Philip N. Yannella

Partner

Philadelphia

Tel 215.864.8180
Fax 215.864.8999

As a Practice Co-Leader of Ballard Spahr's Privacy and Data Security Group, and Practice Leader of the firm's E-Discovery and Data Management Group, Philip N. Yannella provides clients with 360-degree advice on the transfer, storage, and use of digital information.

Phil regularly advises clients on the Stored Communications Act (SCA), Computer Fraud and Abuse Act (CFAA), EU-US Privacy Shield, General Data Protection Regulation (GDPR), Defense of Trade Secrets Act, PCI-DSS, Telephone Consumer Protection Act (TCPA), New York Department of Financial Services Cybersecurity Regulations, ISO 27001 compliance, HIPAA Security Rules, and FTC enforcement activity, as well as eDiscovery issues—leveraging his experience serving as National Discovery Counsel for more than two dozen companies in nationwide litigation. He harnesses his deep knowledge of privacy, data security, and information governance laws to help multinational companies develop global information governance programs to comply with overlapping, and sometimes conflicting, laws. Phil serves on the advisory board for the ACC Foundation's Cybersecurity Survey, the largest survey of in-house counsel on cybersecurity issues.

Services

Experience

Representative Matters

Complex Litigation and Investigations

Successful representation of an auto finance company in a bet-the-company TCPA action with damage allegations of over $100 million. Defeated class certification and won summary judgment.
Successful representation of a pharmaceutical client in a civil action seeking publication of anonymized clinical data valued at $1 billion. Using a re-identification analysis, successfully persuaded the court that publication would reveal private health information of 95 percent of clinical trial patients.
Defense of a major bank in overdraft class action. Retained an expert to model damages from archival and legacy data.

Successful defense of a major bank in a TCPA class action. Retained an expert to assess ascertainability of class members based on structured dialer data.
Counseled a nonprofit hacked by Chinese nationals and coordinated a response with the FBI. Guided the client through an initial investigation of criminal attack on staging server, including engagement of a forensic team, collaboration with governmental entities to pursue the attackers, and review of forensic analysis.
Counseled an auto finance company in connection with a data breach of customer personal information, involving multi-state reporting.
Counseled a biotech in connection with theft of trade secrets by a former contractor.
Counseled a university in connection with a data breach stemming from inadvertent posting of student social security data in an internet kiosk.
Counseled a major telecom company on potential legal exposure arising out of review of hacked Sony emails posted to WikiLeaks.
Conducted an internal investigation for a major retailer arising out of suspected violations of access and identity management policies, resulting in developer access to production environments.
Represented a gaming company in connection with an investigation into suspected exfiltration of customer social security information held on unencrypted webserver.
Counseled a pharmaceutical client in response to a series of spear phishing attacks. Guided the client through an initial investigation, assisted in delisting of its domain, advised on WHOIS search, and prepared filings to the FBI cybercrime unit.
Counseled a gaming company in response to a suspected credit card skimming operation. Guided the client through an initial investigation, engagement with credit card fraud units and government entities, and advice on data breach notification procedures.
Successful defense of a major bank in an overdraft class action. Retained, developed, and elicited expert testimony concerning limitations of structured data and impact on the plaintiff’s damages model.
Defense of a clinical laboratory in a multi-state attorney general investigation alleging overpayment of Medicaid costs. Served as national discovery counsel, worked with an expert to model damages from legacy datasets.
Represents a manufacturer in multi-state products liability litigation relating to property damage allegedly caused by an herbicide.
Served on a national coordinating counsel team for a major pharmaceutical manufacturer in litigation relating to an anti-anemia medication.
Served on a national coordinating counsel team for a medical device company in litigation relating to latex gloves.
Served on a national coordinating counsel team for a biologics company in litigation relating to Factor IX products.
Served on a national coordinating counsel team for a major cigarette manufacturer in multi-state litigation. Obtained multiple summary judgment awards in favor of a major cigarette manufacturer in Pennsylvania state court.
Served as a member of the team that created new Pennsylvania law by successfully arguing that the "heeding presumption" was inapplicable to consumer products voluntarily purchased and consumed.
Obtained summary judgment on behalf of a university in asbestos litigation venued in Philadelphia court.
Obtained a favorable result for a major pharmaceutical manufacturer in trial relating to weight loss medication.
Served as lead counsel for a pharmaceutical device company in a toxic tort class action arising from the alleged release of chemicals from the company's North Carolina facility.
Successful representation of an oil refiner in litigation arising from alleged benzene exposure at a refining plant.

