Cynthia J. Larose: Lawyer with Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C.

Cynthia J. Larose


Peer Rating
BV® Distinguished

Client Rating

Featured BV Peer Review Rated Lawyer IconFeatured BV Peer Review Rated Lawyer Icon
Printer Friendly VersionEmail this PageDownload to My Outlook ContactsAdd lawyer to My FavoritesCompare this lawyer to other lawyers in your favorites

Experience & Credentials Ratings & Reviews

Practice Areas

  • Privacy & Security
  • Joint Ventures
  • Strategic Alliances
  • Collaborations & Technology Transfer
  • Cable & Broadband
  • Mergers & Acquisitions
  • International
  • Communications
  • Arts & Entertainment
  • Wireline Communications
  • Product Risk Management & Response
  • Cybersecurity Risk Management
  • Technology
  • Communications & Media
  • Retail & Consumer Products
  • Financial Services
  • Sports
Contact InfoTelephone: 617.348.1732
Fax: 617-542-2241
Internet: Each Attorney's Internet Address takes the following form: first initial, last name (e.g.,
University University of Massachusetts, B.A.; Boston University, M.S.
Law SchoolBoston University, J.D.
Admitted1988, New Hampshire; Massachusetts; District of Columbia

Professional & Community Involvement
•Member, International Association of Privacy Professionals
•Member, Computer Law Association
•Member, Federal Communications Bar Association


Cynthia is Chair of the firm's Privacy & Security Practice and a Certified Information Privacy Professional (CIPP).

She represents companies in information, communications, and technology, including e-commerce and other electronic transactions. She counsels clients through all stages of the “corporate lifecycle,” from start-ups through mid- and later-stage financings to IPO, and has broad experience in technology and business law, including online contracting issues, licensing, domain name issues, software development, and complex outsourcing transactions.

Cynthia has extensive experience in privacy, data security, and information management matters, including state, federal, and international laws and regulations on the use and transfer of information, behavioral advertising, data security breach compliance and incident response, data breach incident response planning, as well as data transfers in the context of mergers and acquisitions and technology transactions.

She conducts privacy audits and risk assessments to determine data and transaction flow and to assess privacy practices, and assists with drafting and implementation of privacy policies and information security policies and procedures and monitoring of privacy “best practices” across all levels of the enterprise.

She is a frequent speaker on privacy issues at conferences and media appearances and presents privacy awareness and compliance training seminars to client companies.

During law school, she was editor-in-chief of the Probate Law Journal.

