Ask Our VP of Compliance: February 2021

“A Basic Breakdown of Jurisdiction in the US Legal System”


The US legal system is complex. There are Federal, State, and local laws and regulations.


Federal Laws and Regulations  – (a) MAY apply to all companies operating within the boundaries of the United States, and (b)  constitute the main body of regulatory cybersecurity law within the US.


State Laws and Regulations – (a) MAY apply to companies operating within the bounds of  a particular State, and (b) constitute a minority of the regulatory cybersecurity laws, BUT (c) constitute the majority of law regarding PERSONAL suits against companies who have had cybersecurity breaches.


BE ADVISED – Just because your company is not located within the borders of the US does not necessarily mean that your company is exempt from these laws and regulations.


Whether a company falls under the jurisdiction of a foreign country is always a complicated question, and requires legal research into the matter on a case by case basis.


Jurisdiction generally – For our purposes there are two types of jurisdiction we should be a little familiar with:  (a) personal jurisdiction, and (b) subject matter jurisdiction.


  1. Personal Jurisdiction – This means that a particular court or enforcement entity has the ability to hear or enforce a case against your company because there is a connection with your company and the US or a particular State within the US.
  2. Subject Matter Jurisdiction – This means that a particular court or enforcement entity has the ability hear or enforce a case against your company because a government granted it authority to hear and/or enforce the kind of law or regulation your company violated.


Violating a law or regulation can have severe financial consequences for your company, and determining which laws and regulations apply should not be left to guesswork. Digital Edge can assist you in determining which Federal and State laws are applicable to your company.

Was this article helpful?
Keith J. Barry, Esq.
VP of Compliance

Keith J. Barry joined Digital Edge in 2013. Keith possesses a BA in Computer Science, a Juris Doctor degree from Brooklyn Law School, as well as several industry certifications including AWS Cloud Architect, CompTIA Network+, and CompTIA Server+. His career has mirrored his diverse interests, and Keith has experience on the technical side as a senior systems administrator, and on the legal/business side as an attorney and cybersecurity compliance officer.

Let's talk: +1 (718)-370-3353

Speak to a specialist