Gregory T. Parks

Greg’s work in the privacy space includes compliance and implementation consulting for more than 500 companies on laws such as the California Consumer Protection Act (CCPA), the Virginia Consumer Data Protection Act (VCDPA), the Colorado Privacy Act (CPA), the Connecticut Data Privacy Act (CTDPA), the European General Data Protection Regulation (GDPR), the state data breach notification laws, the Fair Credit Reporting Act (FCRA), the FTC Red Flags rule, PCI-DSS mandates for credit card security, CAN-SPAM marketing email laws, the Telephone Consumer Protection Act (TCPA), FinCEN and other anti–money laundering rules, the Children’s Online Privacy Protection Act, the Massachusetts Data Security Regulations, and a myriad of other global, federal, state, and local privacy laws.

With more than 20 years of experience with the unique problems and challenges facing retailers, Greg counsels these clients through consumer class actions, real estate litigation, privacy and data security concerns, product and premises liability cases, and similar issues. His operational and compliance counseling involves matters arising from credit cards, gift cards, employee background checks, anti–money laundering plans, advertising and sales, data collection and privacy, and loyalty, layaway, and shoplifting prevention programs. 

In the aftermath of data security incidents—he’s advised on more than 2,000 in his career—Greg helps clients craft immediate responses. He counsels them on how best to give notice to affected individuals or government and consumer reporting entities, following proper compliance protocol while keeping brand and public relations issues front of mind. He also represents these companies on any class action and other litigation or investigations stemming from the incidents, and instructs them on implementing policies and procedures to prevent and mitigate future breaches.

Results may vary depending on your particular facts and legal circumstances

• Managed more than 2,000 data security incidents, including determining and executing notification requirements, assisting clients with investigative and remedial actions, pursuing cost recoveries against responsible parties, and handling any resulting litigation or government investigations, with these incidents ranging from a single compromised system involving just one individual’s information to massive data breaches involving thousands of systems and more than 100 million individuals’ information
• Resolved more than two dozen consumer and financial institution lawsuits arising from data security incidents for less of the cost of defense for clients in the retail, ecommerce, financial, medical, and insurance industries 
• Obtained complete defense verdict in consumer class action trial for a major national retailer under California’s gift card redemption law in which the plaintiff class sought more than $30 million; obtained affirmance of the verdict on appeal
• Defended on appeal a motion to compel arbitration for a major ecommerce retailer
• Obtained defense verdict in a 6-week jury trial of a premises liability case at a major retailer’s flagship New York store in which the Plaintiff sought $25 million
• Obtained $6.4 million jury verdict and judgment for a venture capital company that sold its interest in a number of related companies and then faced an indemnity / escrow claim from the purchaser
• Obtained complete indemnity from a supplier for a Top 10 retailer against an $80 million claim for alleged violations of the Fair Credit Reporting Act in the conduct of criminal background checks
• Argued motions to dismiss or settled more than a dozen lawsuits under the Fair and Accurate Credit Transactions Act (FACTA) for information printed on credit card receipts provided by retail companies at the point of sale
• Obtained favorable settlements of more than 50 consumer class actions, in which the costs of the settlement were less than 20% of the liability or costs of defense the company faced
• Obtained motion to dismiss a claim under the Fair Credit Reporting Act by successfully arguing that the source of a criminal background check was not a consumer reporting agency
• Obtained complete indemnity for three retailers accused of using illegal technologies on their ecommerce websites to track website visitors
• Obtained motions to dismiss or convinced Plaintiff’s lawyers not to bring more than 20 lawsuits accusing retailers of collecting information at the point of sale in credit card transactions that is prohibited by state law
• Obtained  settlement of allegations of systemic pricing inaccuracy by a major retailer across the state of California
• Obtained $3.6 million judgment in favor of a retailer against a shopping center landlord who failed to carry out various development obligations
• Secured motion to dismiss a trademark infringement and license dispute on behalf of the holder of a world-famous trademark
• Secured motion to dismiss an $80 million claim against a Trustee in a mortgage securitization
• Obtained $25 million judgment in a bench trial arising from acquisition of sub-prime mortgage assets

Results may vary depending on your particular facts and legal circumstances.