Elizabeth E. McGinn

Elizabeth McGinn, a Partner at Buckley LLP, focuses her practice on assisting clients in identifying, evaluating, and managing the risks associated with cybersecurity, internal privacy, and information security practices, as well as those of third-party vendors. Ms. McGinn advises clients on the Gramm-Leach-Bliley Act, the Fair Credit Reporting Act (FCRA), the General Data Protection Regulation (GDPR), the Telephone Consumer Protection Act (TCPA), the Telemarketing Sales Rule (TSR), the Health Insurance Portability and Accountability Act (HIPAA), security breach notification laws, and other U.S. state and federal privacy and data security requirements. In conjunction with this work, she develops policies and procedures, records retention schedules, and training materials. A significant part of her practice involves addressing data security breaches, working proactively with clients to prevent such breaches from occurring, and advising clients in responding to regulatory inquiries, investigations, and enforcement actions related to privacy, information security, and cybersecurity issues. She also assists numerous professional sports teams comply with data privacy concerns, consumer financing laws, and payment system issues.

Ms. McGinn also represents financial institutions, corporations, and individuals in a wide range of matters. She advises clients in investigations, examinations, and litigation initiated by the Consumer Financial Protection Bureau (CFPB), the New York Department of Financial Services (NYDFS), the Department of Justice (DOJ), the Federal Trade Commission (FTC), state attorneys general, and bank regulatory agencies. She has represented financial institutions in class action litigation concerning federal and state fair lending laws, mortgage fraud, unfair and deceptive trade practices statutes, consumer fraud statutes, and consumer privacy laws. As Co-chair of the firm's eDiscovery Committee, Ms. McGinn has extensive experience counseling clients in response to federal and state subpoenas, and handling all aspects of eDiscovery. 

Over the course of her career, Ms. McGinn has represented clients in matters involving simultaneous criminal, civil administrative, and congressional proceedings. She has defended clients in matters relating to money laundering compliance issues and investigations and litigation by the U.S. Attorney’s Office for the Southern District of New York (SDNY), the Manhattan District Attorney’s Office, the Department of Treasury, the Securities and Exchange Commission (SEC), and various congressional committees, including the U.S. Committee on Homeland Security and Government Affairs Permanent Subcommittee on Investigations, the U.S. House Financial Services Committee and the U.S. House Committee on Oversight and Government Reform. 

Representative work includes:

• Assisting clients in addressing data security incidents including interactions with federal and state agencies, oversight of forensic investigations, consumer notifications, and remedial steps following incidents
   
• Advising clients on proactive cybersecurity readiness, including developing policies and procedures, and counseling clients on data collection and sharing issues
   
• Advising clients in responding to regulatory inquiries, investigations, and enforcement actions related to privacy, information security, and cybersecurity issues
   
• Advising fintech companies and financial services institutions regarding the application of privacy and security safeguards to new technologies
   
• Representing and advising a variety of clients, including banks, student lenders, mortgage servicers, and other financial services companies, during regulatory investigations and enforcement matters by state and federal agencies, including the CFPB, FTC, DOJ, NYDFS, and state attorneys general
   
• Represented two major lenders in a suit brought by the DOJ alleging violations of the Servicemembers Civil Relief Act (SCRA); multiple cases were settled collectively, without admission of fault, for a negotiated settlement
   
• Negotiated a settlement with the Nevada Attorney General on behalf of a mortgage company accused of violating the Nevada Deceptive Trade Practices Act
   
• Represented a major financial institution in a Federal Reserve Board (FRB) investigation alleging unfair and deceptive mortgage origination practices
   
• Represented a financial institution in a nationwide borrower class action alleging discrimination on the part of the bank’s mortgage lending practices in violation of the Fair Housing Act (FHA) and the Equal Credit Opportunity Act (ECOA)

Ms. McGinn has published and spoken on a variety of topics, including privacy, electronic discovery, vendor management, and consumer financial services litigation, and authored the chapter on “Oversight of Compliance and Control Responsibilities” for Navigating the Digital Age – The Definitive Cybersecurity Guide for Directors and Officers. She has been recognized for her work in Cyber Law (Data Protection and Privacy) by Legal 500 since 2013, which describes her as “outstanding on privacy and e-discovery issues,” “able to advise both on the regulatory and litigation sides of problems,” an attorney who "'exceeds expectations on response and turnaround times,' has 'strong industry knowledge in data security and privacy,' and is 'able to walk the fine line between operational efficiency and regulatory compliance' when developing IT policies.'"

Ms. McGinn received her J.D. from The American University, Washington College of Law in 2000 (cum laude) and received the Mooers Trial Practice Award. She was the Senior Articles Editor for the International Law Review and a Marshall-Brennan Fellow. Ms. McGinn received a B.S. from St. Lawrence University. Following law school, she clerked for Federal Magistrate Judge P. Trevor Sharp of the United States District Court for the Middle District of North Carolina. She is a Certified Information Privacy Professional (CIPP/US).