Morgan Lewis
  • Home
  • >
  • Gregory T. Parks

Gregory T. Parks

Partner

Gregory T. Parks counsels and defends retail companies and other consumer facing clients in matters related to privacy and cybersecurity, class actions and Attorney General actions, consumer protection laws, loyalty and gift card programs, retail operations, payment mechanisms, product liability, waste management, shoplifting prevention, compliance, antitrust, and commercial disputes. If it is important to a retail company, Greg makes it his business to know it. He handles all phases of litigation, trial, and appeal work arising from these and other areas. Greg is the co-leader of the firm’s privacy and cybersecurity practice and retail & eCommerce industry sector.

Extended Profile

With years of experience with the unique problems and challenges facing retailers, Greg counsels these clients through consumer class actions, real estate litigation, privacy and data security concerns, product and premises liability cases, and similar issues. He also co-chairs the firm’s Retail & eCommerce practice, and in 2014 and 2015, Law360 named him an MVP for retail and ecommerce. His operational and compliance counseling involves matters arising from credit cards, gift cards, employee background checks, anti–money laundering plans, advertising and sales, data collection and privacy, and loyalty, layaway, and shoplifting prevention programs.

In the aftermath of data breaches—he’s advised on more than 500 breaches in his career—Greg helps clients craft immediate responses. He counsels them on how best to give notice to affected individuals or government and consumer reporting entities, following proper compliance protocol. He also represents these companies on any data class action and other litigation stemming from the incidents, and instructs them on implementing policies and procedures to prevent and mitigate future breaches.

His compliance work with more than 200 companies encompasses a range of laws, including the Fair and Accurate Credit Transactions Act, the Fair Credit Reporting Act, PCI-DSS mandates for credit card security, the FTC Red Flags Rule, US federal and state CAN-SPAM laws, the Telephone Consumer Protection Act, FinCEN and other anti–money laundering rules, the Children’s Online Privacy Protection Act, Massachusetts Data Protection laws, and other US state and federal rules and regulations. Greg frequently comments in the news media, writes articles, and teaches classes on these subjects.

selected representations

  • Winning a complete defense verdict in a rare consumer class action trial for a major national retailer under California’s gift card redemption law in which the Plaintiff class sought more than $30 million. Mr. Parks also successfully won affirmance of the verdict on appeal.
  • Winning a defense verdict in a 6-week jury trial of a premises liability case at a major retailer’s flagship New York store in which the Plaintiff sought $25 million.
  • Winning a $6.4 million jury verdict and judgment for a venture capital company that sold its interest in a number of related companies and then faced an indemnity / escrow claim from the purchaser.
  • Successfully managing more than 500 data breach incidents, including determining and executing notification requirements, assisting clients with investigative and remedial actions, and pursuing cost recoveries against insurers or responsible parties.
  • Winning complete indemnity from a supplier for a Top 10 retailer against an $80 million claim for alleged violations of the Fair Credit Reporting Act in the conduct of criminal background checks.
  • Winning motions to dismiss or successfully settling more than a dozen lawsuits under the Fair and Accurate Credit Transactions Act (“FACTA”) for information printed on credit card receipts provided by retail companies at the point of sale.
  • Winning favorable settlements of more than 20 consumer class actions, in which the costs of the settlement were less than 20% of the liability or costs of defense the company faced.
  • Winning a motion to dismiss a claim under the Fair Credit Reporting Act by successfully arguing that the source of a criminal background check was not a consumer reporting agency. 
  • Winning complete indemnity and for three retailers accused of using illegal technologies on their ecommerce websites to track website visitors.
  • Winning motions to dismiss or convincing Plaintiff’s lawyers not to bring more than 10 lawsuits accusing retailers of collecting information at the point of sale in credit card transactions that is prohibited by state law.
  • Winning a successful settlement of allegations of systemic pricing inaccuracy by a major retailer across the state of California. 
  • Winning a $3.6 million judgment in favor of a retailer against a shopping center landlord who failed to carry out various development obligations.
  • Winning a motion to dismiss a trademark infringement and license dispute on behalf of the holder of a world famous trademark.
  • Winning a motion to dismiss an $80 million claim against a Trustee in a mortgage securitization.
  • Winning a $25 million judgment in a bench trial arising from acquisition of sub-prime mortgage assets.

