Ezra D. Church counsels and defends companies in privacy, cybersecurity, and other consumer protection matters. He helps clients manage data security and other crisis incidents and represents them in high-profile privacy and other class actions. Focused particularly on retail, ecommerce, and other consumer-facing firms, his practice is at the forefront of issues such as biometrics, artificial intelligence, location tracking, ad tech, and blockchain. Ezra is a Certified Information Privacy Professional (CIPP) and co-chair of the firm’s Class Action Working Group.
Ezra advises clients on compliance with data privacy and cybersecurity requirements such as the California Consumer Privacy Act (CCPA), the Gramm-Leach Bliley Act (GLBA), including Regulation S-P, Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM Act) laws, the Telephone Consumer Protection Act (TCPA), the Fair Credit Reporting Act (FCRA), the Illinois Biometric Privacy Act (BIPA), the EU’s General Data Protection Regulation (GDPR), and state data breach notification laws. He has particular experience with children’s privacy issues and has worked extensively with on educational technology firms and mobile app and game developers in connection with the Children’s Online Privacy Protection Act (COPPA), the Family Educational Rights and Privacy Act (FERPA), and numerous state law regarding education privacy. Ezra has assisted hundreds of multinational companies with advice, planning and connections with GDPR and the Privacy Shield for data transfers to and from the United States to EU countries. He has advised on privacy and security issues related to cutting-edge technologies including facial recognition, voice recognition, iris and retinal scanning, artificial intelligent and machine learning, ad tech, location tracking and employee monitoring, and blockchain. He is a Certified Information Privacy Professional with the International Association of Privacy Professionals. He writes and speaks frequently on privacy and data security and has lectured on privacy law at Rutgers University Law School.
Ezra has worked with hundreds of companies facing data breaches, counseling them in the critical hours after an incident occurs, helping them understand and investigate the issues, and crafting an effective and appropriate notice program for affected individuals and government regulators. He also works with companies to anticipate and prepare for cybersecurity incidents before they occur, developing breach response plans to help prevent and mitigate future breaches. Ezra is a member of Morgan Lewis’s Crisis Management Practice, with a focus on the management of the crises involved in cybersecurity incidents.
Beyond his counseling practice, Ezra has experience handling complex and unusual class action litigation, including some of the largest privacy and data security class actions in the United States. This includes the defense of major national retailers facing data security litigation and the representation of consumer-facing companies facing large class actions filed under the TCPA and other privacy statutes. He has handled all aspects of such cases from inception through trial and appeal and has rare experience litigation class actions all the way through class trial. He is the co-leader of the Firm’s Class Action Working Group and regularly writes and speaks on class action issues. He is a contributor to the Firm’s chapter on class action litigation in the leading treatise Business and Commercial Litigation in Federal Courts and co-author of a chapter in A Practitioner’s Guide to Class Actions, among others.
Ezra has spent over 10 years advising and defending retailers and ecommerce companies, focused on helping them find practical ways to address the unique legal challenges they face. He has counseled and defended clients on matters related to privacy and data security, credit cards, gift cards, employee background checks, anti-money laundering, advertising and sales issues, vendor and supplier issues, return policies, marketing practices, loyalty programs, layaway, and unclaimed property.
Privacy & Cybersecurity
Class Actions & Complex Litigation
Unclaimed & Abandoned Property
Recommended, Media, technology and telecoms: Cyber law (including data privacy and data protection), The Legal 500 US (2018–2020)
Recommended, Industry focus: Energy litigation: conventional power, The Legal 500 US (2019)
Recommended, Dispute resolution: General commercial disputes, The Legal 500 US (2018)
40 & Under Hot List, Benchmark Litigation (2018–2020)
Member, International Association of Privacy Professionals (IAPP)
Certified Information Privacy Professional (CIPP/US)
Texas Law Review (2003–2005)
Recipient, Best Editor Award, Best Note Award, Texas Law Review (2005)