David J. Shannon

David chairs both the Privacy and Data Security Practice Group and the Intellectual Property, Technology and Media Litigation Practice Group. He concentrates a substantial portion of his practice on privacy law, data breaches, intellectual property, copyright and trademark infringement, as well as trade secret, trade dress technology and media related litigation. David is experienced defending privacy and intellectual property cases venued throughout the United States and has been litigating cases in federal and state courts since 1994. David is a national and international featured speaker at privacy and data security conferences and seminars. His presentations focus on legal issues and emerging trends in the insurance industry with an emphasis on all areas of privacy, data breach and data security.

David additionally represents design professionals in a variety of construction industry related claims. He has extensive experience representing architects, engineers, surveyors, land developers, commercial property owners, general contractors, subcontractors and commercial landscapers. David has defended clients in cases that involved claims for design errors and omissions and other contractual and negligence claims. Over the past 25 years, he has tried a number of bench trials, jury trials, and arbitrations.

Honors & Awards

•Legal 500 Philadelphia Legal Elite, Intellectual Property (2025-2026)
•Pennsylvania Super Lawyers (2005, 2026)

Classes/Seminars Taught

•PLUS Podcast: Managing Cybersecurity Threats in 2025, Episode 2, Beyond the Breach: Remediation vs. Forensic Investigation, December 2025
•PLUS Podcast: Managing Cybersecurity Threats in 2025, Episode 1, ' Ransomware, Business Email Compromise, AI and The Increasing Sophistication of Cyber Threat Actors,' July 2025
•PLUS Podcast: Managing Cybersecurity Threats in 2024, Episode 3, Restoration After The Data Breach, December 2024
•PLUS Podcast, Managing Cybersecurity Threats in 2024, Episode 2: SEC Amendment's Impact on Compliance and Reporting, July 2024
•PLUS Podcast: Managing Cybersecurity Threats in 2024, Episode 1: The Persisting Threat of Ransomware, February 27, 2024
•PLUS Podcast: Managing Cybersecurity Threats in 2023. Episode 2: The Current State of Ransomware Attacks in 2023 . April 2023
•Critical Infrastructure - A Global View on Cyber Risk and Systemic Threats, ILG 360 London Annual Conference 2023, March 15, 2023
•PLUS Podcast: Managing Cyber Security Threats in 2023. Episode 1: Cryptojacking - New Risks For Carriers and Their Insureds. March 2023
•Business Email Compromise & Wire Transfer Fraud - Evolving Trends and Cyber Crime, Marshall Dennehey Client Webinar, Presented to Multiple Clients, 2022
•Ransomware Attacks: An Ongoing Global Threat, Marshall Dennehey Client Presentation, Presented to Multiple Clients, 2022
•Ransomware Attacks: An Ongoing Global Threat, ILG Virtual Conference, March 31, 2022
•Cybersecurity: Crucial for a Law Firm’s Survival, Moderator, Philadelphia Association of Defense Counsel, November 16, 2021
•Civil Litigation Updates in COVID-19 Litigation - Where Do We Stand One Year Later? Marshall Dennehey Webinar, May, 2021
•Ransomware Attacks: An Ongoing Global Threat, ILG Virtual Conference, March 25, 2021