•Mintz Levin Forms Dedicated Cybersecurity Risk Management Group; Unveils “Safety Suite” of Specialized Services, (01.20.2015)
•Quoted in State AGs Won't Stand Down in Face of Federal Breach Law, Law360 (01.14.2015)
•Quoted in FATCA Compliance Fears Likely Emboldening Phishing Scams, Law360 (09.30.2014)
•Cynthia J. Larose and Jonathan T. Cain to Speak on Data Privacy and Security Roundtable, (09.29.2014)
•Quoted in States Making Tough New Breach Notification Demands, Compliance Week (07.08.2014)
•Quoted in Lawyers Jockey for Business as Data Breaches Reach a Head, New England In-House (06.30.2014)
•Mintz Levin Represents Time Inc. in Acquisition of Cozi Inc., (06.19.2014)
•Fifty-One Mintz Levin Attorneys Featured in Chambers USA 2014 Guide, (05.23.2014)
•Mintz Levin Attorney Cynthia J. Larose to Speak on WBZ Radio Cyber Security Panel, (05.19.2014)
•Quoted in Corporate Risk Management Goes Digital, Corporate Counsel (04.11.2014)
•Quoted in 'Heartbleed' Bug Threatens Breach Reporting Safe Harbor, Law360 (04.09.2014)
•Quoted in Data Braches Put a Dent in Colleges' Finances as Well as Reputations, The Chronicle of Higher Education (03.21.2014)
•Quoted in Holder's Support Boosts Breach Alert Bill, But Hurdles Loom, Law360 (02.25.2014)
•Quoted in The Issues Surrounding the Target Data Breach, Retailing Today (02.24.2014)
•Quoted in Law Firms Race to Get on Top of Data Breach Avalanche, Law360 (01.31.2014)
•Featured in Views on the Target Data Breach, BNA's Privacy and Security Law Report (01.16.2014)
•Quoted in Target Data Breach Could Be Costly for Payment Partners, Reuters (01.14.2014)
•Mintz Levin Attorney Jonathan T. Cain Earns Prestigious U.S. Government Information Privacy Professional Certification, (12.10.2013)
•Mintz Levin Attorney Jake Romero Receives Prestigious Information Privacy Professional Certification, (12.04.2013)
•Quoted in Payment Card Industry Group Retools Data Security, Law360 (11.08.2013)
•Quoted in Security Flaws Land ACA Contractors in Legal Crosshairs, Law360 (11.06.2013)
•Quoted in Judge Cuts Google No Slack in Gmail Wiretap Case, E-Commerce Times (09.27.2013)
•Quoted in Va. Tech Data Breach Reveals Info on 145K Job Applicants, Law360 (09.24.2013)
•Mintz Levin's Cynthia Larose to Speak on Data Breaches to Boston Chapter of Women Corporate Directors, (09.17.2013)
•Quoted in SEC Workers Victimized in Thumb Drive Data Breach, Law360 (07.26.2013)
•Quoted in Retailers Facing Lawsuits over ZIP Code Collections, Boston Business Journal (06.07.2013)
•Forty-Eight Mintz Levin Attorneys Featured in Chambers USA 2013 Guide, (05.24.2013)
•Quoted in As Data Breaches Rise, AGs Emerge as Primary Enforcers, Law360 (05.06.2013)
•Quoted in Zip Codes are Private Info, Says Massachusetts Supreme Court, (03.19.2013)
•Quoted ZIP Code Ruling Puts Retailers in Privacy Hot Seat, Law360 (03.14.2013)
•Quoted in Privacy Regulation and Legislation to Watch in 2013, Law360 (01.01.2013)
•Quoted in Data Thieves Target Checkouts, USA Today (11.06.2012)
•Forty-One Mintz Levin Attorneys Featured in Chambers USA 2012 Guide, (06.07.2012)
•Quoted in Privacy Legislation and Regulation to Watch in 2012, Law360 (01.01.2012)
•Mintz Levin Attorney Cynthia Larose to Moderate Panel at 2011 MIT Sloan CFO Summit, (11.04.2011)
•Quoted in Liability in Credit Card Breach Suits Tied to Strict Industry Standards, Massachusetts Lawyers Weekly (05.16.2011)
•Thirty Four Mintz Levin Attorneys Featured in Chambers USA 2011 Guide, (03.21.2011)
•Webinar: Export Licenses - What you need to know for compliance, (01.20.2011)
•Mintz Levin Represents Alphatec Holdings, Inc. in $92 Million Public Offering, (04.22.2010)
•Cynthia Larose to Receive Boston University Woman's Law Association 2010 Leila Josephine Robinson Award, (04.08.2010)
•Mintz Levin Adds Six Attorneys to Chambers USA 2010 Guide, (03.23.2010)
•Three Mintz Levin Attorneys Named in the Top Ten Corporate Lawyers in Boston by Women's Business Boston, (01.13.2010)
•Featured in Top Ten Corporate Lawyers, Women's Business Boston (01.01.2010)
•Cynthia Larose Recognized in the Top Ten Corporate Lawyers in Boston by Women's Business Boston, (01.08.2009)
•Mintz Levin Represents Massachusetts Educational Financing Authority in $400 Million Bond Offering, (09.26.2008)

Awards & Recognitions
Chambers USA: Nationwide - Privacy & Data Security (2010 - 2014)
Chambers Global: Privacy & Data Security (2011 - 2012)
•Woman of Technology 2001 by Women in Technology, Inc.
Two Thousand Notable American Women (2001)
Women's Business Boston: Top 10 Women Lawyers in Boston (2005)
Women's Business Boston: Top 10 Corporate Lawyers in Boston (2009 - 2010)
•Named a Rising Star by Boston Magazine (2011)
•Leila Josephine Robinson Award, Boston University Woman's Law Association (2010)
Boston Digital Industry News: Best General Lawyer for a High-Tech Firm
Massachusetts Super Lawyers: Rising Star - Information Technology/Outsourcing (2005)

