Phyllis B Sumner

Partner

Translate this page Share this page Print this page
Phyllis Sumner

ATLANTA
T: +1 404 572 4799
F: +1 404 572 5100

E-mail
Profile   |   Recognition   |   News & Insights

Phyllis Sumner is a partner in King & Spalding's Business Litigation Practice Group in Atlanta.  She leads the Firm’s Data, Privacy & Security practice which spans multiple practice groups.  In addition to representing clients who have experienced a data security incident, Ms. Sumner represents clients in complex litigation matters involving the Fair Credit Reporting Act, False Claims Act, RICO, securities and fraud, and provides counsel on a variety of corporate matters, including privacy and security compliance, regulatory enforcement matters and internal corporate investigations. 

Ms. Sumner served as an Assistant United States Attorney, first for the Northern District of Illinois and then for the Northern District of Georgia, where she successfully prosecuted public corruption, domestic terrorism, credit card fraud, money laundering, healthcare fraud and other complex criminal matters.  She has extensive experience handling complex, high-profile matters, including the cases against Centennial Olympic Park bomber, Eric Rudolph, and former Mayor of Atlanta, Bill Campbell.  She tried a significant number of federal jury trials, directed numerous grand jury investigations and litigated hundreds of evidentiary hearings.  Ms. Sumner also has substantial federal appellate experience, including successful oral arguments before the U.S. Courts of Appeals for the Eleventh and Seventh Circuits.  Ms. Sumner applies her extensive trial and prosecutorial experience to the representation of clients in civil and criminal litigation and government investigations.

Ms. Sumner has experience litigating matters for clients such as Equifax, GMC, Home Depot, Covidien, Omnicare and TSYS.  Mr. Sumner currently leads the defense of Equifax in all national consumer litigation.  She has led the successful defense of clients in numerous False Claims Act cases.  She also regularly advises clients concerning data privacy and security as well as represents clients who experience security incidents and subsequent multiple investigations and class actions.

Recent Speeches and Publications

  • King & Spalding University e-Learn Series “Data Breach:  What Workflows to Expect and how to Prepare” (February 2015)

  • The Metropolitan Corporate Counsel Article, “A New Era for EU Data Privacy” (January 2015)

  • King & Spalding Client Alert, “Illinois Federal Court Dismisses Customer Data Breach Class Actions Against P.F. Chang’s” (December 2014)

  • King & Spalding Client Alert, “Financial Institutions’ Claims in Data Breach Litigation Survive Target’s Motion to Dismiss” (December 2014)

  • Speaker, King & Spalding’s 2014 Pharmaceutical University:  “Perils of Doing Business With International Companies - Legal Trends Affecting the Pharmaceutical Industry”

  • Speaker, Merck CLE “2014: Legal Trends Affecting the Pharmaceutical Industry:  The Impact of Federal and State Privacy Laws on the Pharmaceutical Industry” (October 2014)

  • King & Spalding Client Alert, “FDA Issues Cybersecurity Guidelines” (October 2014)

  • King & Spalding Client Alert, “Federal Bills Pursue Comprehensive Data Breach Notification” (October 2014)

  • Speaker, University of Georgia, “Social Media:  Missteps and Lessons Learned” (September 2014)

  • 2014 AHIA Annual Conference, “Deep in the Art of Auditing – Emerging Challenges in Privacy and Data Security” (September 2014)

  • The Metropolitan Corporate Counsel Article, “Russian Hackers Stockpile Over One Billion Internet Credentials” (September 2014)

  • King & Spalding Client Alert, “Russian Hackers Stockpile Over One Billion Internet Credentials” (August 2014)

  • JD Supra Article, “Russian Cyberattack May Trigger State Security Laws and Notification Obligations” (August 2014)

  • Law 360 Article, “FTC Report’s Impact May Not be Limited to Data Brokers” (July 2014)

  • King & Spalding Client Alert, “Florida Passes New Data Breach Notification Law Requiring Enforcement of Civil Penalties for Untimely Notice” (June 2014)

  • King & Spalding Client Alert, “FTC Data Broker Report Recommends New Consumer Protection Legislation” (June 2014)

  • The Metropolitan Corporate Counsel Editor Interview, “A Soup-to-Nuts Approach to Cybersecurity” (June 2014)

  • King & Spalding University e-Learn Series, “Privacy, Data Management & Information Security – a Global Perspective” (May 2014)

  • Moderator:  King & Spalding 2014 Compliance Summit:  “Emerging Challenges in Privacy & Data Security” and “Enforcement Update – Highlights of Government Actions and Resolutions: The False Claims Act” (May 2014)

  • King & Spalding Client Alert, “Kentucky Enacts Data Breach Notification Law” (April 2014)

  • King & Spalding 23rd Annual Health Law and Policy Forum, “Best Practices in Responding to Significant Data Breaches” (March 2014)

  • Corporate Counsel Article, “Unmanned Aircraft Fly Into the Future of Privacy Law” (March 2014)

