• People
  • Practices
  • COVID-19 Resources
  • Insights
    • Firm News
    • Press Releases
    • Publications
    • Webcasts
    • Podcasts
    • Subscribe
    • Media Contacts
  • Careers
    • Career Opportunities
    • Attorney Development
    • Contact Us
  • About
    • Our Story
    • Awards & Accolades
    • Offices
    • Diversity
    • Pro Bono
    • Alumni
    • Contact Us
  • Search
  • Biography
  • Education
  • Recent Publications
Profile Picture

Ryan T. Bergsieker

Ryan
Bergsieker

Partner

CONTACT INFO

rbergsieker@gibsondunn.com

TEL:+1 303.298.5774

FAX:+1 303.313.2824

Denver

1801 California Street, Suite 4200, Denver, CO 80202-2642 USA

  • Print
  • |
  • Share
  • |
  • vCard

PRACTICE

White Collar Defense and Investigations Anti-Corruption & FCPA Artificial Intelligence Crisis Management FDA and Health Care Litigation National Security Privacy, Cybersecurity and Data Innovation Technology Transactions

BIOGRAPHY

Ryan Bergsieker is a partner in Gibson, Dunn & Crutcher’s Denver office.  He is a former federal cybercrimes prosecutor who has tried more than 45 civil and criminal cases to verdict.  Mr. Bergsieker’s practice is focused in three areas: government investigations, complex civil litigation, and cybersecurity/data privacy counseling.  In ranking Mr. Bergsieker as one of the top white collar defense and government investigations lawyers in Colorado, Chambers & Partners highlights client reports that Mr. Bergsieker “demonstrates good judgment and produces an excellent work product,” is “prompt, responsive and dependable,” “draws on strong expertise in government investigations and cybersecurity,” and is “very strong on tech and hacking.” Based on client feedback, BTI has named Mr. Bergsieker to its nationwide Client Service All-Stars List, recognizing “attorneys who stand above all the others in delivering the absolute best in client service.”  He also has been recognized by Best Lawyers, highlighted as a Colorado “Rising Star,” and named a “Complete Lawyer” who “excel[s] in the courtroom, in the boardroom, in client meetings and out in the community.”  He has particular experience with Department of Justice, Federal Trade Commission (“FTC”), Department of Health and Human Services(“HHS”), and State Attorney General investigations, and substantive expertise regarding the False Claims Act (“FCA”), the European Union’s General Data Protection Regulation (“GDPR”), the California Consumer Privacy Act (“CCPA”), HIPAA, and a wide range of other federal, state, and international privacy/cybersecurity laws, regulations, and standards.

Before joining Gibson Dunn, Mr. Bergsieker served as an Assistant United States Attorney in the District of Colorado.  He coordinated the District’s computer hacking prosecutions, served as its subject matter expert on electronic surveillance law, and investigated and prosecuted a wide range of crimes, including computer intrusions, denial of service attacks, theft of proprietary business information, identity theft, pharmaceutical misbranding, wire fraud, mail fraud, and murder.  In addition to trying cases before nearly every judge in the District, he led dozens of criminal investigations and argued multiple appeals before the United States Court of Appeals for the Tenth Circuit.  As a result of Mr. Bergsieker’s work, the United States Attorney awarded him the District’s Distinguished Service Award and the U.S. Attorney’s Award of Excellence.

Drawing on his experience, Mr. Bergsieker has written and lectured extensively on privacy, cybersecurity, and other government investigation-related topics.  He serves on the Board of Directors of the Faculty of Federal Advocates, and has been appointed to the Magistrate Judge Merit Selection Panel for the District of Colorado.

Mr. Bergsieker graduated summa cum laude and Phi Beta Kappa from Princeton University with an A.B. from the School of Public and International Affairs.  He received his J.D. from Yale Law School, where he served on the Board of the Yale Law Journal and as a civil procedure teaching assistant.  After graduating from law school, Mr. Bergsieker clerked for the Honorable David M. Ebel on the United States Court of Appeals for the Tenth Circuit.

