Daniel B. Rosenzweig

Senior Associate
Norton Rose Fulbright US LLP

New York
United States
T:+1 202 662 4740
New York
United States
T:+1 202 662 4740
Daniel B. Rosenzweig

Daniel B. Rosenzweig



Daniel B. Rosenzweig is a lawyer in Norton Rose Fulbright's Information Governance, Privacy and Cybersecurity practice group. He advises clients on legal and technical compliance with data protection and privacy laws, including the CCPA/CPRA and other state privacy laws, CAN-SPAM Act, COPPA, GDPR, FTC Act, GLBA, HIPAA, TCPA, and VPPA, as well as provides counsel on Artificial Intelligence (AI) and Large Language Models (LLMs), industry mobile app store requirements, the use of adtech and privacy-enhancing technologies (PETs), and applicable data breach notification laws. He also codes and develops in-house technical solutions to assist clients with their legal compliance efforts. 

Daniel assists clients across many different sectors, including, among others: media, retail, telecommunications, healthcare, financial services, and hospitality. With Daniel's legal and technical expertise, he translates complex legal and technical concepts into digestible action items for an organization's legal, development, and marketing teams.

Daniel advises clients on the building and implementation of legal and technical data protection/privacy compliance programs across all stages of the development lifecycle. This includes, among other things: (i) drafting applicable disclosures, privacy policies, operational controls, consent flows, opt-outs, and contracts; (ii) performing technical testing and validation of data protection/privacy preference signals (e.g., GPC) and controls across websites, mobile apps, and IoT devices; (iii) advising on data protection and privacy portals/webforms; (iv) conducting data mapping exercises and risk assessments, including Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs); and (v) assisting clients with onboarding vendors. He also counsels clients on their own and third party application programming interfaces (APIs) and software development kits (SDKs).  

Daniel is part of the core team that oversees the firm's privacy compliance tool suite, NT Analyzer, to help clients navigate the complex data protection and privacy landscape. NT Analyzer is a practical tool suite for managing privacy compliance in mobile apps, websites, and IoT. The tool detects and tracks the full range of data, including personally identifiable information, that is collected and shared, and then generates actionable reports through the lens of applicable privacy requirements. NT Analyzer also analyzes code associated with the "fingerprinting" of browsers as well as data used for "fingerprinting" mobile devices.

Daniel also focuses on matters related to advertising, marketing, autonomous and connected vehicles, and regulatory investigations.

Daniel was a law clerk at the United States Senate Committee on Homeland Security and Governmental Affairs, where he worked on homeland security and cybersecurity issues, while attending the Georgetown University Law Center. He was also a Legal Intern in FTC Commissioner Julie Brill's office, focusing on online privacy, data security, and consumer protection law.

Daniel is an active Big Brother in the Big Brothers Big Sisters mentorship program.

Professional experience

Expand all Collapse all
  • JD, Georgetown University Law Center, 2017
  • BA, University of Delaware, magna cum laude, Phi Beta Kappa, Political Science, 2013
  • District of Columbia Bar
  • New York State Bar

Technical and specialized engagements:

  • Develops and codes in-house technical solutions.
  • Conducts mobile app privacy testing on Android, iOS, and Kindle devices.
  • Conducts website privacy testing and analysis.
  • Drafts Data Lake privacy controls.
  • Conducts Privacy control validation and testing (e.g., CCPA Do Not Sale/Share opt-out signals and requests).
  • Hard-codes legal decision making into privacy control platforms.
  • Provides privacy and security training.
  • Provides online ad ecosystem training.
  • Drafts operational controls for technical implementation of data protection and privacy compliance requirements.
  • Conducts API and SDK testing.
  • Conducts IoT privacy and feature testing.


General Compliance and Corporate Governance:

  • Developed data protection and privacy compliance programs, including, among other things: drafting applicable disclosures, contracts, privacy policies, operational controls, consent flows, and opt-outs; advising on implementation of data protection and privacy portals/webforms; and onboarding vendors.   
  • Assisted large media companies with respect to the use of video and online streaming information, as well as implementing legal and technical configuration options for VPPA compliance. 
  • Provided advice to large retailers with respect to geo-fencing projects.
  • Provided strategic advice and counsel on local, national, and international privacy and data protection and data transfer laws for numerous companies
  • Assisted numerous companies in drafting, designing, and implementation of internal company policies, including information security, data and records management and retention, data classification and handling, device management and "Bring Your Own Device" policies, codes of conduct, white papers, marketing materials, vendor white lists and internal policies on Internet tracking.
  • Provided counseling for large communication provider, software companies, and mobile app developers with respect to issues pertaining to security, encryption, and authentication.
  • Provided advice to numerous companies with respect to the use of geo-location information.
  • Assisted numerous companies on compliance with the mobile app store requirements and guidelines. 
  • Developed privacy training programs.


Privacy-related class action litigation defense and regulatory defense:

  • Represented companies in litigation resulting from use of social network widgets.
  • Represented companies in relation to state attorneys general inquiries, Civil Investigative Demands (CIDs), subpoenas and investigations.
  • Represented several companies in class action litigation related to the use of cookies and flash cookies.
  • American Bar Association
  • New York State Bar Association
  • Big Brother, Big Brothers Big Sisters mentorship program