Aravind Swaminathan (’02) turned his interest in tech and experience as a prosecutor into a thriving cybersecurity and data privacy practice.
When a major public company suffered a data breach recently, Aravind Swaminathan (’02) took the unusual step of working with the relevant federal authorities to have law enforcement personnel seize a server containing his client’s stolen data.
As a result, the company faced no consumer or regulatory complaints.
“No regulator or class action plaintiff wanted to touch this case, given the lengths to which Aravind went to protect, and indeed recover, the company and its customers’ data,” says Antony (Tony) Kim, who, along with Swaminathan, cochairs Orrick’s Cyber, Privacy & Data Innovation practice. “Most lawyers don’t have the contacts, or know-how, to even think about retrieving stolen data.”
Swaminathan isn’t most lawyers. In fact, he almost wasn’t a lawyer at all. The New Jersey native studied biology as an undergraduate at Cornell University and then taught high school math, science, and computer science for a couple of years before deciding to go to law school “kind of on a whim.” He knew he wanted to get a graduate degree but was only sure of one thing: he didn’t want to study medicine.
“My dad’s a doctor; all my dad’s friends are doctors,” he explains. “I went to the Boston University campus and picked up a coursebook because my girlfriend at the time was there. When I came to ‘Law,’ I read a bunch of the class descriptions and thought, ‘Wow, that seems really great.’ So, I decided to go to law school.”
Nearly 20 years later, Swaminathan is a leading cybersecurity and data privacy lawyer, having first honed his skills in those areas as an Assistant US Attorney in Seattle. Although the topics weren’t covered explicitly at BU Law when Swaminathan was a student (the nation’s first security breach notification statute— in California—didn’t take effect until the year after he graduated), today the school offers a variety of courses and experiential learning opportunities in the field.
Over the past few years, BU Law has launched a Technology & Cyberlaw Clinic in partnership with the Massachusetts Institute of Technology and an interdisciplinary Cyber Alliance of computer science experts, law professors, and social scientists designed to generate learning and research opportunities. In fall 2017, the school hired Associate Professor Ahmed Ghappour, a former computer engineer who is an expert in criminal law and computer security.
Swaminathan applauds the school’s cybersecurity-related expansion.
“You have to recognize that this is an area of the law that’s grown, and it’s here to stay,” he says. “This idea of the convergence of tech and law is going to be at the center of where the legal industry is going to grow.”
Swaminathan’s own entry into the field came organically. After graduating from BU Law, he worked in law firms and spent a year clerking for Judge Richard C. Tallman of the Ninth US Circuit Court of Appeals. But it was Swaminathan’s move to the Western District of Washington US Attorney’s Office that put him on track for a career in cyberlaw.
After working on a few of the office’s digital crimes investigations and prosecutions, then US Attorney Jenny A. Durkan designated Swaminathan as one of the district’s Computer Hacking and Intellectual Property Section (CHIPS) prosecutors.
“That’s kind of what kicked it off,” says Swaminathan, although he says he’s always been “into technology.” As a high school student, he took computer programming and learned how to code in “languages so old, most have never heard of them”—Fortran, Pascal, and COBOL.
Swaminathan says the forensic techniques used in cyber cases—including how investigators leverage technology to “comb through computers to identify evidence”—appealed to him right away. Since leaving the government in 2013, he has continued in the field, first at DLA Piper and now at Orrick. Even though he’s no longer a prosecutor, Swaminathan says it’s overly simplistic to think of his current work as a traditional defense practice.
“Most of our clients are the victims of a cybercrime,” he says. “As more and more plaintiffs and regulators begin to allege that companies should be liable for being negligent data custodians, they become defendants. But at the inception, they are victims.”
Swaminathan says the technology behind his clients’ work continues to excite him.
“Our entire practice is based around the idea that data is the new currency,” he says, adding that data is crucial not only for his traditional technology company clients, like Microsoft, but also for entities that normally wouldn’t be associated with Big Data, like the city of Seattle.
Orrick and Swaminathan represent the city in its Open Data Program, which makes municipal data available to the public for a variety of reasons, including improving transparency, encouraging initiatives that might improve quality of life, and creating economic opportunities.
In every matter, Swaminathan says, “We’re trying to help our clients—how do you collect data, store it, and protect it from bad guys? As clients increasingly depend on data to drive innovation, we’re really at the center of their needs.”
Because of his diverse career background, Swaminathan recommends students take a “broad variety” of classes that interest them before zeroing in on the thing they love best.
“The more you expose yourself to, the better off you’ll be,” he says.
Swaminathan’s own time at BU Law was influential in a variety of ways. A criminal law and procedure course with Professor Tracey Maclin was especially “formative in thinking about what I wanted to do,” he says.
“I’m still a bit of a Fourth and Fifth Amendment junkie, so Tracey has rubbed off on me permanently,” he jokes.
And BU Law was important personally, too—a classmate and fellow moot court competitor introduced Swaminathan to her roommate (a Harvard Law student), who eventually became Swaminathan’s wife: Sarah C. Johnson, a partner at the Pacifica Law Group.
“I take full credit for their happy family,” jokes the classmate, Joanne M. Hepburn (’02), of counsel at K&L Gates.
Hepburn says that, even as a student, Swaminathan demonstrated some of the talents that would later serve him well as a trial attorney. “He’s always been a very polished speaker,” she says. “He has that dynamic personality where he can really convey the information that he knows like the back of his hand to people who might not know it as well.”
At Orrick, Swaminathan has been a “game changer,” says Kim. In addition to growing the practice internally—with a focus on women and minority attorneys (Swaminathan was named a 2018 Rainmaker by the Minority Corporate Counsel Association)—Kim says Swaminathan has “tripled” the firm’s roster of public company cyber and privacy clients.
“Aravind’s greatest value to clients is his ability to ‘see around corners,’” says Kim. “As a former prosecutor, trial lawyer, and tech-enthusiast, he has a special ability to anticipate how his clients’ defense narrative (both legal and technical) will play out before a regulator, a court, and/or in the press.”
Howard S. Altarescu (Questrom’70, LAW’74), one of Swaminathan’s colleagues at Orrick and a fellow BU alum, agrees: “Aravind comes in with not only that litigator’s advocacy but, more importantly”—and somewhat ironically, given Swaminathan’s decision to skip medical school—“an analytical approach like a surgeon.”
By Rebecca Beyer
This feature originally appeared in The Record, BU Law’s alumni magazine. Read the full issue here.
- Cyber Alliance Offers Cross-Disciplinary Perspectives on Cybersecurity
- A Gene-uine Talent for Deals: Robin A. Walker is behind some of the most cutting-edge gene-editing deals in biotech
- Answering the Call: Meet Sean Oehlbert (’98), former National Security Council director of nuclear nonproliferation
- Who Approves the CIA’s Jokes? MIT researcher works with the BU Law Technology & Cyberlaw Clinic to sue the CIA for records related to its Twitter activity