Representative Cybersecurity and Privacy Matters

  • Representing publicly traded social media company in FTC inquiry related to disclosures regarding the company’s use of consumers’ personal information.
  • Representing publicly traded e-commerce company in FTC investigation following then-largest-ever data breach.
  • Representing multiple publicly traded healthcare providers and payors in Department of Health and Human Services investigations of potential HIPAA violations.
  • Conducting internal investigation for publicly traded retail company regarding electronic exfiltration of sensitive company information in corporate espionage scheme.
  • Advising publicly traded companies in multiple industries—including energy, manufacturing, financial services, and healthcare—on development of cybersecurity incident and data breach response plans.
  • Advising companies in multiple industries on compliance with the European Union’s General Data Protection Regulation (“GDPR”).
  • Training employees of multiple companies on handling data breach investigations.
  • Conducting internal investigation for publicly traded hospitality industry company regarding the unauthorized use of company computer resources for cryptocurrency mining.
  • Providing real-time counsel and crisis management advice to multiple publicly traded companies during investigations of suspected and actual data breaches.
  • Conducting internal investigation for publicly traded company regarding cyber embezzlement scheme.
  • Representing publicly traded e-commerce company in parallel investigations by state attorneys general regarding revisions to user agreement.
  • Representing privately held software company in FTC COPPA investigation.
  • Advising publicly traded healthcare companies on compliance with HIPAA, including conducting risk assessments and preparing risk management plans.
  • Advising publicly traded manufacturing company on cybersecurity aspects of expansion into foreign jurisdictions.

 Other Representative Government Investigation Matters

  • Representing publicly traded healthcare provider in multi-state parallel criminal and civil False Claims Act investigations by U.S. Department of Justice.
  • Representing publicly traded automobile manufacturer in investigation by coalition of state attorneys general regarding advertising claims.
  • Representing large privately held government contractor in Department of Justice False Claims Act investigation.
  • Representing publicly traded educational institution in FTC investigation regarding advertising claims.
  • Advising financial services firm on compliance with FTC advertising requirements.
  • Representing fintech company in investigation by Colorado Attorney General’s Office.
  • Representing owner of privately held pharmaceutical business in federal wire fraud investigation.
  • Representing employees of publicly traded company as witnesses in criminal investigation and trial of former contractor.
  • Advising hedge fund on development of protocols for conducting internal investigations connected to potential regulatory inquiries.
  • Representing publicly traded financial institution in state attorney general’s investigation of foreclosure practices.

 Representative Civil Litigation Matters

  • Representing large government contractor in False Claims Act qui tam litigation.
  • Representing large financial institution in theft of trade secrets litigation.
  • Representing publicly traded recreational industry company in litigation over control of significant resort property.
  • Representing multiple publicly traded companies in contract disputes.
  • Representing publicly traded energy industry company in merger dispute.

Representative Pro Bono Matters

  • Representing non-profit organizations in navigating data breach notice requirements.
  • Representing shelter for abused women in litigation involving alleged abuser’s request for information on shelter residents.
  • Representing immigrant student before School Board in high-profile disciplinary matter.
  • Providing legal services to the homeless at monthly legal clinics.

