Data is igniting a global, technological revolution. Increased collection, use, storage, and transfer of data has shifted the paradigm of innovation – and created a global security problem. Fortune 500 companies with large quantities of data, cities with vulnerable infrastructure, and every institution in between must manage that risk, without encumbering progress or technological advancement. To do so, they turn to Aravind Swaminathan, Global Co-chair of Orrick’s internationally recognized Cyber, Privacy & Data Innovation team.  Aravind is one of four lawyers ranked nationally by Chambers USA (Band 2) in the category of Privacy and Cybersecurity Litigation, which described him as "extremely skilled in the field of cybersecurity[.]  He's always well prepared and consistently has the answer [clients] need."

As a strategic cybersecurity advisor, Aravind partners with clients to proactively plan for a crisis and develop strategies to improve resiliency, respond efficiently and effectively,  protect their business and brand, and defend them in the onslaught of litigation and enforcement actions that follow. He guides organizations from large public company financial institutions to start-up technology companies to critical infrastructure providers through incidents, and develops business- and brand-centric tactics to mitigate and manage risk. He has directed more than 150 cybersecurity incident and data breach investigations, including enterprise-wide network intrusions to cyberattacks with national security implications. With extensive trial, litigation and appellate experience, he also defends his clients when cyber, privacy, and payments issues lead to regulatory investigations by the SEC, DOJ, FTC, and State Attorneys General and other civil litigation, including securities and consumer class action litigation and shareholder derivative suits. 

Aravind’s background as an Assistant United States Attorney and Computer Hacking and Intellectual Property Section gives him first-hand understanding of federal agencies that allows him to swiftly navigate the system, partner with investigators and find creative solutions for his clients. As a federal cybercrime prosecutor, Aravind investigated and prosecuted a broad array of cybercrime cases, including hacking, phishing, trade secrets theft, click fraud, cyber threats, and identity theft. Aravind also led the cybercrime outreach program, where he worked with members of the Department of Justice, state and federal regulators, law enforcement and other organizations on cybersecurity and related privacy issues.

Aravind is a sought-after speaker by Boards of Directors and industry professionals on cybersecurity issues, including threat landscapes, incident response plans, compliance, and brand/reputational risk management.

  • As part of his work to protect communities, he collaborates with pro bono clients like PISCES, an organization which facilitates information sharing between state and local agencies to improve threat intelligence and protect critical government services.

    During his time as federal prosecutor in the Complex Crimes Unit, he also investigated and prosecuted a wide array of white-collar crimes, including investment schemes, corporate fraud and embezzlement, securities fraud, tax evasion and the nation’s largest bank failure. Aravind has represented clients in a broad array of civil litigation as well, including securities and shareholder derivative litigation, consumer class action litigation, trade secret litigation, and other complex commercial litigation in federal and state courts, arbitration and mediation, and in proceedings against the SEC and DOJ.

  • Cybersecurity and Privacy Matters

    • Represented technology company in security breach affecting approximately 100 million records
    • Represented travel and transportation company in network intrusion, connected with recent acquisition
    • Represented travel and leisure company in attack on customer database affecting records of individuals in China, EU, and US
    • Represented computer hardware manufacturer in security breach affecting credit card information, and ensuing state and federal investigations
    • Represented information security professionals in litigation and investigations in connection with large data breaches
    • Represented major contracting company in national security-related cybersecurity breach that compromised of industrial control systems
    • Represented enterprise software and information solutions company in breach of credit card and login/password information
    • Represented IT management software company compromised by botnet that leveraged managed endpoints to mine for digital currency
    • Represented digital currency security company in phishing attack directed at senior management that resulted in extortionate hacker threats
    • Represented major city in connection with compromise of personal information of utility customers and citizens
    • Represented industrial supply company in compromise of usernames and passwords for business to business customers
    • Directed cybersecurity assessments and planned remediation efforts for technology, financial services, and other companies
    • Advised networking infrastructure company in developing technical global privacy compliance strategy
    • Counseled companies in cybersecurity incident response planning, and facilitated tabletop exercises
    • Advised boards of directors on corporate governance responsibilities relating to cybersecurity and data privacy

    Privacy/Cybersecurity Class Action Litigation

    • Represented national retailer in class action litigation arising out of security incident
    • Represented cybersecurity threat intelligence company in federal court litigation alleging privacy and CFAA allegations
    • Represented major retailers in class action litigation alleging deceptive trade practices in connection with gift cards
    • Represented company in data breach class action litigation affecting tens of thousands of employees' Social Security number and tax information
    • Represented two former Chief Information Security Officers in consumer class action, derivative, and securities litigation following mega-breaches each affected tens of millions of records
    • Represented numerous technology and fintech companies in class action litigation brought under the Telephone Consumer Protection Act
    • Represented information solutions company against claims asserted under the Electronic Communications Privacy Act
    • Represented payment processor litigation with acquiring bank and ISO in connection with processing of credit card transactions
    • Represented application and software company in spyware and consumer protection investigation by Washington State Attorney General

    White Collar and Investigation Matters

    • Represented former Chief Information Security Officer in connection with SEC and DOJ investigations following largest data breach in history
    • Represented one of the nation's largest independent automobile dealerships in federal money laundering and tax investigation resulting in favorable non-prosecution agreement for individual company owners
    • Represented individual in government procurement and false statements investigation and prosecution
    • Represented healthcare provider in negligent homicide investigation
    • Represented large healthcare provider and leading pharmaceutical company in separate false claims investigation by Washington State Attorney General
    • Represented pharmacy chain in DEA diversion investigation
    • Represented Japanese individuals in Department of Justice and Securities and Exchange Commission investigation arising out of cross-border healthcare receivables investment company
    • Represented environmental technology solutions company in federal criminal grant fraud investigation, resulting in no charges brought
    • Led internal investigation at public technology company of allegations of Wiretap and Washington State Recording Act violations


    • Served as General Counsel to Washington State Governor Jay Inslee's task force on drone legislation
    • Served as member of City of Seattle's Privacy Advisory Committee