•Co-author, Time to Step Up Your COPPA Compliance, Privacy & Security Advisory (09.25.2014)
•Co-author, Making Privacy Practices Public: the California Attorney General's New Guidelines Keep the Focus on the Consumer's Perspective and New Disclosure Requirements, Privacy & Security Alert (06.05.2014)
•Co-author, FTC Data Security Authority Confirmed, For Now: Wyndham's Motion to Dismiss Denied, Privacy & Security Alert (04.14.2014)
•Co-author, Stop Phoning It in on Mobile Security: What Your Business Needs to Know About the FTC's Settlements with Fandango and Credit Karma, Privacy & Security Alert (04.03.2014)
•Co-author, A Guide to FDA Postmarketing Submission Requirements and Reporting Interactive Promotional, Joint Alert: Corporate & Securities Life Sciences Privacy & Security (02.21.2014)
•Co-author, To 8-K or Not - For Target, That Is Indeed the Question, Law360 (01.30.2014)
•Co-author, Collection of Email Addresses in Credit Card Transactions May Be Prohibited by California Law, Joint Alert: Privacy & Security Retail & Consumer Products (12.10.2013)
•Co-author, Golden State Privacy Warriors: California Has Just Passed a Number of Data Privacy Laws; Here Are Your Next Steps, Privacy & Security Alert (10.08.2013)
•Co-author, NSA Surveillance Causes More Grief - Germany Calls for a Stop to Safe Harbor: Time for Binding Corporate Rules?, Cyberspace Lawyer (08.2013)
•Co-author, Best Practices on Security of Mobile Devices Recently Issued by NIST, Privacy & Security Alert (07.08.2013)
•Co-author, Guide to Compliance with the Amended COPPA Rule, Privacy & Security Alert (06.27.2013)
•Co-author, New Cybersecurity Guidance Released by the National Institute of Standards and Technology: What You Need to Know for Your Business, Privacy & Security Alert (06.10.2013)
•Co-author, Delta Finds Reprieve in State Court, but Not Everyone Will Get to Fly the Friendly Skies, Privacy & Security Alert (06.03.2013)
•Co-author, SEC and CFTC Issue Final Joint Rules on “Red Flags” Compliance, Privacy & Security Securities Alert (04.24.2013)
•Author, SJC to Retailers: Be Careful What You Ask For, Boston Business Journal (04.05.2013)
•Co-author, Massachusetts Supreme Judicial Court Rules That Retailers May Be Sued for Wrongful Use of Customer Zip Codes Recorded During Credit Card Sales, Privacy and Security (03.14.2013)
•Co-author, FTC Guidelines for Mobile Applications: New Standards for Transparency and Notification Dictate Responsibilities for All Parties Involved, Privacy Alert (02.28.2013)
•Co-author, The New HIPAA Omnibus Rule & Your Liability, Advisory (02.15.2013)
•Co-author, Integrating Employees' Smart Devices into the Workplace, New York Law Journal (12.13.2012)
•Co-author, Federal Trade Commission Brings Two Enforcement Actions Related to Peer-to-Peer Networks, Privacy & Security Alert (06.11.2012)
•Co-author, Keeping the FTC Out of Your Space: Lessons from Myspace, Law360 (05.30.2012)
•Co-author, The Facebook IPO and Disclosure of Cybersecurity and Privacy Risks: Tips and Lessons for Practitioners, Bloomberg Law Reports: Securities Law (03.19.2012)
•Co-author, Privacy-on-the-Go: California Attorney General and Major Mobile Application Platforms Agree to Privacy Principles for Mobile Applications, Emerging Companies & Privacy Alert (03.12.2012)
•Co-author, What the EU's Data Protection Proposal Means for Your Business, Privacy & Security Alert (02.09.2012)
•Author, New Year's Resolutions - Privacy & Security, Privacy & Security Alert (01.09.2012)
