Washington DISTRICT OF COLUMBIA

ABOUT Michael Bahar

Michael Bahar, partner in the Washington, DC office, and Reservist in the US Navy, recently returned from a mobilization to Afghanistan. During this deployment, he served as the lead lawyer for the US team negotiating the peace agreement with the Taliban in Doha, Qatar. He is the co-lead of Eversheds Sutherland’s global cybersecurity and privacy practice and a member of the litigation practice. Eversheds Sutherland values Michael’s commitment to serving his country, and we are proud to offer workplace solutions and policies that support our employees’ unique life situations.

As former Deputy Legal Advisor to the National Security Council at the White House, former Minority Staff Director and General Counsel for the US House Intelligence Committee, and as a former Active Duty Navy JAG, Michael provides advice on cybersecurity and privacy, international law and national security law. While with the House Intelligence Committee, he was lead drafter and negotiator for the Cybersecurity Act of 2015, the USA Freedom Act (which reformed certain key surveillance authorities) and four annual Intelligence Authorization Acts. More recently, he was a leader of the Committee’s investigation into the Russian hacking of the 2016 election. Michael offers clients a wealth of knowledge about cybersecurity, information sharing, privacy, crisis management and establishing cybersecurity programs that are not only in accordance with evolving laws and regulations but that also find business opportunities.

With extensive interactions with the National Security Council, the US Department of Defense and the US Intelligence Community-including the Central Intelligence Agency (CIA), the National Security Agency (NSA) and US Special Operations Command-Michael Bahar, Leader of the Eversheds Sutherland (US) Cybersecurity and Privacy team, advises clients on cybersecurity and data protection issues, international law, and national security.

His in-depth knowledge and deep understanding of these topics-particularly in assessing the appropriate levels of cybersecurity investment based on litigation and regulatory risk analysis-allows Michael to effectively advise clients and has made him a sought-after speaker at industry and corporate conferences across the country.

Michael’s previous experience includes serving nearly 10 years on Active Duty with the Navy's Judge Advocate General (JAG) Corps, where he litigated felony court-martials, dealt with cutting-edge legal issues involving the laws of war, led the capture and investigation of the US Navy’s first set of captured pirates in generations, led a team of lawyers deployed to Afghanistan in support of a Special Operations Task Force, and completed two Pentagon tours. He has received two Defense Meritorious Service Medals, six Navy Commendation Medals and one Navy Achievement Medal, in addition to earning his Navy Parachutist Wings.

Client Tools

•Cybersecurity and Privacy Insights Blog
•California Consumer Privacy Act

Awards and Rankings

Named to The Best Lawyers in America in the area of privacy and data security law (2019-2020)

Recognized by The Legal 500 United States in the area of technology: outsourcing (2018)

Recognized by the National Law Journal as a Cybersecurity Trailblazer (2017)

Experience

Advises insurers, investment companies, and banking and financial services corporations regarding the effectiveness and regulatory acceptability of their cybersecurity/privacy plans, programs and policies.
Advised a Fortune 100 industrial company on a cyber breach that threatened highly confidential business information and personally identifiable information.
Guided a global beverage company through all stages of its response to the inadvertent disclosure of non-public information by a vendor.
Advises a Fortune 500 insurance company, as well as other companies, on complying with GDPR.
Advises a business development company on cyber strategy, from board counseling to cyber policy drafting, to reviewing its cyber insurance.
Serves as lead counsel to numerous industry-leading companies in a range of highly sensitive privacy crisis response matters.
Counseled a US-based healthcare insurer on its data breach and notification matters, which involved both state and HIPAA notifications.
Engaged with the FBI and the US National Cyber Investigative Joint Task Force on behalf of a leading US health insurer in response to a data breach incident.
Advises a leading life reinsurance company on its cybersecurity program, including vendor due diligence, incident response and compliance with the New York State Department of Financial Services cybersecurity regulation.
Advises a supplemental insurance provider on the GDPR implications of a potential new strategic venture.
Conducted an in-depth analysis and provided recommendations on a series of key cybersecurity and privacy policies affecting an insurance company's members.
Partnered with a Fortune 100 software company to publish a series of cybersecurity, data privacy and technology White Papers.
Advises a leading global chemical company on privacy matters related to the integration of a newly acquired business into its global operations.
Advises industry-leading companies on the full range of privacy issues they face related to the GDPR and the China Internet Security Law.
Advises a leading global reinsurance company on the design of a new US InsureTech product in light of US privacy laws and the GDPR.
Advised a leading North American insurer on HIPAA compliance following the inadvertent disclosure of healthcare information from a medical provider.
Advised a global quality assurance and risk management company on the applicability of HIPAA safe harbor rules to the anonymization and de-identification of protected healthcare information.
Advises a leading electric generation and transmission cooperative and a major energy industry membership organization on cybersecurity and privacy matters.
Advises well-known US corporations and financial institutions on privacy and data security issues in mergers, acquisitions and asset sales.
Helped a leading UK-based global investment management firm develop a cybersecurity incident response plan.
Provides compliance advice to leading financial services and insurance companies related to the New York State Department of Financial Services and SEC cybersecurity regulations.
Provides comprehensive cybersecurity and privacy compliance advice to an energy industry insurer, including on regulations by NAIC and the New York State Department of Financial Services.
Represented an investor in cryptocurrency litigation alleging securities, commodities and common law fraud in relation to an Initial Coin Offering (ICO).

