Privacy Lawyers

Protecting Consumers' Privacy Rights

Looking for Information on the Equifax Data Breach?

Our privacy attorneys have recently filed a class action lawsuit against Equifax alleging that the company failed to secure the personal information of up to 143 million Americans, including addresses, driver’s license dates of birth, credit card details, Social Security Numbers, and other data. Visit our Equifax webpage for more information about the case and how to get in touch with one of our privacy attorneys.

Our Data Breach & Privacy Practice

Gibbs Law Group’ privacy lawyers help people across the country protect their privacy rights and seek redress when privacy violations occur. In the modern economy where sensitive personal information – including medical, financial, and other personal records – is stored electronically, protecting personal information is increasingly difficult, but still vitally important.

We litigate a wide range of privacy issues and represent victims of privacy violations in lawsuits involving:

These cases involved cutting-edge privacy issues and implicated laws designed to protect against privacy breaches in the digital age.

Affected by a Privacy Violation?

Understand your rights in a world where sensitive information is digitally processed, stored, and shared. Call or message us for a free, confidential consultation with a privacy lawyer.

Our Experience

We represent plaintiffs affected by some of the largest and most serious data breaches in history, including: Anthem Blue Cross and Blue Shield, Excellus Blue Cross and Blue Shield, and Banner Health.

Eric Gibbs has established himself as a leader in emerging litigation involving data breach and privacy. Eric secured a landmark ruling in the Adobe Systems, Inc. Privacy Litigation, which makes it easier for plaintiffs to seek relief following a breach. He was recently selected from among a pool of attorneys from across the country to serve as co-lead counsel in the Vizio, Inc. consumer privacy litigation.

Eric co-founded the American Association for Justice’s Data Breach and Privacy Litigation Group, and has served as chair and organizer of several consumer privacy conferences on best practices and developments in consumer privacy litigation.

Past Successes

Adobe Landmark Article III standing ruling and settlement requiring Adobe to provide a enhanced security relief to customers
Health Net & IBM $1 million identity theft insurance policy and $50,000 for identity theft losses for Health Net patients
Sony Settlement providing cash, free downloads, or replacement albums to purchasers of Sony BMG CDs and requiring Sony to reform security practices
University of California, San Francisco Settlement resulting in a change in UCSF’s privacy practices to protect patient medical information

Our Team



A founding partner at the firm, Eric has negotiated groundbreaking settlements that...



David Berger challenges unscrupulous behavior on behalf of consumers, whistleblowers, and...



Aaron Blumenthal represents consumers and whistleblowers in class action lawsuits...



Andre Mura represents plaintiffs in class and complex litigation concerning consumers’...

Privacy Cases and Investigations

Equifax Data Breach Lawsuit


America’s JobLink Data Breach Lawsuit Investigation

Job search website hack exposes personal information of individuals in ten states

Banner Health Data Breach Lawsuit

On September 7, 2016, we filed a federal class action lawsuit in Arizona on behalf of individuals whose personal information was compromised in the Banner Health data breach.

Gibbs Law Group LLP Launches Investigation of 21st Century Oncology Holdings Data Breach

Legal investigation following a cyberattack exposing the data of 2.2 million people

Wendy’s Data Breach Lawsuit Investigation

A potential data breach at Wendy’s fast food restaurants may compromise customers' credit card data

Vizio Smart TV Privacy Lawsuit

Vizio collects data on customers' viewing habits, and may sell this and other personally identifiable information to third parties for profit

Experian T-Mobile Data Breach Investigation

A data breach at Experian exposed the information of 15 million T-Mobile subscribers and customers

Excellus BlueCross and BlueShield Hacked

Excellus BlueCross and BlueShield was the target of a cyberattack in which the personal information of more than 10 million people was exposed.

Ashley Madison Data Breach Investigation hack exposes information of 37 million subscribers

Office of Personnel Management Data Breach

Legal investigation into the breach of 4 million OPM employees' personally identifiable information.

OPM Data Breach Litigation

Lawsuit on behalf of employees of the Office of Personnel Management following a massive data breach.

