Patrick Burke

Norton Rose Fulbright US LLP

New York
United States
T:+1 212 318 3302
New York
United States
T:+1 212 318 3302
Patrick Burke

Patrick Burke

LinkedIn vCard


Patrick Burke is an accomplished lawyer in the data technology field, with a focus on data protection policy, procedures and compliance including privacy (GDPR, US, Canadian, Chinese and other global jurisdictions), cybersecurity, e-discovery and information governance compliance on behalf of global and regional organizations, including financial institutions, advertising, marketing, pharmaceuticals, cryptocurrency, software providers and manufacturers.

Patrick's over two decade long practice includes counseling global and national corporations on data privacy and cybersecurity policies and procedures, financial regulatory compliance, cryptocurrency and Blockchain innovations.

He previously served as a Deputy Superintendent of the New York State Department of Financial Services as founder and head of its Office of Financial Innovation including a dedicated cybersecurity examination team ensuring compliance with DFS's first-in-the-nation cybersecurity regulation, and administration of the "BitLicense" for virtual currency businesses. Additionally, Patrick taught technology law for six years at the Benjamin N. Cardozo School of Law in Manhattan and founded the Cardozo Data Law Initiative.

Patrick is admitted to the United States Supreme Court, Second Circuit Court of Appeals, Southern District of New York, Eastern District of New York, and NY state courts. He is also a Certified Information Privacy Professional/Europe (CIPP/E).

Professional experience

Expand all Collapse all

JD, New York University School of Law, 1987
BA, History, Binghamton University, 1980

  • New York State Bar
  • Designed and implemented data privacy and security programs at global advertising company.
  • Data breach response and remediation at major insurer.
  • Cross-border e-discovery for global pharmaceutical company.
  • Digital investigation protocol for global manufacturer, including China and Germany.
  • "My Flight With Ruth Bader Ginsburg," New York Daily News, September 23, 2020.
  • "Canada Proposes Requiring Consent for Transfers of Personal Data Across Its Border", New York Law Journal, May 16, 2019
  • "Collecting Biometric Information Just Became Riskier Under Illinois Law", April 2019 issue of Pratt's Privacy & Cybersecurity Law Report (Lexis-Nexis) (co-authored with Alisha McCarthy).
  • Quoted in "Users Beware: Blockchains Are Susceptible to Attacks",, March 18, 2019
  • "Unweaving the Dawn Raid Waive: Smart Prevention of Privilege Waiver for Multinational Corporations," ACC Docket, October 2015 (co-authored with Patrick Zeller and Scott Carlson).
  • "Identifying the Right Vendors and Processes for Securing Your Data," Metropolitan Corporate Counsel, September 25, 2014.
  • "'Wultz' May Influence U.S. Cross-Border E-Discovery Privilege Law", New York Law Journal, March 17, 2014.
  • "The Solar Winds Cyberattacks," February 8, 2021, NY State Bar Association Committee on Technology & The Law.
  • "Cybersecurity Update: Risks, Exposures & Preservation," January 21, 2021, NY State Bar Association  webinar.
  • "Legislating Genetic Testing," December 9, 2020, Judges & Lawyers Breast Cancer Alert Annual  Benefit, with Kristin Kim (Chief Regulatory Counsel at Memorial Sloan Kettering) and others.
  • "Data Breach Response: An insider's look," December 3, 2020, Atakama/Spirion webinar.
  • "What the NY SHIELD Act Means for Lawyers and Clients," November 18, 2020, NY State Bar Assoc 2020  Tech Summit CLE webinar.
  • "Business Email Compromise," November 6, 2020, NY State Bar Assoc webinar with Mary Kaveney (Global  Cyber Alliance), Elizabeth Roper (DANY) and others.
  • "Best Unpopular Solutions for Corporate Cybersecurity and E-Discovery," October 20 and August 6,  2020, Practicing Law Institute CLE event with Hon. Ronald Hedges (Dentons) and Seth Eichenholtz (MasterCard).
  • "WFH Litigation Readiness and Data Preservation Considerations," October 15, 2020, BlueStar webinar  with Kelly Tiggers (ESI Attorneys) and Lauren Doerries (Global Records & Information Governance,  Walmart).
  • "Internet-of-Things and the Law," June 30, 2020, Practicing Law Institute CLE webinar with Hon. Ronald Hedges. "Compliance with the New New York State Department of Education Data Privacy Regulations", CLE webinar for Spring
  • Forum by the New York State Bar Committee on State and Local Government (June 17, 2020).
  • "Working Securely from Home," May 7, 2020, Webinar for Stony Brook University Center for Teaching and Learning in Community.
  • "Cybersecurity Alert: Work-From-Home", March 12, 2020, New York State Bar Association webinar.
  • "The Ethics of Cybersecurity Compliance", February 25, 2020, CLE program for legal department of Standard Chartered Bank in New York, NY.
  • "The Internet of Things: What You Don't Know Might Hurt You", February 25, 2020, Practicing Law Institute CLE webinar with Hon. Ron Hedges.
  • "Ransomware", February 24, 2020 webinar for New York State Bar Association.
  • "Effective Incident Response Under GDPR and CCPA", December 5, 2019 X1 webinar with Phillip Beckett of Alvarez & Mansal.
  • NY's New SHIELD Act: A Cybersecurity Compliance Checklist", CLE webinar with Professor Radu Sion sponsored by Stony Brook University Center for Corporate Education, December 2, 2019.
  • "The Future of Money: Cryptocurrency", November 15, 2019, EMEA Regional Meeting of ALLY Law, Valletta, Malta.
  • "Cybersecurity Thought Leadership Conference", October 29, 2019, speaker and workshop participant on ransomware hosted by the New York State Bar Association Technology Committee, New York, NY.
  • "Shielding Your Organization from Data Privacy Nightmares", October 29, 2019 Today's General Counsel webinar.
  • "Cryptocurrency and its Regulation", October 2, 2019 at Standard Chartered Bank, New York, New York.
  • "Understanding the 'New' Tension Between Security and Privacy", (with Seth Eichenholtz, Head of Insider Threat Risk
  • Management, Mastercard), October 23, 2019, Disruptive Law Conference, New York, New York.
  • CIPP/E (IAPP certification for European data protection)
  • Technology & The Legal Profession Committee, New York State Bar Association