•Co-author, California's New Forced Labor Disclosure Law: Empowering Consumers while Burdening the Supply Chain, Corporate Compliance Alert (01.06.2012)
•Co-author, SEC Provides Disclosure Guidance on Cybersecurity, Securities Law/Privacy Alert (10.20.2011)
•Once more into the Breach: Are We Learning Anything?, Westlaw Journal Automotive (07.19.2011)
•Author, New Form I-129 Requires Immediate Employer Attention to “Deemed Export” Issues, Immigration Alert (12.01.2010)
•Co-author, Don't Shoot the Messenger: Another Court Cautions against Retaliating against Employees Who Report Data Security Concerns, Employment, Labor & Benefits Alert (11.23.2010)
•Author, FTC Closes Blogger Marketing Investigation, FTC Consumer Protection Alert (04.30.2010)
•Author, Popular Restaurant Chain Settles Federal Trade Commission Data Breach Charges, Privacy & Security Alert (03.29.2010)
•Co-author, Is Your Electronic Health Record Technology Meaningful?, Health Care Reform Advisory (03.05.2010)
•Author, Tick-Tock: It's February 1 - The Countdown to Compliance with the Massachusetts Data Security Regulations Has Begun!, Privacy & Security Alert (02.01.2010)
•Third Circuit Rejects FCC Finding That AT&T Lacks Personal Privacy under Federal Freedom of Information Act Definition, Telecommunications Privacy Alert (10.02.2009)
•Author, Smart Grid Privacy Issues To Be Examined by the Federal Communications Commission - Comment Period through October 2, 2009, Energy & Clean Technology Alert (09.25.2009)
•Author, The New Massachusetts Data Security Requirements: Additional Obligations or More of the Same?, Employee Benefit News (07.24.2009)
•FTC Alleges Some “Green” Marketing Claims Are Dirty, Consumer Protection Advisory (06.11.2009)
•Co-author, Supreme Court Upholds Requirement that the Government Prove Knowledge of Identity Theft, Privacy & Security Alert (05.13.2009)
•Author, Stay of Execution of Red Flag Enforcement FTC Announces Three-Month Delay of Enforcement of “Red Flags Rule”, Privacy & Security Alert (05.01.2009)
•Author, Identity Theft Red Flag Program Compliance Deadline Rapidly Approaching, Health Law Alert (04.23.2009)
•Co-author, FTC Releases Staff Report Announcing Self-Regulatory Principles for Online Behavioral Advertising, Privacy & Security Communications Alert (03.02.2009)
•Co-author, Massachusetts Extends Deadline for Compliance with Data Security Regulations to January 1, 2010, Privacy & Security Alert (02.18.2009)
•Co-author, Office of Consumer Affairs and Business Regulation Faces Growing Criticism Over Data Security Regulations' Content and Implementation Date, Privacy & Security Alert (01.30.2009)
•Co-author, Massachusetts Data Security Standards, Intellectual Property Counselor (01.2009)
•Co-author, Privacy Compliance 101: Why Massachusetts Data Security Standards DO Affect You, (12.01.2008)
•Author, Bureau of Industry and Security Announces Intra-Company Transfer License Exception, International Trade Alert (10.21.2008)
•Massachusetts New Data Security Regulations Effective January 1, 2009, Privacy & Security Alert (10.02.2008)
•Author, The FTC Approves Long-Awaited CAN-SPAM Discretionary Rule, Privacy & Security Alert (05.13.2008)
•Author, Proposed Amendments May Expand Protection of Consumer Financial Information in the Securities Industry, Privacy & Security Advisory (04.28.2008)
•Author, The 40th State, Privacy Alert: Virginia (04.10.2008)
•FTC Proposes Self-Regulatory Principles for Ehavioral Online Advertising, (01.29.2008)

