David T. Cohen


  • JD, summa cum laude, Boston College Law School, 2007; Order of the Coif; James W. Smith Award for Highest Academic Rank; Editor in Chief, Boston College Law Review
  • AB (Philosophy and Music), magna cum laude, Brown University, 2003; Phi Beta Kappa; Meiklejohn Prize in Logic


  • New York, 2014
  • District of Columbia, 2011
  • Massachusetts, 2008

Court Admissions

  • Supreme Court of the United States, 2012
  • U.S. Court of Appeals for the Third Circuit, 2008
  • U.S. Court of Appeals for the Eleventh Circuit, 2016
  • U.S. District Court for the Southern District of New York, 2015
  • Certified as CIPP/US by International Association of Privacy Professionals. This certification is not granted by any governmental authority.
  • Honorable Thomas L. Ambro, U.S. Court of Appeals for the Third Circuit (2007 - 2008)
  • International Association of Privacy Professionals
  • The Sedona Conference, Working Group 11 on Data Security and Privacy Liability

David T. Cohen


David’s practice focuses on complex litigation, particularly in the area of privacy and data security. He has extensive experience working with corporate clients that have suffered data breaches or have been accused of privacy violations, defending them against class actions and claims asserted by payment card brands and representing them in connection with federal and state government actions. In addition, David advises clients on a range of privacy and data security compliance matters. As an experienced litigator, David also has represented clients in a variety of business disputes outside the privacy and cybersecurity context, including appellate, antitrust, securities, and regulatory matters.

In addition, David is a thought leader in the area of privacy and cybersecurity, publishing extensively on the latest issues in the space and serving as a resource to reporters and others writing on breaking legal developments. David is also an active member of the Sedona Conference Working Group 11 on Data Security and Privacy Liability.

Outside the office, David performs classical vocal music in the New York City area.


  • LabMD: Represented LabMD in its successful petition to the U.S. Court of Appeals resulting in the first-ever court decision overturning a Federal Trade Commission cybersecurity action.
  • Supervalu Inc.: Represented Supervalu in obtaining full dismissal of all consumer class actions filed over unauthorized network intrusions suffered in 2014. 
  • Sony: Represented Sony in government investigations stemming from criminal cyber-attacks on certain of Sony’s computer networks.
  • Wyndham Hotels & Resorts: Represented Wyndham in securing a favorable settlement to terminate a Federal Trade Commission lawsuit stemming from unauthorized network intrusions into certain Wyndham-branded hotels. 
  • Heartland Payment Systems: Represented Heartland in obtaining dismissal of issuing bank class actions filed across the nation related to a data security breach.


Ropes & Gray Alerts

  • “PCI SSC Releases Version 3.1 of Data Security Standard,” Ropes & Gray Alert (May 19, 2015) 
  • “Online Retailer Zappos.com Reaches Settlement with Nine Attorneys General Over Data Security Breach,” Ropes & Gray Alert (January 15, 2015)
  • “FTC Complaint Against Medical Laboratory Signals Agency’s Continued Intent to Assert Authority in Data-Security-Breach Actions,” Ropes & Gray Alert (September 11, 2013)
  • “Federal Trade Commission Chairwoman Calls for Increased Scrutiny of Privacy Practices for Consumer Data,” Ropes & Gray Alert (August 28, 2013) 
  • “FTC Actions Against Payment Processors Heighten Legal Risks for Service Providers in Privacy Cases,” Ropes & Gray Alert (June 28, 2013)
  • “FCC Rules Sellers May Be Vicariously Liable for Third-Party Telemarketers’ Violations of Telephone Consumer Protection Act,” Ropes & Gray Alert (May 17, 2013)
  • “On-Line Sales of Shipped Goods Held Outside Reach of California’s Song-Beverly Credit Card Act,” Ropes & Gray Alert (May 6, 2013)
  • “Massachusetts High Court Decision Regarding ZIP Codes Increases Consumer Litigation Risk for Retailers,” Ropes & Gray Alert (March 19, 2013)
  • “Supreme Court’s Clapper Decision Raises Bar for Standing in Data Security Breach Litigation,” Ropes & Gray Alert (March 4, 2013)
  • “FTC Settles with Device Manufacturer HTC America over Charges that HTC Products Had Security Design Flaws,” Ropes & Gray Alert (February 28, 2013)


  • Panelist, “Data security and privacy case law update,” The Sedona Conference: Working Group 11 Midyear Meeting 2018, Los Angeles, CA (September 13, 2018)
  • Panelist, “Privilege issues in data security litigation,” The Sedona Conference: Working Group 11 Annual Meeting 2018, Charlotte, NC (March 19, 2018)
  • Panelist, “Privilege issues in data security litigation,” The Sedona Conference: Working Group 11 Midyear Meeting 2017, San Diego, CA (September 18, 2017)
  • Speaker, “Practical Tips from 2015 Data Breach Litigation Decisions and Enforcement Actions,” ACC-SFBA CLE Lunch Seminars (January 2016)
  • Presenter, “Developments in Private Litigation and Regulatory Enforcement Stemming from Data Security Breaches,” Lawline Seminar (August 13, 2015)
  • Speaker, “Ropes & Gray West Coast Lunchtime Legal Briefing Teleconference - Navigating the Telephone Consumer Protection Act - When Can You Make That Call or Send That Text?” (September 2013)
Cookie Settings