Chris is a corporate attorney and a Certified Information Privacy Professional (CIPP). He has significant experience handling legal and business issues relating to technology, data privacy and security, brand protection, contract negotiation, licensing, and product development.

Chris has held several leadership positions at technology, consumer product, and e-commerce companies. Prior to joining Mintz, he was Director of Legal Affairs and Privacy Officer at The Predictive Index, a high-growth, SaaS-based personnel assessment and technology company with an expansive international reseller network. Chris provided strategic counsel to management and all business units on a broad range of corporate, technology, and privacy issues.

On the privacy side, he delivered guidance across the organization on US and international data protection laws, including GDPR, as well as data privacy, data security, data collection and use, cross-border data transfers, security incident response, and vendor management. His general corporate work included drafting and negotiating a wide range technology agreements and commercial contracts, including distribution, reseller, and vendor agreements. He also managed an international intellectual property (IP) portfolio, negotiated licenses, advised the company’s marketing team on brand strategy and other issues, managed cross-border transactions, and provided legal oversight of M&A initiatives. In addition, Chris advised on employment law issues related to use of pre-employment and personnel assessments.

Earlier Chris was Corporate Counsel at Benrus, LLC, the watchmaking and lifestyle company.
He managed the company’s legal function through the early-stage revival of its iconic retail brand — negotiating contracts, counseling on IP matters, and preparing for growth-stage funding.

Chris was also Associate General Counsel for Alex and Ani, a prominent international retailer. During his two and a half years with the company, its revenue grew from $4.5 million to over $350 million. Chris attended to a wide range of commercial contracts, managed the company’s IP portfolio, advised on brand protection, and provided counsel on a wide range of additional matters, including privacy and employment issues. He began his legal career as an associate in the Providence, Rhode Island office of a large law firm.

And Now There are Three …. The Colorado Privacy Act

July 16, 2021 | Blog | By Cynthia Larose, Christopher Buontempo

Colorado has now joined California and Virginia to become the third US state to pass a comprehensive data privacy legislation when Governor Jared Polis signed the Colorado Privacy Act (the “CPA”) into law on July 8, 2021. The new law is set to take effect on July 1, 2023. The CPA borrows in part from the European Union’s General Data Protection Regulation (“GDPR”), but more significantly from both the California Consumer Privacy Act (“CCPA”, including as amended by the California Privacy Rights Act (“CPRA”)), and the Virginia Consumer Data Protection Act (“VCDPA”). Below, we highlight some of the CPA’s key elements and explore how the law compares to the CCPA and VCDPA.

June 11, 2021 | Blog | By Cynthia Larose, Christopher Buontempo

The Mintz Privacy & Cybersecurity Blog will be providing regular updates of notable pending US state privacy laws. Following our similar previous updates, this update checks in on the progression of those laws. The most notable update is that Colorado is set to become the third US state to pass a comprehensive privacy law as the Colorado Privacy Act is on the governor’s desk and is expected to be signed.

May 4, 2021 | Blog | By Christopher Buontempo , Cynthia Larose

In a previous update, we provided a comprehensive round-up of several notable pending US state privacy laws. We are checking-in on the progression of some of those laws in this further update. The next installment will update the remaining state laws in progress.

March 3, 2021 | Blog | By Cynthia Larose, Christopher Buontempo

On Tuesday, Virginia Governor Ralph Northam signed the Consumer Data Protection Act (“CDPA”) into law, making Virginia the second U.S. state after California to pass a comprehensive data privacy law. While not quite as expansive as the GDPR in every respect, the CDPA is a very broad-based privacy law that is on par with the California Consumer Privacy Act. Below, we break down some of its key elements.

February 16, 2021 | Blog | By Cynthia Larose, Christopher Buontempo

Based on what we are already seeing in terms of the impressive volume of state-level proposed privacy legislation in the early days of 2021, it appears that we may see a big year for US privacy law. Below is a sampling of where things stand in Virginia, Washington, New York, Minnesota, Oklahoma, Utah, and North Dakota.

January 11, 2021 | Blog | By Christopher Buontempo , Cynthia Larose

An oft-used business management concept is to “hire people smarter than you.” The concept also applies to hiring vendors – hire vendors that are better than you (especially when it comes to information security). Texas-based Ascension Data & Analytics LLC (Ascension), a technology and data analytics company used by the mortgage industry, did not utilize that concept in its vendor hiring process, and as a result, recently entered into a proposed settlement agreement with the Federal Trade Commission (FTC) following charges that it violated the Gramm-Leach-Bliley Act’s (GLBA) Safeguards Rule by failing to ensure that its third-party vendor adequately protected mortgage holder personal information.

December 2, 2020 | Blog | By Cynthia Larose, Christopher Buontempo

The Home Depot, Inc. (“Home Depot”) recently entered into a multi-state Assurance of Voluntary Compliance with Attorneys General of 46 states and the District of Columbia (the “Settlement”) stemming from a massive 2014 data breach that exposed the payment card information of approximately 40 million Home Depot customers. In addition to the steep penalty, Home Depot is required to undergo an extensive security overhaul.

August 12, 2020 | Blog | By Cynthia Larose, Christopher Buontempo

The New York State Department of Financial Services (“NYDFS”) has announced its first enforcement action of NYDFS’ Cybersecurity Regulation, Part 500 of Title 23 (“Cybersecurity Regulation”) against First American Title Insurance Company (“First American”), a leading title insurance provider.

May 12, 2020 | Blog | By Christopher Buontempo , Nadia Do Canto, Cynthia Larose

Amidst multiple investigations into the privacy and security practices at Zoom Video Communications (“Zoom”), New York Attorney General Letitia James recently announced a settlement agreement with Zoom after the failings of the platform were brought to light by the spike in Zoom video conference participants amid the COVID-19 pandemic.

May 7, 2020 | Blog | By Cynthia Larose, Christopher Buontempo

Last month, we reported that the United States Senate, Committee on Commerce, Science, and Transportation, conducted a hearing on “Enlisting Big Data in the Fight Against Coronavirus.” Specifically, the Committee focused on “examin[ing] recent uses of aggregate and anonymized consumer data to identify potential hotspots of coronavirus transmission and to help accelerate the development of treatments.”

Read less

Mintz Advises Quorum Cyber Security on Acquisition of Kivu Consulting

January 27, 2025

Mintz represented Quorum Cyber Security, a platform company of Charlesbank Capital Partners, in its acquisition of Kivu Consulting, Inc., a global cybersecurity firm specializing in Incident Response.

How to Maintain Cybersecurity for Your Remote Workers

March 27, 2020

Mintz Associate Christopher Buontempo was quoted in an article published by Society for Human Resource Management (SHRM) Online on security plans, policies, and other privacy measures for businesses to protect data as they manage their newly-remote workforces during the coronavirus (COVID-19) pandemic.

Read less

Speaker

Apr

2020