Rick Borden

Rick Borden is a partner in the Data Strategy, Privacy & Security Group, bringing decades of experience from both law firms and in-house roles. His expertise lies in translating complex technology, privacy and data security requirements into practical, budget-friendly solutions for businesses across various industries.

Key Areas of Expertise:
1. Privacy and Data Security
    • Advises on risk management, audits, and incident response.
    • Helps clients monetize data, including legal uses of data that includes personal information, and data de-identification.
    • Specializes in compliance with regulations such as Gramm-Leach-Bliley, New York State Department of Financial
      Services Cybersecurity and AI Regulations, SEC Cybersecurity Rules and requirements, and emerging state privacy
      laws.

2. Artificial Intelligence and Machine Learning
    • Develops and advises on AI Risk Management and Compliance Programs.
    • Analyzes data usage rights in AI and machine learning applications.
    • Counsels clients on expanding AI services.
    • Advises AI companies on agreements with customers and enterprises on AI vendor management.

3. Technology Transactions
    • Represents clients in insurance, investment adviser, FinTech, InsurTech, Software as a Service (SaaS), cloud
      computing, and other tech-forward sectors.
    • Structures long-term collaborations for data and innovation development.
    • Extensive experience in numerous technologies, including AI, cybersecurity, and cryptography.

4. Risk Management and Incident Response
    • Advises C-Suite executives and boards on risk assessment and mitigation.
    • Conducts Board cybersecurity training and is a Board cybersecurity advisor.
    • Leads cybersecurity investigations and breach response strategies.
    • Interfaces with technology departments to identify and address potential risks.

5. Data Compliance and Governance
    • Develops privacy policies and cybersecurity compliance documents.
    • Assesses data sharing, protection, and usage practices.
    • Advises on bring-your-own-device and mobile computing policies.

Notable Achievements:
   • Named a JD Supra Readers’ Choice Awards Top Author for cybersecurity.
   • Recognized by The Legal 500 for Cyber Law (including Data Privacy and Data Protection) in 2024.
   • Holds several patents related to insurance underwriting and medical monitoring via mobile devices.

Academic Contributions:
   • Taught courses on information governance, cyber warfare, and cybersecurity at University of Connecticut School of Law,
      Benjamin N. Cardozo School of Law, and  Rutgers Law School.
   • Serves on the Board of Editors of the Journal of Law and Cyber Warfare.

Rick Borden’s unique blend of legal expertise, technical knowledge, and industry experience makes him an invaluable asset to clients navigating the complex landscape of data privacy, cybersecurity, and technology transactions. His ability to translate complex risk discussions into plain English and develop tailored, cost-effective strategies sets him apart in the field.

With a proven track record of handling high-stakes matters for major corporations and a deep understanding of evolving regulations, Rick Borden continues to be at the forefront of artificial intelligence, data governance, cloud computing, Software as a Service (SaaS), and cryptography developments.

awards & recognition

The Legal 500 – Cyber Law (including Data Privacy and Data Protection) (2024)

JD Supra Readers' Choice Awards Top Author (Cybersecurity)

education

New York University School of Law (J.D., 1990)

Amherst College (B.A., 1987)

Upcoming Speaking Engagements

California Law Association Privacy + AI Lab

Daniel M. Goldberg and Rick Borden are speaking at the California Law Association’s Privacy + AI Lab, an event presented by the CLA Privacy Law Section in collaboration with the UC Berkeley, Center for Law & Technology. The interactive, full-day conference is designed for senior privacy and AI practitioners to engage in advanced legal topics. Details here.

October 10 2025

Past Speaking Engagements

Frankfurt Kurnit’s 3rd Annual Tech Law Summit

Please join us for Frankfurt Kurnit's third annual Tech Law Summit at our offices in downtown Manhattan on Tuesday, May 6, 2025. The event will be held in person only, and space is limited. Read more.

May 6 2025

The Expanding Privacy Liability Landscape: Website Tracking, COPPA Enforcements, and CPPA’s Data Broker Crackdown

Rick Borden is a panenlist for the webinar "The Expanding Privacy Liability Landscape: Website Tracking, COPPA Enforcements, and CPPA's Data Broker Crackdown," hosted by Privado. Details here.

April 10 2025

Who Am I?: Recent Changes in Privacy and Data Security Law

Rick Borden moderates the panel “Who Am I?: Recent Changes in Privacy and Data Security Law,”  at Frankfurt Kurnit’s 2025 “How to Play the Game: Legal Developments in Games” CLE program at SFMOMA in San Francisco.

