Benjamin D. Wanger

He | Him | His

Counsel

Philadelphia
T +1.215.564.1601
F +1.215.568.3439

Overview

Ben Wanger works closely with clients to proactively assess and mitigate cyber risk, develop privacy and information security policies and respond to data security incidents. Drawing from a decade of experience litigating both commercial matters and data privacy matters, he offers the particular perspective of having handled numerous data breach incidents, enabling him to manage clients’ issues before they escalate to litigation.

Ben has represented organizations of all types and sizes in data privacy matters. In particular, he has significant experience helping educational institutions develop data breach prevention and response protocol and respond to data security incidents. Ben regularly advises educational institutions concerning FERPA compliance and assists them in navigating the requirements of the Department of Education and other state regulatory bodies. He is a Certified Information Privacy Professional in the U.S. (CIPP/US).

Select Experience

  • Prepares cyber incident response plans for potential breaches, including protocols for managing customer/client relations, press releases, communications with regulators/law enforcement, and public disclosures following a cyber incident.
  • Manages cross-functional legal and business groups within client organizations to determine privacy and security objectives and advises on the impact of the clients’ data privacy and security legal and operational strategies.
  • Conducts in-house security training and tabletop exercises to build awareness and help educational institutions and companies prepare to effectively and efficiently manage data security threats and incidents.
More »

Experience

  • Prepares cyber incident response plans for potential breaches, including protocols for managing customer/client relations, press releases, communications with regulators/law enforcement, and public disclosures following a cyber incident.
  • Manages cross-functional legal and business groups within client organizations to determine privacy and security objectives and advises on the impact of the clients’ data privacy and security legal and operational strategies.
  • Conducts in-house security training and tabletop exercises to build awareness and help educational institutions and companies prepare to effectively and efficiently manage data security threats and incidents.
  • Regularly represents public and private companies from a variety of industries that have been victimized by ransomware attacks or email fraud.
  • Serves as outside data privacy counsel for more than 25 different educational institutions.
  • Represented multiple financial services companies in connection with investigations conducted by the Federal Trade Commission following data security incidents.
  • Represented multiple clients in connection with payment card network liability assessments following payment card security incidents.

Recognitions and Memberships

Recognitions

  • First Judicial District of Pennsylvania Pro Bono Roll of Honor (2012 to 2020)
  • Pennsylvania Super Lawyer "Rising Star" (2018 to 2022)
  • Certified Information Privacy Professionals (CIPP/US)

Memberships

  • International Association of Privacy Professionals (IAPP)

Community

  • University of Michigan Club of Philadelphia: President
  • Anti-Defamation League, Philadelphia Chapter: Board Member
  • American Jewish Committee, Philadelphia/Southern New Jersey Chapter: Board Member

Pro Bono

  • Successfully represented organization in first amendment challenge regarding proposed advertisements on city buses. Argued that banning religious advertisements on city buses violated free speech and won in trial on behalf of client.
  • Represented numerous prisoners in civil rights jury trials through the Eastern District of Pennsylvania’s Prisoner Civil Rights Panel.

Prior Positions

  • The Honorable Gene E.K. Pratter, U.S. District Court for the Eastern District of Pennsylvania: Judicial Intern

Admissions

  • U.S. Supreme Court
  • U.S. Court of Appeals, Third Circuit
  • U.S. District Court, Eastern District of Pennsylvania
  • U.S. District Court, Middle District of Pennsylvania
  • U.S. District Court, District of New Jersey
  • Pennsylvania
  • New Jersey

Education

  • J.D., George Washington University Law School, 2008, with honors
  • B.A., Political Science, University of Michigan, 2005, with high distinction

Blog

In The Blogs

Previous Next
Data Counsel
For Educational Institutions, Post-Ransomware Harassment Requires A+ Messaging
By Pierce T. Cox, Benjamin D. Wanger
February 3, 2023
Educational institutions have not been excluded from the ransomware epidemic, and stakeholder communications are critical to an effective response. In a typical double-extortion ransomware attack, threat actors demand that victims pay a...
Read More ->
Data Counsel
Florida Follows North Carolina in Prohibiting State Agencies from Paying Ransoms
By Elise R. Elam, Benjamin D. Wanger
July 19, 2022
We recently wrote about North Carolina’s new law prohibiting state agencies – including public schools and universities – from paying a ransom or even communicating with a threat actor following a ransomware incident. On June 24, Florida...
Read More ->
Data Counsel
North Carolina is the First State to Prohibit Public Entities from Paying Ransoms: What Does This Mean for North Carolina Public Schools and Universities?
By Elise R. Elam, Benjamin D. Wanger
May 19, 2022
On April 5th, North Carolina became the first state to prohibit state agencies and local governments from paying ransoms after becoming victims of a ransomware attack. Indeed, in addition to prohibiting said entities from paying ransoms...
Read More ->
Data Counsel
It's Elementary: Measures that Educational Institutions Should Take to Prepare for Ransomware Attacks Part 3
By Allison R. Clark, Benjamin D. Wanger
April 19, 2022
PART 3 In the event of a ransomware attack, there are a host of legal frameworks that could potentially be implicated. Whether those laws apply often depends on the nature of the data that the threat actor accessed and/or acquired. In this...
Read More ->
Data Counsel
It's Elementary: Measures that Educational Institutions Should Take to Prepare for Ransomware Attacks
By Allison R. Clark, Benjamin D. Wanger
March 21, 2022
PART 2 The best way to ensure that an educational institution can respond quickly and effectively to a ransomware attack and minimize any chaos and confusion that accompanies such incidents is to have an incident response plan in place to...
Read More ->