• Subscribe
  • Log In
  • Sign up for email updates
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

The Texas Lawbook

Free Speech, Due Process and Trial by Jury

  • Appellate
  • Bankruptcy
  • Commercial Litigation
  • Corp. Deal Tracker/M&A
  • GCs/Corp. Legal Depts.
  • Firm Management
  • White-Collar/Regulatory
  • Pro Bono/Public Service/D&I

Q&A with Charles Schwab Deputy Chief Counsel Jay Johnson

February 18, 2022 Brooks Igo

Former federal prosecutor and Jones Day partner Jay Johnson moved in-house to Charles Schwab in September to help build and lead the financial services giant’s legal program for data privacy and cybersecurity.

Now deputy chief counsel in the technology, digital and innovation legal group at Schwab, Johnson teams up once again with Shamoil Shipchandler, the former regional director of the Securities and Exchange Commission who joined Schwab as chief counsel of the risk and regulatory legal group at the beginning of last year.

The Texas Lawbook caught up with Johnson, who has established himself as one of the preeminent cybersecurity and data privacy legal experts in the area, about the move, working with Shipchandler (yet again) and college football allegiances.

The Lawbook: You’ve been at Charles Schwab now for about five months. Why did you decide to move in-house?

Johnson: To be sure, Jones Day was a very tough place to leave. The firm was my professional home for over eight years and is full of great friends and attorneys. And Hilda Galvan, the partner in charge of the firm’s Dallas office, is a phenomenal mentor and leader. I moved to an in-house legal role for an opportunity to help build, maintain and lead Charles Schwab’s legal program for data privacy and cybersecurity. What I found here is challenging work, a great legal team and very sophisticated internal clients. It’s been a great start.

The Lawbook: How do you keep crossing paths with Charles Schwab Chief Counsel Shamoil Shipchandler?

Johnson: It’s getting awkward, right? We previously worked together at the U.S. Attorney’s Office for the Eastern District of Texas, at Jones Day, and as co-adjunct faculty at SMU’s Dedman School of Law. And before we ever met, we started our careers as clerks for federal judges in the same Washington, D.C., building, just off Pennsylvania Avenue, and as associates in Covington & Burling’s Washington office. At this point, I’ve lost track of who is following who. But kidding aside, he is one of the best attorneys and people that I know, and I’m lucky to have worked with him as much as I have.

The Lawbook: How did you come to specialize in privacy and cybersecurity?

Johnson: I was a patent litigator out of law school, having clerked for Judge Clevenger on the Court of Appeals for the Federal Circuit and in Covington & Burling’s intellectual property practice group. My first exposure to cybersecurity law came from the U.S. Attorney’s Office. Malcom Bales, the U.S. attorney for much of my time there, asked me to coordinate the district’s efforts to investigate and prosecute cybercrime and IP theft. The role had a name — CHIP Coordinator (short for “computer hacking and intellectual property”) — and on the cyber side focused on the district’s investigations of potential violations of the Computer Fraud and Abuse Act. This was around 2010, before data breaches had fully registered in the public consciousness.  When I moved to Jones Day in 2013, the firm’s data privacy and cybersecurity team was a natural fit. I later had an opportunity to create, develop and teach the first data privacy and cybersecurity class at SMU’s Dedman School of Law as an adjunct faculty member and have been blessed with six years worth of amazing students and a law school administration that continues to invite me back.

The Lawbook: What privacy and cybersecurity developments are you currently following?

Johnson: The proliferation of U.S. state privacy and security laws; congressional debates over the potential for federal legislation; the adoption of General Data Protection Regulation-style regimes globally; the expansion of regulatory oversight both domestically and abroad; the growing sophistication of criminal activity; supply chain and other third-party risks. For attorneys, data privacy and cybersecurity is as dynamic a legal area as there is. Stay tuned…

The Lawbook: Can you pick out one case from your time as an AUSA and one case from Jones Day that were particularly interesting? Why?

Johnson: Rather than identify any particular cases, let me say instead that when looking back, matters involving advanced persistent threats, or APTs, often proved most challenging. The attacker’s presence in an environment for an extended period of time can make it more difficult to assess and contain the scope of the attack, and victims were rightly uncomfortable with less than full visibility into the attacker’s activities over the entire timeline. Of course, malicious insiders, ransomware and other threats proved challenging as well, but matters involving APTs in particular stand out.

The Lawbook: Is your college football allegiance to Kansas State or Iowa?

Johnson: You’re killing me with this one. I have an undergraduate degree in mechanical engineering from Kansas State University and a law degree from the University of Iowa. I’m loyal to both and very tempted to dodge this question. But truth be told, I could never root against Kansas State, no matter who was on the other side of the ball. (And now if you’ll excuse me, I need to go make a few apology calls to my Iowa friends and classmates!)

The Lawbook: Is there anything else you would like to add?

Johnson: Only that I’ve worked with some phenomenal people over the course of my career in government, at two law firms and now here at Charles Schwab. I could not have been luckier in following this career path.  Full speed ahead!

Brooks Igo

Brooks Igo is the publisher at The Texas Lawbook and covers lateral moves.

View Brooks’s articles

Email Brooks

©2025 The Texas Lawbook.

Content of The Texas Lawbook is controlled and protected by specific licensing agreements with our subscribers and under federal copyright laws. Any distribution of this content without the consent of The Texas Lawbook is prohibited.

If you see any inaccuracy in any article in The Texas Lawbook, please contact us. Our goal is content that is 100% true and accurate. Thank you.

Primary Sidebar

Recent Stories

  • Injured Man Gets $9.45M Jury Verdict Against Dallas Hotel
  • P.S. — Raising the Bar: Lawyers Fight Food Insecurity, Support Veterans and More 
  • Winter Storm Uri Victims Ask SCOTX to Reinstate Their Claims
  • Flowserve, Chart Industries Agree to Combine in $19B Merger
  • New UT Law Grads Make Courtroom Debut in Federal Appeals Arguments

Footer

Who We Are

  • About Us
  • Our Team
  • Contact Us
  • Submit a News Tip

Stay Connected

  • Sign up for email updates
  • Article Submission Guidelines
  • Premium Subscriber Editorial Calendar

Our Partners

  • The Dallas Morning News
The Texas Lawbook logo

1409 Botham Jean Blvd.
Unit 811
Dallas, TX 75215

214.232.6783

© Copyright 2025 The Texas Lawbook
The content on this website is protected under federal Copyright laws. Any use without the consent of The Texas Lawbook is prohibited.