Razvan E. Miutescu

Partner

rmiutescu@whitefordlaw.com

Baltimore T: 410.347.8744 F: 410.223.3725

download bio

download vcard

Razvan E. Miutescu

PARTNER

rmiutescu@whitefordlaw.com

BALTIMORE

T: 410.347.8744

F: 410.223.3725

Biography

BIOGRAPHY

Biography
Experience
Insights
News

Mr. Miutescu is an experienced advisor on business, technology and information governance matters. His practice focuses on privacy and data security, information technology transactions and licensing, intellectual property, and data management, including data broker transactions, cloud services, distributed ledgers + blockchain, cryptocurrency and related regulatory and compliance matters. He is a co-chair of the firm’s Cyber Security, Data Management & Privacy practice.

In addition to his tech/IP practice, Mr. Miutescu is passionate about and has experience of over a decade with all aspects of wholesale and retail financing, sales, and acquisitions of recreational luxury yachts.

He speaks fluent Romanian and conversational German.

Recognitions

The Best Lawyers in America^®, Privacy and Data Security Law (2021-Present)
Maryland Super Lawyers^®, Technology Transactions and Intellectual Property "Rising Stars" (2013–2019)

Memberships & Activities

Maryland Volunteer Lawyers for the Arts
- Director and Vice-President, 2007-present
Maryland State Bar Association
- Vice-Chair, Committee on Data Privacy, Cyber Security & Technology, 2015-present
Bar Association of Baltimore City
- Chair, Business Law Committee, 2015-2017
Federal Communications Bar Association
Lecturer: Maryland SBDC, Smart Start Program, 2007-present

Privacy & Data Security

Mr. Miutescu is a privacy professional experienced with all stages in the lifecycle of data, including as to:

Federal regulatory compliance – Gramm-Leach-Bliley Act (and Reg. P) (“GLBA”), Section 5 of The Federal Trade Commission Act (the “FTC Act”), the Fair Credit Reporting Act as amended by the Fair and Accurate Transactions Act (“FACTA”), the Health Insurance Portability and Accountability Act (“HIPAA”) and the Health Information Technology for Economic and Clinical Health Act (“HITECH”), and the Telephone Consumer Protection Act (“TCPA”), as well as applicable regulations and agency-issued guidelines
State laws compliance -- Maryland Personal Information Privacy Act (“PIPA”), Maryland Social Security Privacy Act (“SSPA”), Maryland Confidential Financial Records Act (“CFRA”), and Maryland’s Identity Theft Laws
E.U. – U.S. data transfers, including subject to the Privacy Shield, Binding Corporate Rules, and Standard Contractual Clauses; assisting clients with General Data Protection Regulation (“GDPR”) compliance
Written information security policies
Data breaches and data breach notifications
Mobile marketing planning and implementation
Wiretap and other electronic monitoring and surveillance laws

Technology and IP

Mr. Miutescu regularly advises and counsels clients with the negotiation and drafting of contracts with their vendors and customers:

Software ownership and licensing – development, end-user, enterprise, distribution, reseller agreements
Cloud services – software-as-a service (SaaS), platform-as-a-service (PaaS), infrastructure-as-a-service (Iaas), hosting, and subscription agreements
Data broker services – direct marketing (data append, marketing lists), online marketing (registration targeting, collaborative targeting, onboarding), marketing analytics, and risk mitigation (identity verification, fraud detection) agreements
IT professional services – web and mobile app development, website development, system integration, tech support, software maintenance, technology consulting, CIO outsourcing, IT department outsourcing agreements
Electronic commerce and online platforms – terms of use, privacy policies, DMCA notices, electronic payment agreements
IT hardware agreements -- purchases, financing, and leasing agreements
Blockchain and distributed ledger technology (DLT) development and licensing

Business and Corporate Law

Mr. Miutescu regularly advises domestic and international technology companies on business formation, operations, and compliance matters, including as to:

Joint venture agreements
Distribution and marketing agreements for non-U.S. companies seeking to expand operations in the United States
M&A due diligence with a focus on intellectual property, privacy, and data security
Licensing of defense articles brokers under the International Traffic in Arms Regulations (ITAR)
Export controls compliance for foreign employees under Export Administration Regulations (EAR)
Asset seizures by U.S. Customs
Corporate organizational documents

Maritime

Mr. Miutescu has extensive maritime law experience, particularly in the areas of financing, sales, and acquisitions of vessels, including as to:

