James C. Chou
Associate
Biography
James C. Chou is an Associate in the Washington, D.C., office of Buckley LLP, where he assists clients in a wide range of regulatory, compliance, corporate, and transactional matters. His transactional work includes mergers and acquisitions, joint ventures, credit facilities, and vendor agreements. Mr. Chou’s regulatory practice focuses on regulatory compliance, cybersecurity, and privacy.
Representative transactions and regulatory matters include assisting:
- A community bank in an asset purchase transaction
- A mortgage originator in a cyber-related incident involving the loss of personally identifiable information
- A fintech company in a subsidiary-parent merger transaction
- A mortgage servicer in a merger and related credit facility transaction
- A savings bank in a range of regulatory and compliance matters
Prior to joining Buckley, Mr. Chou spent nearly ten years as a Defense Analyst and a Senior Operations Research Analyst for the United States Army, where he focused on cybersecurity, defense policy, and program analysis.
Mr. Chou received his J.D. from American University in 2017. During law school he served as the Articles Editor for the American University Law Review. He received his M.S. from George Mason University in 2008, and his B.A. from the University of Virginia in 2005. He is a Certified Information Systems Security Professional (CISSP) and a Certified Data Privacy Solutions Engineer (CDPSE). Mr. Chou is conversational in Mandarin.
Publications
"What the new information security reporting standards mean for financial institutions" by Jeffrey P. Naimon and James C. Chou (Cybersecurity Law Report)
Regulators recently proposed new rules that would require banking institutions to notify their primary regulators of some computer-security incidents within 36 hours, and service providers to notify regulated entities as soon as possible of any incident affecting its operations for four hours or...
Articles"Data security best practices for licensed lenders' telework" by Sherry-Maria Safchuk and James C. Chou (Law360)
State-licensed/registered brokers, lenders and servicers have increased their focus on data security as the spread of COVID-19 has extended work-from-home orders, and what now seems to be a lasting acceptance of remote work means that the tools used to secure data will remain relevant when the...
Articles"Reopening well: Balancing employee privacy with employee safety" by Elizabeth E. McGinn, Amanda R. Lawrence, James C. Chou, and David Rivera (Corporate Compliance Insights)
Consumer privacy has been a key area of focus over the past several years, but as companies begin return-to-work operations, they discover that employee privacy looms large as well. Well-intentioned companies seeking to keep employees safe risk incurring penalties from a variety of agencies based...
Articles"Adjusting information security for long-term telework" by Amanda R. Lawrence, Elizabeth E. McGinn, and James C. Chou (Bloomberg Law)
Amid a fast-moving pandemic in the spring of 2020, many companies were forced to adopt remote-work operations almost overnight to maintain critical business functions. This approach initially seemed like a temporary and imperfect solution to maintaining workforce safety while continuing essential...
Articles"What constitutes reasonable security per Calif. privacy law?" by Amanda R. Lawrence, Michael A. Rome, and James C. Chou (Law360)
California Consumer Privacy Act compliance has been focused on developing the policies, procedures and infrastructure to support new privacy rights for California residents, which include, among other things, the right to know what personal information companies have on them, the right to delete...
Articles"Privacy and cybersecurity issues in 2020 – What to expect" by Amanda R. Lawrence, Elizabeth E. McGinn, and James C. Chou (Journal of Banking and Finance Law and Practice)
A steady drumbeat of data breaches and growing concern among consumers about how companies are using their personal information will keep regulators, policy-makers and private litigants focused on cybersecurity and privacy in 2020 and beyond. While Congress tentatively explores comprehensive...
Articles"Managing legal risks to U.S. companies from foreign cyberattacks" by Amanda R. Lawrence, Sasha Leonhardt, and James C. Chou (Cybersecurity Law Report)
Protecting online systems against individual hackers has been a top priority for companies for several years, but as we begin a new decade, a new threat has risen to the forefront: well-funded and sophisticated foreign governments seeking to wage a new kind of warfare on the United States. In...
Articles
Education
- J.D., American University, 2017 (summa cum laude)
- M.S., George Mason University, 2008
- B.A., University of Virginia, 2005
Admissions
- District of Columbia
- New York
- U.S. Patent and Trademark Office
Memberships & Involvements
- CISSP-certified professional, (ISC)²
- CDPSE-certified professional, ISACA