Eric D. Vandevelde is a litigation partner in Gibson Dunn’s Los Angeles office and a member of its White Collar Defense & Investigations, Privacy, Cybersecurity & Data Innovation, Intellectual Property, and Crisis Management practice groups. He is a former federal prosecutor and an experienced trial and appellate attorney. He has significant first-chair trial experience and a deep technical computer/software engineering background, having obtained a degree in Computer Science from Stanford University and worked as a software engineer in Silicon Valley and Latin America. Mr. Vandevelde has been selected by Chambers USA in the area of White-Collar Crime & Government Investigations, has been repeatedly recognized as a “Super Lawyer” by Super Lawyers Magazine, and was named one of the Top 20 Cyber/Artificial Intelligence Lawyers in California by The Daily Journal. Mr. Vandevelde’s practice focuses on white collar and regulatory enforcement defense, internal investigations, and technology-heavy civil litigation matters, often involving computer/software-related trade secrets, copyrights, patents, and other intellectual property. He routinely handles consumer protection investigations by state and federal regulators, including state Attorneys General and District Attorneys, as well as the Federal Trade Commission (FTC), into allegedly unfair, unlawful, and deceptive practices. Eric is on the forefront of cryptocurrency issues and related regulations, handling investigations for major crypto exchanges involving the Securities and Exchange Commission (SEC), Financial Crimes Enforcement Network (FinCEN), and Office of Foreign Assets Control (OFAC). Eric has also represented clients in some of the highest-profile, highest stakes cases in the country concerning government and law enforcement demands for corporate data and assistance in connection with criminal and national security-related investigations.
From 2007 to 2014, Mr. Vandevelde served as an Assistant U.S. Attorney in the U.S. Attorney’s Office for the Central District of California. He was Deputy Chief of the Cyber & Intellectual Property Crimes Section, supervising one of the nation’s largest teams of federal prosecutors dedicated to investigating and prosecuting computer hacking and intellectual property offenses. He was the lead prosecutor on numerous high-profile cyber-crime investigations, including cases involving corporate espionage, theft of trade secrets, APTs (advanced persistent threats), botnets, distributed denial of service attacks, SQL-injection attacks, and other sophisticated cyberattacks. Mr. Vandevelde handled the prosecution of several infamous hacking groups that infiltrated dozens of government and corporate servers around the world. Other matters included the prosecutions of a nationwide identity theft ring involving millions of dollars in fraudulent cash withdrawals; importers and distributors of counterfeit pharmaceuticals, electronics, and other consumer goods; a hacker of cellular telephone payment systems; a hacker who infiltrated the website of a publicly traded company to post false press releases in an attempt to manipulate the company’s stock price; and executives at an aircraft parts supplier for selling fraudulent electronics, including to the U.S. military. Mr. Vandevelde also successfully prosecuted numerous traditional white collar cases as part of the Major Frauds Section, including healthcare fraud, mortgage fraud, investment fraud, tax fraud, and government procurement fraud cases, as well as some of the largest Ponzi scheme cases in Southern California.
While at the U.S. Attorney’s Office, Mr. Vandevelde first-chaired complex financial fraud, intellectual property, and cybercrime-related cases, and mentored junior prosecutors in numerous other trials. Mr. Vandevelde successfully argued multiple appeals before the Ninth Circuit. He also trained new prosecutors regarding electronic surveillance and data privacy issues. For his work with the government, Mr. Vandevelde received numerous awards and commendations from federal agencies, including the FBI, Secret Service, IRS, and U.S. Postal Inspection Service.
Mr. Vandevelde is an active member of the legal community and committed to pro bono work. He is Program Co-Chair of the ABA White Collar Crime Committee, Southern California Region, and serves as a Committee Member of the ABA Subcommittee on Computer and Intellectual Property Crime. He currently serve on the board of the Los Angeles Center for Law and Justice, which provides direct representation to survivors of domestic violence and families in crises, and he was previously a board member for the Federal Bar Association of Los Angeles. He is also a member of the ABA and the Los Angeles County Bar Association, and regularly volunteers with the Constitutional Rights Foundation.
