David P. Saunders (CIPP/US, CIPM) is an experienced litigator who focuses his practice on privacy and cybersecurity matters. David helps clients through the life cycle of their data privacy needs. He helps them mitigate and manage risks related to data privacy and cybersecurity by assisting their government affairs teams with the development of new privacy legislation, their legal and compliance teams through the implementation of privacy programs, and their litigation teams through regulatory investigations and civil class action litigations.
David has represented dozens of companies across industries in connection with civil litigation and pre-suit demands related to a wide-array of privacy-related litigation. Whether related to website tracking technologies, fallout from a data breach, biometric data collection, or claims of unfair and deceptive trade practices, David has experience successfully resolving litigation matters for clients.
David has worked with a number of state attorney general’s offices and federal regulators, and advocated on behalf of clients in the AdTech, telecommunications, healthcare, and financial services sectors in response to routine inquiries as well as civil investigations. His work also includes collaborating with clients to provide testimony and comment on existing and planned data privacy legislation and regulation at the state and federal levels.
David has experience in all aspects of privacy program implementation, from conducting risk assessments and drafting privacy policies to planning around cross-border data transfers and negotiating vendor agreements. He regularly counsels on GDPR, GLBA, CCPA, CAN-SPAM, and the growing list of state privacy laws and regulations. David also regularly performs due diligence for corporate transactions.
David maintains an active pro bono practice, having represented inmates in various actions in state and federal courts, and providing privacy program development, counseling, and training to nonprofits.