Speaking Engagements
•Moderator, Not If, But When: Cyber Security for Companies in an Age of Inevitable Hacks/Attacks/Breaches, National Association of Corporate Directors, New England Chapter, Newton, MA (03.10.2015)
•Speaker, Dealer Data: Don't Be a Headline, Massachusetts State Auto Dealers Association Annual Summit, Massachusetts State Auto Dealers Association, Boston, MA (01.16.2015)
•Panelist, IoT: War on Privacy, Cyberfest 2014, San Diego, CA (10.01.2014)
•Panelist, Best practices for assessing, preparing for, and responding to data breach incidents., Data Privacy and Security Roundtable: Anticipating the Inevitable, San Francisco, CA (09.30.2014)
•Speaker, Higher Education Data Breach Response: What to Do and What Not to Do, The Boston Consortium for Higher Education, Boston Consortium for Higher Education, Wellesley, MA (06.19.2014)
•Speaker, Legal Issues: SEC Guidance on Shareholder Communications and Social Media, Corporate Directors Group Boston, Corporate Directors Group Boston, Dedham, MA (06.12.2014)
•Panelist, Cyber Security and Safety: Protecting Yourself and Your Business from Cyber Crime, TD Bank WBZ Business Breakfast, Boston, MA (06.12.2014)
•Security Breaches, Target, and How It All Affects You, NorthEast Disaster Recovery X-Change (NEDRIX), Quincy, MA (05.07.2014)
•Panelist, Risk-based Approach to Cyber Security, ALM, Corporate Counsel, and United Lex (04.10.2014)
•Speaker, Technology Law Update: Recent Developments in Social Media & Internet Law, Social Media: Legal Risks and Strategies , New England Corporate Counsel Association, Inc. (NECCA), Waltham, MA (04.02.2014)
•Moderator, NIST Framework: How to Best Mitigate Cyber Risk for Your Organization, Mintz Levin, Boston, MA (03.25.2014)
•Moderator, Cybersecurity: How to Manage the Risk, Hispanic National Bar Association Conference, Orlando, FL (03.20.2014)
•Panelist, Privacy, Broadband and Cable Industry Law 2014, Practising Law Institute, New York, NY (01.27.2014)
•Speaker, Employee Data Privacy / What HR Needs to Know, The TemPositions Group of Companies, New York, NY (11.14.2013)
•Speaker, Cybersecurity Risk and the Board of Directors, Women Corporate Directors (10.07.2013)
•Panelist, Big Data Business Law: Grappling with Godzilla - Global Best Practices for Data Analytics, International Bar Association Annual Meeting, International Bar Association, Boston, MA (10.07.2013)
•Cyber-Security and Data Privacy: Advising Corporate Leadership On Critical Risk Issues, Technology and In-house Counsel: Managing To Protect And Enhance Your Business, Suffolk University 2nd Annual Corporate Counsel Institute (10.04.2013)
•Panelist, Cybersecurity: It's Not Just for IT Anymore, Mintz Levin, Willis FINEX North America, Kroll Advisory Solutions, Boston, MA (09.26.2013)
•Speaker, After Patco: What is Legally Defensible Security in a Commercial Customer Relationship, Northwest Summit for Financial Professionals, Association for Financial Professionals, Seattle, WA (05.10.2013)
•Panelist, Cyber Security: Advising Corporate Leaders on Critical Risk Issues, New England Legal Foundation, Boston, MA (05.02.2013)
•Speaker, Outsourcing Services to a Third Party - Privacy Impacts and Service Organization Control Reports, Mayer Hoffman McCann P.C. and Mintz Levin, Webinar (05.02.2013)
•Speaker, Safe Social Media Policies for HR Managers Panel, Ascentis, Webinar (04.09.2013)
•Speaker, The New HIPAA Omnibus Rule & Your Liability, Mintz Levin, Webinar (01.30.2013)
•Panelist, Privacy, Broadband and Cable Industry Law 2013, PLI, Webinar (01.28.2013)
•Panelist, Legal & Compliance Issues in Information Security, 2012 Blackstone General Counsel Conference, New York, NY (11.15.2012)
•Speaker, The Era of Big Data - Governance, Risk and Compliance Issues, Association of Corporate Counsel, San Diego, CA (10.18.2012)
•Speaker, Learn About Network Security, Privacy Risk, and Ways to Help Protect Your Business, Wells Fargo Insurance Services USA, Boston, MA (09.24.2012)
•Panelist, Real World Strategies for Managing Real Risks to Your Business, Security and IP Special Interest Groups of CommNexus, San Diego, CA (09.19.2012)
•Speaker, Hands-On Data Security Compliance Workshop, WinMagic, Lenovo, and Mintz Levin, Irvine, CA & La Jolla, CA (06.28.2011)
•Speaker, IAPP Privacy Bootcamp, International Association of Privacy Professionals, Waltham, MA (06.17.2011)
•Speaker, Privacy & Security Under HIPAA / HITECH in an Era of Heightened Enforcement, Mintz Levin, Webinar (06.01.2011)
•Speaker, Data Privacy and Security Issues for the Not-for-Profit: 201 CMR 17.00, PCI, and Other Acronyms You Should Know, Data Privacy and Security Issues for the Not-for-Profit: 201 CMR 17.00, PCI, and Other Acronyms You, Mintz Levin, Webinar (05.04.2011)
•Panelist, Privacy and Information Security Landscape in the Wake of WikiLeaks, Association of Latino Professionals in Finance and Accounting, Boston, MA (04.07.2011)
•Speaker, Privacy Compliance and Data Security Protocols, Mintz Levin, Boston, MA (03.23.2011)
•Panelist, MRIMS Educational Spring Conference, Massachusetts Risk and Insurance Management Society, Waltham, MA (03.17.2011)
•Speaker, Privacy Compliance and Data Security Protocols, Mintz Levin, New York, NY (02.08.2011)
•Speaker, Export Licenses: What You Need to Know for Compliance, Mintz Levin, Webinar (01.20.2011)
•Speaker, You're Being Followed - Online Privacy Today, Digital Media SIG Event, MIT Enterprise Forum (11.15.2010)
•Panelist, Health Care and Massachusetts Data Protection Laws, Mintz Levin, Boston, MA (09.21.2010)
•Speaker, Massachusetts Data Security Regulations: Demystifying the Details, Northeast Human Resources Association, Webinar (05.10.2010)
•Panelist, Demystifying the Massachusetts Data Protection Law: A Hands-On Workshop, MFA - Moody, Famiglietti & Andronico, LLP, Tewksbury, MA (03.25.2010)
•Speaker, Data Security Issues in Licensing Deals, IP Licensing Subcommittee (02.18.2010)
•Speaker, Privacy Training and Awareness, International Association of Privacy Professionals KnowledgeNet Series (01.28.2010)

