Jarno Vanto is a partner in the Privacy & Cybersecurity Group in Crowell & Moring’s New York office. With an extensive understanding of the complex international environment and cross-industry technologies, he provides a differentiated perspective to clients on privacy, cybersecurity, technology transactions, intellectual property, and corporate matters.
He partners with clients to help them achieve their business goals and provides a range of legal services, including privacy and cybersecurity compliance counseling, complex cross-border and domestic technology transactions, intellectual property and data licensing, and other technology transfer agreements. Jarno frequently serves as counsel for foreign technology companies on the legal issues they encounter in the U.S. market, advising on their U.S. corporate presence and acts as outside general counsel. Additionally, he counsels cross-industry clients on global privacy and cybersecurity compliance programs for companies ranging from advertising to health technology to industrial machinery, as well as corporate restructuring for venture finance and IP management purposes.
Jarno has advised over 80 companies ranging from startups to Fortune 50 companies on their General Data Protection Regulation compliance and hundreds of companies on compliance with the EU Data Protection Directive, the predecessor to GDPR. He provides GDPR counseling to companies that provide software-as-a-service, data-as-a-service, automotive and connected vehicle technologies, mobile applications, location-based technologies, financial services, server technologies, HR services, and health care technologies. Additionally, Jarno has received a legal certification to evaluate information technology products and services with the intent of awarding companies with the EuroPrise European Privacy Seal.
He is fluent in Finnish, Swedish, and German. He has a working knowledge of Dutch.
Prior to joining the firm, he was a partner in the New York office of another AmLaw 100 firm.
Representative Matters
Privacy and Cybersecurity
- Advised an HR-services vendor on the use of software-generated data for purposes of COVID-19 tracking and tracing tools for its customers.
- Advised a data aggregator on the use of aggregated location data for purposes of COVID-19-related restriction measure compliance monitoring.
- Advised a mobile app developer on compliance issues related to developing a COVID-19 tracking and tracing app and an associated data platform.
- Advised an industrial conglomerate on privacy and labor & employment issues relating to deploying a COVID-19 tracking and tracing app, related vendor agreements.
- Advised a hospital system on COVID-19 contact tracking and tracing application development.
- Advised an online health information vendor on COVID-19-related product privacy issues.
- Advised a provider-focused health information platform on COVID-19-related aggregate diagnostics data.
- Advised a location technology company on their GDPR and CCPA compliance.
- Advised a mobile advertising platform on their CCPA compliance.
- Advised a clinical trial technology platform on their global privacy compliance.
- Advised a field service management software company on their GDPR compliance.
- Advised a mobile gaming company on their GDPR and CCPA compliance.
- Advised a sensor technology company on GDPR compliance.
- Advised a mobile advertising technology company on consent management platform development.
- Advised a game streaming platform on privacy compliance.
- Advised a fashion online retail technology company on GDPR and CCPA compliance.
- Advised a product data platform company on GDPR compliance.
- Advised an online and mobile fraud detection platform on GDPR and CCPA compliance.
- Advised a globally operating fabric materials company on international transfers of personal data.
- Advised a globally operating industrial conglomerate on international transfers of personal data.
- Advised a location technology company on building a global privacy program.
- Advised a health care app provider on HIPAA compliance.
- Advised a communications app developer on privacy.
- Advised an international mobile gaming company on international transfers of personal data.
- Performed privacy due diligence of target companies for a European venture capital fund.
Technology Transactions
- Advised an advertising technology company on demand and supply side data licensing agreements, SDK licensing and development.
- Advised an industrial equipment manufacturer on machine-generated data rights and licensing.
- Advised a sensor technology manufacturer on data rights and licensing.
- Advised a global vehicle manufacturer on connected vehicle data rights and licensing.
- Advised an indoor positioning company in its licensing and Platform-as-a-Service deals with Yahoo! Japan and a Korean technology conglomerate.
- Advised a location data platform vendor on their Platform-as-a-Service agreement with a large European telecom.
- Advised tens of companies on mobile app and website terms of use and privacy policies.
- Advised an education technology platform on licensing and distribution agreements.
