Region Area

Lawyers

David Wheeler

David Wheeler

Work Department

Intellectual Property and Data Privacy and Information Governance practice groups

Position

Partner

Career

David is a partner in the Intellectual Property and Data Privacy and Information Governance practice groups. He counsels and defends clients in data, cybersecurity and privacy matters. His practice features a Defense in Depth (DiD) approach to protecting clients and their data, including information governance programs, cybersecurity risk assessment and preparedness, incident response planning, legal and regulatory compliance and security, and privacy and information management needs. He is CIPP certified by the International Association of Privacy Professionals (IAPP).

He provides counsel based on a wide variety of cybersecurity and privacy considerations, including the development of cyber and privacy policies and procedures, cybersecurity and privacy audits, cyber risk mitigation and remediation, cybersecurity and PCI compliance, GDPR compliance, CCPA compliance, employee privacy, record retention and electronic discovery, international and cross-border data transfer, data breach readiness, response and crisis management, and data privacy, security breach, CAN-SPAM Act and TCPA issues. 

David also assists clients in becoming compliant with cybersecurity rules, regulations and initiatives such as those required or issued by executive orders, SEC, FCC, FTC, FCRA, FACTA, FINRA, FFIEC, OCC, state and self-regulatory frameworks. He provides advice to clients on the litigation defense of data privacy, security breach and TCPA class action suits in the United States.

He has handled a wide range of intellectual property issues, including trademark and copyright litigation, new gTLDs and forced recovery of domain names. David has drafted and negotiated a variety of technology services agreements, including EU data processing agreements, cloud services agreements, card payment services agreements, web/app development and webhosting agreements, data sharing agreements, Wi-Fi internet access and services agreements, data center services agreements, call center access agreements, software license agreements, hardware lease/purchase agreements, cyber forensics agreements, and cyber vulnerability and threat remediation services agreements.

Before joining the firm David spent a number of years as a consumer financial services class-action defense litigator, as well as an IP/IT counselor. In the data security and privacy areas, David has applied his technical experience to address personal information collection and use requirements, data security requirements, breach notification compliance, incident response, PCI-DSS compliance and cyber governance counseling.

Clients value David’s three decades of information technology experience, including software development, use and policy development. He quickly assesses the risks and implications of each situation and guides clients toward the best solution for their business goals.

Education

Loyola University Chicago School of Law (J.D., 1999), with honors, moot court

Loyola College in Maryland (M.B.A., 1993)

University of Maryland (B.S., 1987), Information Systems