E-Discovery & Information Governance

Served as national discovery counsel for a major pharmaceutical manufacturer in litigation relating to a COX-2 inhibitor.
Served as national discovery counsel for a pharmaceutical joint venture in litigation relating to statin.
Served as national discovery counsel for a major pharmaceutical manufacturer in litigation relating to an antipsychotic medication.
Serves as national discovery advisor to a major accounting firm.
Successful defense of a pharmaceutical company in a spoliation motion arising out of the loss of SAS program files. Led the investigation, including forensic exam, and developed and presented expert testimony.
Successful representation of a major stock exchange in a regulatory investigation and class actions arising out of the failure of an IPO pricing engine. Managed and coordinated eDiscovery, including forensic examinations and ESI investigation, for over 100 employees.
Successful representation of a pharmaceutical company in a spoliation hearing stemming from the loss of data held in a wiki used for regulatory submissions.
Developed records retention and IG programs for two dozen companies in the following industries: auto finance, automotive, car rental, aerospace, pharmaceutical, medical device, commercial paint products, banking, real estate lending, and insurance.

Professional Highlights

Professional Activities

The Sedona Conference Institute
Member, International Data Privacy, eDiscovery, and Cross-Border Data Transfer Issues Working Groups

Defense Research Institute

IAPP

ARMA

Recognition & Accomplishments

The Legal 500 US, Dispute resolution - E-discovery, 2019, 2021, 2022

Speaking Engagements

Speaker, "Risk Management & Cyber Security: What You Don't Know Can Kill You," CEO Connection Mid-Market Convention, Philadelphia, September 23, 2019

"Emerging Data Security Laws: An Innovation Opportunity," Comcast Labs Connect's Security by the Schuylkill, Philadelphia, April 16, 2019

Speaker, "The California Consumer Privacy Act: What Comes Next?" Ballard Spahr webinar, March 20, 2019

Co-host and Moderator, "Ghosts in the Machine: Data Privacy, Cybersecurity & the Evolving Face of Risk," Thomson Reuters Legal Executive Institute Concordant Crossroads: Regulation and Innovation in the Automotive Industry, New York City, October 2018

"From Brussels with Love: A GDPR Valentine's Day Special," Ballard Spahr webinar, February 14, 2018

"Preventing Internal Breaches: The Critical Role of Corporate Counsel," BloombergLaw/UnitedLex webinar, February 13, 2018

"The Legal Impact of Autonomous Vehicle Connectivity (Part Two)," Thomson Reuters Legal Executive Institute podcast, February 6, 2018

"The State of Cybersecurity Report: A Preview of the 2018 Report," ACC Foundation Cybersecurity Summit, Washington, D.C., February 6, 2018

"Ethics for Discovery 2017," Practising Law Institute, New York, July 12, 2017

"Countdown to GDPR: Practical and Technological Solutions for Compliance," Delaware State Ballard Spahr CLE, Philadelphia, May 10, 2017

"Game of Drones, Autonomous Vehicles, and Other Connected Devices," Delaware State Bar Association, Wilmington, April 12, 2017

"Higher Education and the Changing Administration," Ballard Spahr webinar, February 23, 2017

"The State of Cybersecurity Report," ACC Cybersecurity Summit, Washington, D.C., January 31, 2017

"ACC Foundation Report: Takeaways to Enhance Cybersecurity Preparedness," Ballard Spahr CLE program, Washington, D.C., September, 29, 2016

"Ethics for Discovery 2016," Practising Law Institute, New York, July 25, 2016

"Cyber Insurance," Pennsylvania Bar Institute, Philadelphia, July 11, 2016

"Worst Case Scenario – The State of Cybersecurity and Lessons Learned," ACC Mid-Year Meeting, New York, April 12, 2016

