Bloomberg Law
Free Newsletter Sign Up
Bloomberg Law
Free Newsletter Sign Up

They’ve Got Next: Privacy and Cybersecurity Fresh Face Whitney Lee (1)

Oct. 29, 2021, 9:00 AMUpdated: Oct. 29, 2021, 4:27 PM

Morrison & Foerster LLP associate Whitney Lee has a lot going on. She handles complex government investigations, incident response, and congressional inquiries while staying on top of an evolving privacy and cybersecurity legal patchwork.

But that’s not all. She also runs CYREIN, a pro bono consulting and educational service for cyberstalking victims. She founded the organization in 2018, the year she graduated from Columbia Law School, wanting to address an uptick in spyware and the proliferation of home surveillance used by stalkers and domestic abusers.

“The answer to cyberstalking is not to just delete social media, since many people, especially those from marginalized communities, rely on it,” she said. “We listen to each victim’s needs and respond accordingly, and ask if they’d be OK if we engaged other social services like social workers or domestic violence counselors.”

Since its inception, the organization has helped approximately 120 victims of cyberstalking and cyber-harassment, most of whom were women or people of color, Lee said.

Originally from New Jersey, Lee split her time growing up between the U.S. and France, gaining fluency in French and developing a love for foreign languages that informs her practice today. She also speaks Arabic, which she picked up as an undergraduate at Harvard University and as an exchange student in Tel Aviv.

Her interest in cybersecurity stems from her time at Randolph-Macon Academy, a boarding school in Northern Virginia. Because of the school’s affiliation with the U.S. Air Force, technology and cyber were a big focus and sparked an interest that “was always kicking around” during her high school and college years.

During her third year of law school, Lee decamped New York for Europe and earned an LLM in international criminal law from the University of Amsterdam, where she focused on cybersecurity and cybercrime.

After graduating from Columbia Law and working as an associate at another D.C. firm for a year, Lee joined Morrison & Foerster’s Washington office.

Despite being fairly junior, Lee has had “quite a bit” of contact with clients, said Miriam Wugmeister, co-chair of Morrison & Foerster’s global privacy and data security group and a partner in its New York office.

“One of the things you worry about with younger lawyers is if you put them in front of a client when you’re not there, will they say something that you’d be uncomfortable with?” Wugmeister said. “There’s zero percent chance of that with Whitney—she puts people at ease, and she doesn’t go over her skis.”

Lee also acts proactively, communicating effectively during remote work and taking on projects like a “team player,” Wugmeister added.

Like other associates, Lee handles a range of matters. But what she enjoys most, she says, is incident response and crisis management. Ransomware in particular was a major focus for her last year as companies across industries grappled with a massive uptick in hacks and other intrusions.

That includes liaising with the Federal Bureau of Investigation and counseling clients through the reputational implications of a breach.

She predicts the popularity of ransomware-as-a-service will allow more cybercriminals to enter the space, and expects to see a greater variety in the types of targets by ransomware attacks, a continuation of trends she saw in Morrison & Foerster’s practice last year.

“In this role I get to wear a lot of different hats and do a lot of different things,” she said. “It’s really rewarding to me and something I’m proud of, to help clients deal with the fallout.”

Client needs vary based on the attack, but once an incident is public, Lee said she and her team help them balance the “delicate crisis communications element” by helping them respond to media requests, customer communications, and regulatory inquiries.

Her time at Morrison & Foerster taught her a one-size-fits-all approach doesn’t fly in privacy and cybersecurity, and she’s done the same at CYREIN. The team consists of three advisers—Lee, an attorney in Buffalo, New York, and an attorney in Seoul—that provide crisis management consulting for victims.

She uses much of her weekends to work on the pro bono organization, and said that loving the work she does, both at the firm and at CYREIN, keeps her motivated to help others during busy periods.

“MoFo has trained me on how to pivot quickly and how to be a calm presence in the midst of a crisis,” Lee said. “Partners like Miriam have been a great example for me.”

As for what’s next? Lee said she hopes to deepen her understanding of new privacy laws and become a fiercer advocate for clients as she gains more face-to-face work. And while she’s used her French and Arabic in communicating with clients at the firm, she hopes to do so even more on the road ahead.

Wugmeister said she expects Lee to continue to flourish as an attorney in the years to come.

“She’s going to become more of a leader; I expect her to take more of a leadership position on matters and train more junior associates,” Wugmeister said. “She’s doing really great, and we expect her to continue to do so.”

(Updates with additional reporting. A previous update corrected location of Lee's first job after law school.)

To contact the reporter on this story: Jake Holland in Washington at

To contact the editors responsible for this story: Kibkabe Araya at; Lisa Helem at

To read more articles log in.

Learn more about a Bloomberg Law subscription.