David Kantrowitz is a partner in Goodwin’s Complex Litigation & Dispute Resolution practice and a member of the firm's Data, Privacy and Cybersecurity practice and the firm’s Financial Industry group. Mr. Kantrowitz advises on the full spectrum of privacy and data security matters, including incident response and investigations, M&A diligence and deal support, regulatory counseling, cyber insurance, and litigation. Mr. Kantrowitz has guest lectured on privacy and data security at the MIT Sloan School of Management, is recognized by Legal 500 as a “Next Generation” Cyber Law attorney, and is designated as a Certified Information Privacy Professional (CIPP/US) by the International Association of Privacy Professionals.





Mr. Kantrowitz advises clients on privacy and cybersecurity matters in a variety of industries, including healthcare, technology and the cloud, and financial services. He has advised on complex and high-profile data breaches across the country, and counsels clients on incident response strategy, crisis management, and legal and regulatory obligations. Mr. Kantrowitz has defended companies against regulatory investigations including from the U.S. Department of Health and Human Services Office of Civil Rights, Federal Trade Commission, Securities and Exchange Commission, and by tens of state attorneys general including New York, Connecticut, Indiana, among many others.

He also regularly advises both public and private companies on their privacy and data security policies and practices, and on the risks and benefits of business decisions, from both regulatory and risk management perspectives. Mr. Kantrowitz counsels on the full spectrum of privacy and data security laws including CCPA, GDPR, HIPAA, COPPA, CAN-SPAM, GLBA, SCA, VPPA, state biometric privacy laws, as well as dozens of state privacy and data breach notification statutes. He also frequently advises on privacy and cybersecurity issues in transactions and IPOs. Above all, Mr. Kantrowitz stands out for his practical, actionable advice that guides companies through some of their most pressing and difficult problems.

Mr. Kantrowitz’s recent representative matters include:

Incident Response

  • Represented leading cryptocurrency brokerage in massive data breach that exposed personal information belonging to over one million users.
  • Advised dozens of clients on dozens of Office 365 business email interruption matters, involving anywhere from between one to over 100 affected mailboxes.
  • Counseled health care payment platform in connection with a highly-sophisticated attack on its system that resulted in the theft of over $10 million in customer funds.
  • Advised leading cloud services and identity management company on a massive data breach in which an unauthorized user gained access to the company’s entire U.S. credential database.
  • Guided a leading customer service software company through data security incident that compromised thousands of corporate accounts.
  • Advised multinational education publishing company in connection with data breach involving large number of user records.
  • Represented a global financial services provider on email intrusion that lead to the exposure of thousands of health insurance records, including information protected under HIPAA.

Regulatory Advice & Counseling

  • Advised public financial software company with biometric privacy issues in connection with rollout of new products.
  • Advised dozens of clients on implementation of CCPA, including drafting of privacy policies and contract addenda, and on scope of GLBA exemption.
  • Advised numerous companies including in financial services and tech on COPPA applicability and implementation.
  • Regularly advise and draft privacy policies, terms of use, consent forms and consent screens, and other disclosures.
  • Counseled online video company on VPPA compliance matters.
  • Drafted and negotiated dozens of contract provisions relating to privacy requirements, data security standards, and data breach notification requirements.
  • Conducted due diligence and reverse due diligence for numerous clients on data privacy and cybersecurity issues.

Mr. Kantrowitz also maintains an active pro bono practice, including securing permanent residence status for a Guatemalan unaccompanied minor.


Mr. Kantrowitz has been recognized by Legal 500 as a Rising Star and as a “Next Generation” Cyber Law attorney. While attending law school, Mr. Kantrowitz was an Articles Editor for the Boston University Law Review. He was also a G. Joseph Tauro Distinguished Scholar and Edward F. Hennessey Scholar.

In The News









J.D., 2009
Boston University School of Law

(magna cum laude)

B.A., 2006
University of Pittsburgh

(magna cum laude)


Massachusetts Appeals Court, Honorable Gabrielle R. Wolohojian





U.S. District Court for the District of Massachusetts
U.S. Court of Appeals for the First Circuit
Profile Image
Get In Touch
Our clients rely on us for world-class advisory services, counsel on complex transactional work and high-stakes litigation. Specializing in matters involving the financial, life sciences, private equity, real estate, and technology industries, we use a collaborative, cross-disciplinary approach to resolve our clients’ most challenging issues. To find out more, please contact us.

Unsere Kunden verlassen sich auf unsere erstklassige Beratung, vor allem im Hinblick auf komplexe Transaktionen und High-Stakes-Prozesse. Spezialisiert auf Angelegenheiten der Finanz-, Life-Sciences-, Private-Equity-, Immobilien-und Technologie-Branchen, verwenden wir einen kooperativen und interdisziplinären Ansatz, um Fragen unserer Kunden auch in extremen Spezialsituationen einer Lösung zuzuführen. Sie wollen mehr erfahren? Kontaktieren Sie uns gerne.

Nos équipes interviennent aux côtés de nos clients, industriels, fonds d’investissement, startups, institutions financières et dirigeants, dans le cadre de transactions et de contentieux complexes, et apportent des conseils de tout premier plan dans les secteurs financiers, des Sciences de la Vie, du Private Equity, de l’immobilier et des technologies. Nous traitons les dossiers juridiques de manière intègre, ingénieuse, souple et audacieuse pour répondre efficacement aux enjeux propres à chacun de nos clients, quels que soient la taille de l’opération et le secteur d’activité. Pour en savoir plus, contactez-nous.


Search Other Lawyers
Recherche par Pratique