Cynthia J. Larose: Lawyer with Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C.

Cynthia J. Larose


Peer Rating
BV® Distinguished

Client Rating

Featured BV Peer Review Rated Lawyer IconFeatured BV Peer Review Rated Lawyer Icon
Printer Friendly VersionEmail this PageDownload to My Outlook ContactsAdd lawyer to My FavoritesCompare this lawyer to other lawyers in your favorites

Experience & Credentials Ratings & Reviews

Practice Areas

  • Privacy & Security
  • Joint Ventures
  • Strategic Alliances
  • Collaborations & Technology Transfer
  • Cable & Broadband
  • Mergers & Acquisitions
  • International
  • Communications
  • Wireline Communications
  • Product Risk Management & Response
  • Cybersecurity Risk Management
  • Technology
  • Communications & Media
  • Retail & Consumer Products
  • Financial Services
  • Sports
  • Arts & Entertainment
  • Staffing & Outsourcing
Contact InfoTelephone: 617.348.1732
Fax: 617-542-2241
Internet: Each Attorney's Internet Address takes the following form: first initial, last name (e.g.,
University University of Massachusetts, B.A.; Boston University, M.S.
Law SchoolBoston University, J.D.
Admitted1988, New Hampshire; Massachusetts; District of Columbia

Professional & Community Involvement
•Member, International Association of Privacy Professionals
•Member, Computer Law Association
•Member, Federal Communications Bar Association


Cynthia is Chair of the firm's Privacy & Security Practice and a Certified Information Privacy Professional (CIPP).

She represents companies in information, communications, and technology, including e-commerce and other electronic transactions. She counsels clients through all stages of the “corporate lifecycle,” from start-ups through mid- and later-stage financings to IPO, and has broad experience in technology and business law, including online contracting issues, licensing, domain name issues, software development, and complex outsourcing transactions.

Cynthia has extensive experience in privacy, data security, and information management matters, including state, federal, and international laws and regulations on the use and transfer of information, behavioral advertising, data security breach compliance and incident response, data breach incident response planning, as well as data transfers in the context of mergers and acquisitions and technology transactions.

She conducts privacy audits and risk assessments to determine data and transaction flow and to assess privacy practices, and assists with drafting and implementation of privacy policies and information security policies and procedures and monitoring of privacy “best practices” across all levels of the enterprise.

She is a frequent speaker on privacy issues at conferences and media appearances and presents privacy awareness and compliance training seminars to client companies.

During law school, she was editor-in-chief of the Probate Law Journal.

Recognitions & Awards

Chambers USA: Nationwide - Privacy & Data Security (2010 - 2015)
Chambers Global: Privacy & Data Security (2011 - 2012)
•Woman of Technology 2001 by Women in Technology, Inc.
Two Thousand Notable American Women (2001)
Women's Business Boston: Top 10 Women Lawyers in Boston (2005)
Women's Business Boston: Top 10 Corporate Lawyers in Boston (2009 - 2010)
•Named a Rising Star by Boston Magazine (2011)
•Leila Josephine Robinson Award, Boston University Woman's Law Association (2010)
Boston Digital Industry News: Best General Lawyer for a High-Tech Firm
Massachusetts Super Lawyers: Rising Star - Information Technology/Outsourcing (2005)