•Cyber Security & Construction, National Association of Women in Construction, November 2020
•Speaking Up on Silent Cyber, A.M. Best Webinar Panelist, May 2020
•Emerging Global Cyber Ransom Threats Require A Strategic Response From The C-Suite, A.M. Best Insurance Law Podcast, July 2018
•Cyber Claims: What to Do?, National Conference of Insurance Guaranty Funds, November 2017
•Data Breaches Come in All Sizes, Beacon Technologies, April 26, 2017
•Cyber: Global Perspectives, Insurance Law Global, International Insurance Defence Network Conference, March 2017
•Cyber Security for the C Suite, panelist, SIM, February 7, 2017
•Ethical and Statutory Concerns for Law Firms, webinar panelist, Bloomberg & CNA Insurance, November 2, 2016
•Cybersecurity for the C Suite, panelist, Tatum, October 26, 2016
•Cybersecurity: Emerging Trends and the Current Regulatory Environment for Independent Financial Advisors and Independent Financial Services Firm, Financial Services Institute (FSI) webinar, September 22, 2016
•The Changing Landscape of Cyber Liability Litigation, ACI’s 13th Advanced Forum on Cyber & Data Risk Insurance, July 29, 2016
•Attorney Client Privilege Issues Arising out of Data Breaches, Breach Responses, and Subsequent Third Party Litigation, ACI Data Breach & Privacy Litigation and Enforcement Conference, March 18, 2016
•Developments and Emerging Trends in the Legal and Insurance Areas of Cybersecurity, Travelers Insurance, February 2016
•A Legislative Update From the Front Lines, DRI Data Breach and Privacy Law Conference, November 4, 2015
•Litigation Roundup Including Recent Supreme Court Developments on Article III Standing, Injury, Damages (Spokeo v. Robins), Class Actions, and Data Breach Litigation, ACI's 17th Advanced Global Legal & Compliance Forum on Cyber Security & Data Privacy and Protection, October 5, 2015
•Cyber Liability Insurance: New Risks & Emerging Trends, Insurance Brokers' Association of the State of New York (IBANY), September 16, 2015
•Liability Concerns for Architects, Engineers and Construction Professionals: Pennsylvania Intellectual Property Overview, Marshall Dennehey Client Seminar, July 2015
•Online Ethics: Blawgs, Directory Listings, Q & A Forums & Social Media Use and Confidentiality and Data Security, National Business Institute, April 2015
•Cyber Hackers Are Everywhere! Are You Prepared? Philly I-Day, April 9, 2015
•Current Trends in Data Breach First and Third-Party Claims and Litigation, American Conference Institute's Cyber & Data Risk Insurance conference, March 24, 2015
•Hot Topics in Employment, Assurex Loss Control & Claims Conference, October 22, 2014
•Cyber Technology, Data Breaches and Related E&O Trends, Claims and Coverage, moderator and speaker, 8th Annual ExecuSummit E&O Insurance Conference, June 2014
•Cyber Liability Exposures, Every Business Has Them, Panelist, PLUS Mid-Atlantic Chapter Seminar, May 2014
•Hot Topics in Employment, Marshall Dennehey / AIG Seminar, Philadelphia, PA, October 10, 2013
•Employment Liability in the Cyber Age, Marshall Dennehey / AIG Employment Seminar, Pittsburgh, PA, May 2, 2013
•Cyber Liability Claims, Coverage Issues, panel speaker, 2nd Annual National Cyber Liabilities Insurance ExecuSummit, 2013
•Data Privacy Risk: Red Flags in Higher Education, ASFAA Annual Conference, 2012