March 19 2025

IAB State Privacy Law Summit 2024

Rick Borden is a panelist for the session, "Understanding the Data Broker Regulatory Landscape: Compliance Strategies for Data Brokers Regulatory Requirements under Evolving Privacy Laws," Caren Decter is a panelist for the session, "New Trends in Pixel Litigation: Unpacking the Recent Wave of CIPA and State Wiretapping Claims," and Daniel M. Goldberg is a panelist for the session, "Insights into State Privacy Law Enforcement Trends and Effective Compliance Strategies" during IAB's 2024 State Privacy Law Summit held at our NYC office. Details here.
 

November 19 2024

AI Regulation and Financial Services

Rick Borden is a speaker for the session, "AI Regulation and Financial Services" during the Fall Academy Privacy + Security Forum in Washington, D.C. Details here.

October 24 2024

Frankfurt Kurnit’s 2nd Annual Tech Law Summit

Please join us for Frankfurt Kurnit's second annual Tech Law Summit at our offices in downtown Manhattan on Thursday, May 2, 2024. The event will be held in person only, and space is limited. Read more.

May 2 2024

The New SEC Cybersecurity Disclosure Rules: What They Mean for Boards, GCs, and CISOs

Rick Borden is a panelist for the session, "The New SEC Cybersecurity Disclosure Rules: What They Mean for Boards, GCs, and CISOs" during a SEC Cyber Disclosure Rules Bootcamp hosted by Frankfurt Kurnit, Woodruff Sawyer, and Pondurance.

April 23 2024

Privacy in an Artificially Intelligent World

Rick Borden is a panelist during the session, "Privacy in an Artificially Intelligent World" during the inaugural Data Universe Conference. Details here.

April 10 2024

A Deep Dive into AI Regulations in the U.S. and the EU

Rick Borden presents, "A Deep Dive into AI Regulations in the U.S. and the EU" during a webinar hosted by BreezeML. Details here.

February 13 2024

Cyber-Compliant and Audit Ready: An Executive Briefing on the SEC’s New Cybersecurity Requirements

Rick Borden is a speaker during the webinar, "Cyber-Compliant and Audit Ready: An Executive Briefing on the SEC’s New Cybersecurity Requirements" hosted by Frankfurt Kurnit and SideChannel. Read more.

January 24 2024

SEC Cyber Security Regs: The Materiality Minefield

Rick Borden is a speaker during the webinar, "SEC Cyber Security Regs: The Materiality Minefield," hosted by Epic Brokers and CohnReznick.

November 14 2023

Investigating Third-Party SDKs – An Overview and Practical Steps to Reduce Risk

Rick Borden and Daniel M. Goldberg present, “Investigating Third-Party SDKs – An Overview and Practical Steps to Reduce Risk” at the Privacy+Security Forum’s Fall Academy. Read more.

November 10 2023

Steps to Comply With The New SEC Public Company Cybersecurity Rules and What May Come Next

Rick Borden presents, “Steps to Comply With The New SEC Public Company Cybersecurity Rules and What May Come Next” the Privacy+Security Forum’s Fall Academy. Read more.

November 9 2023

SEC Cybersecurity Rule Compliance Through Effective Disclosure Controls

Rick Borden is a speaker during the webinar, "SEC Cybersecurity Rule Compliance Through Effective Disclosure Controls," hosted by Mandiant. Watch the recording here.

October 31 2023

FAIRCON23

Rick Borden is a speaker during the roundtable discussion, “Meeting the Requirements of the New SEC Rule” at the FAIR conference in Washington, DC. Details here.

October 18 2023

Weathering the Storm: Insights on the SolarWinds Wells Notice

Rick Borden is a speaker during the webinar, "Weathering the Storm: Insights on the SolarWinds Wells Notice” hosted by Thomson Reuters (WestLegalEd), Global Cyber Institute, Legal Cyber Academy, and Lexeprint.

October 4 2023

Shielding from the Geyser of Cyber Regulations

Rick Borden is a panelist during the webinar, "Shielding from the Geyser of Cyber Regulations" hosted by Evolver and Galaxkey. Details here.

September 28 2023

Generative AI in Insurance Workshop

Rick Borden is a panelist during the session, "Regulating the AI Revolution" at Celent's Generative AI in Insurance workshop in Chicago.

September 13 2023

What the New SEC Regulation on Cyber Reporting Means for the Risk Management Profession

Rick Borden is a speaker during the webinar, “What the New SEC Regulation on Cyber Reporting Means for the Risk Management Profession” hosted by the FAIR Institute. View the recording here.

August 8 2023

Privacy + Security Forum: Spring Academy 2023

Rick Borden is a panelist during the session, "Cyber Insurance Trend and Predictions; Evolving Threats, Policy, and Technology" hosted by The Privacy + Security Forum's Spring Academy. Read more.

May 11 2023

Frankfurt Kurnit’s Tech Law Summit

Please join us for Frankfurt Kurnit's inaugural Tech Law Summit at our offices in downtown Manhattan on Thursday, May 4, 2023. The event will be held in person only, and space is limited. Read more.

