Proskauer on Privacy
Photo of Nolan Goldberg

Nolan Goldberg

Partner
+1.212.969.3472

Nolan M. Goldberg is a partner in the Litigation Department, co-head of the Data Privacy and Cybersecurity Litigation Group, and a member of the Patent Law Group. His practice focuses on technology-centric litigation, arbitration (including international arbitrations), investigations and counseling, covering a range of types of disputes, including cybersecurity, intellectual property, and commercial.  Nolan’s understanding of technology allows him to develop defenses and strategies that might otherwise be overlooked or less effective and enhances the “story telling” that is critical to bringing a dispute to a successful conclusion.

Nolan is a registered patent attorney before the U.S. Patent & Trademark Office; and an International Association of Privacy Professionals (IAPP) Certified Information Privacy Professional, United States (US CIPP) and Certified Information Privacy Technologist (US CIPT).

Cybersecurity

Nolan’s electrical engineering background, coupled with a litigation and risk management-centric focus, allows him to assist companies in all phases of incident response. Nolan often acts as a bridge between the technical and legal response teams (both inside and outside forensic consultants). Nolan uses this deep familiarity with the company and its systems to defend the company in litigations, arbitrations and regulatory investigations, including before the Federal Communications Commission (FCC); Federal Trade Commission (FTC) and before various State’s Attorneys General, including Multi-State investigations.

Nolan has worked on incidents that range from simple phishing attacks on e-mail accounts by cyber-criminals to intrusions by (formerly) trusted inside employees to complex technical breaches of hosted systems by state-sponsored advanced persistent threats (APTs). These incidents have involved both client systems, and systems of a vendor of a client that hosted its data.

It is often the case (both in response to an incident and for other reasons) that a company will want to undertake an assessment of its security posture, but has concerns about the discoverability of any such analysis.  Accordingly, Nolan also frequently assists companies’ scope and conduct privileged security assessments, including “dual purpose” assessments where privileged analysis are also used for ordinary-course purposes.

Commercial Disputes

Nolan also assists companies with commercial disputes, particularly in cases where there is a technology component, including disputes arising from hosted software agreements; outsourcing and managed services agreements; software and technology development agreements and the dissolution of joint ventures.  When these disputes cannot be amicably resolved, Nolan has litigated them in State and Federal Court and in arbitrations, including international arbitrations.

Intellectual Property

Nolan's work has included numerous patent and trade secret litigations and negotiations, primarily in cases involving computer and network-related technologies. In particular, the litigations have involved at least the following technologies: hosted software; telecommunications, computer networking; network and computer-related security hardware and software; microprocessors, voice-over Internet protocol ("VoIP"); bar code scanners  financial business methods and software, including securities settlement, fail management and trade execution and reporting software; data compression; handheld computers; pharmaceuticals; cardiac electro-stimulatory devices and prosthetics.

Nolan also has experience prosecuting patent applications before the U.S. Patent and Trademark Office in encryption, CMOS, HDTV, virtual private networks ("VPN"), e-commerce, XML/XSL, financial instruments, semiconductor electronics, medical device technology, inventory control and analysis, cellular communications, Check 21 and business methods. Nolan also has conducted numerous freedom-to-operate searches, written opinions, and counseled clients in the areas of bar code scanners, imaging, book publishing, computer networking, business methods, Power Over Ethernet ("PoE"), and digital content distribution.

He has assisted in evaluating patents for inclusion in patent pools involving large consumer electronics and entertainment companies concerning CD and DVD technology.

Computer Forensics and Electronic Discovery

Nolan is often called upon to develop e-discovery strategies to be used in all types of litigations, with a particular focus on selecting appropriate tools, developing proportionate discovery plans, cross border electronic discovery, managing the overall burden and cost of the electronic discovery process, and obtaining often overlooked electronic evidence, including computer forensics. He also assists clients to develop and implement information management programs to reduce expense and risk, meet compliance obligations, and tame e-discovery burdens.

Thought Leadership

Nolan has authored numerous articles and given numerous presentations on emerging issues and trends in both technology and law, and has often been called upon to comment on various media outlets including Business Week, IPlaw360, IT Business Edge, CIO.com, Forbes, and The National Law Journal.

Prior to practicing law, Nolan was a computer specialist at Underwriters Laboratories (UL).

Subscribe to all posts by Nolan Goldberg

Standing to Sue: Is Theft of Drivers’ License Numbers Sufficient to Allege Imminent Threat of Future Harm?