Recent Professional Publications

  • The Colorado Privacy Act: Enactment of Comprehensive U.S. State Consumer Privacy Laws Continues, Gibson Dunn Client Alert (July 2021).
  • China Constricts Sharing of In-Country Corporate and Personal Data Through New Legislation, Gibson Dunn Client Alert (June 2021).
  • European Commission Adopts New Standard Contractual Clauses for International Data Transfers, Gibson Dunn Client Alert (June 2021).
  • President Biden Issues Executive Order to Enhance U.S. Cybersecurity in the Wake of Major Cyber Incidents, Gibson Dunn Client Alert (May 2021).
  • California’s Privacy Laws Continue to Take Form: New Regulations for CCPA and Appointment of CPPA Members, Gibson Dunn Client Alert (March 2021).
  • Virginia Passes Comprehensive Privacy Law, Gibson Dunn Client Alert (March 2021).
  • Federal Regulators Propose Rule Requiring Banking Institutions and Service Providers to Provide Rapid Notification Following Significant Computer-Security Incidents, Gibson Dunn Client Alert (Jan. 2021).
  • European Data Protection Board Issues Important New Guidance on Transfers of Personal Data Out of the European Economic Area, Gibson Dunn Client Alert (Nov. 2020).
  • Where Data Privacy and CFPB Are Headed Under Biden, Law360 (Nov. 2020).
  • Businesses Should Prepare for a New Phase of Privacy Regulation and Enforcement in the United States, Gibson Dunn Client Alert (Nov. 2020).
  • California Approves Final CCPA Regulations, and Bill Extending Key Exemptions Moves Forward at the Legislature, Gibson Dunn Client Alert (Aug. 2020).
  • The Court of Justice of the European Union Strikes Down the Privacy Shield but Upholds the Standard Contractual Clauses under Conditions, Gibson Dunn Client Alert (July 2020).
  • U. S. Supreme Court to Weigh FTC Restitution Authority, Gibson Dunn Client Alert (July 2020).
  • GDPR Update: French Administrative Supreme Court Upholds 50 Million Euro Fine Against Google LLC, Gibson Dunn Client Alert (June 2020).
  • California Consumer Privacy Act Update: Attorney General Finalizes Regulations and Provides Interpretive Guidance, Gibson Dunn Client Alert (June 2020).
  • Privacy and Cybersecurity Issues Related to COVID-19, Gibson Dunn Client Alert (Mar. 2020).
  • California Consumer Privacy Act Update: Attorney General Proposes Further Revisions to CCPA Regulations, Gibson Dunn Client Alert (Mar. 2020).
  • California Consumer Privacy Act Update: Attorney General Proposes Regulations Version 2.0, Gibson Dunn Client Alert (Feb. 2020).
  • Google and YouTube Reach Historic Settlement with FTC and New York AG Over Alleged COPPA Violations, Gibson Dunn Client Alert (Sept. 2019).
  • U. S. Department of Health and Human Services Issues New Guidance on Voluntary Cybersecurity Practices for Health Care Industry, Gibson Dunn Client Alert (Jan. 2019).
  • The General Data Protection Regulation: A Primer for U.S.-Based Organizations That Handle EU Personal Data, Gibson Dunn Client Alert (Dec. 2017).
  • Cybersecurity & Data Privacy: An Overview for Health Care, Pharmaceutical, and Biotech Companies, Gibson Dunn Client Alert (Aug. 2017).
  • Trump Administration Prioritization of Cybersecurity, Gibson Dunn Client Alert (June 2017).
  • Preparing for Ransomware Attacks: Your Company is a Target, Legaltech News (Apr. 2017).
  • New York State Department of Financial Services Revises Proposed Cybersecurity Regulations, Gibson Dunn Client Alert (Jan. 2017).
  • The Cost of Ransomware Attacks Can Reach Far Beyond the Ransom Payment Itself, Healthcare Informatics (Dec. 2016).
  • New Cybersecurity Requirements for Defense Contractors Take Effect, Gibson Dunn Client Alert (Oct. 2016).
  • Federal Banking Regulators Announce New Proposed Cybersecurity Standards, Gibson Dunn Client Alert (Oct. 2016).
  • New York State Department of Financial Services Announces Proposed Cybersecurity Regulations, Gibson Dunn Client Alert (Sept. 2016).
  • Making Sense of a Morass: An Overview of the Different Standards U.S. Government Agencies and Other Entities Are Developing to Regulate Cybersecurity, Privacy and Security Law Report (Nov. 2015).
  • U. S. Federal Trade Commission Provides Guidance on Cybersecurity Enforcement Priorities, Gibson Dunn Client Alert (Sept. 2015).
  • The Third Circuit Upholds the U.S. Federal Trade Commission’s Authority to Regulate Cybersecurity, Gibson Dunn Client Alert (Aug. 2015).
  • The Federal Trade Commission’s Enforcement of Data Security Standards, Colorado Lawyer (June 2015).
  • New FTC Report Sets Out Principles Likely to Influence Regulation of the “Internet of Things,” Gibson Dunn Client Alert (Feb. 2015).
  • U. S. President Obama Announces Renewed Focus on Securing Cyberspace and Protecting Consumer Privacy, World Data Protection Report (Jan. 2015).
  • Implications of the SEC’s Increased Focus on Cybersecurity, Wall Street Lawyer (May 2014).
  • The Cybersecurity Framework: Risk Management Process . . . And Pathway to Corporate Liability?, Westlaw Journal (Dec. 2013).

