John B. Kennedy


John B. Kennedy
offices New Haven
New York
phone 203-498-4310
view LinkedIn profile


John has helped clients manage the rapidly evolving risks of an information-based society for decades. In John's view, this is still the dawn of the information age as new capabilities arise every day, entailing multiparty business relationships and fresh concerns around data privacy, cyber security, and the evolving legal environment for emerging technologies such as machine learning and artificial intelligence.

As a Partner in Wiggin and Dana's Corporate Department and a member of the Outsourcing and Technology Practice Group and the Privacy and Information Security Practice Group, John assists clients with transactions and advice in all aspects of information law.

For example, clients seek John's guidance regarding new regulatory schemes such as the European Union's new General Data Protection Regulation (GDPR), which sets stricter-than-ever guidelines on the use of personal data and imposes harsh sanctions for violations. Clients also seek John's guidance regarding privacy and security compliance risk in the growing economy of "intelligent" and "connected" devices (also known as the "Internet of Things"). John also advises regulated clients such as insurance and financial services companies and healthcare startups, regarding enhanced cybersecurity regulations such as New York State's cybersecurity regulation (which requires financial services institutions to implement comprehensive cybersecurity programs). Compliance and liability risks in artificial intelligence and predictive analytics are also increasingly becoming client concerns, introducing new opportunities, risks, and regulations.

John's transactional practice includes outsourcing, cloud services, robotics, software development and licensing, e-commerce transactions, technology transfer and intellectual property-intensive M&A, divestitures, joint ventures, and restructurings. His clients have included Fortune 500 companies as well as emerging companies in the financial services, technology, manufacturing, biotechnology and healthcare, media, energy, and consumer products sectors.

John has negotiated complex information technology (IT) outsourcing services agreements involving cloud computing, IT infrastructure and software procurement, systems integration, software development and maintenance, voice and data services, and disaster recovery and business continuity. He has also negotiated business process outsourcing (BPO) agreements for call centers and customer support services, finance and accounting services, human resources administration, enterprise procurement services, government passport and visa services, research and development services, and supply chain management.

In his extensive practice in information privacy and security law, John has represented clients in connection with risk and compliance assessments of data privacy and security policies and practices, data breach preparedness and response, regulatory investigations of data practices, uses of data analytics and machine learning, and "privacy by design" analyses of products and services in social media and mobile e-commerce. He also advises clients on corporate information governance programs, international data transfers, and compliance with U. S., state, and federal data privacy and information security laws.

John has authored numerous articles on privacy and data security and from 2000 to 2016 served as a co-chair of Practicing Law Institute's Annual Privacy and Data Security Law Institute. Bloomberg BNA recently published John's Privacy & Data Security Practice Portfolio Series, Cybersecurity and Privacy in Business Transactions: Managing Data Risk in Deals.

He has been named in Who's Who of Business Lawyers for Internet, e-Commerce, and Data Protection, and Chambers USA ranks John nationally in its Outsourcing category. The Best Lawyers in America has named him for his work in Information Technology Law since 2009, and he was recently elected to The American Law Institute (ALI), the leading independent organization in the United States producing scholarly work to clarify, modernize, and otherwise improve the law. John is currently serving as an adviser to ALI's project to develop a baseline set of information privacy law principles to help guide lawmakers, courts, and policy makers.

John received his J.D. from Columbia Law School. He was a William Rainey Harper Fellow at the University of Chicago, where he earned an M.A. in English and American literature, and graduated magna cum laude from Carleton College.


  • International Association of Privacy Professionals


06.15.2018The LabMD Decision Reins In the FTC's Authority to Issue Broadly Worded and Ill-Defined Orders
08.18.2017Uber-FTC Settlement Highlights the FTC's Focus on Aligning Security Promises with Security Practices
01.06.2017Although Delayed, New York's Aggressive Cybersecurity Law Expected to Affect Financial Services and Insurance Firms
06.09.2016Morgan Stanley Hit with $1 Million Fine in SEC Cybersecurity Enforcement Action
11.23.2015FTC Administrative Law Judge to FTC: "Not So Fast on Data Security Enforcement!"
10.30.2015U.S. Senate Moves Forward on Cybersecurity Information-Sharing Legislation
10.06.2015European Union High Court Invalidates US/EU Safe Harbor for Data Transfers
06.04.2015Doing Business in Connecticut? There's a New Data Security Law You Should Get to Know
04.08.2015Implications of FCC's Record $25M Data Breach Settlement With AT&T
02.09.2015Cybersecurity Updates Newsletter, Winter 2015
02.06.2015The Anthem Breach: What Affected Group Plans Should Be Thinking About
11.07.2014California Reports 600% Increase in the Number of Individuals Affected by Data Breaches
04.08.2014Judge Green Lights FTC's Data Security Case Against Wyndham Worldwide
03.26.2014‘Kill Chain' Analysis of Target Data Breach is a Chilling Read for Corporate Cybersecurity and Privacy Professionals
02.21.2014Cybersecurity Updates Newsletter, February 2014
02.11.2014Cybersecurity Legislation: Is Congress Ready?
01.28.2014Federal Contractors: Meet the New Cybersecurity Standards or Lose Your Government Book
12.09.2013Cyber Attacks: A Clear and Present Danger
11.20.2013Google Enters Into $17 Million Settlement With 37 States and the District of Columbia After Circumventing Privacy Settings in Apple Inc.'s Safari Browser
05.07.2013A Data Privacy and Security Checklist for Management
03.13.2013Connecticut Attorney General Announces $7 Million Settlement with Google for Data-Snatching Wi-Fi Drive-Bys
02.26.2013The Federal Trade Commission's ‘Device Squad' Gets Technical with HTC on Smartphone Security
02.14.2013White House Issues Cybersecurity Executive Order
02.04.2013Federal Trade Commission Issues Comprehensive Mobile Privacy Recommendations and Proposes Mobile ‘Do Not Track' Mechanism
01.31.2013Lost Backup Tape Puts Blood Bank Under the FTC's Microscope
01.11.2013The World Gone Mobile: California Attorney General Issues Roadmap to Privacy Protection in the 'Mobile Ecosystem'

