Gage Javier (CIPP/US) is an associate in the Washington, D.C. office of Crowell & Moring and a member of the Privacy & Cybersecurity Group, where she practices at the intersection of law, business, and technology. A Certified Information Privacy Professional (CIPP/US) with a business and scientific background, she provides strategic legal and business solutions for sophisticated entities, including tech and government contracts clients, in matters associated with incident response, privacy and cybersecurity regulatory compliance, and technology-related litigation.
Gage’s practice includes the full incident lifecycle, including preparing privacy and incident response policies, engaging forensic experts for privileged investigations after intrusions, and finalizing formal data breach notifications. Her regulatory compliance counseling work includes advising on legal obligations associated with various U.S. and international privacy law regimes, including the California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), EU General Data Protection Regulation (GDPR), Virginia Consumer Data Protection Act (VCDPA), and the Colorado Privacy Act (CPA).
Dedicated to working with her clients to reduce their risk profile, Gage advises clients on data governance issues to address business needs while minimizing risks and complying with a rapidly evolving regulatory landscape and other legal obligations.
Representative Engagements
- Representing Microsoft in carrying out various actions disabling IP addresses and domain controlled by malicious million-computer botnets responsible for global spam distribution.
- Counseling a technology company trusted by Fortune 500 companies and global non-profit entities on a ransomware incident and engage a forensic expert to conduct a privileged forensic investigation.
- Advising a multinational electronics company on privacy and cybersecurity compliance related to personally identifiable information (PII) and encryption requirements under the National Institute of Standards and Technology (NIST) and Federal Information Processing Standards (FIPS).
- Advising a national construction firm on privacy and incident response policy reviews.
Prior to entering private practice, Gage managed the commercial and government contracts department of a security and intelligence firm by providing worldwide security, intelligence, technology, and training services to government and private enterprises. Gage has over 15 years of experience leading teams at the local, regional, and national levels.
Gage is an active member of the American Bar Association. She was competitively selected as an ABA Business Law Section Fellow and for the Tort Trial & Insurance Practice Section Leadership Academy. She is a fellow in the Cyberspace Law Committee and the Young Lawyer Liaison to the Privacy & Cybersecurity Subcommittee for the Consumer Financial Services Committee.
Gage received double MBAs from Cornell University and Queen’s University. She received her LL.M. from American University Washington College of Law with dual concentrations in intellectual property and criminal law with a focus on computer crimes. She received her J.D. from the Appalachian School of Law, where she was an associate editor of the Natural Resources Law Journal. Gage received her bachelor’s degree in microbiology, immunology, and molecular genetics from the University of California, Los Angeles and worked in one of the largest biotechnology corporations in the country prior to law school.
Affiliations
Admissions
Admitted to practice: District of Columbia, U.S. Court of Federal Claims
Speeches & Presentations
-
"NextGen Privacy - Going Beyond PHI and PII," American Bar Association TIPS Section Conference, Baltimore, MD.
(April 27, 2022).
Speaker: Garylene (Gage) Javier, CIPP/US.
-
ABA TIPS Section Conference
(April 27, 2022).
Speakers: Gage Javier
-
“How to Ensure Customer and Workforce Equality in Consumer Financial Services,” ABA Business Law Section Virtual Spring Meeting
(April 23, 2021).
Co-presenter: Garylene Javier, Kevin Johnson.
-
“Innovation in an Evolving Privacy Landscape,” ABA Business Law Section Consumer Financial Services Committee Winter Meeting
(January 27, 2021).
Moderator: Garylene Javier.
-
“Navigating Workplace Culture in the Age of #MeToo,” DC Bar Conference
(October 20, 2020).
Co-presenters: Garylene Javier, Emily Martin.
Publications
-
"How To Comply With New Multiline Telephone System Rules," Law360
(February 9, 2022).
Authors: Evan D. Wolff, Maida Oringher Lerner, Matthew B. Welling, and Garylene Javier.
-
"Survey—Cyberspace Law: State Privacy Law Developments," The Business Lawyer, ABA Business Law Section, Vol. 77
(Winter 2021 – 2022).
Author: Garylene Javier.
-
"A Statute of Limitations for BIPA Claims? We May be One Step Closer," Crowell & Moring’s Data Law Insights
(January 30, 2022).
Authors: Jeffrey L. Poston, Gabriel M. Ramsey, Jarno Vanto, CIPP/E, CIPP/US, Jacob Canter and Garylene (Gage) Javier.
-
"Differences Between the California Consumer Privacy Act and the California Privacy Rights Act," Consumer Finance Law Quarterly Report, Vol. 74, No. 4
(2020).
Co-author: Garylene Javier.
-
"6 Key Ways the California Privacy Rights Act of 2020 Would Revise the CCPA," Corporate Compliance Insights
(September 25, 2020).
Co-author: Garylene Javier.
-
"Navigating Today’s Biometric Landscape," Cybersecurity Law Report
(April 3, 2019).
Co-author: Garylene Javier.
Client Alerts & Newsletters
-
"New Law Gives NYDFS Authority to Make Virtual Currency Business Activities in New York More Expensive,"
Privacy Law Alert
(May 11, 2022).
Contacts: Garylene (Gage) Javier, CIPP/US, Anand Sithian, Carlton Greene, Caroline E. Brown, Kelly T. Currie, Nicole Sayegh Succar
-
"NIST Publishes Assessment Procedures for Enhanced Security Controls Used to Protect CUI,"
Government Contracts Bullet Points
(March 18, 2022).
Contacts: Kate M. Growley, CIPP/G, CIPP/US, Evan D. Wolff, Maida Oringher Lerner, Alexander Urbelis, Nkechi Kanu, Michael G. Gruden, CIPP/G, Garylene (Gage) Javier, CIPP/US
-
"SEC Proposes New Cybersecurity Risk and Incident Disclosure Obligations,"
Privacy Law Alert
(March 15, 2022).
Contacts: Evan D. Wolff, Matthew B. Welling, Daniel L. Zelenko, Garylene (Gage) Javier, CIPP/US
-
"NIST Seeking Input on Potential Cybersecurity Framework Update,"
Privacy Law Alert
(March 10, 2022).
Contacts: Evan D. Wolff, Kate M. Growley, CIPP/G, CIPP/US, Alexander Urbelis, Garylene (Gage) Javier, CIPP/US, Paul C. Mathis
-
"The Department of Defense Updates Security Requirements for Cloud Services,"
Government Contracts Bullet Points
(February 1, 2022).
Contacts: Kate M. Growley, CIPP/G, CIPP/US, Evan D. Wolff, Maida Oringher Lerner, Michael G. Gruden, CIPP/G, Garylene (Gage) Javier, CIPP/US, Alexander Urbelis
-
"CISA Emergency Directive Requires Immediate Mitigation of Log4j Vulnerabilities,"
Administrative Law Alert
(December 20, 2021).
Contacts: Evan D. Wolff, Jeffrey L. Poston, Garylene (Gage) Javier, CIPP/US, Maida Oringher Lerner, Gabriel M. Ramsey, Matthew B. Welling, Alexander Urbelis
-
"K-12 Cybersecurity Act of 2021 Launches Initiative to Combat Increasing Cyberattacks on Schools,"
(October 19, 2021).
Contacts: Kate M. Growley, CIPP/G, CIPP/US, Laurel Pyke Malson, Garylene (Gage) Javier, CIPP/US