 Recent Speaking Engagements

  • Privacy and Consumer Protection Enforcement Under the Biden Administration (Jan. 2021).
  • Complying with New U.S. and EU Privacy Requirements (Dec. 2020).
  • Government Audits & Investigations: Ethical and Practical Challenges (Dec. 2019).
  • And You thought You Knew What a “Sale” Was!: Sales of Personal Information Under the California Consumer Privacy Act (Nov. 2019).
  • The California Consumer Privacy Act: An Overview (Feb. 2019).
  • Government Investigations: Ethical and Practical Challenges (Nov. 2018).
  • GDPR Preparation: Implementation Tips for U.S. Companies (March 2018).
  • Privacy and Cybersecurity (Oct. 2017).
  • Cybersecurity: It Takes A Team (Sept. 2017).
  • Cybersecurity: Protecting Your Business While Building Trust with Your Customers (Nov. 2016).
  • How Companies Can Work with Federal Law Enforcement When Responding to Cybersecurity Incidents (Sept. 2016).
  • Cyber Incident Response (July 2016).
  • Consumer Financial Protection Bureau (CFPB) Trends in Enforcement and Investigations (April 2016).
  • Data Privacy and Security – Compliance and Risk Management (March 2016).
  • What Are “Reasonable” Security Measures? Dealing with the Fallout of a Data Breach and Responding to Government Investigations (Jan. 2016).
  • The Internet of Things – Where Opportunities and Privacy Collide (Oct. 2015).
  • Cybersecurity for Business Lawyers (April 2015).
  • Safeguarding Your Right to Privacy: Data Security in a Digital World (Feb. 2015).
  • The New Frontier in Consumer Protection Law Enforcement: Holding Companies Responsible When Thieves Steal Consumers’ Information (Feb. 2015).
  • Cyber Security: Preparing Your Company for a Cyber Attack (Oct. 2014).
  • Implications of the SEC’s Increased Focus on Cybersecurity (Aug. 2014).
  • An Introduction to Cybercrime (Nov. 2013).

