Nathan Salminen | Washington, D.C. | Hogan Lovells

Nathan Salminen

Partner Global Regulatory

Salminen Nathan

Nathan Salminen
Salminen Nathan
  • Overview
  • Experience
  • Credentials
  • Insights and events

Nathan Salminen helps clients evaluate and manage privacy and cybersecurity risks and obligations. Nathan’s deep technical background enables him to analyze legal issues that have a technical nexus, such as questions raised by the emergence of artificial intelligence and by cybersecurity incidents.

Nathan helps clients manage cybersecurity risks in the contexts of security incidents, security program development, commercial agreements, and mergers. He combines technical, legal, and business experience to understand, explain, assess, and mitigate data security risks that span those areas.  Nathan has led many companies' efforts to respond to major cybersecurity incidents, including incidents involving a nation state threat actor and incidents that impacted critical infrastructure or hundreds of millions of data subjects.

Nathan also assists companies that create artificial intelligence products, as well as  companies that use those products, in managing the privacy and cybersecurity risks associated with AI technologies. Nathan has led the response to more than two dozen regulatory investigations of artificial intelligence companies globally, assisted clients in developing artificial intelligence policies, and advised companies regarding product development strategies in the AI space.

Before becoming a lawyer, Nathan worked as a software engineer and manager of technical teams for 13 years. He recently updated and focused his technical knowledge by completing one of the most technically demanding penetration testing and ethical hacking certifications: the Offensive Security Certified Professional (OSCP).

Nathan  leverages his unique skillset, the firm's global team, and his extensive crisis management experience to help clients stabilize complex situations and find a path to restoring normalcy while minimizing legal risks.

Representative experience

Advised Equifax regarding what was the largest data breach in the world at the time and the audits required by the FTC afterwards by providing advise spanning the legal and technical realms.

Led a prominant artificial intelligence company's response to numerous regulatory investigations.

Managed the investigation and response to a cyber attack on a major global energy company by nation state actors.

Assisted an artificial intelligence company with developing its compliance program and product strategy.

Drafted and negotiated data security terms in vendor agreements for a major technology company.

Oversaw both the technical and the legal aspects of the forensic investigation of an attack on a major university.

Evaluated the privacy and data security risks associated with the acquisition of an US$80bn company.

Advised the maker of a major app regarding an attack on that app by nation-state-sponsored attackers and regulatory inquiries related to that attack.

Assisted a company in developing policies and contractual terms regarding the use of artificial intelligence.


  • J.D., Columbia Law School, Harlan Fiske Stone Scholar, 2013
  • B.S., Georgetown University, School of Foreign Service, 1997
Bar admissions and qualifications
  • District of Columbia
  • New York