UCLA Data Breach Lawsuit Investigation

Legal investigation following the UCLA Health hack

Premera Blue Cross Hacked

Sophisiticated cyberattack on health insurer Premera's IT systems, exposing the information of 11 million members

Anthem Data Breach

Cyber-attack exposing the personal information of 80 million Anthem subscribers

Superfish Adware Poses High Security Threat to Lenovo Users

Superfish adware creates security vulnerability on Lenovo computers

Class Certification Granted in Yahoo Email Privacy Litigation

Illegal scanning and analyzing of emails sent to and from Yahoo Mail email addresses

Home Depot Data Breach Class Action

Data breach of Home Depot customers’ credit or debit card information

Adobe Data Breach Class Action

Data breach in 2013 affecting an estimated 2.9 million Adobe accounts

Kmart Stores’ Payment Systems Hacked in Data Breach

Data breach of Kmart customers’ credit and debit card information

Sony Pictures Data Breach Litigation

Data breach of sensitive employee data in a cyber attack

U.S. Privacy Laws

Over the last fifty years, numerous federal and state privacy laws have been enacted and updated in response to new technologies, information products, and data storage capabilities.

Although these laws have varying focuses, all of them protect against unauthorized use or collection of private records. Additionally, many of these laws allow consumers to file privacy lawsuits to hold companies accountable when they  collect or use information unlawfully.

Cable Communications Policy Act (47 U.S.C. Section 551)

Cable television companies must inform their subscribers about the personal data collected and how that data is disclosed.

The Act prohibits the collection and disclosure of personal information without authorization, and provides damage awards of at least $1,000, plus punitive damages, costs, and attorneys’ fees in lawsuits against cable television companies found in violation of the Act.

Electronic Communications Privacy Act (18 U.S.C. Section 2701 et seq.)

The ECPA is a computer privacy law that prohibits tampering with computers or accessing computerized records without authorization. Title I of the ECPA protects wire, oral, and electronic communications while in transit.

Gramm-Leach-Bliley Act (15 U.S.C. Sections 6801 et seq.)

The Gramm–Leach–Bliley Act (GLB), also known as the Financial Services Modernization Act of 1999, is a financial privacy law that regulates the collection, disclosure, and protection of consumers’ personally identifiable, nonpublic information by financial institutions, such as banks, debt collectors, lenders, etc.

Health Insurance Portability and Accountability Act (Pub. Law No. 104-191 Sections 262,264: 45 C.F.R. Sections 160-164)

HIPAA addresses the security and privacy of health data maintained or transmitted by health plans, healthcare providers, healthcare clearinghouses, and other related entities.

Supplementing other health privacy laws, HIPAA requires health plans and healthcare providers to provide a written notice of how protected health information about an individual will be used, as well as an accounting of the circumstances surrounding certain disclosures of the information.

Telephone Consumer Protection Act (47 U.S.C. Section 227)

The TCPA is a broad statute governing telemarketing in the United States and implicating cell phone privacy. It restricts the use of automatic dialing systems, artificial or prerecorded voice messages, SMS text messages received by cell phones, and the use of fax machines to send unsolicited advertisements without consumer consent.

Video Privacy Protection Act (18 U.S.C. Section 2710)

The VPPA prohibits videotape sale or rental companies from disclosing customers’ names and addresses, or the subject matter of their purchases or rentals for marketing uses, unless the customers have been notified of their right to stop such disclosures. Video companies that violate the VPPA may be liable for damage awards of at least $2,500, punitive damages, costs, and attorneys’ fees.

Wiretap Statutes (18 U.S.C. S 2510 et seq.; 47 U.S.C. Section 605)

This Act prohibits the use of eavesdropping technology and the interception of electronic mail, radio communications, data transmission, and telephone calls without consent, safeguarding financial privacy and preserving other sensitive information.

Speak with an Attorney

Confidential and without obligation
  • This field is for validation purposes and should be left unchanged.
Slice 1 BLF 2017