•Co-author, FTC Takes Action Against Retail Tracking Start-Up Nomi Technologies, Privacy Alert (04.29.2015)
•Co-author, Cyber Extortion: What to Do When Your Data is Being Held for Ransom?, National Association of Corporate Directors (03.10.2015)
•Co-author, Time to Step Up Your COPPA Compliance, Privacy & Security Advisory (09.25.2014)
•Co-author, Making Privacy Practices Public: the California Attorney General's New Guidelines Keep the Focus on the Consumer's Perspective and New Disclosure Requirements, Privacy & Security Alert (06.05.2014)
•Co-author, FTC Data Security Authority Confirmed, For Now: Wyndham's Motion to Dismiss Denied, Privacy & Security Alert (04.14.2014)
•Co-author, Stop Phoning It in on Mobile Security: What Your Business Needs to Know About the FTC's Settlements with Fandango and Credit Karma, Privacy & Security Alert (04.03.2014)
•Co-author, A Guide to FDA Postmarketing Submission Requirements and Reporting Interactive Promotional, Joint Alert: Corporate & Securities Life Sciences Privacy & Security (02.21.2014)
•Co-author, To 8-K or Not - For Target, That Is Indeed the Question, Law360 (01.30.2014)
•Co-author, Collection of Email Addresses in Credit Card Transactions May Be Prohibited by California Law, Joint Alert: Privacy & Security Retail & Consumer Products (12.10.2013)
•Co-author, Golden State Privacy Warriors: California Has Just Passed a Number of Data Privacy Laws; Here Are Your Next Steps, Privacy & Security Alert (10.08.2013)
•Co-author, NSA Surveillance Causes More Grief - Germany Calls for a Stop to Safe Harbor: Time for Binding Corporate Rules?, Cyberspace Lawyer (08.2013)
•Co-author, Best Practices on Security of Mobile Devices Recently Issued by NIST, Privacy & Security Alert (07.08.2013)
•Co-author, Guide to Compliance with the Amended COPPA Rule, Privacy & Security Alert (06.27.2013)
•Co-author, New Cybersecurity Guidance Released by the National Institute of Standards and Technology: What You Need to Know for Your Business, Privacy & Security Alert (06.10.2013)
•Co-author, Delta Finds Reprieve in State Court, but Not Everyone Will Get to Fly the Friendly Skies, Privacy & Security Alert (06.03.2013)
•Co-author, SEC and CFTC Issue Final Joint Rules on “Red Flags” Compliance, Privacy & Security Securities Alert (04.24.2013)
•Author, SJC to Retailers: Be Careful What You Ask For, Boston Business Journal (04.05.2013)
•Co-author, Massachusetts Supreme Judicial Court Rules That Retailers May Be Sued for Wrongful Use of Customer Zip Codes Recorded During Credit Card Sales, Privacy and Security (03.14.2013)
•Co-author, FTC Guidelines for Mobile Applications: New Standards for Transparency and Notification Dictate Responsibilities for All Parties Involved, Privacy Alert (02.28.2013)
•Co-author, The New HIPAA Omnibus Rule & Your Liability, Advisory (02.15.2013)
•Co-author, Integrating Employees' Smart Devices into the Workplace, New York Law Journal (12.13.2012)
•Co-author, Federal Trade Commission Brings Two Enforcement Actions Related to Peer-to-Peer Networks, Privacy & Security Alert (06.11.2012)
•Co-author, Keeping the FTC Out of Your Space: Lessons from Myspace, Law360 (05.30.2012)
•Co-author, The Facebook IPO and Disclosure of Cybersecurity and Privacy Risks: Tips and Lessons for Practitioners, Bloomberg Law Reports: Securities Law (03.19.2012)
•Co-author, Privacy-on-the-Go: California Attorney General and Major Mobile Application Platforms Agree to Privacy Principles for Mobile Applications, Emerging Companies & Privacy Alert (03.12.2012)

Video Insights
Cynthia Larose takes companies through preparing for and responding to a data breach.