EDUCATION

Yale University - 2004 Juris Doctor

Princeton University - 1998 Bachelor of Arts

ADMISSIONS

Colorado Bar

New York Bar

RECENT PUBLICATIONS

Client Alert - January 30, 2023 | U.S. Cybersecurity and Data Privacy Outlook and Review – 2023
Client Alert - January 5, 2023 | New INFORM Consumers Act Imposes Seller Diligence and Disclosure Requirements for Online Marketplaces
Article - July 12, 2022 | Insights And Omissions From Calif. Privacy Rules Draft
Client Alert - June 15, 2022 | Insights on New California Privacy Law Draft Regulations
Client Alert - May 13, 2022 | U.S. Privacy Law Update: Connecticut Enacts Comprehensive Privacy Law as Other States’ Laws Continue to Develop
Client Alert - May 5, 2022 | CFPB Invokes Dormant Dodd-Frank Authority to Regulate Nonbank Financial Companies
Client Alert - March 22, 2022 | President Biden Signs into Law the Cyber Incident Reporting for Critical Infrastructure Act, Expanding Cyber Reporting Obligations for a Wide Range of Public and Private Entities
Client Alert - March 11, 2022 | U.S. Privacy Law Update: Utah Joins Growing List of States with Comprehensive Privacy Laws as Other States See Potential Changes
Client Alert - January 31, 2022 | International Cybersecurity and Data Privacy Outlook and Review – 2022
Client Alert - December 14, 2021 | Virginia and Colorado Privacy Update: In 2022, Prepare for New Rules and Possible Privacy Law Amendments
Client Alert - November 11, 2021 | UK Supreme Court Overturns Court of Appeal to Disallow Google Data Privacy Class Action
Client Alert - July 9, 2021 | The Colorado Privacy Act: Enactment of Comprehensive U.S. State Consumer Privacy Laws Continues
Client Alert - June 17, 2021 | China Constricts Sharing of In-Country Corporate and Personal Data Through New Legislation
Client Alert - June 14, 2021 | European Commission Adopts New Standard Contractual Clauses for International Data Transfers and Data Processing Agreements
Client Alert - May 18, 2021 | President Biden Issues Executive Order to Enhance U.S. Cybersecurity in the Wake of Major Cyber Incidents
Client Alert - March 19, 2021 | California’s Privacy Laws Continue to Take Form: New Regulations for CCPA and Appointment of CPPA Members
Client Alert - March 8, 2021 | Virginia Passes Comprehensive Privacy Law
Client Alert - January 28, 2021 | U.S. Cybersecurity and Data Privacy Outlook and Review – 2021
Client Alert - January 27, 2021 | 2020 Year-End False Claims Act Update
Client Alert - January 25, 2021 | California Attorney General End of Term Update
Webcasts - January 7, 2021 | Webcast: Privacy and Consumer Protection Enforcement under the Biden Administration
Client Alert - January 4, 2021 | Federal Regulators Propose Rule Requiring Banking Institutions and Service Providers to Provide Rapid Notification Following Significant Computer-Security Incidents
Webcasts - December 16, 2020 | Webcast: Complying with New U.S. and EU Privacy Requirements
Firm News - December 10, 2020 | Twelve Partners Named 2020 BTI Client Service All-Stars
Client Alert - November 30, 2020 | Consumer Protection Under the Biden Administration
Publications - November 24, 2020 | Where Data Privacy And CFPB Are Headed Under Biden
Client Alert - November 24, 2020 | European Data Protection Board Issues Important New Guidance on Transfers of Personal Data Out of the European Economic Area
Article - November 19, 2020 | Businesses Should Prepare for a New Phase of Privacy Regulation and Enforcement in the United States
Client Alert - August 20, 2020 | California Approves Final CCPA Regulations, and Bill Extending Key Exemptions Moves Forward at the Legislature
Client Alert - July 17, 2020 | The Court of Justice of the European Union Strikes Down the Privacy Shield but Upholds the Standard Contractual Clauses under Conditions
Client Alert - July 17, 2020 | 2020 Mid-Year False Claims Act Update
Client Alert - July 13, 2020 | U.S. Supreme Court to Weigh FTC Restitution Authority
Client Alert - June 23, 2020 | GDPR Update: French Administrative Supreme Court Upholds 50 Million Euro Fine Against Google LLC
