Boris Segalis

Practice Areas

Boris Segalis is a partner in Morrison Foerster’s Privacy + Data Security Group. For over a dozen years, he has counseled clients on privacy and cybersecurity issues in the context of strategic product advice, corporate transactions, and regulatory investigations.

Boris regularly advises clients on the development and implementation of data-driven products and services, on global privacy and cybersecurity compliance, and on handling cyber incidents affecting companies and users globally. Boris also regularly defends companies in U.S. federal, state, and global privacy and cybersecurity investigations, including representing clients in front of the Federal Trade Commission (FTC), the New York and California attorneys general, and foreign regulators.

Boris’s practice focuses on advising clients on the requirements of a variety of U.S. privacy and cybersecurity laws, including the California Privacy Rights Act (CCPA/CPRA) and other U.S. state privacy laws; state cybersecurity requirements such as the New York State Department of Financial Services (NYDFS)’s Cybersecurity Regulation; the Children’s Online Privacy Protection Act (COPPA); the Family Educational Rights and Privacy Act (FERPA); CAN-SPAM; NIST’s Cybersecurity Framework (CFS); the Telephone Consumer Protection Act (TCPA); and the Video Privacy Protection Act (VPPA). Boris regularly advises financial institutions and Fintech companies on the Gramm-Leach-Bliley Act (GLBA), the Fair Credit Reporting Act (FCRA), and the Payment Card Industry Data Security Standard (PCI DSS). Boris also has experience advising companies on privacy concerns stemming from the Illinois Biometric Information Privacy Act (BIPA) and other biometric data requirements. Boris has a strong command of global privacy and cybersecurity laws and advises companies on regulations such as the General Data Protection Regulation (GDPR), the EU-U.S. Data Privacy Framework, and the EU’s ePrivacy Directive.

Boris counsels clients ranging from emerging to late-stage to public companies across industries, including technology, data brokerage, AI, financial services and Fintech, crypto, life sciences, consumer services, e-commerce, AdTech, media, and others. For seven consecutive years, Boris has been individually recognized by Chambers USA in the Privacy & Data Security category and is recognized by Chambers Global for Privacy & Data Security – USA. He has also been recognized by The Legal 500 as a leading lawyer in cyber law (including data privacy and data protection). Crain’s New York Business has previously included him in its 40 Under 40 list, and New York Metro has recognized Boris as both a Super Lawyer and a Rising Star.

Boris is a Certified Information Privacy Professional (CIPP/US) through the International Association of Privacy Professionals (IAPP), has previously served as co-chair of NYC IAPP KnowledgeNet, and served on the IAPP’s Research Board. Boris currently serves as one of the leaders of the UJA Privacy and Cybersecurity Group. Boris also is an adjunct professor at Vanderbilt University School of Law, where he co-teaches a class on the law of data as an asset.