Christopher L. Hayes, Phillips Lytle Special Counsel

Christopher L. Hayes

Special Counsel
(716) 504-5725
Download vCard

Mr. Hayes uses his in-house and litigation background to effectively guide clients through the dynamic landscape of data security and privacy. He is former in-house data security and technology counsel at a Fortune 500 financial institution and an experienced litigator. As senior in-house counsel, he provided practical legal and business advice on all aspects of data breach investigation and response; technology evaluation, licensing and acquisitions; data security practices, policies and procedures; and third-party/vendor risk management.

Mr. Hayes helps clients prepare for cyberattacks and data disclosure incidents through policy and procedure review, conducting tabletop and other key training exercises, analyzing and implementing measures to assess and mitigate third-party vendor risk, and navigating regulatory compliance with various federal and state rules and regulations. When attacks or data incidents occur, he counsels clients from start to finish – from the moment clients first become aware, through all aspects of response, investigation, containment, mitigation, and internal and third-party (including regulatory) communications, and post-incident with lessons-learned and root cause analysis.

Mr. Hayes understands client technology needs and objectives, as well as technology-related risk. He provides practical business and legal advice regarding complex technology arrangements involving data hosting and transfer, cloud and “as-a-service” technology, software licensing, consulting services, offshore technology development and services, and hardware purchases and leases.

His litigation background enables him to focus quickly on critical issues. He has successfully represented clients in federal and state courts and in all phases of litigation involving restrictive covenants, employee disloyalty, misappropriation of trade secrets and confidential information, and breach of contract. These cases have frequently involved complex technology, discovery, and data preservation/disclosure issues.

Mr. Hayes is a certified CompTIA Security+ professional.1

Admitted to Practice

  • New York
  • U.S. District Court, District of Colorado
  • U.S. District Court, Western District of New York

Honors & Awards

  • Black Achievers Award Recipient
  • Recognized by Erie County Bar Association Volunteer Lawyers Project for Pro Bono Work in Immigration Law
  • Honoree of the New York State Bar Association Empire State Counsel® Program for Pro Bono Work


  • University of Notre Dame Law School, J.D., 2007
  • Canisius College, B.A., magna cum laude, 2004

Professional Associations

  • American Bar Association
    • Litigation Section
    • Tort Trial and Insurance Practice Section
  • Bar Association of Erie County
  • InfoTech WNY
  • ISACA Information Systems Audit and Control Association
  • New York State Bar Association
    • Commercial and Federal Litigation Section
    • Intellectual Property Law Section
  • Third Party Risk Association

  1. The CompTIA Security+ certification validates the knowledge and skills required to: install and configure systems to secure applications, networks and devices; perform threat analysis and respond with appropriate mitigation techniques; participate in risk mitigation activities; and operate with an awareness of applicable policies, laws and regulations.