David P. Saunders (CIPP/US, CIPM) is an experienced litigator who focuses his practice on privacy and cybersecurity matters. David helps clients mitigate and manage risks related to data privacy and cybersecurity, from counseling on compliance with privacy regulations and managing data incident responses, to navigating regulatory investigations and handling biometric and other privacy-related litigation.
David works collaboratively with a diverse range of clients, from small business and pro bono clients to multinational Fortune 100 companies, understanding and advising on their data practices to provide guidance on the myriad issues that arise in today’s digital world.
Additionally, David has experience conducting risk assessments, developing privacy programs, drafting privacy policies, performing due diligence for corporate transactions, negotiating vendor agreements and working with clients through data incident response. He regularly counsels on HIPAA, HITECH, GLBA, CCPA and state law privacy obligations, including engaging with key rulemakers at the state level to advance clients’ interests. He has litigated and helped resolve matters related to data privacy and cybersecurity issues, including navigating potential and actual regulatory investigations.
David has successfully worked with a number of state attorney general’s offices and federal regulators, and advocated on behalf of clients in the telecommunications, consulting and financial services sectors whether in response to routine inquiries or in response to reported data incidents. This work has included collaborating with clients to provide testimony and comment on existing and planned data privacy legislation at the state and federal levels and respond to investigations and inquiries by state AGs and federal regulators.
David maintains an active pro bono practice, having represented inmates in various actions in state and federal courts, and providing privacy program development, counseling and training to non-profits.
Do not send any information or documents that you want to have treated as secret or confidential. Providing information to McDermott via email links on this website or other introductory email communications will not create an attorney-client relationship; will not preclude McDermott from representing any other person or firm in any matter; and will not obligate McDermott to keep confidential the information you provide. McDermott cannot enter into an attorney-client relationship with you until McDermott has determined that doing so will not create a conflict of interest and until you and McDermott have entered into a written agreement or engagement letter that sets forth the terms of our relationship.