David A. Zetoony

Co-Chair Global Data Privacy and Security Team


Technology; Higher Education Team; Higher Education Internal Investigations and Compliance; Health Care Team; White Collar/Corporate Crime; Unmanned Aerial Vehicle Team; Media and First Amendment; Aviation Law Practice; Fintech; Aviation, Aerospace & Defense; Regulation, Compliance & Advisory; Corporate; Finance; Investigations; Litigation & Dispute Resolution; Class Actions; Commercial Disputes; Data Privacy & Security Team; Data Center and Digital Infrastructure Team


Colorado; District of Columbia; Virginia; United States Supreme Court; United States Courts of Appeals for the Fourth, Eighth and District of Columbia Circuits; United States District Courts for the District of Columbia, District of Colorado, District of Maryland, and Eastern District of Virginia


University of Virginia, J.D., 2003; Rice University, B.A., cum laude, 2000

David Zetoony is an internationally recognized leader in the fields of data privacy and security and has helped hundreds of companies navigate the complexities of privacy and security law from a business practical standpoint. 

In addition to helping companies establish, and maintain, their ongoing security and privacy programs, David has defended corporate privacy and security practices in investigations initiated by the Federal Trade Commission, the United Kingdom’s Information Commissioner’s Office, and other data privacy and security regulatory agencies around the world.  David has also defended class action litigation alleging violations of United States data privacy and security laws.

David has received numerous awards and recognitions including being named one of the top 10 attorneys worldwide in the areas of privacy, security, and cross-border information transfers, named a “trailblazer” of CyberSecurity & Data Privacy by the National Law Journal, and recognized by JD Supra as one of the most widely read names in the areas of privacy and security.

David Zetoony is the Chair of the firm's Global Data Privacy and Security Team, and bases his practice in the firm’s Boulder, Colorado office.

Representative Experience

Data Security

  • Assisted hundreds of companies in responding to data security incidents and breaches.
  • Represented Ceridian, one of the largest human resource outsourcing companies before the FTC following data security breach.
  • Defended international financial company in data security breach investigation initiated by FTC.
  • Conducted detailed assessments of data security breach preparations of numerous companies including national franchise with 2000+ locations, and top 5 department store chain.

Data Privacy

  • Represented leading consumer tracking technology company before the FTC in connection with privacy investigation.
  • Represented facial recognition technology provider before the FTC in connection with privacy investigation.
  • Routinely advise and counsel retailers, including leading national department stores, concerning data privacy related issues.

Advertising / Consumer Protection

  • Represented the Neiman Marcus Group before the FTC in connection with fur-labeling investigation.
  • Represented leading automotive company in connection with the defense of a $20 million national advertising campaign.
  • Represented leading cosmetics company Laura Mercier in investigation initiated by the National Advertising Division of the Better Business Bureau.
  • Represented cosmetic company in connection with FTC investigation of body image related claims.


Mr. Zetoony has published numerous works on data privacy and security. Below is a selection of some of his publications from the last two years:

  • CCPA Practical Guide, August 2019
  • California Consumer Privacy Act: Answers to the Most Frequently Asked Questions Concerning Cookies and AdTech, July 2019
  • California Consumer Privacy Act: Answers to the Most Frequently Asked Questions Concerning Service Providers, April 2019
  • Data Security Breach Handbook-2019 Edition, co-authored with Jena Valdetero

2019 Data Breach Litigation Report, co-authored with Jena Valdetero and Andrea Maciejewski

Speaking Engagements

Mr. Zetoony has spoken at numerous venues and conferences. Below is a selection of some of his speaking engagements from the last four years:

  • Keynote Session, Data Connectors Denver Cybersecurity Conference, February 28, 2019
  • “The Actual Costs of a Data Breach,” IAPP’s Denver KnowledgeNet Chapter meeting, February 22, 2017
  • “What Business Lawyers Need to Know When Advising Their Business Clients About Data Breaches,” CLE Presentation Denver Business Law Institute, September 2016
  • “EU-US Cross Border Transfers, Privacy Shield, Model Clauses, and Binding Corporate Rules,” CLE Presentation, September 2016
  • “Cyber Extortion — What are the Laws that Protect Against It and How Should Lawyers Respond?,” CLE Presentation, August 2016
  • “Developments in Cyber Insurance for In-House Lawyers – Are You Getting the Coverage You Expect?,” CLE Presentation, July 2016
  • “An In-House Attorney’s Guide to Creating an Effective Privacy Policy,” CLE Presentation, June 2016
  • “What In-House Lawyers Should Know about the Legal Risks of Identity Theft and the Role of Credit Monitoring Services,” CLE Presentation, May 2016
  • “Technology at Work – Employee Data Privacy, Security and Transfers,” Panel Presentation at Association Internationale des Jeunes Avocats, Chicago, May 2016
  • Cyber Insurance Seminar, Chicago CLE Presentation, May 2016
  • “MCommerce — A Guide to Legal Issues in the Evolving Mobile Landscape,” CLE Presentation, May 2016
  • “How to Improve Data Security in Payment Systems — Changing Risks and Changing Technology for In-House Counsel,” CLE Presentation, March 2016
  • Co-Chair, Data Breach & Privacy Litigation Conference, San Francisco, February 2016
  • “Autonomous Vehicles Privacy and Cybersecurity Issues,” CLE Presentation, January 2016

Professional Affiliations

  • International Association of Privacy Professionals (‘IAPP”), co-chair, Colorado regional network
  • International Association of Privacy Professionals (“IAPP”), member
  • ABA Section of Antitrust Law’s Private Advertising Litigation Committee (former Vice-Chair)
  • ABA Section of Antitrust Law’s Healthcare and Pharmaceutical Committee (former Consumer Protection Vice-Chair)
  • ABA Antitrust Section’s Telecommunications Industry Committee (former Vice-Chair and Consumer Protection Liaison)
  • Council for Court Excellence (“CCE”), Board of Directors

Civic Involvement and Honors

  • Recognized by The National Law Journal as a 2016 Cybersecurity & Data Privacy Trailblazer
  • Member, American Bar Association Commission on Immigration (Working group on notario fraud)
  • Catholic Charities Outstanding Pro Bono Partner Award (2011)
  • Carecen Commitment to Justice Award (2010)
  • Recognized by AmLaw magazine as leading one of the top 100 pro bono initiatives (2009)
  • Semi-Finalist Lyle Moot Court (2003)
  • Honorable Mention Vis Moot Court (2002)
  • International Semi-Finalist Jessup Moot Court (2001)
  • National Champion Jessup Moot Court (2001)