Timothy Howard

About Timothy Howard

Tim Howard is a partner in our New York office, where his practice focuses on white collar and government regulatory investigations, with special attention to cybersecurity, data breaches, and cryptocurrency.  Tim is an accomplished trial lawyer and investigator, having managed significant white-collar cases across a wide range of disciplines, including securities and investment fraud, tax fraud, Foreign Corrupt Practices Act (FCPA) violations, cyber intrusions, health care fraud, consumer fraud, and government contracting fraud.  At Freshfields, Tim has advised a variety of clients on complex cross-border data breach incidents including managing incident response, forensic investigation and engagement with US and international regulators, DOJ and SEC white collar investigations, and advising companies on artificial intelligence, ephemeral messaging, cyber governance, and other data security risks.

Tim joined Freshfields from the United States Attorney’s Office for the Southern District of New York, where he spent nearly 12 years in varied roles, most recently as Chief of the Complex Frauds and Cybercrime Unit.  At SDNY, Tim tried and supervised 17 trials to verdict. Tim also spent a year on detail to the Department of Justice's National Security Division, where he served as National Coordinator for the National Security Cyber Specialist Network, through which he coordinated the national program of investigations into nation state-sponsored cyberattacks across all 94 U.S. Attorney's Offices.

Recent work

Private Practice Experience

Tim's deep experience in data security and complex white-collar cases in private practice includes representing and advising:

White Collar/Government Investigations

• A public life sciences company related to a cyber-enabled fraud event, including responding to a regulatory inquiry into governance, accounting and cyber controls by the US Securities and Exchange Commission, which resulted in no regulatory action;
• Multiple employees of an international financial institution in connection with an SDNY/SEC investigation into securities fraud; 
• An international financial institution in connection with an SDNY/SEC investigation into securities fraud related to mortgage-backed securities; and
• A global technology company with respect to an investigation into a consumer fraud scheme occurring on its infrastructure, including developing a coordinated strategy for affirmative litigation against the perpetrators and law enforcement engagement.

Data Security

• A global manufacturing company in connection with a US Department of Homeland Security investigation into data security following a ransomware event, which resulted in no regulatory action;
• A global travel company in connection with multiple data breach incidents, including managing crisis response and engagement with regulatory authorities in the US, UK and EU;
• A US-based technology company in connection with an insider threat data incident, involving responding to regulatory inquiries in the Netherlands, by various US State Attorneys General, and defending related US civil class action lawsuits;
• A global manufacturing company in connection with a massive global data theft incident; and coordinating regulatory engagement in the US, UK, EU and cooperation with US law enforcement authorities; 
• A global consumer products company regarding a software vulnerability in a consumer product, including responding to a coordinated investigation by State Attorneys General;
• A global travel assistance company with respect to achieving and maintaining HIPAA compliance;
• A global technology company regarding mitigating intellectual property litigation risks arising from the development of consumer-facing artificial intelligence applications; 
• Trade associations representing the interests of Chief Information Security Officers (CISOs) to file an amicus brief in support of a motion to dismiss in SEC v. SolarWinds Corp. & Timothy Brown, related to alleged inadequate disclosures following a cyber breach; and
• A global company in the hospitality industry with respect to ephemeral/off channel messaging policies.

DOJ Experience

Tim’s notable prosecutions at SDNY include:

• Charges exposing a wide range of Iran state-sponsored cyber attacks, including Iranian interference in the 2020 U.S. Presidential Election, a massive global hacking campaign engaged by the Mabna Institute to hack into universities and companies around the world, and a campaign of destructive distributed denial of service (DDoS) attacks against the U.S. financial sector (for which Tim received the 2016 Federal Bureau of Investigation Director’s Award for top cyber investigation);
• The unmasking and conviction of Ross Ulbricht, the founder and operator of the Silk Road darknet website for the distribution of over $200 million worth of narcotics, computer hacking tools, fake identity documents, and money laundering services using the Tor network and Bitcoin (for which Tim received the 2015 Attorney General’s Award for Distinguished Service in his role as trial counsel);
• The prosecution of leaders of OneCoin in connection with a billion-dollar international cryptocurrency fraud scheme;
• The first federal prosecution of individuals for engaging in a million-dollar non-fungible token (NFT) digital asset “rug pull” scheme;
• The prosecution of 18 former National Basketball Association players for defrauding the league’s health plan of millions of dollars;
• Corporate tax fraud cases against Swiss Life, Rahn & Bodmer Co., and Bank Hapoalim, and against individuals associated with the Panamanian law firm Mossack and Fonseca (known as the “Panama Papers”); and
• Multiple corporate FCPA investigations and resolutions.