Education

The Ohio State University

B.A., English, 2001

Capital University

J.D., 2008
  • magna cum laude
  • Order of the Curia
  • Law Review Staff Member/Research Editor (2006-2008)
  • Moot Court Board Member (2006-2008)
  • CALI award recipient (2007)
  • Presidential Merit Scholarship recipient (2004-2008)
  • Dean’s List (2004-2008)

Bar Admission

Ohio

Justin L. Root

Of Counsel

Overview

Clients with cybersecurity and information privacy concerns and challenges hire Justin for his experienced, tenacious, and thorough approach to data privacy and navigating an incident response. Justin’s breadth of experience, which includes service as a Special Deputy United States Marshal on the Federal Bureau of Investigation’s Cybercrime Task Force, is ever-present in his calming and clear analysis and strategic assessments of and approaches to cybersecurity and data privacy issues. As a result, Justin’s solutions-oriented approach reflects an appreciation for and is tailored to a client’s industry, segment, risk and dynamic needs.

With 17 years of law enforcement experience, Justin brings a unique and rare mix of legal and technical knowledge and depth to his proactive approach to cybersecurity risk assessments, mitigation and remediation, and to policy development and implementation. Justin has technical credentials unique among attorneys. He is a GIAC Certified Forensic Examiner and has received training from the SANS Institute, the National White Collar Crime Center, X-Ways Software Technology, and the Ohio Peace Officer Training Commission. He also is a member of the Ohio Attorney General’s Legal Cybersecurity Subcommittee. Justin possesses an ideal knowledge set and perspective to design a company’s cybersecurity policy, written information security program, and incident response plan, and to formulate and execute data security incident, regulatory investigation, or ransomware attack response. Justin is also a seasoned litigator who anticipates and helps clients avoid risk exposure arising from information privacy and cybersecurity incidents.

Justin designs compliance solutions for clients’ data privacy mandates to reduce exposure to regulatory scrutiny. He has handled cybersecurity matters including network intrusions, unauthorized computer use, and data exfiltration across a broad range of industries. He has represented clients during post-breach investigations and has helped clients navigate the national patchwork of data breach notification laws. Justin’s efficiency, knowledge and results-oriented approach flexes to accommodate and addresses a broad range of industry-specific expectations and practical implementation considerations and requirements.

Drawing on years of experience as a data privacy attorney and as a cyber investigator for federal, state, and local law enforcement agencies, Justin is uniquely situated to help clients anticipate and respond to data security events. Justin’s 17 years of law enforcement experience includes service as a Special Agent for the Ohio Bureau of Criminal Investigation’s Cyber Crime Unit, a Special Deputy United States Marshal on the Federal Bureau of Investigation’s Cybercrime Task Force, and as a police detective handling computer-related and white collar criminal investigations. Justin previously served as a techno-legal subject matter expert for the Association of State Criminal Investigative Agencies’ Technology Committee, assisted the Ohio Peace Officer Training Commission develop a new electronic evidence lesson plan for the Ohio basic peace officer training curriculum, and testified as an expert witness on the topic of computer forensics.

Justin lectures frequently on cybercrime, cybersecurity risks, and incident prevention and response. Justin leverages his vast experience to help clients recognize, understand, and respond to cybersecurity and data privacy obligations and incidents.

Professional Involvement

  • International Association of Privacy Professionals
  • Information Systems Security Association
  • International Association of Computer Investigative Specialists
  • High Technology Crime Investigation Association
  • Ohio State Bar Association

Publications/Presentations

  • Presenter, Ohio Chapter of the High Technology Crime Investigation Association’s Spring Training Conference, “Civil Data Governance Mandates and Considerations for Conducting Criminal Investigations When Regulated Data is Compromised,” Cambridge, Ohio, May 24,2017 
  • Panelist, Cybersecurity Docket's Incident Response Forum 2017, “Managing Financial Firm Data Breaches,” Washington, D.C., April 4, 2017
  • Presenter, The 9th Annual Corporate IP Counsel Forum, New York, NY, “CyberThreats: How Your Everyday Activities Place Your IP at Risk,” March 21, 2017
  • Presenter, Worthington Division of Police Citizen's Academy, “Cybercrime,” February 15, 2017
  • Presenter, Civica CMI User Conference, “Cyber Security,” Columbus, Ohio, October 4, 2016
  • Panelist, Association of Corporate Counsel – Central Ohio Chapter, “Legal Issues in the Sharing Economy,” Columbus, Ohio, June 3, 2016
  • Guest Instructor, Ohio Peace Officer Training Academy, “Search Warrant Preparation and Execution (Electronic Evidence Component),” Richfield, Ohio, May 31, 2016
  • Presenter, 16th Annual Emerging Trends in Fraud Investigation & Prevention Conference, “A Fistful of (Digital) Dollars: Bitcoin, Litecoin, and Other Cryptocurrencies,” Columbus, Ohio, May 10, 2015
  • Co-Presenter, Association of Corporate Counsel CLE Seminar, “Trends In Data Breach Law,” Columbus, Ohio, January 21, 2016
  • Panelist, Technology First: Taste of IT Conference, “Cybersecurity Compliance: If It Ain’t Working For Anthem, Lifelock, and Neiman Marcus, What Am I Supposed To Do For My Company?,” Dayton, Ohio, November 18, 2015
  • Co-Presenter, Chelko Consulting/Worldwide Employee Benefits Network, Cleveland Chapter, “Tales From the Crypt XIV: The Anatomy of a Data Breach,” Cleveland, Ohio, October 22, 2015
  • Panelist, InfraGard Central Ohio Chapter, “2015 Cyber Security Summit: Roundtable with Attorney General’s Office,” Columbus, Ohio, October 21, 2015
  • Presenter, Association of Certified Fraud Examiners, “Cyber Crime Investigations,” Cincinnati, Ohio, September 18, 2015
  • Panelist, Data Privacy Business Hour, “Somewhat Prepared is NOT Prepared,” Cleveland, Ohio, June 30, 2015
  • Co-Presenter, 15th Annual Emerging Trends in Fraud Investigation & Prevention Conference, “Mobile Device and Cloud Data Investigations,” Columbus, Ohio May 11, 2015
  • Co-Presenter, Ohio State Bar Association 2015 Convention, “What Every Ohio Attorney Needs to Know About Cyber Security and Digital Record Keeping, Part 1,” Sandusky, Ohio, May 1, 2015
  • Panelist, Ohio State Bar Association 2015 Convention, “What Every Ohio Attorney Needs to Know About Cyber Security and Digital Record Keeping, Part 2,” Sandusky, Ohio, May 1, 2015
  • Presenter, Allen County Bar Association’s Attorney Professional Conduct and General Seminar, “Computer and Internet Use and Safety,” Lima, Ohio, November 7, 2014
  • Presenter, Ohio Banker’s League, “Cyber Security Workshop,” Cincinnati, Ohio, October 22, 2014
  • Presenter, Educational Services Center Cyber Security Update, “What School Officials Need to Know,” Columbus, Ohio, August 1, 2014
  • Presenter, Fraud Investigators Association Monthly Meeting, “Cybercrime,” Columbus, Ohio, June 20, 2014