Aaron R. Lancaster

Counsel

Washington, D.C.
T +1.202.861.1501
F +1.202.861.1783

Overview

Aaron Lancaster’s privacy and data protection practice is strengthened by his depth of knowledge of the field’s rapidly changing laws. Certified as an Information Privacy Professional by the International Association of Privacy Professionals, Aaron assists clients in investigating and mitigating the damages associated with data losses, counsels them on notification issues and leads them through the regulatory minefield associated with investigations following a breach. His understanding of and experience with state and federal data privacy laws makes him a trusted client advocate, capable of delivering sound advice.

Select Experience

  • Developed comprehensive strategy for telecommunications client to educate state Attorneys General in the area of child-online protection.
  • Represented credit card companies in litigation by state Attorneys General alleging consumer protection violations arising from advertising and sale of ancillary credit card products and services; successfully settled multiple lawsuits without need to answer complaints.
  • Represented client in first-in-kind lawsuit by state Attorney General alleging violations of the Health Insurance Portability and Accountability Act.
More »

Experience

  • Developed comprehensive strategy for telecommunications client to educate state Attorneys General in the area of child-online protection.
  • Represented credit card companies in litigation by state Attorneys General alleging consumer protection violations arising from advertising and sale of ancillary credit card products and services; successfully settled multiple lawsuits without need to answer complaints.
  • Represented client in first-in-kind lawsuit by state Attorney General alleging violations of the Health Insurance Portability and Accountability Act.
  • Advised clients on compliance with various state and federal data privacy laws.
  • Assisted clients on legal compliance and loss mitigation issues following data breach.

Recognitions and Memberships

Memberships

  • International Association of Privacy Professionals
    • Certified Information Privacy Professional (CIPP/US)

Pro Bono

  • Litigated on behalf of indigent clients in a variety of Washington, D.C., courts, including landlord-tenant, housing conditions and small claims courts.
  • Advised a start-up trade association on anti-trust and corporate matters.

Admissions

  • U.S. District Court, District of Columbia
  • District of Columbia
  • Maryland

Education

  • J.D., The University of Illinois College of Law, 2000, magna cum laude; University of Illinois Journal of Law, Technology and Policy, Editor and Founding Member
  • B.A., The George Washington University, 1995

Blog

In The Blogs

Previous Next
Data Privacy Monitor
The Weekly Privacy Rewind
By Aaron R. Lancaster
July 24, 2018
Federal Trade Commission Federal Trade Commission Asks for Ability to Fine Companies for Privacy Violations • Speaking before the U.S. House of Representatives’ Subcommittee on Digital Commerce and Consumer Protection, the commissioners of...
Read More ->
Data Privacy Monitor
The Weekly Privacy Rewind
By Aaron R. Lancaster
July 16, 2018
Class Actions Macy’s Faces Suit After Disclosing Data Breach • Retail giant Macy’s notified its customers and state regulators of a data breach affecting the accounts of online shoppers. The breach occurred between April 26 and June 12...
Read More ->
Data Privacy Monitor
The Weekly Privacy Rewind
By Aaron R. Lancaster
June 19, 2018
Class Actions Finkly & Sons Co. Faces Illinois Biometric Information Privacy Act Class Action • A former employee of steelmaker A. Finkly & Sons Co. filed a putative class action against the company in Cook County, Illinois, for violations...
Read More ->
Data Privacy Monitor
11th Circuit Issues Opinion Vacating Order That Required LabMD to Overhaul Its Data Security Program
By Kathryn Carey, Aaron R. Lancaster
June 8, 2018
On June 6, the 11th Circuit issued its long-awaited decision on LabMD Inc. v. Federal Trade Commission, vacating as unenforceable the Federal Trade Commission’s (FTC’s) cease and desist order that required LabMD to create and implement a...
Read More ->
Data Privacy Monitor
The Weekly Privacy Rewind
By Aaron R. Lancaster
June 5, 2018
Canada Canadian Banks Notify 90,000 Following Breach • Bank of Montreal and Canadian Imperial Bank of Commerce announced that they were contacted by hackers and informed that nearly 90,000 customers’ personal information was accessed. •...
Read More ->