Multimedia

Power on - Protecting your company and brand (April 10, 2020)
What COVID-19 means to hackers, scammers, and fraudsters... In this podcast we discuss what measures you need to be taking to protect your data, intellectual property and ...

Videocast: Blockchain technology in the financial services industry (September 27, 2018)
Blockchain and distributed-ledger technology hold tremendous promise, far beyond cryptocurrencies. However, there are also real pitfalls, which are often not identified until it is too late. This ...

The One-Two Punch: Cybersecurity breaches and the risks to Fiduciaries under ERISA (September 11, 2018)
Can a cyber breach cause an ERISA fiduciary to be in breach of its duties? The answer may be yes. In light of increasing cyber risk, escalating regulatory scrutiny, and the absence of significant ...

Videocast: Data manipulation-an overview (August 23, 2018)
The next generation of cyber threats-data manipulation attacks-is already here. Increasingly, organizations need not only protect their data from theft and ransomware, but also from subtle changes ...

An Electric Cooperative Bar Association (ECBA) Webcast: An intro to GDPR-How the EU’s General Data Protection Regulation may impact electric cooperatives, presented by Eversheds Sutherland (US) LLP (June 13, 2018)
GDPR - the European Union’s new General Data Protection Regulation - is on everyone’s mind. Lawyers and others in the co-op community are no exception. But what does it mean? How will it affect ...

Webcast: Back by popular demand: What US companies urgently need to know about the EU General Data Protection Regulation (GDPR) (November 29, 2017)
Eversheds Sutherland (US) Partners Michael Bahar and Mary Jane Wilson-Bilik along with Eversheds Sutherland (International) Partner Gayle McFarlane present Back by popular demand: What US companies ...

Webcast: What US Companies Urgently Need to Know about Europe's General Data Protection Regulation (GDPR): Are you Ready? (October 25, 2017)
Eversheds Sutherland (US) Partners Michael Bahar and Mary Jane Wilson-Bilik along with Eversheds Sutherland (International) Partner Paula Barrett present What US Companies Urgently Need to Know ...

Videocast: How to Handle a Hack (July 18, 2017)
Cyber breaches do not discriminate across industries and can occur even with the best policies, procedures and preventive measures in place. As such, cyber litigation is not going away and ...

Videocast: A Developing Cybersecurity Standard: Anticipate, Mitigate and Remediate (July 11, 2017)
The latest cyberattack across multiple countries shows that hackers do not discriminate by industry. It’s not just about targeting “data” such as credit card or insurance information. Rather, it is ...

Videocast: Connected and Automated Cars: The Federal Government Addresses Cybersecurity and Data Privacy (June 29, 2017)
Connected and automated vehicles are being built with components that enable them to not only access information, but also collect, store and transmit data for performance and safety purposes as ...

News

In the News

How To Protect Clients Against Hackers During The Coronavirus Crisis (March 17, 2020)
Financial Advisor
Eversheds Sutherland Partner Michael Bahar is featured in this Financial Advisor article discussing how hackers thrive on confusion and distraction, and how important it is that with all the focus on ...

Kids' Data Again In Spotlight As FTC Revisits Privacy Rule (July 19, 2019)
Law360
Eversheds Sutherland Partner Michael Bahar is quoted in this Law360 article discussing the Federal Trade Commission’s (FTC) review of its child privacy rules. Michael noted that many of the ...