"Advanced Identity & Access Management Techniques," CISO Executive Network: Philadelphia Breakfast Roundtable 2 of 6, April 6, 2016

"The ACC Foundation Cybersecurity Report: Discussion with the ACC President and CEO Veta Richardson," Ballard Spahr CLE program, Philadelphia, February 18, 2016

"A Look at the New Federal Rules and What They Mean for Your Practice," Pennsylvania Bar Institute, Philadelphia, July 30, 2015

"Ethics for Discovery 2015," Practising Law Institute, New York, July 27, 2015

"Ethics for Discovery 2014," Practising Law Institute, New York, July 15, 2014

"How the Proposed Amendments to the Federal Rules of Civil Procedure Will Affect Discovery," Ballard Spahr CLE program, live in Philadelphia and via webinar, June 25, 2014

"E-Discovery Breakfast Briefing: Taking Control in Litigation and Regulatory Matters," The Huron Legal Institute, Philadelphia, May 20, 2014

"Ethics for Discovery 2013," Practising Law Institute, New York, July 22, 2013

"Avoiding the Pitfalls of 'Bring Your Own Device' Policies," Ballard Spahr webinar, June 12, 2013

"New Amendments to Pa. Rules of Civil Procedure On eDiscovery," Pennsylvania Bar Institute, August 8, 2012

"Ethics for Discovery 2012," Practising Law Institute, July 27, 2012

"eDiscovery & Social Media in Litigation: Practical, Legal & Ethical Issues," Camden County Bar Association, May 9, 2012

"Leveraging Predictive Coding To Focus on Litigation Strategy," Navigant Expert Insights webinar, February 8, 2012

"Data Security in the Cloud and its Implications on eDiscovery," IQPC's The 6th eDiscovery for Pharma, Biotech, and Medical Devices Industries Conference, Philadelphia, October 25, 2011

"Taxation of E-Discovery Costs Not Limited to High-Profile Cases, Says Big Firm Partner," Association of Certified E-Discovery Specialists Podcast Interview, August 17, 2011

"Ethics for E-Discovery 2010," Practising Law Institute, July 28, 2010

"Federal Rule of Evidence 502: The Changing Landscape of Discovery in the Electronic Age," Webcast by DRI's Product Liability Committee, June 3, 2010

"Data Security, Corporate Compliance and E-Discovery: Navigating the Data Morass," NJCCA's 7th Annual All-Day Conference, September 24, 2009

"Rule 502 and Its Impact on E-Discovery: Using the New Provisions to Reduce the Costs of Privilege Review Without Increasing the Risks of Waiver," ACI's E-Discovery and Document Management Conference, September 22, 2009

"Designing, Implementing, and Maintaining Document Management Policies that Survive Multi-Jurisdictional and International Discovery of Scientific E-Data," ACI's Document Management, E-Discovery, and Litigation Readiness Conference, April 1, 2008

"Responding to Electronic Discovery Requests and Preparing for Rule 26(f) Conferences," Association of Corporate Counsel's E-Discovery: Bridging the Gap between Legal and IT Seminar, July 9, 2007

"Document Retention and Disposal Management in an E-Discovery World," Ethisphere, October 15, 2006

Publications

Co-author, "Utah Privacy Law Would Be First to Require Search Warrant for Government to Access Stored Data," The National Law Review, March 28, 2019

Author, "European Union Discovery Presents Compliance Headaches for U.S. Litigants," The Legal Intelligencer, February 5, 2018

Related Insights

Credentials

Education

Temple University James E. Beasley School of Law (J.D. 1997)
Member, Political and Civil Rights Law Review
Member, Temple Moot Court
Recipient, Trial Advocacy Program's Outstanding Advocate Award

Temple University (B.A., summa cum laude, 1991)

Admissions

New Jersey

Pennsylvania

U.S. District Court for the Eastern District of Pennsylvania

U.S. Court of Appeals for the Third Circuit