- California
David Berger
David Berger represents consumers in class action lawsuits with a special emphasis on data breach, privacy, and financial services litigation. He currently serves as court-appointed co-lead counsel in matters including In re: MGM Customer Data Sec. Litigation (D. Nev.); In re: Equifax, Inc. Fair Credit Reporting Act Litigation (N.D. Ga.); In re: Sequoia Benefits and Insurance Data Breach Litigation (N.D. Cal.); and In re US Fertility LLC Data Security Litigation (D. Md.).
With broad technical and IT expertise, David is widely regarded as a leader in the emerging fields of data breach and privacy law. His substantive technical knowledge ranges from hacking techniques and cybersecurity controls to industry standard IT practices, information security frameworks, and auditing processes. This unique background positions him to understand and sift through the relevant technical aspects of a case, competently interface with corporate IT executives, and negotiate settlement agreements that incorporate meaningful changes to business practices, all of which are critically important to ensure consumers’ data is appropriately protected.
Wonderful experience with everyone at Gibbs Law Group! Kept me in the loop as the case was progressing and were always available and willing to answer any questions.
- Elizabeth D.
[David Berger has] especially strong expertise in handling data breach class action litigation.
- United States District Judge, Northern District of California
admissions−
awards+
Super Lawyer, Northern California Super Lawyers, 2021-2024
Rising Star, Northern California Super Lawyers, 2016-2018
Certificate of Recognition, American Association for Justice, 2022
education+
- J.D., Northwestern University School of Law, 2008
- B.A., University of Wisconsin, Madison, 1998
memberships+
- American Association for Justice’s Consumer Privacy and Data Breach Litigation Group (Former Chair)
- Member, Sedona Conference’s Working Group on Data Security and Privacy Liability
- Co-Chair, Sedona Conference’s WG11 Brainstorming Group “Exploring Greater Efficiencies in Data Breach and Privacy Class Action Litigation”
- National Civil Justice Institute
Presentations & Articles+
Cybersecurity Issues Affecting Health Benefit Plans
U.S. Department of Labor, Advisory Council on Employee Welfare and Pension Benefit Plans
July 20, 2022
Internet Data Accumulation and Protection
Pound Civil Justice Institute, The Internet and the Law: Legal Challenges in the New Digital Age
November 6-7, 2021
Facial Recognition Technology Bans
The Sedona Conference, Annual Meeting of Working Group 11 on Data Security and Privacy Liability
April 14-15, 2021
Privacy and Data Breach Class Actions
Western Alliance Bank Class Action Law Forum 2020
March 4-5, 2020
Communicating With The Class
Class Action Mastery Forum
January 2019
Hot Topics in Consumer Class Actions Against Insurers: Filed Rate Doctrine, Standing, and Reverse Preemption of RICO Claims
Sacramento California Insurance Regulation and Litigation Seminar, Clyde & Co.
March 2018
Winning strategies in privacy and data security class actions: the plaintiffs' perspective
Berkeley Center for Law & Technology, Boalt Hall School of Law
January 2017
Don’t be Spokeo’d: What You Need to Know in Litigating Data Breach Cases (from breach to remedies)
ABA Business Law Section Annual Meeting
September 2016
Developments in ‘E-Commerce’ Class Actions and Privacy Law
Perrin Class Action Litigation Conference
May 2016
Data Breach Class Action Litigation
Mass Torts Made Perfect Conference
April 2016
Defenses in Data Breach Litigation and Cases Against Responsible Third Parties
HB Litigation Data Breach and Privacy Litigation Conference
February 2016
Pleading and Litigation Consumer Data Breach Cases
Consumer Attorneys of California Hawaii Travel Seminar
December 2015
Involved in Largest Nationwide Data Breach and Privacy Cases
David also has represented victims in some of the largest and most influential data privacy and security cases, including litigation against Equifax, Anthem, Vizio, Adobe, Banner Health, and Excellus BlueCross BlueShield. David has repeatedly obtained record-breaking settlements on behalf of his clients, including in the Equifax and Anthem data breach cases, which set successive records for the largest data breach settlement in history.
Equifax: Due to his technical experience, he played a significant role in the Equifax settlement negotiations, winning an historic $1.5 billion on behalf of 147 million consumers whose Social Security numbers and other private data were exposed in a 2017 breach.
Anthem: In the Anthem Data Breach case, David led a team of 40 attorneys tasked with demonstrating the flaws in Anthem’s cybersecurity. In just 6 months, Plaintiffs reviewed millions of pages of documents and took or defended 200 depositions. David then led the injunctive relief negotiations, obtaining hundreds of millions of dollars in improved security controls to protect class members’ data.
Outside of his litigation experience, David is an active member of the class action legal community. He is the former chair of the American Association for Justice’s Consumer Privacy and Data Breach Litigation Group. He is also an active member of The Sedona Conference’s Working Group on Data Security and Privacy Liability, which identifies and comments on trends in data security and privacy jurisprudence to move the law forward in a reasoned and just way. David was a member of The Sedona Conference’s Biometric Security Brainstorming Group, and was recently selected to be a part of the Breach Notification Statutes Brainstorming Group. David also is frequently invited to present at conferences and symposia on information security and privacy issues and consumer class actions.
Litigation Highlights
In re Equifax, Inc. Customer Data Security Breach Litigation
In securing what was described by the court as “the largest and most comprehensive recovery in a data breach case in U.S. history by several orders of magnitude,” David played an integral role by negotiating key business practice changes including overhauling Equifax’s handling of consumers’ personal information and data security and requiring that the company spend at least $1 billion for data security and related technology over five years in addition to comprehensive technical and governance reforms.
In re Anthem, Inc. Data Breach Privacy Litigation
Key member of the litigation team representing interests of plaintiffs and putative class members following massive data breach of approximately 80 million personal records, including names, dates of birth, Social Security numbers, health care ID numbers, email and physical addresses, employment information, and income data.
In re Banner Health Data Breach Litigation
Key member of the litigation team representing up to 3.7 million people whose personal health and other sensitive information were exposed in a large-scale 2016 data breach. Played instrumental role in negotiating terms of the settlement, including two years of credit monitoring protections, cash payments for each class member up to $10,000, and robust changes to future business practices.
In re Equifax, Inc. Fair Credit Reporting Act Litigation
Court-appointed Interim Co-lead counsel in ongoing litigation against Equifax related to the company reporting inaccurate credit information on approximately 2.5 million Americans who applied for mortgages, loans, and credit cards between March 17 and April 6, 2022.
Smallman v. MGM Resorts International
Interim Co-lead Counsel in ongoing litigation against MGM, following the 2020 data breach in which the personal data of 10.6 million MGM customers was stolen and posted on underground hacking forums.
In re Sequoia Benefits Data Breach Litigation
Court-appointed Interim Class Counsel in ongoing litigation against Sequoia Benefits regarding the 2022 data breach which exposed and compromised the sensitive information of numerous employees, including Social Security numbers, member IDs, and wage data.