Sherwin thrives in taking on the unexpected and hard matters that our clients sometimes face. He thinks of himself as part of the client’s team. He enjoys learning about their business and their goals, and helping them find the simple, actionable solutions to complex challenges.
Sherwin is a technology lawyer with a litigation background. As a certified privacy professional (CIPP/US, CIPP/E and CIPM), Sherwin leads Carmody’s Privacy & Data Security practice. He advises clients across a broad spectrum of data privacy and cyber security matters. He represents customers and service providers in transactions or disputes involving technology, software, Internet, e-commerce, and digital communications. He is a founding member of the Start@Carmody team, supporting start-up and early growth stage companies.
Sherwin is a member of Carmody’s Litigation practice, which is named a “highly recommended” Connecticut litigation team in Benchmark Litigation’s Guide to Leading Business Litigation Firms and Attorneys.
Mackrell International, Global Privacy and Data Security Practice Group Member
Connecticut Entrepreneurs Forum, Inc., Secretary and Board of Directors, 2017-present
International Association of Privacy Professionals, including Co-chair of Connecticut KnowledgeNet Chapter, 2020-22
InfraGard, Connecticut Chapter
New Haven County Bar Association
Connecticut Bar Association
Federal Practice Section, Legislative Liaison and Executive Committee Member, 2014-present
Litigation Star, Benchmark Litigation, 2023-2024
Connecticut Super Lawyers® – Business Litigation, Utilities, Intellectual Property Litigation, 2013, 2015-2017, 2020, 2022-2023
New England Super Lawyers® – Business Litigation, 2013-2016
Certified Information Privacy Professional/United States, 2015-present
Certified Information Privacy Professional/Europe, 2018-present
Certified Information Privacy Manager, 2018-present
Coach data security incident response, data breach notification, and regulatory defense in multiple jurisdictions and under various state, federal, and international laws.
Serve as GDPR Data Protection Officer and Chief Privacy Officer for software technology provider for clinical research studies.
Draft, review, implement written information security and data privacy compliance programs.
Advise on cybersecurity and privacy due diligence in M&A transactions.
Review and negotiate cybersecurity insurance coverage.
Counsel school districts, higher ed, and edtech vendors on student data privacy.
Train workforce on data privacy and cybersecurity compliance and risk mitigation.
Investigate and prosecute online defamation and fraud, cyber squatting, and Internet domain name abuses.