Joseph M. Burton concentrates his practice in complex civil, criminal and appellate litigation. He is nationally recognized in the emerging field of Information Security Law where he advises and represents individuals and corporations regarding their rights and responsibilities in maintaining the security of digital information. His practice includes trade secret, trademark and patent litigation with an emphasis in cybercrime and cybersecurity matters. Mr. Burton is a former Assistant United States Attorney and Chief of the Silicon Valley Office for the Northern District of California where he handled several pioneering high technology investigations and prosecutions, including the first prosecution in the nation for criminal copyright infringement of computer code.
As a defense counsel, Mr. Burton represented one of the targets of the first criminal investigation into the export, by computer, of cryptography programs. He successfully defended ElcomSoft Co. in a landmark case involving the first criminal prosecution of a software company under the Digital Millennium Copyright Act. Mr. Burton is a member of the White Collar Crime and Complex Crimes committees of the Section of Litigation of the American Bar Association, and former chair of the Computer Crime Subcommittee. He is also a member of the Federal Bar Association and the Charles Houston Bar Association. In 2015, he was selected as a Distinguished Legal Writing Award Winner by the Burton Awards for an article, "4 Steps to Getting Serious About Law Firm Cybersecurity," published by Law Practice Today.
Admitted to practice in California and the District of Columbia, he is a former lawyer delegate to the Ninth Circuit Judicial Conference. Mr. Burton is a 1973 graduate of the Northeastern University School of Law and a graduate of the University of Dayton.
- Counsel for ElcomSoft Company, a Russian software developer, facing the first criminal prosecution under the controversial federal statute known as the Digital Millennium Copyright Act (DMCA). ElcomSoft was acquitted of all charges in this precedent setting case.
- Counsel to a co-defendant in a federal criminal investigation, the first of its kind, involving the export of strong cryptography software. As a result of counsel's activity, the government declined to bring charges against the defendant.
- Counsel to the subject of a federal public corruption investigation in San Francisco on two separate and independent occasions involving contractors suspected of offering bribes. As a result, the criminal investigations of these individuals were terminated and no charges were brought against them.
- Counsel to the executive of a successful and thriving dot com start-up company under investigation by the SEC for securities violations. As a result, no criminal charges were brought against the client and only minimal civil sanctions were imposed.
- Counsel to a nationally known biotechnology firm in defense of a multi-million dollar patent infringement suit relating to the development, marketing and distribution of the client's product. Retained as lead trial counsel after the first case ended in a mistrial. The case was settled shortly before the second trial on terms favorable to the client.
- As a former Federal Prosecutor, counsel in the investigation of former and then notorious computer "hacker" Kevin Poulsen for activities related to computer intrusion. This was one of the earliest criminal investigations of computer hackers (1988). As a result, in part because of this original investigation, Poulsen was subsequently indicted and convicted of various computer crimes.
- District of Columbia
- U.S. Court of Appeals for the Ninth Circuit
- U.S. Court of Military Appeals
- U.S. District Court for the Northern District of California
- U.S. District Court for the Southern District of California
- U.S. District Court for the Eastern District of California
- Supreme Court of California
- Northeastern University School of Law, J.D., 1973
- Duane Morris LLP
- Partner, 1998-present
- Sideman & Bancroft, San Francisco, California
- Partner, 1994-1998
- Robins, Kaplan, Miller & Ciresi, San Francisco, California
- Partner, 1990-1994
- Chevron Corporation Law Department, San Francisco, California
- Litigation Counsel, 1989-1990
- United States Attorney's Office, Northern District of California
- Chief, San Jose Office, 1984-1989
- Assistant United States Attorney, San Francisco Office, 1978-1984
- United States Army
- Judge Advocate General Corps, 1974-1978
- Federal Bar Association
- Northern District of California
- Lawyer Delegate to the Ninth Circuit, Judicial Conference, 1992-1994
- American Bar Association
- Section of Litigation
-- Complex Crimes Committee
- Criminal Justice Section
-- White Collar Crime Committee
-- Vice Chair, Computer Crime Subcommittee., 1995-1996
- The Bar Association of San Francisco
- Judiciary Committee, 1997-2000
- National Association of Criminal Defense Attorneys
- Charles Houston Bar Association
Honors and Awards
- Selected as a 2015 Distinguished Legal Writing Award Winner by the Burton Awards
- Listed in Northern California Super Lawyers, 2004-2016
- Listed in Super Lawyers Corporate Counsel Edition, Criminal Defense: White Collar, 2009 and 2010
- Recipient, CLAY (California Lawyer Attorneys of the Year) Award for Criminal and Copyright Law. This award is given to attorneys who have made a significant impact on public policy, creatively managed complicated cases or transactions and have won cases against great odds. Mr. Burton was named in the March 2003 issue of California Lawyer Magazine for his achievements.