Education

  • Bucknell University, 1994, B.A., Cum Laude
  • University of Pennsylvania Law School, 1997, J.D., Cum Laude

Admissions

  • Pennsylvania
  • U.S. Courts of Appeal for the Second, Third, and Ninth Circuits
  • U.S. District Courts for the Eastern, Middle, and Western Districts of Pennsylvania
  • U.S. District Courts for the Northern and Central Districts of Illinois
  • U.S. District Court for the Eastern District of Wisconsin

Awards and Affiliations

Law360 Retail and eCommerce MVP (2014–2015)

Member, American Bar Association

Member, Philadelphia Bar Association

Member, International Association of Privacy Professionals

Fellow, Temple University's Academy of Advocacy

Listed, "Lawyers on the Fast Track," The Legal Intelligencer and Pennsylvania Law Weekly (2009)

Listed, "2006 Rising Star Super Lawyer" by Pennsylvania Law & Politics Magazine

Recommended, Dispute resolution: General commercial disputes; Recommended, Media, technology and telecoms: Cyber law (including data privacy and data protection); The Legal 500 US (2018)

Publications

2/12/2019 - Harm Is Not Required to Sue Under Illinois Biometric Privacy Statute

10/24/2018 - UK Court of Appeal: Employers Are Liable for Employee Data Breaches

6/26/2018 - New Colorado Data Privacy Law Requires Businesses to Improve Protection of Personal Information

5/1/2018 - Delaware Launches Website to Help Compliance with Data Breach Law

4/17/2018 - GDPR’s New Requirements: What Investment Managers, Funds, Banks, and Broker-Dealers Need to Know

4/5/2018 - DC Circuit’s ACA v. FCC Decision: Implications for Calling and Texting

12/12/2017 - UK High Court: Employers May Be Vicariously Liable for Employee Data Breaches

11/15/2017 - Voice-Activated Devices May Collect Audio from Children

8/1/2017 - FTC and FBI Issue Compliance Reminder on Children’s Online Privacy Protection Act

3/22/2017 - How the General Data Protection Regulation Will Apply to and Affect the UK

12/7/2016 - Investigatory Powers Act Becomes UK Law

11/21/2016 - California Plastic Bag Ban Survives Ballot Referendum

11/11/2016 - CRTC Issues First Compliance and Enforcement Decision on Canada’s Anti-Spam Legislation

10/7/2016 - CFPB Releases Final Rule on Prepaid Cards

7/12/2016 - EU–US Privacy Shield Approved

6/28/2016 - UK Data Privacy Laws in a Post-Brexit World

5/17/2016 - Supreme Court Issues Closely Watched Article III Standing Decision

4/14/2016 - Article 29 Working Party Expresses Concerns About EU-US Privacy Shield

3/2/2016 - The Judicial Redress Act of 2015 Becomes Law

3/2/2016 - European Commission Releases Details of New EU-US Privacy Shield

2/8/2016 - Judicial Redress Act Would Extend Privacy Act Remedies to Citizens of Designated Foreign Nations

2/4/2016 - EU-US Privacy Shield to Replace Safe Harbor

12/23/2015 - New EU Data Protection and Cybersecurity Laws Finalised

11/19/2015 - California Amends its Breach Notification Requirements (AGAIN)

9/28/2015 - Advocate General Of ECJ Rules EU Data Protection Authorities Can Investigate Complaints About Safe Harbor Programme

9/1/2015 - Delaware Enacts First Privacy Law with Focus on Children

2/20/2015 - Brazil Bill Implements New Provisions for International Data Transfers

1/22/2015 - Proposed Data Breach Legislation Announced

9/16/2014 - The New Normal: Cybersecurity and Money Managers in 2014

7/8/2014 - Florida’s Strict New Data Breach Notification Law Takes Effect

6/24/2014 - Data Breach Provisions in Outsourcing Contracts, Tech & Sourcing @ Morgan Lewis

6/19/2014 - Not If, but When: Anticipating Data Breach Events in Outsourcing Contracts, Tech & Sourcing @ Morgan Lewis

5/8/2014 - Preventing and Responding to a Data Security Breach

4/18/2014 - New Cybersecurity Framework Revealed

3/27/2014 - Preventing and Responding to a Data Security Breach in the Retail Industry