May 4 2023

How Much Data Risk Are Governments and Businesses Sitting On Today?

Rick Borden is a speaker during the fireside chat, “The Importance of Data Security for Government Agencies & Businesses” hosted by Evolver LLC and Galaxkey at the British Embassy in Washington DC. Read more.

April 19 2023

Does ChatGPT Belong On Your Cyber Risk Register? Some Legal Perspectives

Rick Borden is a panelist during the discussion, “Does ChatGPT Belong On Your Cyber Risk Register? Some Legal Perspectives” hosted by Spirion and SecureWorld. Read more.

March 30 2023

Craft Your Incident Response Strategy With Tips From Top Industry Experts

Rick Borden is a panelist during the discussion, “Craft your Incident Response strategy with tips from top industry experts” hosted by Google Cloud. Read more.

March 28 2023

Navigating the Evolving Cyber Regulatory Landscape

Rick Borden is a panelist during the webinar, “Brave New World: Navigating the Evolving Cyber Regulatory Landscape” hosted by RANE network. Read more.

February 28 2023

What Newly Proposed Cybersecurity Regulatory Requirements Mean for the Board

Rick Borden is a panelist during the webinar, “What Newly Proposed Cybersecurity Regulatory Requirements Mean for the Board” hosted by CohnReznick and the Association for Data and Cyber Governance. Read more.

February 23 2023

Potential Pitfalls of Cloud Computing Part 2

Rick Borden is a speaker during the webinar, “Potential Pitfalls of Cloud Computing in eDiscovery” hosted by Thomson Reuters (WestLegalEd), Global Cyber Institute, and Lexeprint.

February 9 2023

Cybersecurity, Privacy and Data Protection

Rick Borden is a panelist during the New York City Bar program, “Cybersecurity, Privacy and Data Protection.”

January 31 2023

Potential Pitfalls of Cloud Computing Part 1

Rick Borden is a speaker during the webinar, “Potential Pitfalls of Cloud Computing” hosted by Thomson Reuters (WestLegalEd), Global Cyber Institute, and Lexeprint.

December 1 2022

Global Legal ConfEx: GRC, Data Privacy & Cyber Security

Rick Borden is a speaker during the Global Legal ConfEx: GRC, Data Privacy & Cyber Security event. Details here.

November 17 2022

Consumer Privacy: What You Need to Know About the New State Privacy Laws

Rick Borden presents, "Consumer Privacy: What You Need to Know About the New State Privacy Laws (Part 1 and Part 2)" at the ANA Masters of Advertising Law Conference in Hollywood, Florida.

November 8 2022

NAIC 2022 Insurance Summit

Rick Borden presents, “Inside AI: An Interactive Demonstration (with Cybersecurity and Privacy)” at the National Association of Insurance Commissioners Summit in Kansas City. Read more.

September 21 2022

news & press

Fifty-Three Regulators Raise Cyber Expectations with Multi-State Breach Settlement

Cybersecurity Law Report quotes Rick Borden in an article reporting multiple financial regulatory agencies fined Bayview Asset Management and its affiliates $20 million for deficient cybersecurity practices. The regulators chastised the mortgage company for failing to cooperate in investigations following a data breach involving 5.8 million customers. Mr. Borden noted, “regulatory bodies are coming to a consensus that increasing the requirements around cyber are reasonable for these regulated entities.” The article discusses multi-state enforcement trends, offering practical pointers. View article (available through trial or paid subscription).

A Guide to Significant 2024 Data Broker Legal Developments

Law360 published Rick Borden and Andrew Folks' article, "A Guide to Significant 2024 Data Broker Legal Developments". (Behind paywall) View Article

The 2024 State of AI Regulations

Rick Borden is featured on the TrustGraph podcast Our Agentic Future on the episode, “The 2024 State of AI Regulations.” He explains how insurance companies are big data companies, discussing risk management, US regulations, and compliance. Listen here.

What Regulated Companies Need to Know About the SEC’s Final Amendments to Regulation S-P

Cybersecurity Law Report published Richard Borden and Andrew Folks’ article, “What Regulated Companies Need to Know About the SEC’s Final Amendments to Regulation S-P.” View Article

Frankfurt Kurnit in The Legal 500 2024

The Legal 500 praises four of our practice groups in 2024: Advertising & Marketing, Media & Entertainment, Advertising & Marketing (Litigation), and Cyber Law (Data Privacy & Data Protection). The London-based directory spotlighted thirty of our attorneys individually. Read more.