- AV® Preeminent™ Peer Review Rated by Martindale-Hubbell
Civic and Charitable Activities
- Member, Electronic Frontier Foundation
- Author, "A run through the California breach notification weeds," Cyber Security Practitioner, November 2016
- Quoted in "Prepare for a Payments Revolution," Bank Info Security, November 21, 2014 (selected as a 2015 Distinguished Legal Writing Award Winner by the Burton Awards)
- Author, "4 Steps to Getting Serious About Law Firm Cybersecurity," Law Practice Today, September 15, 2014
- Author, "Moving to Better Cybersecurity with NIST," Intelligent Utility, April 20, 2014
- Quoted in "New DDoS Warning Issued by Regulator," Bank Info Security, February 22, 2013
Selected Speaking Engagements
- Interviewed for "FTC, FCC Flex Muscles," Bank Info Security video, February 16, 2017
- Speaker, "Et Tu, Brute? – Your Government Can Take You Down Too" and "Keynote Panel: The Apple vs. FBI Crypto Debate," Information Security Media Group's Fraud & Breach Prevention Summit: San Francisco, March 22-23, 2016
- Speaker, "Cyber Security Breaches: Consequences for Your Firm in 2016 and Beyond," Live Webcast, The Knowledge Group, December 1, 2015
- Speaker, "Defending the White Collar Case: In & Out of Court," NACDL's 11th Annual White Collar Seminar, New York, October 22, 2015
- Interviewed for "Why Info Sharing Is 2015's Hot Topic." RSA Conference 2015, April 23, 2015
- Panelist, "Big Tech's Burden to Develop Predictive Indicators to Combat Cyber-Attacks," RSA Conference 2015, April 23, 2015
- Panelist, "Breach 360: How Top Attacks Impact Tomorrow's Laws, Litigation, Security," RSA Conference 2015, April 22, 2015
- Panelist, "Inconvenient Security: When Attorneys Drive Security Decisions," RSA Conference 2015, April 22, 2015
- Panelist, "Fraud: Defining 'Reasonable Security'," BankInfo Security Podcast, July 14, 2014
- Speaker, "Liability Between Banks & Commercial Clients on Fraud," Financial Crime Risk Management Solutions Seminar, Scottsdale, Arizona, June 10, 2014
- Panelist, "Payment Card Fraud, EMV Adoption & the Merchant Challenge," and "Closing Remarks: Top Fraud Threats to Watch in 2014: Technology and Legal Ramifications," ISMG Fraud Summit 2014, San Francisco, April 29, 2014
- Speaker, "Cyber Security and Data Breaches," Internal Corporate Investigations and Forum for In-House Counsel Program, American Bar Association, Washington, D.C., April 25, 2014
- Panelist, "Cybersecurity Litigation Risks and Compliance Threats: Steps that Public Companies, Boards, and Officers Should be Taking to Prevent a 'Cyber Pearl Harbor,'" Business Law Section of the American Bar Association Annual Meeting, San Francisco, August 11, 2013
- Panelist, "Hot Topics in Information Security Law 2013," "Techno-Ethics for Lawyers — How Technology Complicates Ethical Compliance" and "Banking Fraud: Where is the Liability — With the Customer, Bank or Vendor?" RSA Conference 2013 eFraud Global Forum, San Francisco, February 25-March 1, 2013
- Panelist, "Litigating the High-Tech Case," American Bar Association's Inaugural National Institute - Computing and the Law Conference: From Steps to Strides into the New Age, San Francisco, California, June 25-26, 2007
- Co-panelist, "What You Must Know About IT Security and Privacy Law," Chicago, Illinois, June 29, 2005; Rosemont, Illinois, June 30, 2005
- Co-presenter, "Compliance Issues Spawned by the Sarbanes-Oxley Act of 2002," Webcast, July 30, 2003
- "Securing Your IT Infrastructure," Microsoft Executive Circle Events, September 2002
- "Copyright or Copywrong: Digital Millennium Copyright Act Examined," RSA Security Conference, February 22, 2002
- "Implications of Enforcing the Digital Millennium Copyright Act: A Case Study, Focusing on United States v. Sklyarov," Fordham University, October 19, 2001
- "State Action Exemption and Noerr Doctrine Committee Program," Pathways to Leadership Committee Fair, San Francisco, California, April 14, 1999
- "Cybercrime Laws," sponsored by Duane, Morris & Heckscher LLP, PricewaterhouseCoopers and Upside Media at Cybercrime Conference, San Francisco, California, April 18, 2000
- "Trade Secrets: Recent Federal and State Developments," American Bar Association Annual Meeting, San Francisco, California, August 2, 1997
- "Electronic Commerce: Finance and Fraud on the Information Superhighway," American Bar Association Annual Meeting, Orlando, Florida, August 2, 1996