- Advised a restaurant management platform on its master services agreement.
- Advised an education media platform on service terms and conditions.
Corporate and Transactional
- Acted as U.S. outside general counsel for manufacturers of non-woven fabrics, paper board, and wood products.
- Advised a medical technology company on their Asian manufacturing agreements.
- Acted as U.S. outside general counsel for a manufacturer of office meeting pods and phone booths.
- Advised a mobile free-to-play social casino app developer in its $4 million Series A round of financing from Korea Investment Partners.
- Advised a communications app developer on privacy and Series Seed and Series A financing.
- Advised tens of foreign technology companies on structuring their U.S. presence.
- Advised a Finland-based online retailer in their acquisition of a U.S. company’s assets.
- Advised a human resources analytics startup in entity formation and SAFE note financing.
- Represented a European venture capital fund in their seed-stage investment in a U.S. entity.
- Advised a U.S. and Norway-based technology company in its $5 million Series A financing.
- Advised a Korean entertainment company in its $4.5 million Series Seed investment in a Finnish e-sports company.
Affiliations
Admitted to practice: New York
Speeches & Presentations
-
"GDPR, CCPA, and other Hot Topics in Data Privacy," Silicon Legal Strategy, Santa Monica, CA
(November 12, 2019).
Presenters: Jeffrey L. Poston, Paul M. Rosen, Maarten Stassen, Jarno Vanto, and Heidi Waem.
-
"GDPR, CCPA, and other Hot Topics in Data Privacy," Silicon Legal Strategy, San Francisco, CA
(November 11, 2019).
Presenters: Jeffrey L. Poston, Maarten Stassen, Jarno Vanto, Kristin J. Madigan, and Heidi Waem.
Publications
Client Alerts & Newsletters
-
"Mobile Applications For COVID Tracking & Tracing – Balancing the Need for Personal Information and Privacy Rights in the Time of Coronavirus,"
Privacy Law Alert
(April 15, 2020).
Contacts: Kristin J. Madigan, CIPP/US, Jeffrey L. Poston, Jarno Vanto, Evan D. Wolff, Brandon C. Ge, Matthew B. Welling, Michael G. Gruden, CIPP/G, Lee Matheson, CIPP/US/E/A, CIPM, PCIP
-
"CCPA Enforcement on Track for July 1, 2020: Breaking Down the Latest Revisions to CCPA Proposed Regulations,"
Privacy Law Alert
(April 1, 2020).
Contacts: Jeffrey L. Poston, Kate M. Growley, CIPP/G, CIPP/US, Paul M. Rosen, Kristin J. Madigan, CIPP/US, Jarno Vanto, Lee Matheson, CIPP/US/E/A, CIPM, PCIP
-
"March 21, 2020 Deadline Approaches for Businesses to Comply with New York Data Privacy Act Safeguards,"
Labor & Employment Law Alert - US
(March 11, 2020).
Contacts: Jarno Vanto, Eric Su, Ira M. Saxe, Jillian Ambrose
-
"California Attorney General Releases Proposed Updates to CCPA Regulations,"
Privacy Law Alert
(February 11, 2020).
Contacts: Kristin J. Madigan, CIPP/US, Jeffrey L. Poston, Paul M. Rosen, Jarno Vanto, Lee Matheson, CIPP/US/E/A, CIPM, PCIP
-
"California’s Landmark Privacy Law Now in Effect,"
Privacy Law Alert
(January 13, 2020).
Contacts: Jeffrey L. Poston, Paul M. Rosen, Kristin J. Madigan, CIPP/US, Jarno Vanto, Brandon C. Ge, Lee Matheson, CIPP/US/E/A, CIPM, PCIP
-
"The European Commission’s Standard Contractual Clauses: Good News from the Advocate General, but We’re Not Out of the Woods,"
Privacy Law Alert
(January 8, 2020).
Contacts: Jeffrey L. Poston, Maarten Stassen, Frederik Van Remoortel, Jarno Vanto
-
"UPDATE: California Governor Signs CCPA, Data Breach Amendments,"
Privacy Law Alert
(October 17, 2019).
