Skip to main content

Brian H. Lam

Associate

[email protected]

+1.858.314.1583

Follow:
Share:

Brian Lam is a member of Mintz’s Privacy & Security Practice and Technology Transactions Practice. Brian focuses his practice on providing practical advice that enables companies to pursue their business in a competitive environment while reducing risk associated with the collection, use, storage, transfer, and potential loss of data. He frequently negotiates complex data-centric information technology agreements, and designs policies and corresponding controls for the implementation of best practices, compliance with state and federal law, and international considerations. He often reviews the data flows within an organization from both a senior leadership perspective as well as at the implementation level, and provides actionable recommendations to engineer such data flows in order to reduce compliance risk and engender consumer trust.

Brian frequently provides advice to clients that wish to buy or sell corporate entities whose business models leverage data and information technology, including data aggregation, analytics, and open source software.

Brian has been designated a Fellow of Information Privacy (FIP) by the International Association of Privacy Professionals, and is also a Certified Information Privacy Professional (CIPP) (US Specialization), Certified Information Privacy Manager (CIPM), and a Certified Information Systems Security Professional (CISSP). He has a B.S. in Computer Science and an M.S. in Telecommunications from the University of Colorado at Boulder, College of Engineering and Applied Science.

He is also a member of Governor Brown’s California Cybersecurity Task Force, a statewide partnership comprised of key stakeholders, subject matter experts, and cybersecurity professionals from California's public and private sectors, academia, and law enforcement that serves as an advisory body to the State of California Senior Administration Officials in matters related to cybersecurity.

Before becoming an attorney, Brian worked at one of the country’s leading information security firms, where he focused on analyzing the existing network security controls of financial institutions, online merchants, and government organizations. He also conducted penetration tests, provided guidance on PCI-DSS compliance, and assisted federal law enforcement with digital forensics post security incident. Subsequently, he joined one of the world’s largest management consulting and information services firms, where he led efforts to design and implement large-scale information security initiatives for Fortune 500 companies, including one of the world’s largest banking and consumer credit companies.

Education

  • University of Southern California (JD)
  • University of Colorado (MS)
  • University of Colorado (BS)

Recent Insights

News & Press

Viewpoints

Viewpoint

California Governor Floats “Data Dividend” Proposal

February 16, 2019 | Blog | By Brian Lam

On the heels of the passing one of the nation’s leading pieces of privacy legislation, the California Consumer Privacy Protection Act (“CCPA”), Governor Newsom, used his first “State of the State” address, to highlight his position on data protection and privacy, by saying that technology companies “make billions of dollars collecting, curating and monetizing our personal data have a duty to protect it” and that “Consumers have a right to know and control how their data is being used.”   
Viewpoint

California AG’s Office Gets Public Input on CCPA

January 29, 2019 | Blog | By Brian Lam

The California Attorney General’s Office (CAGO) is conducting a series of public hearings around the state to gather input on the California Consumer Privacy Act of 2018 (CCPA). We attended the CAGO’s January 25th, 2019 hearing.  The panel of CAGO staff informed those in attendance to anticipate a Notice of Proposed Regulatory Action in the fall of 2019. 
Viewpoint

WEBINAR – The California Consumer Privacy Law is Here. Get Prepared.

January 17, 2019 | Blog | By Cynthia Larose, Brian Lam

We have been actively covering the California Consumer Privacy Act on our blog as it evolves including here and here.  Please join us on February 6th  for the first webinar in our California Consumer Privacy Act Series. 
Viewpoint

Oath (f/k/a AOL) Agrees to Pay Record Settlement over COPPA Violations

December 12, 2018 | Blog | By Cynthia Larose, Brian Lam

Recently, Oath, a wholly-owned subsidiary of Verizon Communications agreed to pay $4.95 million to settle charges from the New York attorney general’s office that the company’s online advertising business was violating federal law.
Viewpoint
Recently, Amazon refused (registration required) to provide data from an Amazon Echo device in a case involving the a double homicide in response to an order issued by a New Hampshire state judge.  Prosecutors believe that the Echo may have recorded data relevant to the crime; a potential perpetrator has already been charged. 
Viewpoint

“Hey Alexa – Tell Me About Your Security Measures”

October 4, 2018 | Blog | By Brian Lam, Cynthia Larose

California continues to lead the nation in cybersecurity and privacy legislation on the heels of the recent California Consumer Privacy Act of 2018 (“CCPA”).  Governor Brown recently signed into law two nearly identical bills, Assembly Bill No. 1906 and Senate Bill No. 327 (the “Legislation”) each of which required the signing of the other to become law, on September 28th, 2018.
June 28, 2018 will be a watershed day in the history of U.S. data privacy legislation.   California has become the first state to move away from the U.S. approach of legislating data privacy in slow bits.  

Colorado Passes Far Reaching New Privacy and Cybersecurity Law

June 6, 2018 | Blog | By Cynthia Larose, Brian Lam

Recently, a new bill was signed by Colorado Governor John Hickenlooper, creating far reaching new requirements for entities that collect or maintain personal identifying information of Colorado residents. These requirements, which will create one of the strictest state based privacy and data breach laws in the country, will go into effect September 1, 2018. 
Facebook has recently chosen to no longer fund opposition to the California Consumer Privacy Act, which could appear on the California State Ballot as an initiated state statute on November 6, 2018.

SEC Provides New Far-Ranging Cybersecurity Guidance

February 26, 2018 | Alert | By Cynthia Larose, Brian Lam

The Securities and Exchange Commission (“SEC”) released expansive interpretive guidance (“2018 Guidance”), posted February 21, 2018, further building upon its far-reaching cybersecurity guidance provided in 2011. Below are four key takeaways that will be essential in complying with federal securities laws going forward.

News & Press

Mintz is pleased to announce that Brian Lam has been named a Fellow of Information Privacy by the International Association of Privacy Professionals, a global community that helps practitioners develop and advance their careers and organizations manage and protect their data.
In this feature article, Brian Lam speaks on the use of data as a competitive tool for companies; he describes data dexterity as a company’s ability to interact with data in a way competitors cannot, and offers thoughts on evaluating and improving a company’s data dexterity.
Mintz attorney Brian Lam is featured in a Law360 article about proposed legislation to “give a tax credit to companies who purchase data breach insurance and implement a widely respected cybersecurity framework.”
Privacy & Security and Technology Transactions Practices attorney Brian Lam authored this Law360 column discussing the Pokémon Go app and the privacy lessons future app developers can learn from its rapid rise in popularity.