PCLOB Reaches Midway Point on Surveillance Recommendations for Congress (June 3, 2019)
Communications Daily
Eversheds Sutherland Partner Michael Bahar is quoted in this Communications Daily article discussing the Privacy and Civil Liberties Oversight Board’s development of recommendations for Congress on ...

Federal Privacy Rules Could Take Cue from Kids' Data Law (March 12, 2019)
Law360
Eversheds Sutherland Partner Michael Bahar is quoted in this Law360 article discussing the Federal Trade Commission’s (FTC) recent record-breaking fine for a violation of the Children's Online ...

Data and Privacy Breach Notification Plans: What You Need to Know (April 25, 2018)
CSO, ITWorld and IDG Connect
Eversheds Sutherland Partner Michael Bahar is interviewed in this CSO article discussing how to handle a cyber breach and comply with the EU’s General Data Protection Regulation (GDPR). Michael said, ...

GDPR, The Digital Workplace and Employees' Rights (April 3, 2018)
CMSWire
Eversheds Sutherland Partner Michael Bahar is quoted in this CMSWire article regarding how global companies handle the differing privacy regulations around the world, including GDPR, the new, EU-wide ...

Partner Michael Bahar Comments on Launch of App to Track State, Foreign Data Breach Requirements (March 29, 2018)
Inside Cybersecurity
Eversheds Sutherland Partner Michael Bahar is quoted in this Inside Cybersecurity article discussing the launch of the firm's BreachLawWATCH mobile app. The unique app provides easy, consistent ...

When Kids’ Toys Are Listening, the FTC is Watching (February 21, 2018)
IPWatch Dog
Eversheds Sutherland Partner Michael Bahar is quoted in this IPWatch Dog article discussing the recent enforcement action against toymaker VTech by the Federal Trade Commission (FTC) for violating ...

US Partner Michael Bahar Comments on Intelligence Capabilities (January 29, 2018)
New Yorker
Eversheds Sutherland Partner Michael Bahar is quoted in this New Yorker article regarding Chinese intelligence capabilities. “They are a professional service,” said Michael. “They do their homework.”

Securing the Cloud (January 23, 2018)
USA Today Homeland Security
Eversheds Sutherland Partner Michael Bahar is quoted in the Winter edition of USA Today Homeland Security regarding increasing efforts to keep data safe in the ‘new normal.’ “Particularly this ...

Press Releases

California Consumer Privacy Act Preparation Website Launched by Eversheds Sutherland (October 25, 2018)
In anticipation of the California Consumer Privacy Act (CCPA), Eversheds Sutherland has created a one-stop information hub to help companies prepare for the impending legislation that will affect ...

18 Eversheds Sutherland Practice Areas, 68 Attorneys Named Among Nation’s Best in 2018 Legal 500 United States (May 30, 2018)
Eversheds Sutherland (US) LLP is pleased to announce that 18 practice areas and 68 attorneys have been recognized in the 2018 edition of The Legal 500 United States, a comprehensive survey of legal ...

Eversheds Sutherland Launches BreachLawWATCH Mobile App (March 27, 2018)
Eversheds Sutherland is pleased to announce the release of BreachLawWATCH, a unique mobile app that provides easy, consistent access to data breach statutes across the United States and a growing ...

Two Eversheds Sutherland Attorneys Recognized as 2017 Cybersecurity Trailblazers by National Law Journal (November 2, 2017)
NEW YORK and WASHINGTON-Eversheds Sutherland is pleased to announce that Partner Michael Bahar and Associate Alexander F. L. Sand have been recognized as National Law Journal Cybersecurity ...

Eversheds Sutherland Bolsters Cybersecurity and Privacy Practice with the Addition of US Partner Michael Bahar (June 12, 2017)
WASHINGTON-Eversheds Sutherland (US) LLP is pleased to announce that Michael Bahar has joined the firm’s Litigation Practice Group as a partner in the Washington DC office. He will also serve as ...

Presentations

Protect your company and your brand - What COVID-19 means to hackers, scammers and fraudsters... (April 2, 2020)
Many general counsels, as well as those focused on privacy, cybersecurity and intellectual property, are focused on their company’s coronavirus safety measures, as well as adjusting to working and ...

What you need to know about California’s new privacy act, the CCPA (July 10, 2019)
Every company that does business in California and collects personal information must afford its California consumers, prospects and employees dramatic new privacy rights on January 1, 2020, with ...

