Benesch, Friedlander, Coplan & Aronoff LLP Benesch, Friedlander, Coplan & Aronoff LLP
PeopleServices

Menu

  • People
  • Services
  • Resources
  • Locations
  • Careers
  • About
  • Contact
New Hampshire Joins Data Protection Trend, Passes Comprehensive Data Protection Law
  1. Services
  2. Litigation

Data Privacy & Security Litigation

Benesch’s Data Privacy & Security Litigation team defends companies in high-stakes litigation and enforcement actions across the U.S. We also regularly advise on risk mitigation strategies, help clients navigate the rising wave of privacy, cybersecurity and data breach challenges and guide them in responding to regulatory demands.

Benesch defends clients in some of the largest, most complex and significant privacy class actions and regulatory investigations in the country.

We routinely secure early dismissals, pre-litigation resolutions and favorable settlements with our team of DOJ policy architects, Certified Information Privacy Professionals and former federal cybercrime leaders leveraging our long-standing and effective working relationships with key decision-makers at regulatory agencies.

An Exceptional Interdisciplinary Team

Our interdisciplinary team, composed of lawyers from our firm’s Litigation, Data Privacy & Cybersecurity, Government Relations, Intellectual Property, Healthcare and Financial Services Practice Groups, brings deep experience across the full data lifecycle, from governance and regulatory compliance to breach response and litigation defense. Clients rely on us not only to manage crisis situations, but also to build sustainable data practices that reduce exposure and preserve business continuity.

Our lawyers also partner closely with clients across industries, including technology, communications, retail, financial services, energy, transportation, healthcare and government contracting. We take a proactive approach, helping clients design and strengthen security and privacy protocols, prepare for evolving regulatory requirements, and manage risk at every stage of the data lifecycle.

When litigation or agency proceedings advance, we bring strong advocacy and strategic insight to secure successful outcomes for our clients.

Key Services

We represent clients in proceedings before federal courts, state courts, regulatory agencies (including the FTC, DOJ, SEC, DOD, HHS and state attorneys general), in congressional inquiries and hearings, and before international agencies, including the EU data protection authorities. Whether the issue is a large-scale data breach, an intrusive government demand for information or litigation under biometric, wiretap or data marketing statutes, we deliver thoughtful, business-aligned strategies with a record of success. Our team regularly handles:

  • Defense of privacy and cybersecurity class actions
  • Data breach and ransomware incident response and litigation
  • Government and regulatory investigations
  • Enforcement defense before federal agencies and state AGs
  • Counseling on pre-litigation and pre-enforcement strategies
  • Policy development and risk management for data governance
  • Privacy audits, tabletop exercises and compliance training
  • Internal investigations, whistleblower response and document handling

Extraordinary Regulatory Experience

Our team’s extensive real-world experience means we are deeply familiar with the intricate evolving framework of data protection laws, regulations and enforcement practices.

We routinely advise clients on compliance and litigation related to:

  • California Consumer Privacy Act (CCPA) and California Invasion of Privacy Act (CIPA)
  • Children’s Online Privacy Protection Act (COPPA)
  • Computer Fraud and Abuse Act (CFAA)
  • Electronic Communications Privacy Act (ECPA), Wiretap Act and Stored Communications Act
  • Federal Trade Commission Act, CAN-SPAM, FERPA, FCRA, GLBA, VPPA and other laws
  • General Data Protection Regulation (GDPR)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Illinois Biometric Information Privacy Act (BIPA)
  • Payment Card Industry Data Security Standards (PCI DSS)
  • Telephone Consumer Protection Act (TCPA)

We also address multistate regulatory issues and support companies in adapting to new state privacy laws, workplace privacy statutes, data transfer restrictions and litigation risks related to marketing, surveillance and biometrics.

In a time of aggressive enforcement and increasing litigation risk, Benesch delivers the litigation strength, regulatory insight and business-focused strategy needed to navigate our clients’ most sensitive data challenges.

Our Work in Action – Representative Examples

  • Defended dozens of retailers against claims brought under the federal Wiretap Act and California’s Invasion of Privacy Act (CIPA) concerning the alleged recording of chat conversations, use of session replay technology, and use of the Facebook Pixel.
  • Represented a company in claims involving alleged cybersquatting, violations of the Anticybersquatting Consumer Protection Act, and false designation of origin.
  • Obtained dismissal of a VPPA class action by establishing that the videos at issue, implicated by the use of the Facebook “Meta Pixel,” were publicly available and did not require a subscription to access.
  • Represented multiple defendants in class action lawsuits alleging violations of the Florida Consumer Collection Practices Act (FCCPA) for sending customer contact emails between 9:00 p.m. and 8:00 a.m.
  • Developed policies and procedures for a nationwide business to comply with the FCRA and state analogs in connection with employment-related background checks.
  • Defended a corporation in a nationwide class action involving alleged violations of the FCRA’s disclosure and adverse action requirements.
  • Serving as national TCPA and privacy counsel to one of the country’s largest dispensary software platforms.
  • Currently representing a major financial services provider in connection with negotiating transactions involving information systems, software license agreements, and related technology transactions, for example, with AT&T, AWS, Ernst & Young, Fastly, Google, IBM, and SailPoint.
Key Contacts
  • Timothy M. Frey
    Litigation
    Chicago
  • David M. Krueger
    Litigation
    Cleveland
  • Ryan T. Sulkin
    Intellectual Property
    Chicago
  • Michael Vatis
    Litigation
    New York

View full team

  • Litigation
  • Intellectual Property
  • Data Privacy & Cybersecurity
Data Breach Hotline
24/7
Articles and Presentations
May 12, 2025
Ubisoft Win Offers Defense Blueprint for VPPA Consent Challenges
January 19, 2024
New Jersey Passes Comprehensive Data Protection Law, Adding to Quickly Growing List of States with such Laws on the Books
May 1, 2023
Montana and Tennessee Join the Fray Enacting Omnibus Data Protection Laws as U.S. State Data Protections Pick Up Pace

View all

News
April 16, 2025
Benesch Partner David Krueger Quoted in Privacy Daily on Split Circuit Decisions on Video Privacy Law
April 20, 2023
Benesch Welcomes Michael Vatis as Partner in New York, Expands Privacy & Cybersecurity Practice
August 25, 2021
Benesch Launches Multi-Disciplinary Data Protection Practice to Meet Clients at the Intersection of Global Tech and Data

View all

  • 2025 Benesch
  • Disclaimers
  • Privacy Policy
  • Related Sites
  • GDPR Statement
  • Terms
  • Client Payment Portal
  • Careers
Twitter
Facebook
LinkedIn