Speaking Engagements

• Speaker, Cybersecurity for the Utility Industry, 2015 American Society of Mechanical Engineers Power & Energy Conference, San Diego, CA (06.29.2015)
• Moderator, Risk Assessment Best Practices & Data Breach Readiness, Webinar (06.24.2015)
• Panelist, Hot Topics in Global Healthcare Information Privacy, Data Protection and Security, IAPP KnowledgeNet, Boston, MA (05.14.2015)
• Speaker, Privacy in the Workplace, Massachusetts Employment Law Summit, Mintz Levin, Boston, MA (05.13.2015)
• Moderator, Not If, But When: Cyber Security for Companies in an Age of Inevitable Hacks, Attacks & Breaches, National Association of Corporate Directors, New England Chapter, Newton, MA (03.10.2015)
• Speaker, Dealer Data: Don't Be a Headline, Massachusetts State Auto Dealers Association Annual Summit, Massachusetts State Auto Dealers Association, Boston, MA (01.16.2015)
• Panelist, IoT: War on Privacy, Cyberfest 2014, San Diego, CA (10.01.2014)
• Panelist, Best practices for assessing, preparing for, and responding to data breach incidents., Data Privacy and Security Roundtable: Anticipating the Inevitable, San Francisco, CA (09.30.2014)
• Speaker, Higher Education Data Breach Response: What to Do and What Not to Do, The Boston Consortium for Higher Education, Boston Consortium for Higher Education, Wellesley, MA (06.19.2014)
• Speaker, Legal Issues: SEC Guidance on Shareholder Communications and Social Media, Corporate Directors Group Boston, Corporate Directors Group Boston, Dedham, MA (06.12.2014)
• Panelist, Cyber Security and Safety: Protecting Yourself and Your Business from Cyber Crime, TD Bank WBZ Business Breakfast, Boston, MA (06.12.2014)
• Security Breaches, Target, and How It All Affects You, NorthEast Disaster Recovery X-Change (NEDRIX), Quincy, MA (05.07.2014)
• Panelist, Risk-based Approach to Cyber Security, ALM, Corporate Counsel, and United Lex (04.10.2014)
• Speaker, Technology Law Update: Recent Developments in Social Media & Internet Law, Social Media: Legal Risks and Strategies , New England Corporate Counsel Association, Inc. (NECCA), Waltham, MA (04.02.2014)
• Moderator, NIST Framework: How to Best Mitigate Cyber Risk for Your Organization, Mintz Levin, Boston, MA (03.25.2014)
• Moderator, Cybersecurity: How to Manage the Risk, Hispanic National Bar Association Conference, Orlando, FL (03.20.2014)
• Panelist, Privacy, Broadband and Cable Industry Law 2014, Practising Law Institute, New York, NY (01.27.2014)
• Speaker, Employee Data Privacy / What HR Needs to Know, The TemPositions Group of Companies, New York, NY (11.14.2013)
• Speaker, Cybersecurity Risk and the Board of Directors, Women Corporate Directors (10.07.2013)
• Panelist, Big Data Business Law: Grappling with Godzilla - Global Best Practices for Data Analytics, International Bar Association Annual Meeting, International Bar Association, Boston, MA (10.07.2013)
• Cyber-Security and Data Privacy: Advising Corporate Leadership On Critical Risk Issues, Technology and In-house Counsel: Managing To Protect And Enhance Your Business, Suffolk University 2nd Annual Corporate Counsel Institute (10.04.2013)
• Panelist, Cybersecurity: It's Not Just for IT Anymore, Mintz Levin, Willis FINEX North America, Kroll Advisory Solutions, Boston, MA (09.26.2013)
• Speaker, After Patco: What is Legally Defensible Security in a Commercial Customer Relationship, Northwest Summit for Financial Professionals, Association for Financial Professionals, Seattle, WA (05.10.2013)
• Panelist, Cyber Security: Advising Corporate Leaders on Critical Risk Issues, New England Legal Foundation, Boston, MA (05.02.2013)
• Speaker, Outsourcing Services to a Third Party - Privacy Impacts and Service Organization Control Reports, Mayer Hoffman McCann P.C. and Mintz Levin, Webinar (05.02.2013)
• Speaker, Safe Social Media Policies for HR Managers Panel, Ascentis, Webinar (04.09.2013)
• Speaker, The New HIPAA Omnibus Rule & Your Liability, Mintz Levin, Webinar (01.30.2013)
• Panelist, Privacy, Broadband and Cable Industry Law 2013, PLI, Webinar (01.28.2013)
• Panelist, Legal & Compliance Issues in Information Security, 2012 Blackstone General Counsel Conference, New York, NY (11.15.2012)
• Speaker, The Era of Big Data - Governance, Risk and Compliance Issues, Association of Corporate Counsel, San Diego, CA (10.18.2012)
• Speaker, Learn About Network Security, Privacy Risk, and Ways to Help Protect Your Business, Wells Fargo Insurance Services USA, Boston, MA (09.24.2012)
• Panelist, Real World Strategies for Managing Real Risks to Your Business, Security and IP Special Interest Groups of CommNexus, San Diego, CA (09.19.2012)
• Speaker, Hands-On Data Security Compliance Workshop, WinMagic, Lenovo, and Mintz Levin, Irvine, CA & La Jolla, CA (06.28.2011)
• Speaker, IAPP Privacy Bootcamp, International Association of Privacy Professionals, Waltham, MA (06.17.2011)
• Speaker, Privacy & Security Under HIPAA / HITECH in an Era of Heightened Enforcement, Mintz Levin, Webinar (06.01.2011)
• Speaker, Data Privacy and Security Issues for the Not-for-Profit: 201 CMR 17.00, PCI, and Other Acronyms You Should Know, Data Privacy and Security Issues for the Not-for-Profit: 201 CMR 17.00, PCI, and Other Acronyms You, Mintz Levin, Webinar (05.04.2011)
• Panelist, Privacy and Information Security Landscape in the Wake of WikiLeaks, Association of Latino Professionals in Finance and Accounting, Boston, MA (04.07.2011)
• Speaker, Privacy Compliance and Data Security Protocols, Mintz Levin, Boston, MA (03.23.2011)
• Panelist, MRIMS Educational Spring Conference, Massachusetts Risk and Insurance Management Society, Waltham, MA (03.17.2011)
• Speaker, Privacy Compliance and Data Security Protocols, Mintz Levin, New York, NY (02.08.2011)
• Speaker, Export Licenses: What You Need to Know for Compliance, Mintz Levin, Webinar (01.20.2011)
• Speaker, You're Being Followed - Online Privacy Today, Digital Media SIG Event, MIT Enterprise Forum (11.15.2010)
• Panelist, Health Care and Massachusetts Data Protection Laws, Mintz Levin, Boston, MA (09.21.2010)
• Speaker, Massachusetts Data Security Regulations: Demystifying the Details, Northeast Human Resources Association, Webinar (05.10.2010)
• Panelist, Demystifying the Massachusetts Data Protection Law: A Hands-On Workshop, MFA - Moody, Famiglietti & Andronico, LLP, Tewksbury, MA (03.25.2010)
• Speaker, Data Security Issues in Licensing Deals, IP Licensing Subcommittee (02.18.2010)
• Speaker, Privacy Training and Awareness, International Association of Privacy Professionals KnowledgeNet Series (01.28.2010)