Cybersecurity and data privacy issues in the diversified industrial sector (June 12, 2019)
The diversified industrial sector is now high up on the list of targets for hackers, yet the sector remains relatively unprepared. As geopolitical tensions increase, state actors increasingly turn to ...

Data Privacy & Security Impacts in Oil & Gas (April 4, 2019)
Microsoft
Eversheds Sutherland attorneys Michael Bahar and Mark Thibodeaux present at Microsoft’s Data Privacy & Security Impacts in Oil & Gas event on April 4, 2019, in Houston, Texas.

Cybersecurity Update: Combating an Evolving Threat (March 27, 2019)
SIFMA C&L Annual Seminar
Eversheds Sutherland (US) Partner Michael Bahar presents Cybersecurity Update: Combating an Evolving Threat at the SIFMA C&L Annual Seminar on March 27, 2019, in Phoenix, Arizona.

GDPR Compliance (January 29, 2019)
International Taxation Conference
Eversheds Sutherland (US) Partner Michael Bahar presents GDPR Compliance at the International Taxation Conference on January 29, 2019, in New York, New York.

Choice of Law for Data in the International Context (January 14, 2019)
The Sedona Conference Working Group 6 Annual Meeting 2019
Eversheds Sutherland (US) Partner Michael Bahar presents Choice of Law for Data in the International Context at the The Sedona Conference Working Group 6 Annual Meeting 2019 on January 14, 2019, in ...

Judiciary and National Security: Attacks on Our Institutions of Democracy: The Role of the Judicial System (November 14, 2018)
U.S. Court of Federal Claims 29th Judicial Conference
Eversheds Sutherland (US) Partner Michael Bahar presents on the panel Judiciary and National Security: Attacks on Our Institutions of Democracy: The Role of the Judicial System at the US Court of ...

Data, Privacy and Cybersecurity -A Primer for Financial Services Legal and Compliance Professionals (November 12, 2018)
Practising Law Institute
Eversheds Sutherland (US) Partner Michael Bahar presents Data, Privacy and Cybersecurity -A Primer for Financial Services Legal and Compliance Professionals at the Practising Law Institute (PLI) ...

Webcast: What US companies need to know about the California Consumer Privacy Act of 2018 (CCPA) - Are you ready? (October 24, 2018)
The California Consumer Privacy Act of 2018 (CCPA) arrives on the heels of the expansive consumer protections offered by the European General Data Protection Regulation (GDPR), and it echoes key GDPR ...

Publications

Legal Alerts

NAIC’s Privacy Protections (D) Working Group begins revising privacy model laws (May 28,2020)
On May 5, 2020, the NAIC’s Privacy Protections (D) Working Group met via conference call. The Working Group was formed on October 1, 2019, under the Market Regulation and Consumer Affairs (D) ...

Crisis management for in-house counsel-The 50 fundamentals for confronting post-incident drivers of exposure (March 12, 2020)
Merriam-Webster defines “crisis” as “an unstable or crucial time or state of affairs in which a decisive change is impending” or “a situation that has reached a critical phase.” An organization ...

Cybersecurity and coronavirus-Guarding against hackers in this heightened risk environment (March 10, 2020)
In collaboration with Eversheds Sutherland attorneys Paula Barrett, Jake McQuitty and Craig Rogers .
Many general counsels, as well as their privacy and cybersecurity teams, are understandably focused on their company’s coronavirus safety measures-and that is good news to the hackers. Hackers thrive ...

Accessibility-The hidden A in the CCPA (February 20, 2020)
In the scramble to come into compliance before the January 1, 2020 deadline, companies may have overlooked a key-and potentially costly-requirement in the California Attorney General draft ...

Twisting in the Wind- California Attorney General issues revised CCPA regulations (February 14, 2020)
On February 10, 2020, the California Attorney General published revisions to the proposed regulations (Revised Regulations) to implement the California Consumer Privacy Act of 2018 (CCPA). The ...

FTC effectively shuts down Utah company’s operations pending compliance with mandated data security plan (November 19, 2019)
With companies increasingly worried about what the California Attorney General, and private litigants, will do once the California Consumer Privacy Act comes into effect, they should not lose sight ...

New CCPA amendments bring clarity prior to the January 1, 2020 deadline (November 15, 2019)
In the run-up to January 1, 2020, the California legislature and Attorney General are rushing to provide clarity to the California Consumer Privacy Act of 2018 (CCPA)-and businesses are rushing to ...