Published Works

•'Opportunity Knocks: Modern Trends With Business Email Compromise in a Changing Cyber World,' New Jersey Law Journal, November 27, 2024
•'Cybersecurity Threats: A Year in Review and a Look Ahead,' The Legal Intelligencer, December 19, 2023.
•“Kaseya Data Breach Is Another Signal to Cyber Underwriters About the Dangers of Ransomware Attacks,” Defense Digest, Vol. 27, No. 4, September 2021
•'Cyber Threats: Why the Construction Industry Could be the Next Big Target,' The Legal Intelligencer, Construction Law Supplement, August 12, 2021
•'Kaseya Data Breach is Another Signal to Cyber Underwriters about the Dangers of Ransomware Attacks, ' PLUS Blog, July 19, 2021
•“Insurance Law Global: Emerging Global Cyber Ransom Threats Require a Strategic Response From the C-Suite - Episode #143,” Defense Digest, December 2018, Vol. 24, No. 4
•'Weightmans LLP & Insurance Day Cyber Risk Survey Report,' remarks on page 12. November 2015
•'The Impact of EU Rulings on the Cyber Landscape,' Global Reinsurance, October 14, 2015
•'Are Hackers Secretly Stealing Your Practice?' The Legal Intelligencer, Cybersecurity Supplement (page 8), June 23, 2015
•'New Year's Resolutions? For Financial Firms and Advisors, Cybersecurity Should Top the List,' Aon Advisor Solutions newsletter, Winter 2015
•'Financial Advisor Forecast: Stormy, With Scattered Data Breaches,' Financial Advisor, June 23, 2014
•'How to Minimize the Threat of the Dreaded Data Breach,' Catalyst, Winter 2013/2014, publication of the Pennsylvania Chamber of Business and Industry
•'How to Avoid Liability for Comments Posted on Your Company's Website,' Mondaq.com, 2012 and AgentsofAmerica.com, 2012
•'In A Copyright Infringement Action, a Secondarily Liable Defendant Is Only Responsible For One Statutory Damage Award,' Pennsylvania Bar Association Intellectual Property Newsletter, 2011
•'Starbucks v. Charbucks: Substantial Similarity Is Not Required To Prove Dilution By Blurring,' Intellectual Property Law Newsletter, Pennsylvania Bar Association, Summer, 2010

Media Commentary

•' The Cost of Cybersecurity: Risks and Responses on the Rise,' The Legal Intelligencer, February 17, 2015

Thought Leadership

Legal Updates for Privacy and Data Security

Identity Theft Resource Center Report Reveals Rising Data Breaches Despite Drop in Mega Breaches

February 19, 2026

The Identity Theft Resource Center (ITRC), a well-known, non-profit identity theft and fraud prevention organization, recently released its 2025 annual data breach report with significant findings for the data breach field. The ITRC tracked 3,322 data breaches in 2025 - an increase of more than 5% compared to 2024. The numbers set a new record for U.S. data breaches tracked by the ITRC over the past 20 years. These numbers also show a 79% jump in data breaches over the last five years. Just as importantly, the number of victim notices that were sent out decreased. In 2024, the ITRC found that over 1.3 million notices had been sent out, while in 2025 less than 300,000 notices were distributed. The ITRC noted that the significant decrease in victim notices was likely due to the lack of “mega-breaches” in 2025 compared to 2024. The ITRC also found that the financial services industry was the most breached industry in 2025 followed by health care, professional services, manufacturing, and education. The ITRC’s president was quoted that they had found “more attacks that are more precise, more automated and more difficult to detect. Consumers can take all of the right steps, businesses can have the best cyber security and still fall victim to criminals.” These findings are significant for the cyber security insurance field. While mega breaches may be decreasing, the overall number of breaches demonstrates that all businesses should be obtaining proper cyber security insurance, and insurance carriers should be aware that while less notices will go out, more claims will be made that can affect both underwriting and the claims procedures. Legal Updates for Privacy & Data Security - February 19, 2026, has been prepared for our readers by Marshall Dennehey. It is solely intended to provide information on recent legal developments and is not intended to provide legal advice for a specific situation or to create an attorney-client relationship. We welcome the opportunity to provide such legal assistance as you require on this and other subjects. If you receive the alerts in error, please contact MeDeSatnick@MDWCG.com. ATTORNEY ADVERTISING pursuant to New York RPC 7.1. 2026 Marshall Dennehey, P.C. All Rights Reserved.

Managing Cybersecurity Threats in 2025 - Episode 2 - Beyond the Breach: Remediation vs. Forensic Investigation

December 1, 2025

In this podcast, David J. Shannon discusses incident response, ransomware attacks and the timing of breach attempts.

News

Marshall Dennehey Announces 2026 Pennsylvania Super Lawyers and Rising Stars Honorees

May 22, 2026

Marshall Dennehey Attorneys Once Again Recognized in The Legal 500 Philadelphia Legal Elite

February 25, 2026