Douglas H. Meal

Partner

  • MALD, The Fletcher School of Law and Diplomacy, 1981
  • JD, cum laude, Harvard Law School, 1980; Notes and Comments Editor of the Harvard International Law Journal
  • BA, summa cum laude, University of Pennsylvania, 1976

Bar Admissions

  • New York, 1983
  • Massachusetts, 1980

Court Admissions

  • U.S. District Court for the District of Massachusetts
  • U.S. District Court for the Southern District of New York
  • U.S. District Court for the Eastern District of New York
  • U.S. District Court for the Western District of New York
  • U.S. District Court for the Northern District of New York
  • U.S. Court of Appeals for the First Circuit
  • U.S. Court of Appeals for the Second Circuit
  • U.S. Court of Appeals for the Fourth Circuit
  • U.S. Court of Appeals for the Fifth Circuit
  • U.S. Court of Appeals for the Seventh Circuit
  • U.S. Court of Appeals for the Eleventh Circuit
  • U.S. Court of Appeals for the District of Columbia Circuit
  • Honorable Robert J. Ward , U.S. District Court for the Southern District of New York (1980 - 1982)

Douglas H. Meal

Partner

Seasoned trial lawyer Doug Meal represents companies in complex transaction-related disputes arising from all varieties of business agreements. Most recently, he has played a leading role in the firm’s privacy and data security practice, specializing particularly in representing clients targeted by litigation and government investigations stemming from highly publicized data security breaches. As the lead outside lawyer handling claims stemming from the data security breaches suffered by Sony, Heartland Payment Systems, The TJX Companies, Nationwide, Hannaford Brothers, Aldo, Genesco, and Wyndham Hotels—some of the most highly publicized data security breaches in recent years—Doug has become the national leader in defending companies that suffer significant data security breaches involving consumer information against the ensuing claims and regulatory investigations. 

Experience

  • Aldo Group: Lead counsel in Aldo’s ongoing defense of card brand and card issuer claims resulting from an alleged data security breach that the retailer discovered in early 2010.
  • Destination Hotels and Resorts: Lead counsel in DH&R’s defense of the card brand claims stemming from the data security breaches suffered in 2010 by certain hotels managed by DH&R. 
  • Genesco: Advising Genesco on how to address its various legal obligations and exposures resulting from a substantial data security breach that Genesco discovered in late 2010.
  • Hannaford Brothers: Lead counsel in Hannaford’s defense of the card brand claims stemming from the data security breach announced by Hannaford in 2008.
  • Heartland Payment Systems: Lead counsel in Heartland’s ongoing defense of the card brand claims, the card issuer class action, and the FTC investigation stemming from the data security breach announced by Heartland in 2009. The card brand claims were favorably settled, and the court dismissed all the card issuer claims.
  • Nationwide: National coordinating counsel with respect to the litigations and regulatory investigations arising from the criminal cyber-attack on a certain portion of Nationwide’s computer network during October 2012.
  • Sony: Global coordinating counsel with respect to the multiple litigations and investigations that have arisen from the recent criminal cyber-attacks on certain of Sony’s computer networks.
  • The TJX Companies: Lead counsel in TJX’s defense of the card brand claims and the card issuer class action stemming from the data security breach announced by TJX in 2007. The card brand claims were favorably settled, and the trial court dismissed almost all the class action claims and thereafter denied class certification of the few non-dismissed claims. The ensuing First Circuit appeal resulted in a substantial affirmance of the trial court’s decision by means of a groundbreaking opinion in the area of data security breach law.
  • Wyndham Hotels & Resorts: Lead counsel in Wyndham’s ongoing defense of the card brand claims stemming from the data security breaches suffered by certain of the Wyndham-branded hotels in 2008–2010; co-lead counsel in Wyndham’s defense of FTC enforcement action stemming from these intrusions.