Wholesale (i.e., floor plan) and retail financing by yacht dealers
Financing secured by boats that are either state-titled or documented with the U.S. Coast Guard
Vessel charter agreements
Excise taxes applicable to vessels under the Maryland State Boat Act
Vessel repossessions – judicial (i.e., vessel arrests) and non-judicial (i.e., self-help)

INSIGHTS

Presenter, Bloomberg Law, Privacy by Design: Considerations for Products, Transactions, and Vendor Management, July 19, 2022

Guest Speaker, 9^th International Workshop on Soft Computing Applications (SOFA 2020), Compliance by Design in Blockchain Platforms, November 27, 2020

Co-author, DataGuidance, Guidance Note – Data Protection in the Financial Sector (Maryland), November 2020

Presenter, American Society of Association Executives (ASAE), Law Essentials for Nonlawyers: Cybersecurity and Privacy, October 28, 2020

Co-Presenter, OneTrust DataGuidance, A Global Perspective on the NIST Privacy Framework, June 23, 2020

Presenter, American Society of Association Executives (ASAE), Law Essentials for Nonlawyers: Cybersecurity and Privacy, April 29, 2020

Speaker, Information Systems Security Association (ISSA) – Central Maryland Chapter: Risk Mitigation Strategies for Cybersecurity Service Providers, December 18, 2019

Panelist, Institute for Credentialing Excellence (ICE) Exchange: Key Steps to Data Management Preparedness by Credentialing Bodies in Quasi-Governmental Roles, November 21, 2019

Panelist, LeadingAge Annual Meeting + Expo: Protecting Privacy and Maintaining Data Security in a Connected Age, October 28, 2019

Speaker, Maryland Cyber Breakfast Club: Risk Mitigation Strategies for Cybersecurity Product and Service Providers, June 25, 2019

Author, U.S. Cybersecurity Magazine, Incident Response: Making the Most of the Attorney-Client Privilege and the Work Product Doctrine, Spring 2019 Issue

Panelist, bwtech@UMBC: European Privacy Invasion (GDPR) One Year In, California Privacy Takeover (CCPA) Six Months Out, May 21, 2019

Presenter, Association Forum & American Bar Association (Chicago), Privacy and Data Protection: The GDPR and the Rising Global Tide of New Laws, April 30, 2019

Moderator, Baltimore Development Corporation: Free Trade Zones and Opportunity Zones Roundtable, April 10, 2019

bwtech Executive Workshop for Int'l CyberSecurity Companies - What are the TOP Things a Foreign Company Should Know When Establishing a Business in the US?, April 1, 2019

Co-author and co-reviewer, Bloomberg Law, Privacy & Data Security: State Profile – Maryland, February 2019

Panelist, Meeting Professionals International, MACE 2019: GDPR, Privacy and Events - Lessons Learned and Looking to the Future, February 22, 2019

Speaker, ASAE - DC Idea Swap, Cybersecurity 2019: Navigate through the Changing Privacy and Data Security Landscape, January 24, 2019

Speaker, UMBC Cyber Defense Lab: Legal Aspects of Privacy and Data Protection, November 9, 2018

Speaker, Institute for Credentialing Excellence (ICE) Exchange (2018): What Certification Boards Need to Know About Cybersecurity and Privacy Rules Like the GDPR, November 8, 2018

Panelist, Howard Technology Council: Cyber Security Tricks & Treats, October 30, 2018

Guest speaker, Through the Noise podcast: GDPR for Nonprofits and Other Associations, May 24, 2018

Presenter, Webinar for Private Client: GDPR Compliance – A Practical Approach, April 30, 2018

Speaker, MSBA Advanced Business Law Institute (2018): Privacy & Data Security – Before the Incident, April 19, 2018

Moderator, bwtech@UMBC Cyber Innovation Briefing: The Global Impact, Promise & Perils of Blockchain, March 20, 2018

Presenter, Webinar for a nonprofit organization with a global data footprint: What You Need To Know About GDPR Compliance, March, 2018

Guest lecturer, Stevenson University School of Design: Intellectual Property Law Considerations for Graphic Designers, November 16, 2017

Speaker, CyberMaryland Conference (2017): Risk Mitigation Strategies for Cybersecurity Product and Service Providers, October 11, 2017

Speaker, MSBA Advanced Business Law Institute (2017): Contracting for IT Services & Electronic Contracting, April 20, 2017