  • King & Spalding Client Alert, “Five Things Every In-House Counsel Should Understand About the NIST Cybersecurity Framework” (February 2014)

  • King & Spalding Client Alert, “Unmanned Aircraft and Privacy Law: A Technological Leap Into A Legal Gap” (February 2014)

  • The Metropolitan Corporate Counsel Article, “Attacked on All Fronts:  FTC Defends Authority to Sue Companies That Are Victims of Hacking for ‘Unfair’ Security Practices” (February 2014)

  • King & Spalding Client Alert, “Target and Neiman Marcus Face Government Probes and Litigation as a Result of Holiday-Season Cyberattacks” (February 2014)

  • Contributing author, “Inside the Minds: Privacy and Surveillance Legal Issues”, published by Thomson Reuters Westlaw (Winter 2014)

  • King & Spalding Client Alert, “Attacked on All Fronts:  FTC Defends Its Authority to Sue Companies That Are Victims of Hacking for “Unfair” Security Practices” (November 2013)

  • Panelist,  King & Spalding Healthcare Roundtable:  “Hardening HIPAA/HITECH E-Security for Covered Entities and Business Associates:  Risk Assessments, Compliance Priorities and Industry Standards” (May 2013)

  • East Tennessee Health Care Fraud Working Group, “Regulatory and Compliance Update: 2013 Begins with a Bang!” (April 2013)

  • King & Spalding University e-Learn Series, “New Focus by US and EU on Cybersecurity Frameworks – Is Your Company at Risk?” (April 2013)

  • King & Spalding Client Alert, “NIST Seeks Public Comment from Private Sector Stakeholders to Develop Cybersecurity Framework” (March 2013)

  • King & Spalding Client Alert, “European Cybersecurity Strategy Proposal” (February 2013)

  • Georgia State University College of Law, “Managing Corporate Integrity” (February 2013)

  • Moderator, Association of Corporation Counsel, “Why Cybercrime Matters
    to In-house Counsel - Data Privacy Incident Prevention & Response” (October 2012)

  • Moderator, ICLE RICO Seminar, “Analyzing and Preparing a Civil RICO Case From a Defendant’s Perspective” (November 2011)

  • Life Sciences Qui Tam & False Claims Litigation, “The End Game:  Practical Negotiation Tools for Meeting Your Resolution Goals” (June 2011)

  • Moderator, “Social Media Roundtable” (May 2011)

  • King & Spalding Energy Forum, “Social Media:  More or Less?” (April 2011)

  • King & Spalding Client Alert, “Retailers and Marketers Beware of Collecting Consumer ZIP Codes” (February 2011)

  • King & Spalding Client Alert, “Northern District of Georgia Dismisses False Claims Act Case Alleging off-Label Marketing of Medical Device” (August 2009)

  • King & Spalding University e-Learn Series, “Making Privacy Public:  How Rapidly Changing Data Privacy Laws May Impact Your Organization” (April 2009)

  • HCCA Compliance Today Article, “It’s a FACTA:  FCRA Requirements Can Expose Medical Providers to Liability” (November 2008)

  • King & Spalding Client Alert, “Deadline for Compliance with FACTA’s ‘Red Flag’ Rule” (September 2008)

  • King & Spalding University e-Learn Series, “Cyberliability and Data Security Breaches:  Is Your Company Prepared and Protected?” (September 2008)

  • King & Spalding University e-Learn Series, “Data Theft and Security Breach Actions:  Litigation and Legislative Issues” (February 2008)

  • ICLE White Collar Crime Conference Moderator, “Slugging It Out In the Court of Public Opinion:  Keeping The Ethics Gloves On” (February 2008)

  • Federal Bar Association Moderator, “Conversation with the Honorable Griffin B. Bell” (December 2007)

  • ICLE Evolution of Crime in the 21st Century Speaker, “Fraud, Abuse and Compliance Under the Deficit Reduction Act of 2005” (December 2006)

  • Open World Program Speaker, “Observing the Federal System - Duties of a Prosecutor” (November 2005)

  • DOJ National Advocacy Center Instructor, RICO/Organized Crime Seminar (October 2005)

  • Emory School of Law Kessler-Eidson Program for Trial Techniques Instructor (May 2005)

  • ICLE White Collar Crime Seminar, “Technology in the Courtroom” (December 2003)
MEMBERSHIPS
International Association of Privacy Professionals (IAPP)
Federal Bar Association Atlanta Chapter, Executive Board Member, President
Federal Defender Program, Board of Directors, Vice President

EDUCATION
J.D., Vanderbilt University
B.B.A., University of Georgia

ADMISSIONS
Georgia
Illinois
U.S. Court of Appeals for the Eleventh Circuit
U.S. Court of Appeals for the Ninth Circuit
U.S. District Court for the Middle District of Georgia
U.S. District Court for the Northern District of Georgia
U.S. District Court for the Northern District of Illinois