Overview
Mark Rasch has more than 30 years of experience in cybersecurity and data privacy – including within the U.S. Department of Justice, where he created the DOJ Computer Crime Unit and Cyber-Forensics practice and prosecuted many early hacker cases including that of Robert Tappan Morris, the so-called “Cornell Internet Worm” in 1988. He was also instrumental in the investigations of the Cuckoo’s Egg “Hannover hackers” case, the prosecution of Kevin Mitnick, Kevin Poulsen, the Craigslist Murder case in Boston, and the Bradley/Chelsea Manning investigation. Mark is a talented and sought-after attorney and valuable asset to KJK’s Cybersecurity, Data Breach & Privacy team. His experience includes advising Fortune 100 companies on international cybersecurity and privacy compliance issues, data breach management, cloud security, The Internet of things (IoT) and AI and machine learning. Additionally, he is regularly called upon to help entities in the financial services, healthcare, entertainment, retail and manufacturing sectors.
Mark has distinguished himself as a thought leader in the cybersecurity and data privacy space, having authored more than 1,200 articles and books on the topic. He is a frequent commentator in the media, providing insight on internet-related issues to outlets including CNN, NBC, BBC, Fox News, CBC, ABC, the Wall Street Journal, the New York Times and more.
Mark has also developed and taught courses in law, cybersecurity, cyber-forensics, digital investigation, data compliance, incident response, privacy and media law at various academic institutions across the country, including Harvard Law School, George Washington University law school and school of engineering, University of Maryland, Massachusetts Institute of Technology, American University law school and school of public policy, Georgetown University, James Madison University, Stanford University and George Mason University.
Mark holds a Bachelor of Arts degree in political science and biology from the State University of New York at Albany and a Juris Doctorate from the State University of New York at Buffalo School of Law.
Outside of his law practice, Mark is a rabid fan of the 2019 World Champion Washington Nationals who hope to repeat whenever the next season is played.
At GWU, Mark taught a course in “Law for Engineers” and learned that the difference between engineers and lawyers is the quaint notion engineers have that there are actual answers.
Education
- State University of New York at Albany, B.A., Political Science & Biology
- State University of New York at Buffalo School of Law, J.D.
- Baldy Center for Law and Public Policy, Joint J.D./PhD
Professional Affiliations
- American Bar Association, Privacy and Cybersecurity Committee
- Association of Computing Manufacturers (ACM) Policy and Law Committee
- International Information System Security Certification Consortium (ISC2), former counsel to ethics committee and Board of Directors
Bar/Court Admissions
- New York
- Maryland
- Massachusetts
- U.S. Supreme Court
- United States District Court for the District of Massachusetts
- United States Court of Appeals for the Fourth Circuit
- United States Court of Appeals for the First Circuit
- United States Court of Appeals for the Second Circuit
Civic & Volunteer Work
- Teaches classes to local high schools and other educational institutions on cyber-bullying, sexting, child sexual exploitation, doxing, revenge porn and other cyber related issues
Representative Experience
- Created first computer crime unit within DOJ Criminal Division (later CCIPS)
- Prosecuted first major computer hacker case under CFAA – Robert Tappan Morris Internet worm
- Drafted first computer crime and privacy laws with US House and Senate Judiciary Committees
- Helped create USSS and FBI computer forensics labs
- Prosecuted high-profile white-collar crime cases including Soviet espionage cases, political corruption (Lyndon LaRouche), organized crime and complex financial crime cases
- Created one of the world’s first commercial information security consulting practices
- Helped major international bank find and successfully prosecute Russian hackers who penetrated their network
- Created Defense Industrial Base (DIB) Infrastructure for Einstein II compliance with major defense contractors
- Directed and led client engagements for information security, privacy and regulatory compliance for Fortune 100 companies
- Created multi-million-dollar information security consulting practice for large corporation including compliance and cloud security (public, private and multitenant)
- Led multi-billion-dollar corporation’s privacy policy development and implementation
Presentations & Publications
SELECTED ARTICLES AND PUBLICATIONS
- “Exceeding Authorized Access: Legal Use of a Work Computer,” December 03, 2020
- “Social Media Wars: Section 230 & Big Tech,” November 19, 2020
- “California Votes to Strengthen California Consumer Privacy Act With CPRA,” November 13, 2020
- “Healthcare Ransomware Advisory: Imminent Cybercrime Threat,” October 29, 2020
- “Pay a Cyber-Ransom, Go to Jail,” October 20, 2020
- “The Americans With Disabilities Act & Online Communications,” August 05, 2020
- “Beware of Fraud as Treasury Releases Info on PPP Loan Recipients,” July 06, 2020
- “COVID-19 Waivers in Ohio: Enforceable if Clearly Communicated,” July 06, 2020
- “The Answer to Fraud Is – More Fraud,” July 01, 2020
- “The DATA Act: Proposed Federal Data Privacy Law,” June 19, 2020
- “Five Lessons About Cybersecurity & COVID-19,” May 19, 2020
- “Constitutionality of Gubernatorial Powers During COVID-19,” May 07, 2020
- “US Supreme Court to Decide Whether Employees Who Use Employer Data for Unauthorized Purposes Are Guilty of Electronic ‘Trespass’,” April 24, 2020
- “Cybersecurity Issues for Businesses During the COVID-19 Pandemic,” April 21, 2020