Mr. Vandevelde graduated from UCLA School of Law, Order of the Coif. After law school, he clerked for the Honorable A. Howard Matz, United States District Judge, Central District of California.
Vandevelde is regularly asked to speak on cybersecurity, data privacy, and white collar matters. The following are some of his recent speaking engagements:
- Artificial Intelligence, Privacy and the Law – National Association of Former U.S. Attorneys Conference (2019)
- California Consumer Privacy Act (CCPA), New California Privacy Legislation & What It Means For Retailers – ABA and Retail Industry Leaders Association (RILA) Conference (2018)
- System Reboot: Winning a White Collar Case in the Digital Age – NACDL (2017)
- Cyber Crimes/Cyber Solutions: National Security beyond the Fourth Amendment – ABA (2017)
- Encryption: Privacy vs. Public Safety – Federal Bar Council (2017)
- How to Keep Cyber Investigations Confidential – Cybersecurity, Privacy & Data Protection Retreat (2016)
- Legal Ethics in a Digital World: Data Privacy, Data Security, Social Media & Email – Gibson Dunn CLE presentation (2015 & 2016)
- The Internet’s Own Boy: A Discussion of S. v. Aaron Swartz and the Prosecution and Defense of Cyber-Crime – ABA (2014)
- Data Breach Remediation: The Board Perspective – Audit Committee Roundtable (2014)
- Cyber Crime: The Realities, Challenges and Insights into Investigation – CalCPA (2014)
- Guest Lecturer on Cyber Crime – Loyola Law School (2013)
- “Sextortion” Case Studies – U.S. Department of Justice (2012)
- Electronically Stored Information and the 4th Amendment – ABA (2012)
- Lessons from Recent Trademark Counterfeiting Trials – U.S. Department of Justice (2011)
Recent significant engagements include:
- Rimini Street v. Oracle – Representing Rimini Street, a leading software support services provider, in copyright, software licensing, Computer Fraud and Abuse Act (CFAA), and Digital Millennium Copyright Act (DMCA) litigation concerning enterprise resource planning (ERP) software. Representing Rimini Street in related proceedings against Oracle pertaining to previously entered injunction.
- Major technology company – Representing major software/hardware technology company in coordinated, multijurisdiction consumer protection investigation by 30+ state Attorneys General and multiple District Attorneys’ offices, alongside parallel investigations by DOJ, SEC, and FTC, regarding disclosures to consumers regarding software features.
- Leading mobile game developer – Representing leading mobile game developer in consumer protection investigation by multiple District Attorneys’ offices regarding alleged violations of California Unfair Competition Law and False Advertising Law relating to in-app purchases.
- Major cryptocurrency exchange – Representing major cryptocurrency exchange in coordinated civil and criminal investigations by SEC, FinCEN, OFAC, and DOJ.
- Social media company – Led incident response efforts relating to one of the largest data breaches in history, coordinating domestic and international consumer notification efforts, forensic analysis and remediation, public relations strategy, and outreach to law enforcement and regulatory agencies. Successfully avoided regulatory investigations and private class actions.
- Terpin v. AT&T Mobility – Representing AT&T Mobility in lawsuit arising out of alleged theft of cryptocurrency and related cybersecurity issues.
- Chief Executive Officer – Defending former CEO of mobile messaging marketing company against allegations of fraud.
- Major biotech company – Representing biotech company in technology licensing dispute.
- Registered financial advisors – Representing financial advisors in investigation by Financial Industry Regulatory Authority (FINRA) arising out of alleged violations of ethical obligations.
- Engineering design firm – Represented one of the world’s largest engineering design firms in response to network intrusion involving significant employee data breach. Counseled client on investigation of incident, including supervising digital forensics and data security improvements, coordinated breach notification compliance, public relations strategy, and law enforcement interaction.
- Facebook – Part of international Gibson Dunn team serving as global coordinating counsel defending Facebook in high-profile European privacy proceedings.
- DraftKings – Represented DraftKings in wide-ranging and high-profile internal investigation and defense of numerous criminal and regulatory investigations, as well as civil actions related to compliance with federal and state gaming laws.