Client Alert - June 12, 2020 | California Consumer Privacy Act Update: Attorney General Finalizes Regulations and Provides Interpretive Guidance
Client Alert - March 20, 2020 | Privacy and Cybersecurity Issues Related to COVID-19
Client Alert - March 17, 2020 | California Consumer Privacy Act Update: Attorney General Proposes Further Revisions to CCPA Regulations
Client Alert - February 19, 2020 | California Consumer Privacy Act Update: Attorney General Proposes Regulations Version 2.0
Client Alert - January 31, 2020 | 2019 Year-End False Claims Act Update
Client Alert - January 27, 2020 | U.S. Cybersecurity and Data Privacy Outlook and Review – 2020
Client Alert - September 9, 2019 | Google and YouTube Reach Historic Settlement with FTC and New York AG Over Alleged COPPA Violations
Client Alert - July 16, 2019 | 2019 Mid-Year False Claims Act Update
Client Alert - January 28, 2019 | U.S. Cybersecurity and Data Privacy Outlook and Review – 2019
Publications - January 14, 2019 | U.S. Department of Health and Human Services Issues New Guidance on Voluntary Cybersecurity Practices for Health Care Industry
Client Alert - January 9, 2019 | 2018 Year-End False Claims Act Update
Client Alert - July 11, 2018 | 2018 Mid-Year False Claims Act Update
Client Alert - January 29, 2018 | International Cybersecurity and Data Privacy Outlook and Review – 2018
Client Alert - January 25, 2018 | U.S. Cybersecurity and Data Privacy Outlook and Review – 2018
Client Alert - January 5, 2018 | 2017 Year-End False Claims Act Update
Client Alert - December 4, 2017 | The General Data Protection Regulation: A Primer for U.S.-Based Organizations That Handle EU Personal Data
Client Alert - August 8, 2017 | Cybersecurity & Data Privacy: An Overview for Health Care, Pharmaceutical, and Biotech Companies
Client Alert - July 12, 2017 | 2017 Mid-Year False Claims Act Update
Client Alert - June 7, 2017 | Trump Administration Prioritization of Cybersecurity
Client Alert - January 31, 2017 | International Cybersecurity and Data Privacy Outlook and Review: 2017
Client Alert - January 27, 2017 | U.S. Cybersecurity and Data Privacy Outlook and Review: 2017
Client Alert - January 5, 2017 | New York State Department of Financial Services Revises Proposed Cybersecurity Regulations
Client Alert - January 5, 2017 | 2016 Year-End False Claims Act Update
Client Alert - October 31, 2016 | New Cybersecurity Requirements for Defense Contractors Take Effect
Client Alert - October 24, 2016 | Federal Banking Regulators Announce New Proposed Cybersecurity Standards
Client Alert - September 19, 2016 | New York State Department of Financial Services Announces Proposed Cybersecurity Regulations
Webcasts - April 21, 2016 | Webcast: CFPB Trends in Enforcement and Investigations
Client Alert - January 28, 2016 | Cybersecurity and Data Privacy Outlook and Review: 2016
Article - November 23, 2015 | Making Sense of a Morass: An Overview of the Different Standards U.S. Government Agencies and Other Entities Are Developing to Regulate Cybersecurity
Client Alert - September 15, 2015 | U.S. Federal Trade Commission Provides Guidance on Cybersecurity Enforcement Priorities
Client Alert - August 27, 2015 | The Third Circuit Upholds the U.S. Federal Trade Commission’s Authority to Regulate Cybersecurity
Article - June 10, 2015 | The Federal Trade Commission’s Enforcement of Data Security Standards
Client Alert - February 17, 2015 | Cybersecurity and Data Privacy Outlook and Review: 2015
Client Alert - February 5, 2015 | New FTC Report Sets Out Principles Likely to Influence Regulation of the “Internet of Things”
Client Alert - January 20, 2015 | U.S. President Obama Announces Renewed Focus on Securing Cyberspace and Protecting Consumer Privacy
Client Alert - May 1, 2014 | Implications of the SEC’s Increased Focus on Cybersecurity
Client Alert - December 12, 2013 | The Cybersecurity Framework: Risk management process … and pathway to corporate liability?
  • Sitemap
  • Client Extranet
  • Legal Notices
  • Modern Slavery Statement
  • Privacy Policy
  • Cookie Notice
  • Contact Us
©Gibson, Dunn & Crutcher LLP 2023. All rights reserved.
Top