Class Action Defense - Privacy and Data Protection

Overview

"Baker[Hostetler] has a rare combination of industry leading expertise of privacy and data security law and highly skilled litigators. More importantly, they are excellent strategic thinkers in an area of law that is very unclear."

– This comment appears on the U.S. News & Best Lawyers "Best Law Firms" website at bestlawfirms.usnews.com

Our Privacy and Data Protection team is highly skilled in providing swift and effective data breach responses, having handled some of the largest incidents in the financial services and healthcare industries. Recognizing that data breach litigation is on the rise, we strategically guide clients through the critical moments from the first discovery of a breach through remediation and response, with an eye on mitigating liability and avoiding class actions.

In the event a class action is filed, our team, with hands-on experience obtained in the trenches of breach response, joins forces with the litigators in our Class Action Defense team, who are proficient in the procedural aspects of class action matters and come armed with a stockpile of proven defense tactics. Seamlessly coordinating with the crisis response team, our litigators have the advantage of knowing the case inside and out from its inception and act as trusted advisors to our clients throughout class action defense proceedings.

Our National Privacy and Data Protection team is ranked in the 2017 edition of Chambers USA: America’s Leading Lawyers for Business and five Class Action Defense team members are ranked as leaders in litigation.

Select Experience

  • Defending Schnucks Markets, one of the largest privately held supermarket chains in the country, in six class actions and one individual action related to a payment card data breach in state and federal courts in Missouri and Illinois.
  • Obtained dismissal of a class action suit against KeyBank, the member bank sponsoring Heartland Payment Systems, a card transaction processor that experienced a data breach. The lawsuit was filed by payment card issuers for possible exposure of confidential data connected to as many as 130 million MasterCard and Visa cards resulting from the breach.
More »

Experience

  • Defending Schnucks Markets, one of the largest privately held supermarket chains in the country, in six class actions and one individual action related to a payment card data breach in state and federal courts in Missouri and Illinois.
  • Obtained dismissal of a class action suit against KeyBank, the member bank sponsoring Heartland Payment Systems, a card transaction processor that experienced a data breach. The lawsuit was filed by payment card issuers for possible exposure of confidential data connected to as many as 130 million MasterCard and Visa cards resulting from the breach.
  • Representing Eisenhower Medical Center, an acute care hospital, in a potentially precedent-setting putative class action that is one of the first attempts to apply the California Confidentiality of Medical Information Act to a data breach incident.
  • Representing South Broward Medical District DBA Memorial Healthcare System in a putative class action arising from alleged unauthorized access to patient information by employees.
  • Representing Sentara Healthcare in a putative class action following the theft of a desktop computer containing medical information.
  • Representing Advocate Health in the defense of class actions arising from a breach involving four million patients, making it the second largest HIPAA breach ever recorded. Defending against a variety of claims based primarily on the allegation that Advocate insufficiently secured its patients’ personal information, including negligence, breach of express and implied contract and invasion of privacy.
  • Defending a putative class action seeking damages for Vistaprint’s use of cookies in its website in the Circuit Court of Maries County, Missouri.
  • Defending LivingSocial Inc. in a consumer class data breach litigation following a cyber-attack that exposed the personal information of its 50 million users.

Recognition

  • Chambers USA: Litigation
    • Litigation: General Commercial (Ohio) – Band 2 (2019)
    • Litigation: General Commercial (Colorado) – Recognized (2019)
    • Retail: National – Recognized (2019)
  • Chambers USA:
    • Paul Karlsgodt – Litigation: General Commercial (Colorado), Band 4 (2019)
    • Daniel Warren – Litigation: General Commercial (Ohio), Band 2 (2019)
    • Ernest Vargo – Litigation: General Commercial (Ohio), Band 4 (2019)
  • Law360: Class Action "Practice Group of the Year" (2014)
  • LA Daily Journal: Top Appellate Reversals of 2014
  • Best Lawyers in America® 2018:
    • Rodger Eckelberry
    • Joseph Ezzie
    • Mark Johnson
    • Richard Knoth
    • Jerry Linscott
    • George Tzanetopoulos
    • Ernest Vargo
    • Daniel Warren
  • Corporate Counsel® magazine guide to in-house law departments: "Go-to Law Firm" for litigation.
  • Recognized as one of the top law firms for client service, BakerHostetler was named to the 2020 BTI Client Service 30 for the sixth consecutive year.

Publications

Alerts

Blog

In The Blogs

Previous Next
Data Privacy Monitor
California AG Press Release Clarifies CCPA's Jan. 1 Effective Date and Data Broker Registry, Provides No Update on Draft Regulations
By Kyle R. Fath
January 14, 2020
On Jan. 6, 2020, the California attorney general (AG) released a CCPA advisory press release outlining the new data privacy rights under the California Consumer Privacy Act (CCPA) afforded to California consumers and clearly stating that...
Read More ->
Data Privacy Monitor
Cybersecurity Remains a Top SEC Examination Priority in the New Decade
By Jonathan A. Forman
January 10, 2020
It may be a new decade, but the focus of the Securities and Exchange Commission (SEC) on cybersecurity has not shifted. In particular, the SEC noted in its 2020 Examination Priorities that the Office of Compliance Inspections and...
Read More ->
Data Privacy Monitor
Steps to Develop a Mature Third-Party Risk Management Program With High-Risk Third Parties
By Daniel A. Pepper
January 10, 2020
This blog is the first in a series exploring how organizations can prevent or mitigate the severity of a third-party data breach or cyber exploit by implementing a variety of cybersecurity risk management controls such as assessing...
Read More ->
Data Privacy Monitor
Is the CCPA's Private Right of Action Provision Retroactive?
By Sean B. Solis
January 9, 2020
With the California Consumer Privacy Act (CCPA) – the strictest privacy law in the nation – now in effect, an important question for businesses to consider is whether it applies to conduct that occurred prior to the law’s effective date of...
Read More ->
Data Privacy Monitor
Hoping for a New Year's Resolution: Clarity on the Sale of Personal Information of California Minors
By Carolina A. Alonso, Alan L. Friel
January 9, 2020
Those who keep an eye on privacy laws may be familiar with how monumental the Children’s Online Privacy Protection Act (COPPA) was when it first became effective in 1998. COPPA requires online services that directly target children under...
Read More ->