- Leading nutraceutical company – Led sensitive internal investigation regarding suspicious circumstances concerning acquisition of client’s subsidiary. Through computer forensics, uncovered evidence that former owners of the subsidiary had fraudulently inflated the purchase price of the subsidiary through a sham construction contract. Obtained $20+ million settlement just three days after filing RICO complaint and confronting the former owners with evidence of the fraud.
- Leading game developer – Represented leading game developer in complex commercial litigation against former datacenter services provider involving allegations of theft of trade secrets, breach of contract, and fraud and misrepresentations as to the datacenter’s ability to meet service level guarantees.
- Medical device company – Represented leading medical device company in connection with the theft and misuse of confidential trade secret information by former head of company’s “skunkworks” research and development arm.
- Next generation transportation company – Conducted internal investigation and made criminal referral to federal law enforcement authorities regarding theft of trade secrets by former employees who left to join competitor.
- Major software developer – Led investigation into major cybersecurity breach involving exfiltration of company’s data “crown jewels.” Quick action led to the arrest and subsequent federal prosecution of the suspect.
- Social media company – Provided counseling regarding European Union data privacy litigation matters involving the alleged tracking of unregistered users.
- Educational software services company – Led crisis management and response efforts regarding potential cyberattack.
- Engineering and construction company – Provided counseling in connection with referral to law enforcement regarding cyberattack and data breach.
- Hospital network – Provided counseling in connection with data breach involving HIPAA-protected information.
- Private investment firm – Obtained favorable settlement for private investment firm accused by market research company of stealing trade secrets via unauthorized computer access.
- Software company – Obtained favorable settlement in connection with competitor’s theft of trade secrets via unauthorized computer access.
- Foreign social media platform – Obtained favorable settlement in copyright lawsuit regarding alleged unauthorized use of plaintiff’s intellectual property.
- Hospital network – Successfully defended healthcare services provider in connection with nationwide False Claims Act (FCA) investigation by DOJ and the Department of Health & Human Services (DHHS).
- Educational institution – Defended postsecondary educational institution in connection with consumer protection investigation by numerous state Attorneys General and the Consumer Financial Protection Bureau (CFPB).
- Major defense contractor – Successfully defended current and former employees of major U.S. defense contractor in connection with DOJ investigation into alleged fraudulent billing practices. Resolved matter with no charges or adverse employment actions taken against clients.
- Chief Financial Officer – Successfully defended CFO of formerly publicly traded company in securities fraud investigation by SEC and parallel criminal investigation by DOJ. Obtained favorable resolution without admission of any wrongdoing.
- Neurosurgeon – Defended neurosurgeon in criminal healthcare fraud investigation involving parallel forfeiture case and medical licensing issues.
- Home healthcare provider – Obtained dismissal of all charges against client who was alleged to have submitted false claims for payment under California’s In-home Support Services health care program.
- Government demands for data – Represented numerous technology companies, including software developers, device manufacturers, and online service providers, in handling complex and/or contentious government demands for data and technical assistance via subpoena, search warrants, Title III wiretap orders, national security letters (NSLs), and other formal process issued under federal and state law, including the Stored Communications Act (SCA), Electronic Communications Privacy Act (ECPA), and Wiretap Act. Successfully litigated against the government to resist and narrow the scope of overbroad and/or unlawful process, as well as accompanying non-disclosure (i.e., “gag”) orders. Advised companies on encryption issues relating on such disputes.
- Other cybersecurity and data privacy matters – In addition to matters specifically mentioned above, handled numerous other cybersecurity matters (including handling major data breaches, thefts of trade secrets/criminal referrals, and advice regarding proactive incident response planning/preparation) as well as advised on a wide range of data privacy issues (including advice regarding CCPA and GDPR compliance). These matters have spanned a wide range of companies and industries, including social media companies and other online service providers, retailers, health care providers, pharmaceutical companies, telecommunication companies, energy companies, insurers, clothing manufacturers, developers of consumer and enterprise software, auto manufacturers, device manufacturers, robotics/artificial intelligence companies, real estate investment firms, engineering firms, and private equity firms (and their portfolio companies).