Overview

Roya L. Butler is an associate in the Privacy and Cybersecurity Practice at Paul Hastings, and is based in the firm's D.C. office. Ms. Butler focuses her practice on data breach investigation and response; cyber, privacy, and intellectual property litigation; and regulatory compliance and investigations. Ms. Butler's experience includes managing large-scale cybersecurity incident investigations, preparing diligence memorandums, and advising clients on privacy compliance and gaming compliance.

Prior to joining Paul Hastings, Ms. Butler worked as a law clerk at the Federal Trade Commission in the Division of Privacy and Identity Protection; the United States Securities and Exchange Commission in the Enforcement Division's Cyber, Market Abuse, and Trial Units; and at the Department of Defense Military Commission. Her experience at the agencies includes drafting governmental subpoenas and investigative demands; regulatory compliance analysis including cryptocurrency and crypto exchange; and COPPA, HIPAA, FINRA, and other regulatory compliance investigation. She has an active Secret Clearance and has completed 501 Security+ training.

Ms. Butler earned her Juris Doctor from Georgetown Law and her Baccalaureate from The Wharton School of Business of the University of Pennsylvania. While at Georgetown Law, she founded Cyberlaw Society, the first club at the law school focused on the intersection of law and technology, and was a senior editor at the Georgetown Journal of Law and Public Policy. Her Note, Stingray Stung, which focused on the original meaning of the Fourth Amendment and its application to nascent technology, was recently published in volume 34 of Harvard's Journal of Law & Technology; Silencing Speech Is Bad for Democracy with The Journal of Law and Technology at Texas is expected to be published in a forthcoming article analyzing Section 230.

Her experience at the agencies includes drafting governmental subpoenas and investigative demands; conducting regulatory compliance analysis, including in cryptocurrency and crypto exchanges; and investigating regulatory compliance of entities with COPPA and HIPAA.