The CLOUD Act - A cross-border data access agreement rises from the fog (October 23, 2019)
In collaboration with Eversheds Sutherland attorneys Emma Gordon and Laura Dunseath .
On October 3, 2019, the United States and the United Kingdom entered into the world’s first ever agreement (the Agreement) under the Clarifying Lawful Overseas Use of Data Act (the CLOUD Act), the ...

The California Attorney General’s proposed regulations on the California Consumer Privacy Act - a helpful roadmap on how to comply? (October 17, 2019)
In collaboration with Eversheds Sutherland attorney Paula Barrett .
On October 11, 2019, the California Attorney General issued long-awaited draft Regulations to the California Consumer Privacy Act (CCPA). The draft Regulations provide helpful clarity on some core ...

Legal Alert: Cryptocurrency enforcement on the upswing-Texas cryptocurrency issuers agree to pay over $10 million to the SEC (September 11, 2019)
Along with other regulators, the Securities and Exchange Commission (the “SEC”) has been signaling its intention to pursue those in the cryptocurrency sphere that it believes are capitalizing on the ...

Articles

Coronavirus - Data Protection considerations for alternative communication platforms (March 26, 2020)

Litigators and Privacy: The Last People You Want to See, or the First? (March 5, 2020)
Cybersecurity Law & Strategy
In their consideration of possible worst-case cyber attack scenarios, organizations often focus on the various types of attacks and their relative severity. But, the worst-case scenario is not the ...

Eversheds Sutherland presents annual Industrial Foresight Report 2020 (February, 2020)
In collaboration with Eversheds Sutherland Managing Partner Dr. Matthias Heisse .
Our global Diversified Industrials sector team are proud to present our annual Industrial Foresight Report 2020. This report identifies key risks, legislation and commercial developments your company ...

US Cybersecurity and Data Privacy review and update: Looking back on 2019 and planning ahead for 2020 (February 4, 2020)
In collaboration with Eversheds Sutherland attorneys Paula Barrett, Jake McQuitty, Craig Rogers, Jennifer Van Dale, Rhys McWhirter and David Cook .
The reality of cybersecurity and data privacy threats and regulations proved a sobering one for many companies in 2019.The cost of data privacy began to hit home in January, with French ...

The state of US data privacy and cybersecurity laws in 2019 (December 2019)
In collaboration with Eversheds Sutherland att orneys Paula Barrett
US data privacy and cybersecurity laws developed rapidly in 2019, especially in California, New York, Nevada and Massachusetts. While there are ongoing efforts to pass a federal privacy law, states ...

In the spotlight: Cyber resilience and risks around outsourcing (November 2019)
The Lawyer
The operational resilience of financial institutions has come under increased scrutiny following a number of recent high-profile IT failures and cyberattacks. Operational resilience itself is much ...

Legislative heat wave: A mid-year review of upcoming cybersecurity laws and enforcement activity (August 2, 2019)
Cybersecurity Law & Strategy
While legislation to enhance data privacy rights and obligations continue to make headlines, regulators and legislators are also stepping up their cybersecurity expectations. In their article for ...

Lawyers at the Vanguard: The Wisdom of Involving Lawyers at the Innovative Design Phases, and the Obligations on Those Lawyers (March/April 2019)
FinTech Law Report
In the gold rush environment of fintech, only fools rush in without their tech-savvy lawyers. While the financial services landscape is already heavily dotted with regulation, privacy and ...

Know Your Tech (March 2019)
Cybersecurity Law and Strategy
Technologies are often pitched as solutions, if not game-changing solutions. Indeed, many times they are, but no solution comes without the seeds of its own costs and challenges. For pragmatic and ...

Cybersecurity and Data Privacy review and update: Looking back on 2018 and planning ahead for 2019 (March 1, 2019)
From the implementation of the GDPR to the passage of the CCPA, the year 2018 proved to be a monumental one for cybersecurity and data privacy. Regulators from around the world responded to ...

Newsletters

Partnering Perspectives: Insights from Inside and Outside the Corporate Law Department (Fall 2018)
We are pleased to present the Fall 2018 edition of Partnering Perspectives, which focuses on a number of legal developments as well as offers recommendations of preventive measures that you might ...

Partnering Perspectives: Insights from Inside and Outside the Corporate Law Department (Spring 2018)
With emerging technology, evolving international relationships and an increased focus on corporate responsibility, companies are faced with new challenges and opportunities, a fresh perspective on ...

View More

Areas of LAW

  • Insurance Claims
  • Litigation

Contact Us


    Please prove you are human by selecting the plane.