SEC Requires Financial Institutions to Issue Cyber Incident Plans

MSSP Alert quotes Rick Borden on the SEC's new rules that direct select types of financial institutions to have specific, written plans for how to handle cyber breaches involving customer information. View Article

Tracking Technologies: A Deep Dive on What They Are and How They Work

Cybersecurity Law Report mentions Daniel M. Goldberg and Rick Borden's article, "Regulators and Litigators are Investigating Data Flows Through SDKs – An Overview and Practical Steps to Reduce Risk" as a resource for information on SDKs in mobile apps. (Behind paywall) View Article

Examining Security Mandates, Including California’s Draft Audit Regulations, in State Privacy Laws

Cybersecurity Law Report quotes Rick Borden on California’s draft audit regulations. (Behind paywall) View Article

What Cos. Should Know About Software Development Kits

Rick Borden and Daniel M. Goldberg wrote the expert analysis column, “What Cos. Should Know About Software Development Kits” published in Law360. Read more.

Six Steps to Help Your Team Comply with the New SEC Public Company Cybersecurity Rules

On July 26, 2023, the Securities Exchange Commission (“SEC”) approved final Rules entitled Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure (the “Rules”). The Rules require certain cybersecurity incident disclosures on Form 8-K, generally within 4 business days after the determination that a cybersecurity incident is material. Read more.

NYDFS Changes Its Cybersecurity Regulation Requirements Through Enforcement – Again

Rick Borden wrote the article, “NYDFS Changes Its Cybersecurity Regulation Requirements Through Enforcement – Again” published in Cybersecurity Law ReportRead more.

Five Action Items to Help You Prepare for the Wave of Privacy Enforcement Starting July 2023

Mark your calendars - July 2023 is an important month for US privacy enforcement. Read more.

Mondaq Thought Leadership Awards – Spring 2023

Rick Borden is recognized as a Mondaq Thought Leading Author for Data Protection in the United States. His article, “New York's Proposed New Cybersecurity Regulations Will Mandate Big Changes For Many Businesses” was one of the most viewed of the last 6 months. View Article

5 Issues For Execs To Consider In SEC Cyber Rule Proposals

Rick Borden wrote the expert analysis column, “5 Issues For Execs To Consider In SEC Cyber Rule Proposals” published in Law360Read more.

Data Breach Settlement: Manufacturing Company to Pay $1.75M to Employees

InformationWeek quotes Rick Borden on the class action lawsuit filed against manufacturing company, Parker Hannifin related to a March 2022 data breach. Read more.

Washington “My Health My Data” Act Dramatically Alters Health Data Compliance Landscape

Washington State’s My Health My Data Act (“the Act”) introduces a sweeping set of obligations for nearly all entities that do business in the state and that handle “consumer health data,” a broad new class of health-related data separate from that regulated by the federal Health Insurance Portability and Accountability Act (“HIPAA”). Read more.

5 Pointers For Game Cos. Facing Calif. Kids Privacy Law

Rick Borden and Emma Smizer wrote the expert analysis column, “5 Pointers For Game Cos. Facing Calif. Kids Privacy Law” published in Law360Read more.

CPRA Regs: 8 New Obligations You Need to Know

On February 14, the CPPA, California’s new privacy regulatory agency, filed the first part of its proposed final CPRA Regs with California’s Office of Administrative Law (OAL). Read more.

Crypto Hack Lawsuits Rise as Theft Victims Try Untested Claims

Bloomberg Law quotes Rick Borden on arbitration provisions relating to lawsuits filed against cryptocurrency exchanges, digital wallet providers, and mobile service companies following cyberattacks. Read more.

Cyber Security Regulatory Risk Management 

Rick Borden and Saphya Council wrote the article, “Cyber Security Regulatory Risk Management” published in the Jan-March 2023 issue of Risk & Compliance magazine. View Article

Hottest Firms and Stories on Law360 November 2022

Law360 lists Rick Borden’s article, “NY Data Breach Penalty Expands Regulatory Requirements” as one of the top 10 most read expert analyses the week of November 4th. View Article

New York Regulator Says Even One Access Control Failure Can Invalidate Years of Compliance Certifications

The New York Department of Financial Services (“NYDFS”) recently entered into a Consent Order (the “Consent Order”) with EyeMed Vision Care LLC (“EyeMed”) over violations of the agency’s Cybersecurity Requirements (23 NY CRR Part 500) (“Part 500”). Read more.

Attorneys ‘On the Move’

The New York Law Journal covers Rick Borden’s move to partner in our Privacy & Data Security Group in its announcement of recent hirings and promotions of New York attorneys. View Article

Crain’s New York Business: People on the Move

Crain’s New York Business covers Rick Borden’s move to Frankfurt Kurnit as a partner in the Privacy & Data Security Group. View Article

Frankfurt Kurnit Adds Privacy & Data Security Partner Rick Borden

Rick Borden has joined Frankfurt Kurnit as a partner in its Privacy & Data Security Group. Mr. Borden, who will be based in the firm’s New York office, joins Frankfurt Kurnit from Willkie Farr & Gallagher. Read more.