12/4/2013 - Navigating Anti-Corruption Risks in the Retail Industry

10/11/2013 - New California Law Protects Online Account Information

10/4/2013 - California Enacts New Laws on Data Privacy and Security Issues

9/20/2013 - Data Privacy: New Trends in Latin America, presented at the South Florida Group of Regional Counsel Seminar

7/30/2013 - New Accounting Rules for Gift Cards Redeemable by Unrelated Entities

6/27/2013 - How to Respond to Data Breaches, presented for the Delaware Valley Association of Corporate Counsel

6/6/2013 - Privacy, Data Security, and Theft of Trade Secrets, presented at the 2nd Annual University of Houston Ethics and Compliance Symposium

4/24/2013 - Annual Outsourcing and Commercial Transactions Seminar — Focus on Data: Best Practices on How to Leverage and Protect Company Data

4/17/2013 - Presenter, 2013 Morgan Lewis Retail Industry Roundtable

12/5/2012 - An Online Retailer’s Guide to Patent Infringement Threats

5/2/2012 - Presenter, 2012 Morgan Lewis Retail Industry Roundtable

11/16/2011 - Recent SEC Guidance and Upcoming Amendments to California and Illinois Statutes Affect Data Breach Disclosure Obligations

5/25/2011 - Presenter, 2011 Morgan Lewis Retail Industry Roundtable

4/28/2011 - U.S. Supreme Court: FAA Preempts State Law Rule That a Class Action Waiver in a Consumer Arbitration Clause Is Unconscionable

3/11/2011 - Toys R Us Wins Class Action Verdict In California Gift Card Redemption Case, BNA's Class Action Litigation Report

5/5/2010 - Presenter, 2010 Morgan Lewis Retail Industry Roundtable

2/3/2010 - State consumer fraud laws: When is a ‘new’ item considered ‘used?’, Chain Store Age (click here to read the article)

View more...

News

1/1/2018 - Cybersecurity & Privacy Cases To Watch In 2018, Law360

2/9/2015 - Cybersecurity Practices Booming in Era of the Breach, The Legal Intelligencer

12/3/2014 - Retail & E-Commerce MVP: Morgan Lewis' Gregory Parks, Law360

11/18/2014 - Law360 MVP Awards Go To Legal Aces From 78 Firms

5/1/2014 - 5 Tips For Pooling Hospitality Loyalty Programs, Law360

12/3/2013 - Juggling Region’s Pitfalls, Focus Latin America

12/3/2013 - FTC Stakes Claim To Privacy Authority With 2014 Plan, Law360

4/1/2013 - Why Retailers Ask for Your ZIP Code, The New York Times Bucks Blog (read the article)

10/24/2012 - FTC's Privacy 'Nutrition Label' May Not Fit Complex Data Use, Law360

8/1/2012 - FTC's Child Privacy Tweaks Bring Ad Networks Under Scrutiny, Law360

6/27/2012 - Ain’t No Mountain High Enough: Morgan Lewis' Litigation Department Tackles Tough Cases - And Wins, The Legal Intelligencer

View more...

Events

1/30/2019 - Key to Success In Data Breach Response 2019

5/24/2018 - 2018 Technology May-rathon: Privacy and Data Security Trends at the FTC, FCC, State AGs and Elsewhere for 2018 and Beyond

4/26/2018 - 2018 Annual Technology, Outsourcing & Commercial Contracts Networking Roundtable

3/20/2018 - 14th Annual Retail and Ecommerce Roundtables

5/4/2017 - 2017 Technology May-rathon: New Administration, New Agenda: The Trajectory of the FCC and FTC Under the Trump Administration

11/3/2016 - 2016 New England Retail Forum

9/21/2016 - 2016 Annual Private Fund Investors Roundtable

5/5/2016 - 2016 Technology May-rathon: FCC and FTC Developments and Related Data Privacy and Security Issues

2/24/2016 - The EU-US Privacy Shield

12/17/2015 - Privacy and Data Security at the Agencies: 2015 Retrospective and Trends for 2016 at the FCC and FTC

11/20/2015 - The South Florida Group of Regional Counsel Seminar 2015

11/10/2015 - ABA’s Consumer Protection Update

5/14/2015 - Technology May-Rathon: The Evolving Roles of The FCC and FTC

3/24/2015 - Preventing and Responding to a Data Security Breach in the Energy Industry

2/5/2015 - 2014 Shopping Review: Preventing and Responding to a Data Breach in the Retail Industry

View more...