Photo of Sean C. Griffin

Sean C. Griffin is a Member in the Washington, D.C. office of Dykema. Sean focuses his practice on commercial litigation, with a specialty in cases involving allegations of breach of contract or fraud. His experience includes litigating cases in federal and state courts and arbitration panels around the country. He also responds to subpoenas investigating violations of federal or state laws, including the False Claims Act, the U.S. Foreign Corrupt Practices Act (FCPA), and securities laws. Additionally, he assists clients with data security and responding to data breaches and is an IAPP Certified Information Privacy Professional (CIPP/US).

After graduating from Columbia University School of Law, Sean clerked for the U.S. District Court for the District of Maryland. After his clerkship, he worked as a trial attorney at the U.S. Department of Justice, Civil Division, where he handled commercial litigation trials and appeals as well as government contract and construction litigation.

Following a security incident involving its website’s chat function, Delta filed suit in the Southern District of New York against its tech vendor, [24]7.ai. Delta alleged fraud, negligence and breach of contract. A consumer class action lawsuit had already been filed against Delta in the Northern District of Georgia, related to the same incident.

According to the Complaint, on March 28, 2018, Delta was notified by [24]7.ai that a security incident had potentially compromised personally identifying information and payment card data of up to 825,000 of Delta’s customers. Delta alleges that “at least one third-party attacker gained access to Defendants’ computer networks and modified the source code of Defendants’ chat services software to enable the attacker to ‘scrape’ PII and payment card data from individuals using websites of Defendants’ clients, including Delta’s website…” Delta engaged a forensics team and began working with federal law enforcement upon receiving notice from [24]7.ai. Delta then publicly announced the breach, notified its customers, launched free credit monitoring services, and filed a lawsuit against [24]7.ai. Delta is seeking reimbursement of all breach-related costs. 
Continue Reading

Utah enacted a sweeping data privacy law that affects how employers and corporations respond to police demands for data. With this new law, Utah becomes the first state to protect electronic information individuals disclose to third parties.

Utah’s law requires a search warrant for a law enforcement agency conducting a criminal investigation or prosecution to obtain (i) location information, stored data, or transmitted data of an electronic device or (ii) electronic information or data transmitted by the owner of the electronic information or data to a remote computing processing center. The law further provides that any use of the information gathered must be related to the subject or objective of the warrant. 
Continue Reading