Judge Jeffrey White of the Northern District of California recently dismissed a putative class action lawsuit in which plaintiffs claimed they faced an imminent threat of future of harm in the form of identity theft and fraud because their personal information, specifically their driver’s license numbers, may have been compromised in a data breach.  In … Continue Reading

Paying the Ransom in Response to a Ransomware Attack can Sometimes Backfire

One of the key decisions that needs to be made in the aftermath of a successful ransomware attack is whether or not the victim organization can or should pay the ransom.  Of course, there are many considerations that go into such a decision – for example, whether the payment is legally permissible, the ease of … Continue Reading

SolarWinds: A Lesson on How Companies Victimized by Data Breaches Can Quickly Become the Target of Litigation and Regulatory Investigations

In 2020, SolarWinds Corp., a company that provided information technology software to private and government entities, was the victim of a cybersecurity breach.  Russian hackers are believed to have slipped malicious code into a SolarWinds software product called Orion, which was then used to infect, and in certain cases, compromise, SolarWinds customers.  As a consequence, … Continue Reading

SolarWinds Vendor Supply Chain Attack: A Timely Reason to Review Procedures for Risk Assessments and Vendor Contracts

As reported last week, a state-sponsored hacker may have breached multiple U.S. government networks through a widely-used software product offered by SolarWinds. The compromised product, known as Orion, helps organizations manage their networks, servers, and networked devices. The hacker concealed malware inside a software update that, when installed, allowed the hacker to perform reconnaissance, elevate … Continue Reading

Regulatory Crackdown on Ransomware

In recent years, Ransomware has evolved from merely encrypting files/disabling networks in solicitation of ransom, to sophisticated attacks that often involve actual data access, theft and sometimes, the threat of publication. These sophisticated malware attacks frequently destroy backups and provide criminals even more leverage over their victims, coercing them to pay ransoms.  Ransomware does not … Continue Reading

R-E-S-P-E-C-T, Cross-Border E-discovery

Litigants navigating the conflict between U.S. discovery obligations and foreign data protection laws have a new ally, the American Bar Association (“the ABA”). The ABA recently passed Resolution 103, which “urges” that: [W]here possible in the context of the proceedings before them, U.S. federal, state, territorial, tribal and local courts consider and respect, as appropriate, the … Continue Reading

Third Party Discovery of Foreign Bank Records Should First Proceed Under the Hague Convention

Where U.S. litigation discovery obligations were argued to be in conflict with foreign civil and criminal privacy statutes, many recent opinions found that discovery should proceed under the Federal Rules over the protest of the foreign data custodians. However, in SEC v. Stanford International Bank Ltd, the court departed from this pattern in finding that discovery should first proceed under the Hague convention in the interest of comity. While it is unclear the extent to which this approach will be followed by other courts in the future, the Stanford opinion illustrates that it is possible for litigants and third parties to successfully navigate cross border discovery conflicts even where privacy interests are at stake. … Continue Reading

Third-Party Bank Remains Caught Between an Order Compelling Production and Malaysian Law – Coercive Sanctions Recommended

Our April 1, 2010 blog entry discussed the March 8, 2010 Order in Gucci Amer., Inc. v. Curveal Fashion, No. 09 Civ. 8458 (S.D.N.Y.) (the "Order"), compelling the third-party U.S. parent (the "U.S. Parent") of a foreign bank, to produce documents located at its subsidiary, despite claims that such production was illegal under Malaysian banking secrecy laws. The entry concluded by noting the no-win situation that foreign corporations continue to be placed in by the tension between U.S. courts and foreign law. Subsequent history in this matter further illustrates the seriousness of this predicament. … Continue Reading

Possible Consequences to a Third Party for Violating a Foreign Blocking Statute Outweighed by Plaintiff’s Need for Banking Records to Enforce a Judgment

On March 8, 2010 the SDNY issued the latest opinion addressing the conflict between U.S. discovery laws and foreign blocking statutes. In Gucci Amer., Inc. v. Curveal Fashion, the court compelled a third-party to produce documents located at its subsidiary despite claims that such production was illegal under the Malaysian law. This opinion illustrates the no-win situation that foreign corporations continue to be placed in by the tension between U.S. courts and foreign law, and underscores the importance of raising foreign-law based discovery objections as early and in as detailed a manner as possible in order to maximize the chances of successfully navigating this conflict. … Continue Reading
LexBlog

This website uses third party cookies, over which we have no control. To deactivate the use of third party advertising cookies, you should alter the settings in your browser.

OK