• Share
  • Email
  • Print

Bruce J. Heiman

Practice Area Leader — Policy / Regulatory
Fax +1.202.778.9100

Bruce Heiman engages in a wide ranging federal counseling and lobbying practice. He has represented leading companies and trade associations in technology, financial services, postal, trade, transportation and manufacturing industries. He is one of two Practice Area Leaders of K&L Gates’ Policy and Regulatory Practice. He is nationally ranked as a top government relations lawyer by both Chambers USA and The Legal 500.

Mr. Heiman regularly assists clients design and implement a Washington, D.C. “game plan” to protect and promote their interests before Congress and federal departments and agencies. He helps them pursue legislation, implement enacted laws, and achieve their objectives in industry meetings as well as government negotiations. He also often helps clients assemble and advocate on behalf of a coalition of parties with similar objectives, including interest groups and think tanks. He writes and speaks frequently and is often quoted in the media on current developments.

Previously, he served as Legislative Director and Trade Counsel to U.S. Senator Daniel Patrick Moynihan of New York from 1984 to 1987.

He first joined the firm in 1980 after graduating with degrees in law and public policy from Harvard Law School and Harvard’s Kennedy School of Government.

Mr. Heiman is a member of and previously served on the Board of the Capitol Historical Society.

Areas of Practice

For over 20 years, Mr. Heiman has engaged in a wide-ranging federal counseling and lobbying practice on behalf of leading clients in the information technology industry.  He also assists a range of companies understand the laws and policies applying to their Internet and e-commerce activities. He is one of two Practice Area Leaders of K&L Gates’ Policy and Regulatory Practice.

Mr. Heiman is a recognized authority on cyber security and privacy policy issues.  He was counsel to the private sector coalition that led the fight to liberalize export controls on American encryption products.  He has worked with a leading trade association to ensure that efforts to promote cyber security and protect critical information infrastructure are market-driven and industry-led.

He has been actively involved in formulating practicable privacy policies, helping companies prevent and respond to data breaches, protecting intellectual property rights, improving the delivery of government services while preventing unfair competition with the private sector and opposing governmental regulation of the Internet.

He also has been working on issues of whether and how the government should regulate the development of Artificial Intelligence, as well as advising companies on the application of AI to their industry.

Mr. Heiman was profiled by Tech Counsel Magazine as one of the leading high-tech lobbyists in Washington and has been quoted on info-tech issues in The Washington Post, New York Times, Wall Street Journal, National Journal, Congressional Quarterly, Legal Times and Tech Daily.  He has spoken to the RSA Security Conference, the ABA Committee of Corporate General Counsel and the Congressional Internet Caucus.

From 1984 to 1987, he served as legislative director and trade counsel to U.S. Senator Daniel Patrick Moynihan of New York.


  • “Is encryption safe?” Daily Journal, February 23, 2016
  • “Should cybersecurity victims hack back?” San Francisco Chronicle, April 22, 2015
  • “The FTC Has Already Set Cybersecurity Standards,” Law 360, March 5, 2015 
  • “A ‘Reasonable’ Cybersecurity Program,” Law Practice Magazine, March/April 2015
  • “Patent-Infringement Remedy Needs Supreme Court Tuneup,” (with Paul Stimers), San Jose Mercury News, February 9, 2006
  • “Who Steals My Name? The US and EU Response to Data Security Breach,” (with Donald A. Cohn and Jonathan P. Armstrong), ACC Docket, June 2006
  • “Data Breach Notification and Cybersecurity Standards in the U.S. and E.U.” (with Jonathan P. Armstrong), BNA International’s World Internet Law Report, December 2005


  • “Decoding the Encryption Dilemma: A Conversation on Backdoors, Going Dark, and Cybersecurity,” Information Technology and Innovation Foundation Panel, Washington, DC, March 31, 2016
  • “Beyond Safe Harbor: Bridging the Transatlantic Privacy Divide,” Passcode (The Christian Science Monitor) Panel, Washington, DC, February 26, 2016
  • “Cybersecurity Information Sharing Act....What Does It Really Mean?,” Presentation at FBI/USSS/InfraGard Program, Washington, DC, February 17, 2016
  • “Taxes, Transportation, Trade, Technology,” Presentation at Greater Washington Board of Trade Outlook Conference, Middleburg, VA, September 25, 2015
  • “Sharing Cybersecurity Threat Info With the Government -- Should You Be Afraid To Do So?,” Presentation at Johns Hopkins University 2nd Annual Cybersecurity Conference, Baltimore, MD, September 10, 2015
  • “Crypto Wars 2.0: How Should The U.S. Balance Privacy and National Security?,” Information Technology and Innovation Foundation Panel, Washington, DC, March 12, 2015
  • “Cyber Vigilante or Self Defense?,” RSA Conference, San Francisco, CA February 24, 2014
  • “The Year of Location Privacy?,” RSA Conference, San Francisco, CA, March 1, 2013
  • “Cybercrime: The Identity Theft Enforcement and Restitution Act, and Beyond,” RSA Conference, San Francisco, CA, April 23, 2009
  • “Three Rules of Data Security,” Hispanic National Bar Association Continuing Legal Education meeting, Washington, D.C., October 15, 2005
  • “The FBI’s Encryption Backdoor Proposal -- We’ve Seen This Movie Before,” Information and Innovation Foundation briefing, Washington, DC, March 12, 2005
  • “Historical Perspective on Encryption,” Senate Staff Briefing, Washington, DC, December 18, 2004
  •  “Cyber Security – The Right Way,” Center for Strategic and International Studies Forum, January 2004
  • “Cyber Security Regulation is Here!,” RSA Security Conference, April 15, 2003
  • “Cyber Security: What Consumers & Government Should Do,” FTC Consumer Information Security Workshop, May 20, 2002
  • “The Right Way to Promote Cyber Security,” RSA Security Conference, February 19, 2002