Speaker, MSBA Advanced Business Law Institute (2016): What Lawyers Need to Know about Cybersecurity and Data Privacy, April 14, 2016

Moderator, Bar Association of Baltimore City, Privacy and Data Security – Is Your Law Firm Prepared?, March 21, 2016

Guest blogger, The Daily Record, Keep Calm and Prepare for a Cybersecurity Breach, August 3, 2015

Co-author, Vessel Excise Taxes, Chapter 11, Maryland Taxes, 5th Edition, Maryland State Bar Association

Regular lecturer, Smart Start Program, Maryland Small Business Development Centers

ARTICLES

February 17, 2022

Whiteford Celebrates International Language Day

In celebration of International Mother Language Day, attorneys and staff from across the firm share their greetings in Cape Verdean Creole, Chinese (Mandarin & Cantonese), Dutch, Farsi, French, German, Korean, Mongolian, Russian, Serbo Croatian, Tagalog, Urdu and Romanian.

February 12, 2021

Privacy Compliance and Personal Data Processing 101 - Tips for Businesses and Nonprofit Organizations

Whiteford attorneys Razvan Miutescu and Kristen Bertch from our Intellectual Property and Technology group were interviewed by Dorothy Deng in this presentation. Over the past few years, the general public has grown to be much more aware about data privacy issues. With the EU General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and new U.S. privacy legislations being introduced to protect personal data, we discuss observations on business trends, privacy principles, legal compliance and more. The presenters also provide action items and practical suggestions to help businesses and nonprofit organizations navigate the evolving privacy law landscape.

April 28, 2020

Client Alert: Washington DC Increases Breach Response Requirements and Focuses on Data Security

A recent amendment to the District of Columbia’s data breach notification law (the “D.C. Breach Law”) highlights the nation’s increased focus on data security standards. Generally, the changes to the D.C. Breach Law fall into three categories: (1) expanding what is considered a reportable incident; (2) expanding the notification requirements for breaches; and (3) emphasizing proactive data security measures.

April 13, 2020

Client Alert: Guidance Issued for Ed Tech Companies and Schools during the COVID-19 Crisis

The Children’s Online Privacy Protection Act (“COPPA”) generally requires that operators of commercial websites and online services take certain steps to protect online privacy and safety of children under the age of 13. Those steps include COPPA’s requirement that companies covered by COPPA provide notice of their data collection and use practices and obtain verifiable parental consent before collecting certain data and that they maintain reasonable data security safeguards.

April 7, 2020

Client Alert: Zoom-Users Beware! Reports of Significant Privacy and Data Security Flaws

A side effect of the current global pandemic is the skyrocketing popularity of video-teleconferencing services. Among them, Zoom is a rockstar. Per its own estimates, Zoom grew its user base from 10 million to over 200 million, and counting, in the span of two months.

April 3, 2020

Client Alert: U.S. Supreme Court Holds Duty of Safe-Berth is a Warranty, Regardless of Diligence or Fault

In November 2004, the 748-foot, oil tanker ATHOS I embarked on a 1,900 mile voyage from Puerto Miranda, Venezuela to Paulsboro, New Jersey laden with heavy crude oil. In the final 900 feet of that voyage, as she made her approach to the berth in Paulsboro on the Delaware River, the flukes of an abandoned ship anchor punctured the single-hull of ATHOS I. Approximately 264,000 gallons of cargo spilled into the river.

March 31, 2020

Client Alert: OCR Issues Guidance About Sharing Patient Information and Telehealth Communications during Pandemic

The Office of Civil Rights (“OCR”) recently issued bulletins with important guidance for health care providers during the COVID-19 pandemic.

The OCR has recognized that, during the COVID-19 national emergency, health care providers may seek to communicate with patients, and provide so-called “telehealth” services, through remote communications technologies. Some of these technologies, and the manner in which they are used by HIPAA-covered healthcare providers, may not fully comply with the requirements of the HIPAA Rules. However, in light of the national emergency, the OCR said that it will not impose penalties against covered health care providers for the lack of a HIPAA business associate agreement (“BAA”) with video communication vendors, or any other noncompliance with the HIPAA Rules that relates to the good faith provision of telehealth services during the COVID-19 nationwide public health crisis.

March 25, 2020

Client Alert: COVID-19 Cyber Scams: Protect Your Organization

With everyone’s attentions devoted to the COVID-19 crisis and the disruptions it has caused to the normal rhythms of business and personal affairs, it should come as no surprise that criminals and scammers are seeking to take advantage of the situation.

