Michelle Schaap practices cybersecurity and corporate law. Within corporate law, she primarily practices in construction, franchising and renewable energy – representing a varied client base that ranges from Fortune 500 companies to closely-held businesses.

Combining her technology and corporate experience, Michelle has spearheaded and developed CSG’s cybersecurity practice. She regularly advises clients on cybersecurity preparedness, counsels clients when data security incidents arise and trains companies on best practices for security procedures addressing both their business operations and their customers’ concerns. Michelle assesses her clients’ risk management practices and security incident preparedness to develop a proactive response and recovery plan enacted to recover from security breaches. Additionally, Michelle works with clients in contract review, drafting and negotiation in critical areas of privacy and security.

Michelle is a Certified Information Privacy Professional, awarded from the International Association of Privacy Professionals, with a concentration on U.S. private-sector law (CIPP/US) and is Co-Chair of the IAPP New Jersey KnowledgeNet Chapter. Ms. Schaap is an adjunct professor at Fordham University, teaching Privacy & Cybersecurity.

Within the construction industry, Michelle negotiates complex agreements – including construction management, architect and design-build agreements. Her extensive experience includes multimillion-dollar biotech research facilities, design-build agreements for amusement rides, and working with various clients to develop form agreements for planned expansion. Complementary to Michelle’s construction work is her experience negotiating solar facility agreements – including power purchase agreements and engineering, procurement and construction agreements.

Michelle works closely with both technology developers and companies seeking to acquire technologies – whether by custom development, license, subscription or otherwise. Michelle’s experience overseeing these transactions enhances efficiency and ensures that the agreement appropriately protects her clients. She educates her clients on potential risks and liabilities, and provides best practices to help manage and mitigate such exposure.

*Results may vary depending on your particular facts and legal circumstances.


  • Included in The Best Lawyers in America®, Privacy and Data Security Law (2020-2024)
  • Selected to the New Jersey Super Lawyers list, Technology Transactions (2024)
  • Recipient, New Jersey Women Lawyers Association, Women’s Initiative and Leaders in Law (WILL), Platinum Award (2024)
  • Recipient, J.G. Petrucci Company, Industry Leader Award (2024)
  • Included in NJBIZ, Leaders in Law, Privacy (2021)
  • Recipient, CIANJ, Best Practices Award (2019)
  • Included in New Jersey Law Journal, Top Women in the Law (2018)
  • Recipient, New Jersey Commission on Professionalism in the Law, Professional Lawyer of the Year Award (2017)
  • Included in NJBIZ, Best 50 Women in Business (2011)
  • Martindale-Hubbell AV® Rating

Award Methodology
*No aspect of this advertisement has been approved by the Supreme Court of New Jersey.


  • American Bar Association
  • American Bar Foundation, Fellow
  • Essex County Bar Association
  • International Association of Privacy Professionals, New Jersey KnowledgeNet Chapter Co-Chair
  • InfraGard, Member
  • New Jersey Business and Industry Association, Information Technology Committee (2016-2017)
  • New Jersey State Bar Association
  • New Jersey Women Lawyers Association, Past-Presidents Committee, 2022-2023; Nominations Committee, Co-Director, 2020-2022; President, 2018-2019; President-Elect, 2017-2018; Vice President, 2016-2017; Chief Financial Officer, 2015-2016; Co-Chief Operating Officer, 2013-2015
  • Women Presidents Organization
  • NJ LEEP, Mentor


  • Harvard in association with HarvardX (Certification on Cybersecurity: Managing Risk in the Information Age, 2020)
  • International Association of Privacy Professionals (Certified Information Privacy Professional, 2019)
  • Mitchell Hamline School of Law (Cybersecurity and Privacy Law Certificate, 2016)
  • New Jersey Institute of Technology (Certificate in Construction Management, 2009)
  • Rutgers University School of Law – Newark (J.D., 1987)
  • Cornell University (B.A., cum laude, 1984)


  • New Jersey


  • Negotiation of construction management agreements for a major retail center ($250 million)
  • Counsel clients on incident and breach response
  • Counsel clients on cybersecurity policies and procedures
  • Training clients on cyber-mindfulness
  • Non-technical risk assessments
  • Represents clients to develop incident response plans and conducts tabletop exercises
  • Negotiation of an agreement for fabrication and installation of major amusement rides ($35 million)
  • Contract audits for clients regarding cybersecurity and related undertakings
  • Website terms and conditions and privacy policies
  • Negotiation of a construction agreement for a performing arts center ($35 million)
  • Negotiation of leasing and power purchase agreements for solar power facilities
  • Negotiation of the sale of an independent website to a major publishing house ($3 million)
  • Acquisition by employees of a division of a publicly traded entity ($1.9 million)
  • Sale of a software developer to a major technology rollup entity ($60 million)
  • Licensing agreements
  • Development of construction-related form agreements for a real estate developer
  • Draft and negotiate website development and hosting agreements
  • Negotiation of non-disclosure and non-circumvention agreements

Prior to joining the firm, Michelle served as in-house counsel to Toys “R” Us, Inc. from 1991 to 1996. She also worked in Japan for several years as a foreign associate with the Tokyo-based firm of Hamada & Matsumoto (now Mori, Hamada & Matsumoto).

*Results may vary depending on your particular facts and legal circumstances.



ISACA New York Metropolitan Chapter: Navigating the Evolution – Unpacking NIST 2.0

May 23, 2024