Steven Fritz

Steven Fritz

The Cybersecurity & Data Privacy Law Firm
  • Colorado, New York
Review This Lawyer
Claimed Lawyer ProfileSocial Media

Steve is the founder of Hexagon CyberLaw, and has been practicing law for over 15 years. He began his career at the Manhattan District Attorney’s Office, the most respected prosecutor’s office in the nation, where he worked as a “Major Case” prosecutor in the Office’s Cybercrime and Identity Theft Bureau. While there, Steve led several long-term and complex investigations and prosecutions, many of which entailed data breaches of Fortune 500 companies. After moving to Colorado, Steve continued his career as a prosecutor in the Financial Fraud unit of the Colorado Attorney General’s Office, before subsequently moving on to practicing civil law at a small Colorado firm. Steve is a member of the International Association of Privacy Professionals (IAPP), the foremost data privacy and security organization in the world. After demonstrating his knowledge and capability in the area of data privacy and security by passing a rigorous exam, the IAPP designated Steve as a Certified Information Privacy Professional (CIPP). In December of 2016, the IAPP selected Steve to serve a two-year term as co-chair of its Denver chapter. Drawing upon his experience, Steve has lectured on data privacy and cybersecurity issues to other attorneys and professionals. Steve is admitted to practice law in Colorado, New York, and the United States District Court for the District of Colorado. Steve enjoys spending time with his family, bicycle racing (road, mountain, gravel, & cyclocross), skiing, snowboarding, and playing his electric guitar (named “Layla”).

Additional Practice Areas
  • Cybersecurity Law
  • Data Privacy Law
  • Internet Law
  • Credit Cards Accepted
Jurisdictions Admitted to Practice
Placeholder image for jurisdictions.
New York
Placeholder image for jurisdictions.
  • English: Spoken, Written
Professional Experience
Attorney & Founder
Hexagon CyberLaw
- Current
Why choose Hexagon CyberLaw? Unlike other law firms that tack on cybersecurity and data privacy as another one of multiple practice areas, Hexagon’s practice is dedicated solely to cybersecurity and data privacy. Unlike most attorneys, Hexagon founder Steve Fritz passed the International Association of Privacy Professionals’ certification exam, and is a Certified Information Privacy Professional (CIPP). Unlike other law firms, Hexagon is a small business, and is responsive and sensitive to the needs of small and medium-sized clients. How many attorneys have started their own business? Hexagon CyberLaw was founded by attorney Steve Fritz as a solo practice. He gets it. Unlike most attorneys, Hexagon founder Steve Fritz’s background makes him uniquely qualified to be your data privacy and cybersecurity attorney- 10 years at the Manhattan District Attorney’s Office, where he was a “Major Case” prosecutor in the Cybercrime and Identity Theft Unit, followed by three years in the Financial Fraud unit at the Colorado Attorney General’s Office. Unlike other law firms, Hexagon is lean, nimble, and a provider of value. Want to pay for a law firm’s fancy office space with a great view? Not at Hexagon. Hexagon’s office space is professional, efficient, cost-effective, and gets the job done, and the savings get passed on to clients.
Special Counsel
Law Offices of Louise Bouzari
Assistant Attorney General, Criminal Division
Colorado Attorney General's Office
Assistant District Attorney
Manhattan District Attorney's Office
Cybercrime and Identity Theft Bureau, 2007-2010 • Led long-term investigations and prosecutions of cybercrime, identity theft, banking and credit card fraud, account takeover, forgery, market manipulation, money laundering, and other financial crimes. • Worked regularly with local, state, and federal law enforcement agencies, computer forensic analysts, and investigators from financial institutions, telecommunications companies, and internet service providers. • Drafted search warrants for residences, computers, cell phones, e-mail content, and cell site information. • Conducted debriefings and worked with confidential informants. • Participated in training regarding data breaches, computer forensics, internet scams, phishing, skimming, financial investigations, the Bank Secrecy Act, and Suspicious Activity Reports. • Represented Bureau at N.Y.P.D. CompStat meetings held to devise strategies to reduce crime. • Delivered cybercrime and identity theft presentations to community. Trial Bureau, 2000-2010 • Prosecuted hundreds of defendants for offenses including shootings, stabbings, robberies, burglaries, arson, drug dealing, coercion, driving while intoxicated, and auto theft. • Conducted numerous trials, hearings, grand jury presentations, plea negotiations, and debriefings. • Supervised prosecutors in the Early Case Assessment Bureau. Screened all Manhattan felony arrests, made decisions about whether or not to prosecute, and determined which charges to file. Served as point person for all police department legal questions. • Taught CLE to new prosecutors, and mentored them through trial advocacy program. Domestic Violence Unit, 2002-2007 • Investigated and prosecuted crimes involving domestic violence, including stalking and attempted murder.
New York Law School
J.D. (2000) | Law
Honors: Member, Moot Court Association; Senator, Student Bar Association
New York Law School Logo
Tulane University
B.A. (1997) | American Studies
Tulane University Logo
Professional Associations
Colorado Bar Association
Placeholder image for professional associations.
Boulder Bar Association
Placeholder image for professional associations.
International Association of Privacy Professionals
- Current
Activities: Member and co-chair of Colorado chapter
Placeholder image for professional associations.
Articles & Publications
Hexagon CyberLaw Blog
Hexagon CyberLaw
Speaking Engagements
Cybersecurity for Law Firms, Boulder Bar Association Continuing Legal Education (CLE), Boulder, CO
Boulder Bar Assocation
Every law firm is vulnerable to cybersecurity breaches, just like virtually any other business today. However, law firms are particularly attractive targets for hackers. At the same time, law firms are subject to not only the laws that apply to any other businesses, but to legal ethics rules as well. Unfortunately, every law firm will eventually have some kind of cybersecurity incident or breach (if they haven’t already). What sets those firms apart is: (1) how well they minimize the odds of an incident occurring, and (2) how well they’re able to detect, respond, and recover from one. In this CLE presentation, cybersecurity and data privacy attorney Steve Fritz from Hexagon CyberLaw, LLC will address the reasons why law firms should be concerned with cybersecurity, and how to address those concerns. The presentation will be geared towards small and medium-sized law firms and firms that lack significant cybersecurity safeguards.
Responding to Government Investigations of Corporate Data Privacy and Security Practices, International Association of Privacy Professionals (IAPP) Denver KnowledgeNet, Denver, CO
International Association of Privacy Professionals (IAPP)
This presentation to the International Association of Privacy Professionals (IAPP), Denver chapter, covered the landscape of government investigations of corporate data privacy and security practices, how to prepare for a government investigation, responding to an investigation, and post-investigation options and outcomes.
Colorado Bar Association 40-hour course
Certified Information Privacy Professional (CIPP/US)
International Association of Privacy Professionals (IAPP)
Websites & Blogs
Hexagon CyberLaw Blog
Contact & Map
1434 Spruce Street
Suite 100
Boulder, CO 80302
Toggle tool

There are no recently viewed profiles.

There are no saved profiles.

There are no profiles to compare.