Privacy and data security attorney Ryan Perry is a Certified Information Privacy Professional/United States (CIPP/US) and a member of the Firm’s Privacy & Data Security Practice Group as well as its Licensing & Commercial Contracts Practice Group. Ryan counsels companies with compliance under various privacy and data security regulatory regimes, leads companies through data protection issues in corporate transactions, advises businesses in responding to security incidents and data breaches, and negotiates commercial contracts (particularly those with complex data sharing arrangements). Ryan advises business clients spanning a variety of different industries at all stages of development.
His regulatory compliance practice involves counseling businesses in crafting bespoke compliance strategies with: the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA); the Virginia Consumer Data Protection Act (VCDPA), the Colorado Privacy Act (CPA), the Utah Consumer Privacy Act (UCPA), the Connecticut Data Privacy Act (CTDPA), and other similar laws in other states; the General Data Protection Regulation (GDPR); the EU-U.S. Data Privacy Framework; the Telephone Consumer Privacy Act (TCPA) and Telemarketing Sales Rule (TSR); the CAN-SPAM Act; the Federal Trade Commission Act (FTC Act) and state analogs; the Graham-Leach-Bliley Act (GLBA); the Children’s Online Privacy Protection Act (COPPA); Washington’s My Health My Data Act (MHMD Act), as well as similar laws in Nevada and Connecticut; the Massachusetts data protection regulations (201 CMR 17); the New York SHIELD Act; and other privacy and data security laws.
As a privacy and data security attorney, Ryan serves as the data protection specialist on corporate transactions, such as mergers and acquisitions and venture and private equity financing transactions. This aspect of his practice involves the review, drafting, and negotiation of privacy and security representations and warranties, as well as guiding companies through the privacy due diligence process.
He is also a trusted advisor to businesses in responding to security incidents and data breaches, helping clients to direct their investigations, to determine what remediation obligations are required by law and contract, and to notify individuals and regulators where necessary. Ryan also counsels businesses in responding to data subjects seeking to exercise their rights under various privacy laws.
Ryan is actively involved in writing and negotiating commercial contracts from all perspectives, particularly those with a strong data focus, including data sharing agreements, data processing agreements, software licensing agreements, Software as a Service (SaaS) agreements.
Prior to joining Morse, Ryan practiced law in the Boston office of Ropes & Gray LLP. During law school, Ryan served as a student attorney at the Boston College Legal Assistance Bureau, where he counseled local non-profits and low income start-ups.
Outside the Office
Ryan is a lover of music, particularly classic and alternative rock. During college Ryan was the lead singer of a band that toured the dive-bar scene of Montreal. Ryan continues to sing as a member of his church choir. He also has a passion for Asian food and enjoys firing up the wok to make traditional Cantonese fare.
Publications
European Commission Approves EU-U.S. Data Privacy Framework
Data Protection Risks in M&A and Investment Transactions
Upcoming UK and EU Data Transfer Deadlines
CCPA Compliance – Required Updates to Privacy Policies
European Commission Adopts New Standard Contractual Clauses for Data Transfers
The California Consumer Privacy Act: Five Ws and an H
The Process of GDPR Compliance: MAP DATA, DOORS O(PEN)
Keeping Employees Interested: Profits Interests, their Potential Business Benefits and Caveats
Speaking Engagements
Speaker, Introduction to Privacy Law for Aging Life Care Professionals, Aging Life Care Association
Moderator, Confronting Privacy Fears: Practical Approaches to Challenges in the U.S. and EU, Morse and Hewitsons
News & Insights
2019-2023 M&A Deals
Morse Announces 2024 Attorney Elevations
M&A News: Morse Client Garvin Construction Products in Acquisition by Beacon
Kevin Olson Earns IAPP Certified Information Privacy Technologist Credentials
Client Alert: European Commission Approves EU-U.S. Data Privacy Framework
Top Trends in Data Privacy
2022 M&A Deals
Client Alert: GLBA Compliance
Data Protection Risks in M&A and Investment Transactions
Client Alert: Upcoming UK and EU Data Transfer Deadlines
2021 M&A Deals
Client Alert: The New Data Transfer SCCs
Client Alert: CCPA Compliance
Client Alert: Standard Contractual Clauses
2017 – 2020 M&A Deals
Morse Announces 2021 Attorney Elevations
EU Regulators Crack Down on Taking Cookies from the Cookie Jar
Client Alert: Privacy Shield Decision
2019 M&A Deals
The California Consumer Privacy Act
Attorney Earns IAPP Certified Information Privacy Professional Credentials
The Process of GDPR Compliance
2017 M&A Deals
2017 VC Deals
Client Alert – Happy Halloween!
Keeping Employees Interested
2016 M&A Deals
Morse Welcomes Two New Corporate Attorneys
WISP – Written Information Security Program
Events
Confronting Privacy Fears: Practical Approaches to Challenges in the U.S. and EU
Corporate Venture Capital: Unique Opportunities and Special Considerations for Startup Companies
2018 VC and M&A Forum
Issuance of Founders’ Equity: What’s the Right Slice of Pie?
Behind the Curtain: An inside look into the operations of VC firms
Tales from the Trenches: Reflections on Successful Exits
Series A Venture Capital Financing: A Review of 2016 and A Look Forward to 2017
-
- MA Rising Stars, 2022 – 2024