Awards

  • The Best Lawyers in America (2013)
  • Chambers Global: The World’s Leading Lawyers for Business (2012-2013)
  • Chambers USA: America’s Leading Lawyers for Business (2011-2012)
  • Law360 "MVP in Privacy & Consumer Protection" (2012)
  • Law360 "Privacy Group Of The Year: Ropes & Gray" (2012)
  • Financial Times "U.S. Innovative Lawyer" (2012)
  • Massachusetts Super Lawyers (2004, 2007-2012)

Insights

Publications

Presentations

  • Speaker, “Data Security Litigation Round-Up: Latest Developments in Theories of Liability and Injury,” ACI’s 13th Annual Legal and Compliance Forum on Privacy & Security of Consumer and Employee Information (February 2013)
  • Speaker, “Lessons Learned from Serious Data Security Breaches,” Imperial Capital Security Investor Conference (December 2012)
  • Speaker, “The Challenging Nature of Data Security Risk – Lessons Learned from Serious Breaches,” 7th Annual Aon Risk Summit (October 2012)
  • Speaker, "Ensuring PCI DSS Compliance and Responding to Data Security Breaches Involving Payment Card Data," City/Athletic Club Financial Executives Conference (September 2012)
  • Panelist, “PCI DSS: Ensuring Compliance; Responding to Payment Card Data Security Breaches; and the Impact of the Emerging Technological and Regulatory Landscape,” American Conference Institute (July 2012)
  • Speaker, “The Changing Nature of Data Security Risk – Lessons Learned From Serious Breaches,” 2012 Aon Consulting Symposium (June 2012)
  • Speaker, “Data Security Breaches: The Crucial Mistakes That Companies Most Often Make,” Tenth Annual Hospitality Law Conference (February 2012)
  • Panelist, “Implementing a Culture of Privacy Compliance: Preparing for and Responding to a Data Breach,” ACI’s 11th Annual Legal and Compliance Forum on Privacy & Security of Consumer and Employee Information (February 2012)
  • Panelist, “Privacy & Security 101: Understanding the Technology & Key Regulations and Laws,” ACI’s 11th Annual Legal and Compliance Forum on Privacy & Security of Consumer and Employee Information (February 2012)
  • Speaker, “Data Breaches – Coming to a Network Near You,” Chartis Security/Privacy Market Trend Seminar (November 2011)
  • Speaker, “Data Breach Preparedness and Prevention,” Association of Corporate Counsel’s Annual Meeting, San Antonio (October 2010)
  • Speaker, “Update on Credit Card Brand Data Security Regulations,” National Retail Federation General Counsels Forum, Washington, D.C. (July 2010)
  • Speaker, “Case Study: The Heartland and TJX Data Breaches,” ACI National Advanced Forum on Data Privacy & Information Security, Dallas (June 2010)
  • Panelist, “Current Issues in Privacy & Security Law for the Health Care and Financial Services Sectors,” Boston Bar Association (October 2008)
  • Panelist, “Data Security Breaches – Managing the Risk and Responding to a Crisis,” Argyle Executive Forum, New York (October 2008)
  • Speaker, “The Growing Challenge of Cyber Theft,” New England Legal Foundation Board Meeting, Boston (October 2008)

Ropes & Gray’s Privacy and Data Security Practice Recognized as “Privacy & Consumer Protection Group of the Year”

Law360, the online outlet for legal news and analysis, has named Ropes & Gray’s privacy and data security practice a “Privacy & Consumer Protection Group of the Year” for 2012, based on the firm’s significant work over the ...

View all news

American Conference Institute: 12th National Legal and Compliance Forum on Privacy & Security of Consumer and Employee Information

Doug Meal, Ropes & Gray Complex business litigation partner and head of the privacy & data security practice, will be speaking on "Emerging Payment Systems Landscape: Ensuring PCI-DSS Compliance, Managing Payment Card Data Security Risks and Responding to Payment ...

View all events