Documents by this lawyer on

Subscribe to this feed

FTC Takes Action Against Retail Tracking Start-Up Nomi Technologies
Peter H Day,Cynthia J. Larose, May 6, 2015
On Thursday, April 23, the FTC settled deception charges against start-up Nomi Technologies, Inc. related to Nomi’s in-store, sensor-based, tracking technology.1 This is the first FTC enforcement action against emerging retail store-based tracking technologies.

White House Proposes National Data Breach Notification Standard
Cynthia J. Larose,Ari Z. Moskowitz, March 25, 2015
This has been a big week for cybersecurity announcements from Washington. In what the White House has called a series of “SOTU Spoilers,” President Obama announced his intention to follow through on some of the recommendations in his administration’s Big Data report - the...

It’s 11:30 PM, Do You Know Where Your Data Is? Privacy & Connected Devices
Cynthia J. Larose, October 13, 2014
This marks the second week of National Cyber Security Awareness Month, and one focused on the Secure Development of IT Products, so it seems only appropriate to discuss security and The Internet of Things and a recent panel discussion on privacy and IoT.

View Ratings & Reviews
Profile Visibility
#1,372 in weekly profile views out of 20,444 lawyers in Boston, Massachusetts
#104,626 in weekly profile views out of 1,711,087 total lawyers Overall

Office Information

Cynthia J. Larose

BostonMA 02111


Professional Networking for Legal Professionals Only

Quickly and easily expand your professional
network - join the premier global network for legal professionals only. It's powered by the
Martindale-Hubbell database - over 1,000,000 lawyers strong.
Join Now