About the IAPP

Following eleven and a half years as a federal attorney with the U.S. Department of Justice and the Federal Trade Commission, Paul H. Luehr is now managing director of Stroz Friedberg, LLC. Luehr manages the operations of the firm's office in Minneapolis. Luehr has supervised numerous computer forensic, computer crime and electronic discovery matters. He has overseen several investigations into trade secret thefts and has pioneered cases involving database forensics, in which the data from enterprise Oracle, Sequel and Access databases must be extracted, preserved, authenticated and interpreted in electronic discovery and regulatory matters. He has used his deep regulatory expertise to assist outside counsel in presenting the results of forensic analyses to state and federal consumer protection regulators, including in cases involving alleged violations of Do Not Call rules and cases in which digital rights management (DRM) software is alleged to have violated trade practices and spyware laws. Luehr is an expert on spyware and phishing technology and privacy law, and has been retained by the FTC, state prosecutors and private companies to assess specific software, track potential offenders or provide identity theft training. Twice, he has testified before the Minnesota Legislature on proposed phishing and identity theft statutes. Luehr has also rendered consulting advice in support of litigations involving trademark infringement, patent infringement and online advertising, at times acting as an expert witness.



Luehr served as computer and telecommunications coordinator in the U.S. attorney's office in Minnesota from 2000 to 2004. In that capacity, he conducted and supervised investigations and prosecutions of computer intrusions, e-mail threats and extortion, terrorism, Internet auction fraud, online identity theft and phishing schemes, web hosting fraud, software piracy, criminal trademark infringement and the manufacturing and transmission of child pornography. Among his notable cases, Luehr prosecuted: the hacking of corporate computers owned by department store retailer Saks, Inc.; extortionate e-mail demands of $2.5M made against Best Buy Co.; the billing of $340,000 in fraudulent credit card charges to web hosting clients; and the sale of stolen software through eBay. Working with other federal districts, Luehr supervised the search and arrest of the Blaster Worm B virus writer in Minnesota, and immediately following September 11, 2001, he oversaw the initial investigation into computer evidence related to convicted terrorist Zacarias Moussaoui. Apart from prosecuting cases, Luehr served as a member of the U.S. Internet and Telemarketing Fraud Task Force, the Justice Department's CTC Working Group and the Anti-Spam Task Force. He was also selected to travel abroad as a U.S. State Department speaker, lecturing on e-commerce and cybercrime to Southeast Asian officials and companies.



Prior to joining the U.S. attorney's office in Minneapolis, Luehr was assistant director of marketing practices at the Federal Trade Commission in Washington, DC, where he supervised the agency's Internet fraud program. In that role from 1998 to 2000, he chaired the agency's Internet Coordinating Committee, helped manage a 50-person division and supervised federal court litigation against Internet schemes such as website cramming and page jacking. In one case, Luehr initiated and later supervised an investigation into an online credit card scheme that bilked thousands of consumers out of more than $43M.



Luehr graduated magna cum laude from Harvard University and received his law degree from UCLA. Before entering the legal profession, he worked for Louis-Dreyfus Corporation as a domestic and international commodities trader.