Mark P. Szpak


  • JD, Harvard Law School, 1984; Articles Office Co-Chair, Harvard Law Review
  • AB, magna cum laude, Harvard College, 1977; Phi Beta Kappa


  • New Hampshire, 1986
  • Massachusetts, 1985

Court Admissions

  • Supreme Court of the United States
  • U.S. Court of Appeals for the First Circuit
  • U.S. Court of Appeals for the Fifth Circuit
  • U.S. Court of Appeals for the Seventh Circuit
  • U.S. District Court for the District of Massachusetts
  • U.S. District Court for the District of New Hampshire
  • Honorable Louis F. Oberdorfer, U.S. District Court for the District of Columbia
  • International Association of Privacy Professionals
  • International Trademark Association
  • Hasty Pudding Theatricals Graduate Board (Harvard College)
  • Michael C. Rockefeller Memorial Fellowship Board (Harvard College)
  • Chenery Middle School Building Committee (Town of Belmont)
  • Various community organizations

Mark P. Szpak


With over 25 years of practice in complex litigation, Mark is a leading member of the firm’s nationally-ranked data breach and privacy group that has assisted Sony, Heartland Payment Systems, The TJX Companies, Wyndham Hotels and others in handling the wide range of challenges that can arise when computer networks are intruded upon – from forensic investigations to responding to regulators to multidistrict class action defense.  He has extensive experience representing public and private companies in a host of business and commercial disputes, including consumer class actions, trademark and other intellectual property matters, securities fraud, regulatory enforcement, bankruptcy litigation, dealership disputes and transactional litigation.  Mark was also involved in defending the wave of class action litigation under the Fair and Accurate Credit Transactions Act ("FACTA") relating to information printed on payment card receipts.  He has handled a broad spectrum of complex business litigation matters, ranging from representing a major brokerage firm in a series of claims stemming from a client's insider trading, to leading one of the first actions to be litigated under international procedures for resolving domain name disputes, to defending a trade secret litigation against a world-famous footwear manufacturer over the origin of a very high-profile line of patented footwear.


  • Sony. Co-lead counsel for widely-reported class action litigation over computer network attacks, including multi-district litigation and related matters. 
  • Fortune 100 Insurance Company. Advising and representing this insurance company in multiple consumer class action litigations and regulatory inquiries stemming from the criminal cyber-attack on a certain portion of the company’s computer network.
  • Heartland Payment Systems. Primary counsel handling consumer and bank class actions filed across the nation related to a widely-reported intrusion into Heartland's computer systems. 
  • The TJX Companies. Part of the team that orchestrated the strategy and response of The TJX Companies, Inc. in connection with a significant unauthorized computer network intrusion that received considerable attention from the press. 
  • Carter’s Inc. Defended this brand name clothing manufacturer/retailer in a national consumer class action alleging unfair pricing. Successfully secured both a dismissal from the trial court and (after argument) an affirmance from the Seventh Circuit.
  • Gillette. Co-lead lawyer defending Gillette against a multi-district consumer class action based on advertising claims relating to its market-leading M3Power razor. 


  • Law360 “Privacy Group of the Year: Ropes & Gray” (2012-2013)
  • Financial Times “U.S. Innovative Lawyer" (2012)



  • Doug Meal, Mark Szpak and David Cohen,“St. Joseph Demonstrates Challenges For Breach Plaintiffs,” Law360 (February 26, 2015)
  • Quoted, "Dealing with a Data Breach," Law Technology News (Dec. 2, 2014)
  • Co-author, “Data Breach Plaintiffs, Don't Skim This Decision,” Law360 (September 17, 2013)
  • Mark P. Szpak & Daniel Routh, "Difficult Path To Certification Of Data Breach Classes," Law360 (March 29, 2013)
  • Mark P. Szpak & Anne E. Johnson, "Class Certification in the United States: The Rise of Rigor among the Federal Circuits," Class Action Defence Quarterly (June 2009)
  • Mark P. Szpak & Anne E. Johnson, "Class Action Scrutiny: Will Massachusetts Courts Follow Emerging Federal Trends?" Boston Bar Journal (March/April 2009)
  • Mark P. Szpak, Kevin V. Jones & Anne E. Johnson, "Cyber-Thieves Have You Targeted: Is Your Company Ready?" Mass High Tech (October 2008)
  • Mark P. Szpak & Anne E. Johnson, "FACTA Liability for Customer Receipts Remains a Threat," Chain Store Age: The News Magazine for Retail Executives (October 2008)


  • Co-presenter, “First Responders: How Outside Counsel & Forensic Investigators Help Clients Respond to a Data Breach,” Cybersecurity and Data Protection Legal Summit (December 2014) 
  • Panelist, “Big Data is You - Opportunities and Pitfalls of Data Collection, Protection & Use in the Modern Ecosphere,” Ropes & Gray and Stanford Program in Law, Science & Technology Panel Program (February 2014) This session was recorded for broadcast by C-SPAN
  • Speaker, “Data Breaches Involving Consumer Financial Information: Litigation Exposures and Settlement Considerations,” American Conference Institute (January 2011)
  • Speaker, "Litigation over Data Breaches: Potential Non-Consumer Claimants," Food Marketing Institute's Legal Conference, San Antonio, TX (April 2009)
  • Presenter, "Cyber-Thieves and Privacy Breaches: Is Your Company Ready?" Ropes & Gray IP Master Class (October 2008)
  • Speaker, "Effect of CAFA on Class Action Practice and Multidistrict Litigation," Massachusetts Bar Association Seminar on Complex Issues and Emerging Trends in Class Action Litigation (June 2008)