Contacts: Kristin J. Madigan, CIPP/US, Paul M. Rosen, Jarno Vanto, Lee Matheson, CIPP/US/E/A, CIPM, PCIP
-
"Proposed CCPA Regulations from California Attorney General Just Issued: Part I – An Analysis of Required Consumer Notice,"
Privacy Law Alert
(October 15, 2019).
Contacts: Kristin J. Madigan, CIPP/US, Jeffrey L. Poston, Paul M. Rosen, Jarno Vanto, Lee Matheson, CIPP/US/E/A, CIPM, PCIP
-
"New York Enacts the SHIELD Act,"
Privacy Law Alert
(August 20, 2019).
Contacts: Kate M. Growley, CIPP/G, CIPP/US, Jarno Vanto, Evan D. Wolff, Brandon C. Ge, Amber Mulcare, CIPP-US
-
"The Swedish Data Protection Authority Investigates the Right to Access Under the GDPR,"
Privacy Law Alert
(June 18, 2019).
Contacts: Maarten Stassen, Jarno Vanto
Media Mentions
-
CCPA Wants To Know Value Of Consumer Data. So Do Businesses
June 30, 2020 — Legaltech News
-
As Traditional Firms Pull Back, Virtual Firms' Opportunities Could Be Growing
April 17, 2020 — Legaltech News
-
At Firms, In-Person Networking Still Trumps Tech In Assigning Legal Work
March 30, 2020 — Legaltech News
-
The Millennial March Into Leadership Positions May Already Be Changing Firms
March 19, 2020 — Legaltech News
-
Impending SCOTUS Trademark Decision Could Have Far-Reaching Cybersecurity Repercussions
February 25, 2020 — Legaltech News
-
No Turning Back: New Facial Recognition Database May Force Legal Reckoning
January 24, 2020 — Legaltech News
-
Why Is The Justice Department Knocking Harder At Apple's Backdoor?
January 22, 2020 — Legaltech
-
Lawmakers Finally Took Data Privacy Seriously-2019 Regulatory Roundup
January 12, 2020 — Cointelegraph
-
White House Al Guidelines Could Prove More Helpful For Developers Than Regulators
January 10, 2020 — Legaltech News
-
Is Singapore's Fake News Law A Global Headache For Facebook?
December 5, 2019 — Legaltech News
-
5 Harsh Truths About Ransomware Attacks
December 2, 2019 — Legaltech News
-
Courts Are Getting Geofenced In By Location Data Quandaries
November 26, 2019 — Legaltech News
-
Another Sign That Companies Aren't Ready For CCPA Yet: Data Privacy Trends
November 20, 2019 — CloudNine
-
CCPA Uncertainty May Put Cloud Agreements Up In The Air
November 18, 2019 — Legaltech News
-
Unfettered Employee Tracking May Be Approaching Its Twilight
October 21, 2019 — Legaltech News
-
Facing Legislation, Tech Companies Are Rolling the Dice with Self-Regulation
September 27, 2019 — ALM LegalTech News
-
Crowell Hires Tax Partner, Ex-DOJ Litigator From Covington
September 18, 2019 — Bloomberg Law
-
Is The GDPR Creating A Cat-And-Mouse Game Between Advertisers And Regulators?
September 11, 2019 — ALM LegalTech News
-
Will Social Media Platforms Get A Friend Request From The FCC?
August 21, 2019 — ALM LegalTech News
-
4 Signs The U.S. Government Is Becoming More Aggressive With Cybersecurity
July 31, 2019 — Legaltech News
-
Cyberattacks Increasing, Cities Push Risky Strategy Saying No To Hackers
July 17, 2019 — Legaltech News
-
States' Internet Privacy Fight With FCC Grows, With No End In Sight
June 12, 2019 — LegalTech News
-
Tech Companies Unite Against UK's Proposed Alternative To Encryption Backdoors
June 4, 2019 — LegalTech News
-
Mueller Report Keeps The Backdoor Encryption Debate Spinning
April 22, 2019 — Legaltech News
Firm News & Announcements