Published Works

07.24.2018Emerging Tech Companies: It's Not Your Uncle's Dot.Com Regulatory Environment Anymore for Privacy and Data SecurityThe National Law Review
07.01.2017Outsourcing: United States OverviewPractical Law - Thomson Reuters
07.01.2017Transferring Employees on an Outsourcing in the United States: OverviewPractical Law - Thomson Reuters
03.06.2017Regulatory Oversight of Third-Party Arrangements: Who's Writing the Contract?New York Law Journal
03.07.2016Hone a Plan to Meet Evolving Regulatory ExpectationsNew York Law Journal
02.24.2016Financial Regulators Have Cyber on Their
01.20.2016Cybersecurity in the U.S.: Living with Regulatory UncertaintyTerralex Connections
01.25.2013Reining In Mobile App Privacy PracticesLaw360


08.15.2018Best Lawyers in America Recognizes 29 Lawyers from Wiggin and Dana
06.13.2018The Legal 500 U.S. 2018 Recognizes Wiggin and Dana Practices and Lawyers
05.04.2018Chambers USA 2018 Recognizes Wiggin and Dana Practices and Lawyers
05.02.2018Wiggin and Dana to Publish an Article Series titled "Legal Issues for High-Growth Technology Companies"
10.27.2017Wiggin and Dana Hosts Another Successful Cyber and Privacy Forum
09.22.2017Six Wiggin and Dana Partners Recognized as New York Best Lawyers 2018
08.15.2017Best Lawyers in America Recognizes 30 Lawyers from Wiggin and Dana
06.18.2017Wiggin and Dana's Outsourcing and Technology Practice Ranked Among National Leaders
06.05.2017Chambers USA 2017 Recognizes Wiggin and Dana Practices and Lawyers
10.28.2016Super Lawyers Recognizes 40 Wiggin and Dana Attorneys
08.15.2016Best Lawyers in America Recognizes 30 Lawyers from Wiggin and Dana
05.31.2016Chambers USA 2016 Recognizes Wiggin and Dana Practices and Lawyers
10.20.2015Super Lawyers Recognizes 38 Wiggin and Dana Attorneys
08.17.2015Best Lawyers in America Recognizes 31 Lawyers from Wiggin and Dana
06.30.2015John Kennedy Featured in Digital Privacy Article
05.21.2015Chambers USA 2015 Recognizes Wiggin and Dana Practices and Lawyers
03.30.2015Wiggin and Dana Partner John Kennedy Publishes Cybersecurity Portfolio in Bloomberg BNA
02.03.2015Wiggin and Dana Advises DMG Media in Acquisition of Elite Daily
08.19.2014Best Lawyers in America Recognizes 33 Lawyers from Wiggin and Dana
05.27.2014Chambers USA Recognizes Wiggin and Dana Practices and Lawyers
02.25.2014John Kennedy Elected to American Law Institute
08.15.2013Best Lawyers in America Recognizes 35 Lawyers from Wiggin and Dana
08.12.2013Wiggin and Dana Partner Appointed Advisor of American Law Institute Project
07.22.2013Wiggin and Dana Partners Named to Who's Who Legal
06.07.2013Chambers USA Ranks Wiggin and Dana Practices and Lawyers in Connecticut and Nationwide Categories
06.19.2012Chambers USA Ranks Wiggin and Dana Practices and Lawyers in Connecticut, New York and Nationwide Categories
06.04.2012Leading Information Technology Lawyer Joins Wiggin and Dana

offices New Haven
New York
phone 203-498-4310
view LinkedIn profile



  • Columbia University School of Law, J.D., 1985
  • University of Chicago, M.A., 1976
  • Carleton College, B.A., 1970, Magna Cum Laude


  • Connecticut
  • New York

© 1998-2018 Wiggin and Dana LLP   |   Disclaimer Notice   |   Attorney Advertisement   |   Privacy Policy   |   Contact
© 1998-2018 Wiggin and Dana LLP