Myriah V. Jaworski
Focusing her practice on the intersection of law and technology, Myriah Jaworski advises clients on enterprise-wide data privacy and cybersecurity governance, incident response, data breach and class action defense, and related government investigations. Myriah works with clients to implement new technologies, including AI/ML and automated decision-making tools, and to evaluate privacy and security requirements in Web3 and the metaverse.
Myriah represents clients in defense of data breach class actions, privacy torts and statutory claims (IRPA/BIPA), pixel tacking and commercial surveillance matters, internet defamation, technology disputes, and cyber subrogation claims. Myriah defends clients in response to regulatory inquiries and investigations arising out of data incidents and privacy practices, including before state Attorney General offices, the Federal Trade Commission and the Department of Human and Health Services – Office of Civil Rights (HHS/OCR). Myriah litigates in many state and federal jurisdictions throughout the United States.
As a proactive compliance advisor, Myriah works with clients to operationalize enterprise-wide data privacy and cybersecurity programs, in compliance with state (CCPA/CPRA), federal (HIPAA, GLBA, NIST/ISO) and international (GDPR) laws and regulations. She assists businesses to operationalist data subject requests (DSARs), perform privacy impact assessments of new technologies and high-risk processing, and manage third-party vendor relationships.
Of particular importance, Myriah works with clients to mitigate potential privacy risks and ethical biases, and to provide audit and assessments of business use of AI/ML and automated decision-making tools. Her clients include major E-commerce retailers, international news media companies, global manufacturers and retailers, healthcare organizations, and financial entities.
Myriah is a Certified Information Privacy Professional, United States (CIPP/US) and a Certified Information Privacy Professional, Europe (CIPP/E) as certified by the International Association of Privacy Professionals (IAPP). She was also a Trial Attorney with the United States Department of Justice (DOJ).
Named among Rising Stars – Data Privacy and Cybersecurity by Law360 (2022)
Named among Super Lawyers, Civil Litigation by New York Metro (2021)
Named among Rising Stars by Upstate New York Super Lawyers® (2019-2020)
American Bar Association
New York State Bar Association
California State Bar Association
San Diego County Bar Association Privacy and Cybersecurity Law Executive Committee, Chair
National Association of Surety Bond Producers Attorney Advisory Council, Advisor
Information Systems Security Association (ISSA), Member
International Association of Privacy Professionals (IAPP), Member
State Bar Licenses
- Obtained dismissal of multi-district data breach class action on Article III standing grounds.
- Resolution of identity misappropriation and biometric claims (IRPA/BIPA).
- Defense of cyber-subrogation claims and business interruption claims arising out of data incidents.
- Defended businesses in claims of pixel tracking and surveillance, privacy torts and novel claims relating to cyber-bullying and platform immunity under Section 230 of the Communications Decency Act.
- Obtained favorable monetary and injunctive relief in data misappropriation and theft, wire fraud and related commercial litigation matters.
- Represented app developer in defense of first-of-its-kind cyberbullying and privacy class action arising from alleged online harassment and failure to enforce moderation standards.
- Led litigation against banking institution that facilitated fraudulent wire transfers; represented numerous clients who fell victim to fraudulent electronic fund transfers phishing incidents. Helped client recover money and mitigate damages.
- Defended data broker in identity misappropriation (IRPA) claims relating to client’s website presentation of publicly available information.
- Work with clients to defend biometric privacy act (BIPA) claims arising from fingerprint and retina scans for timekeeping, access controls and other purposes.
- Represented clients in defense of data hostage, Computer Abuse and Fraud Act (CAFA) and cyberstalking claims.
- Led litigation against vendor and managed public relations after client, a large online retailer with international clients, fell victim to malicious code installed on its website resulting in tens of thousands of individuals’ credit card data impacted.
- Secured an injunction against a tech company to prevent them from holding clients servers and data hostage for non-payment of invoices where the invoices were in dispute.
- Defended clients in putative class actions for claims arising out of unwanted communications, including those brought under the TCPA, DNC and state telemarketing laws; obtained dismissal of TCPA class action on motion to dismiss.
- Defended clients in putative class actions for claims arising out of website and mobile apps alleging failure to adhere to ADA website accessibility standards.
*Experience completed prior to joining Clark Hill PLC.