Video Insights
Cynthia Larose takes companies through preparing for and responding to a data breach.


Documents by this lawyer on

Subscribe to this feed

It’s 11:30 PM, Do You Know Where Your Data Is? Privacy & Connected Devices
Cynthia J. Larose, October 13, 2014
This marks the second week of National Cyber Security Awareness Month, and one focused on the Secure Development of IT Products, so it seems only appropriate to discuss security and The Internet of Things and a recent panel discussion on privacy and IoT.

Nude Photos and National Cyber Security Awareness Month
Cynthia J. Larose, October 13, 2014
October is National Cyber Security Awareness Month. This is an opportunity to remind employees (and yourselves) about how to keep corporate networks and their own cyber lives secure. All month, we will post articles that might be useful for distribution as “reminders....” along...

Time to Step Up Your COPPA Compliance
Cynthia J. Larose,Julia M. Siripurapu, October 3, 2014
The Federal Trade Commission (FTC) has made good on its promise to actively enforce the recently amended Children’s Online Privacy Protection Act (COPPA). Here is what you should know about the latest enforcement actions against Yelp and TinyCo and how these might affect your business.

View Ratings & Reviews
Profile Visibility
#163 in weekly profile views out of 20,115 lawyers in Boston, Massachusetts
#17,094 in weekly profile views out of 1,673,393 total lawyers Overall

Office Information

Cynthia J. Larose

BostonMA 02111


Professional Networking for Legal Professionals Only

Quickly and easily expand your professional
network - join the premier global network for legal professionals only. It's powered by the
Martindale-Hubbell database - over 1,000,000 lawyers strong.
Join Now