Steven Roosa


Norton Rose Fulbright


Steven B. Roosa is a partner in Holland & Knight's New York office and co-chair of the firm’s Technology Industry Sector Group. He is also a fellow emeritus at the Center for Information Technology Policy (CITP) at Princeton University. His practice focuses on advising companies on a wide spectrum of technology and legal issues pertaining to privacy and data security. Representative issues include: mobile app privacy compliance; leveraging anonymity solutions to help clients safely unlock the value of large data sets; Internet tracking; web security; geo-fencing; data breach and incident response; Children's Online Privacy Protection Act (COPPA); Computer Fraud and Abuse Act (CFAA); FTC compliance; privacy considerations of modified network protocols; California best practices for websites and mobile apps; compliance with wiretap statutes and the Electronic Communications Privacy Act (ECPA); public-key infrastructure (PKI); certification authority matters pertaining to online trust; and web-based reputation and defamation issues. 


Mr. Roosa's day-to-day practice includes helping companies better understand the privacy profile of their websites and mobile apps and translating that knowledge into actionable risk management options. He has helped infuse the Holland & Knight Team with a tech-focused approach in which law firm privacy counseling to clients includes: proxying network traffic, analyzing the use of unique device identifiers for iOS, Android, and Windows 8 platforms, reviewing the privacy profiles of websites and mobile apps; cataloging and evaluating the privacy characteristics and risks associated with third party hosted solutions, advertisers and analytics companies, using specialized software and tools to understand the tracking implications of local storage, conducting cookie audits, providing advice on offensive and defensive cybersecurity measures.


Because privacy and security matters often relate directly to a company's industry-specific, core business model or threat landscape, Mr. Roosa actively partners with Holland & Knight's national caliber attorneys and professionals in the following areas: intellectual property, transportation, venture capital funding, mergers and acquisitions, healthcare and life sciences, the financial services industry.  Typical clients include Fortune 500 corporations, privately held companies, large retailers, technology companies and nonprofit entities.


Mr. Roosa is the co-author of "Trust Darknet: Control and Compromise in the Internet's Certificate Authority Model," appearing in the May 2013 issue of the IEEE's Internet Computing.  He is also a regular contributor to Holland & Knight's Privacy Blog


Contributions by Steven Roosa

  • LBS — NT Analyzer: Empowering You to Manage Digital Privacy Risk at Every Level
    LBS Speaker at LBS — NT Analyzer: Empowering You to Manage Digital Privacy Risk at Every Level
  • Security in the Machine: Applying Machine Learning Principles to Security
    Speaker at Privacy. Security. Risk. 2018