manages the Global Privacy Alliance, where she has coordinated industry feedback to proceedings in Japan and Canada and on matters relating to APEC.
GDR 100 Elite
|Other senior lawyers||6|
|Associates and senior associates||7|
|Who’s Who Legal: Data nominees||10|
|Percentage of lawyers in Who’s Who Legal: Data||20|
|Countries with a data presence||Belgium, China, Germany, Hong Kong, Japan, UK, US|
MoFo has an outstanding practice on the contentious side of things. Its European work had particular success; perhaps most notably, van der Wolk ran Oracle’s defence against a €10 billion Dutch class action targeting its adtech practices alongside local firm Ysquare. The Amsterdam District Court handed Oracle and co-defendant Salesforce a win in late 2021, ruling that the NGO that had filed the representative claim lacked a proper mandate to sue. The ruling remains subject to an appeal. Van der Wolk and London partners Annabel Gillham and Gemma Anderson also defended Oracle in parallel UK proceedings, which were ultimately dropped in light of the Supreme Court’s Lloyd v Google ruling. Over in the US, litigation partners Tiffany Cheung, Purvi Patel and Katie Viggiani in San Francisco, Los Angeles and New York respectively have represented dating app operator Bumble and affiliates in class actions relating to the Bumble and Badoo apps. The trio defends Bumble in four Illinois federal actions and another federal case in the Southern District of California. GDR has reported that Cheung and Patel also represent Oracle in a US class action filed by activists that claims its business practices amount to surveillance; the company filed a motion to dismiss in November 2022.
MoFo’s team has also had a great recent track record in investigations. Key name Hanno Timner in Berlin continues to represent notebooksbilliger.de in an appeal against a €10.4 million fine by Lower Saxony’s data regulator. He previously acted for telecoms operator 1&1 in persuading the Bonn Regional Court to cut a €9.5 million federal German fine down to €900,000. A team led by van der Wolk, Gillham, Wugmeister and Brussels partner Alja Poler De Zwart have represented an international hospitality organisation before data protection authorities in the UK, Russia, Poland, Germany, China, Italy, the US, Korea, Japan and Ukraine.
There is market-leading and diverse advisory and transactional work too. Gillham has assisted a transaction processor in global data localisation requirements; Washington, DC of counsel Robert Litt has provided plenty of assistance to various clients about surveillance-related issues and the US CLOUD Act; and in deals, Singapore and Hong Kong-based Gordon Milner assisted online gaming sandbox provider Roblox in a joint venture with Tencent that allowed the platform to launch in China. An international hospitality organisation has also received advice on issues as broad as a transition of its lead data protection regulator from the UK to an EU member state, setting up GDPR and other privacy law-compliant contactless check-in processes, data protection impact assessments, privacy notices, employee data collection and US state and Chinese localisation law compliance. Wugmeister, Gillham, Boston partner Julie O’Neill, Poler De Zwart, Shanghai partner Chuan Sun and partner Marian Waldmann Agarwal in New York acted across those mandates.
Morrison Foerster is recognized as an undisputed leader in privacy and data security worldwide. Our multidisciplinary, award-winning Privacy and Data Security Practice Group boasts more than 60 lawyers in offices in the United States, Europe, and Asia.
Our team provides creative and practical advice concerning all stages of the information lifecycle. We work across disciplines, including technology, financial services, life sciences, employment, healthcare, crisis management, transactions, and other fields. We’re counseling, litigating cases, and representing clients before regulators around the world. Our extensive experience with data protection laws and our geographic reach uniquely position us to handle any privacy or data security issue anywhere in the world.
More than 150 countries now have their own data protection laws regulating the collection, use, disclosure, and security of personal information. The complex and sometimes conflicting obligations imposed by these laws can be challenging for companies—but not for us! We’re at the forefront, advising clients on the legal and operational challenges presented by an alphabet soup of global privacy laws. We were selected to litigate the first-ever CCPA class action as well as one of the first-ever GDPR class actions. We’ve also done more Binding Corporate Rules (BCR), a form of corporate self-regulation designed to facilitate global inter-company data transfers in compliance with EU Data Protection Law, than any other firm worldwide.
While we advise on a broad range of privacy compliance and data protection matters, we also offer unparalleled expertise when cybersecurity incidents occur. Our interdisciplinary global risk and crisis management team includes former federal prosecutors and regulators, internationally recognized cybersecurity experts, and former officials at the Department of Justice, in the Intelligence Community, and at the Securities and Exchange Commission, among others. With decades of collective experience across industries—in the private sector and at the highest levels of government—our team can successfully guide clients through major crises. We’ve advised on some of the largest data security incidents in history, across both public and private sectors.
We’re a proven leader in global technology and data law. We help clients navigate the legal and regulatory factors of a full range of issues related to data analytics, AI, and machine learning, including intellectual property, transactional, commercial, privacy and data security, consumer protection, competition, and regulatory issues. We understand the value of data and have extensive experience helping clients find value in their data.
Our deep bench has a long and successful track record developing compliance programs, responding to security incidents, and defending high-stakes litigation that threaten a company’s brand reputation, business model, and bottom line. Our team is efficient, practical, and well‑equipped to meet client needs in any and every situation, in any and every jurisdiction.
Our team is a successful case study of what a commitment to diversity and inclusion can achieve, with women representing roughly 53% of our partners globally and 43% of our lawyers across the practice identifying as diverse or LGBTQ+. We believe that providing our clients with the best possible service happens when there is a diverse group of voices at the table.
We advise hundreds of organizations across all sectors, from ambitious startups to global industry leaders, including nearly half of the Fortune 50. We want to help you with timely, knowledgeable, realistic advice and attorneys available around the globe, 24/7. Talk to us. We’re MoFo.