Skip to Content

Jacob T. Tewes


Jacob bridges gaps between law and technology.

Jacob knows that every new client brings a unique and diverse set of needs to each engagement. Some need a firm negotiator who understands their unique operations and interests. Others need a calm advisor to help them respond to a risk, conflict or emergency. All of them want to walk away feeling informed and prepared. Jacob gets to know his clients, exceeds their expectations and teaches them along the way.

Jacob is a Certified Information Privacy Professional (CIPP/US) and member of the Firm’s Privacy and Data Security Practice Group, where he focuses on cybersecurity, data privacy and emerging technologies. He regularly helps companies respond to local, national and international data breaches. More importantly, he helps clients leverage policies, standard agreements and operational practices to reduce and mitigate risks. Jacob lectures frequently on GDPR, especially its extraterritorial application to U.S. and multinational companies. 

Jacob is also a member of the firm’s Tech Transactions Practice Group, where he uses his LL.M. in Space, Cyber, and Telecommunications Law to help clients navigate complicated legal and technical landscapes. He regularly drafts and negotiates software licenses, supply chain agreements and complex transactions in regulated areas such as healthcare and financial services. Jacob particularly enjoys working at the intersection of these practice groups, where he helps his clients turn information assets into valuable services and insights while mitigating privacy and data security risks.

As a certificated private and remote pilot, Jacob is uniquely familiar with drones and the unique legal challenges faced by commercial drone operators in the U.S. He worked extensively on data security, privacy and physical security risks related to drones and counter-drone technology within his LL.M. and has lectured on drone law for law schools, state bar associations and others. Jacob is a member of the ABA Forum on Air & Space Law, as well as its Drone Law, General Aviation and Space Law Committees.

  • "Death, Taxes & Data Breaches," Nebraska Banker, May/June 2018 Edition, p. 12 (author) 
  • "Junhong: Aviation, Admiralty, and Space Pirates," The Air & Space Lawyer, Vol. 29, June 2, 2016 (author)
  • “Flytenow v. FAA: Perez and the Uber Problem,” ABA Young Lawyers Division - Administrative Law and Regulatory Practice Newsletter, Winter 2016 (author)
Speaking Engagements
  • “GDPR: Extraterritoriality,” Kutak Rock Annual Finance Seminar, December 2018 (CLE instructor)
  • “Drone Law 101,” Nebraska State Bar Association Annual Meeting, October 2018 (CLE instructor)
  • “GDPR: 6 Month Update,” Nebraska State Bar Association Annual Meeting, October 2018 (CLE instructor)
  • "GDPR: 4 Month Update," Nebraska Cybersecurity Conference, September 2018 (CLE Instructor)
  • "Evaluating Cyber Security Risks and Cyber Preparedness for Organizations," The Knowledge Group Webinar, May 2018 (co-presenter) 
  • "Air Law," University of Nebraska College of Law (Drone Law), March 2018 (guest lecturer)
  • "The Legal Environment of Business," Doane University, Fall 2017 (adjunct professor)

  • Advised healthcare providers and vendors regarding new product and service lines affected by HIPAA, HITECH, FDA guidelines, and other regulations.
  • Advised other clients on legal risks and solutions relating to new product and service lines that touched emerging technologies such as biometric authentication, blockchain use cases, cloud computing, artificial intelligence, unmanned aircraft systems (UAS), counter-UAS technology, and beyond visual line-of-sight UAS operations.
  • Advised a large U.S. employer regarding its implementation of biometric employee authentication programs.
  • Advised a global data analytics and software development company through transition to NIST Framework-compliant information security program.
  • Advised clients on changes to popular data analytics and mobile app development platform terms of use that necessitated prospective and retrospective changes to those clients’ customer-facing agreements.
  • Assisted litigation teams with technologically complex issues related to the Electronic Communications Privacy Act (ECPA), Stored Communications Act (SCA), Computer Fraud and Abuse Act (CFAA), and other statutory and regulatory frameworks.
  • Audited organizational compliance with laws, regulations, orders, and internal policies relating to cybersecurity and data privacy.
  • Drafted and negotiated information security agreements between hospital system and vendors to improved vendor management posture for major healthcare provider.
  • Drafted and negotiated joint marketing and other data sharing agreements across financial, healthcare, and other industries.
  • Drafted and negotiated master agreements for software development company deploying blockchain and biometric identifier authentication structures.
  • Drafted and negotiated non-disclosure and confidentiality agreements for major private equity firm.
  • Drafted and negotiated telecommunications agreements for major financial services and healthcare providers
  • Drafted and negotiated a wide variety of hardware development, integration, and acquisition agreements.
  • Drafted and negotiated intellectual property transfers and licenses.
  • Drafted and negotiated agreements for consulting and other professional services.
  • Oversaw data breach analyses and responses for small, mid-sized, large, and multi-national companies affected by all fifty state data breach notification laws, U.S. industry-specific laws including HIPAA and GLBA, and international frameworks including GDPR.
  • Performed due diligence for mergers & acquisitions, vendor and supplier agreements, and other corporate transactions.
  • Prepared trademark searches, applications, and responses
  • Prepared privacy policies, terms of use, EULAs, and other website-related policies and agreements for e-commerce platforms, e-learning platforms, SaaS, PaaS, and IaaS providers, software developers, and other entities subject to a variety of state, federal, and international regulations including CalOPPA, California’s Shine the Light law, state-level cybersecurity statutes and regulations, COPPA, the FTC Act, GDPR, and others.