December 21, 2018

Client Alert: Guidelines on the Territorial Scope of the GDPR: 5 Takeaways For U.S. Based Associations and Nonprofit Organizations

On November 23, 2018, the European Data Protection Board (the “EDPB”) published the Guidelines 3/2018 on the territorial scope of the GDPR (Article 3) (adopted on November 16), which are open to public comments until January 18, 2019. As the EDPB announced in its news release, the purpose of the Guidelines is to help provide a common interpretation of the territorial scope of the GDPR and clarify the GDPR’s application in various situations, in particular where the data controller or processor is established outside of the EU.

February 26, 2018

GDPR Compliance Quick Guide for U.S. Nonprofit Organizations and Associations

The General Data Protection Regulation (GDPR) is a privacy regulation of the European Union designed to give individuals control over their personal data. The GDPR protects the privacy of individuals regardless of their nationality when their data is collected when they are located in the European Union, Iceland, Liechtenstein or Norway (EEA). For example, the personal data of an organization’s employee, independent contractor, or volunteer located in the EEA may be protected by the GDPR even if that individual is a U.S. citizen and resident.

NEWS

August 17, 2023

A Record 87 Whiteford Attorneys Listed in Best Lawyers in America 2024, Ten Selected as “Ones to Watch”

87 lawyers from Whiteford, Taylor & Preston have been selected by their peers for inclusion in The Best Lawyers in America® 2024 (copyright 2023 by Woodward/White, Inc., of Aiken S.C.). New practice areas of recognition include CleanTech Law and Entertainment and Sports Law. The lawyers selected are based in the firm’s Delaware, Maryland, Pennsylvania, Virginia and Washington offices. Client comments are posted on the Best Lawyers website, at bestlawfirms.com.

August 18, 2022

73 Whiteford Attorneys Listed in Best Lawyers in America 2023, Six Selected as “Lawyer of the Year”

73 lawyers from Whiteford, Taylor & Preston have been selected by their peers for inclusion in The Best Lawyers in America® 2023 (copyright 2022 by Woodward/White, Inc., of Aiken S.C.). The lawyers selected are based in the firm’s Delaware, Maryland, Pennsylvania, Virginia and Washington, D.C. offices. Client comments are posted on the U.S. News & Best Lawyers web site, at bestlawfirms.com.

January 3, 2022

CISOs Plan What to Buy With Funds From the Infrastructure Bill

Razvan Miutescu was quoted in a InformaTech Dark Reading Technology article.

August 19, 2021

75 Whiteford Attorneys Listed in Best Lawyers in America 2022, Eight Named “Ones to Watch”

A record 75 lawyers from Whiteford, Taylor & Preston have been selected by their peers for inclusion in The Best Lawyers in America® 2022 (copyright 2021 by Woodward/White, Inc., of Aiken S.C.). The lawyers selected are based in the firm’s Delaware, Maryland, Pennsylvania, Virginia and Washington offices. Client comments are posted on the U.S. News & Best Lawyers web site, at bestlawfirms.com.

August 9, 2021

Digital Payments Making Inroads in Some Legal Communities

Razvan Miutescu was quoted in The Daily Record's article.

January 4, 2021

New 2021 Partners Elected at Whiteford, Taylor & Preston

Whiteford, Taylor & Preston is pleased to announce that Craig Booth Heron, Razvan E. Miutescu, Roberto M. Montesinos, Daniel R. Schimizzi and Ryan J. Stoker have been named Partners of the firm, effective January 1, 2021.

December 12, 2018

Thirty-six Whiteford Attorneys Named Super Lawyers and Rising Stars in Maryland

Whiteford, Taylor & Preston is pleased to announce that thirty-six of its attorneys are listed among the 2019 Super Lawyers and Rising Stars in Maryland.

March/April 2018

Countdown to GDPR

Whiteford attorneys quoted in ASAE's Associations Now article.

December 13, 2017

Forty Whiteford Attorneys Named Super Lawyers and Rising Stars in Maryland and Kentucky for 2018

Whiteford, Taylor & Preston is pleased to announce that 40 of its attorneys are listed among the 2018 Super Lawyers and Rising Stars in Maryland and Kentucky joining the 18 who were listed earlier this year in Delaware, D.C., Pennsylvania and Virginia.