Skip to Main Content
Professional Photo

Matthew G. White, CIPP/US, CIPP/E, CIPM, PCIP


Matt White, co-chair of the Firm's Financial Services Cybersecurity and Data Privacy Team, regularly advises clients on a wide range of cybersecurity and data privacy matters, including compliance, training, incident response, regulatory investigations, and litigation.

Featured Videos

An Overview of HIPAA Issues for Financial Institutions and Best Practices for Your Vendor Management Program June 16, 2021
Additional Incident Response Considerations – Protecting the Attorney-Client Privilege and Involving Your Board of Directors May 19, 2021
State and Federal Privacy Regulation in 2021: What is on the Horizon? April 21, 2021
The California Privacy Rights Act and Financial Institutions March 17, 2021
How To Prepare for a Cybersecurity Incident February 17, 2021
2021 Privacy Landscape January 13, 2021

Featured Experience

Represented numerous financial institutions with regard to compliance with privacy and cybersecurity laws and regulations, including GLBA, CCPA, CPRA, GDPR, HIPAA, FCRA, and TCPA.

Assisted numerous clients with remediation and reporting of security incidents, including those caused by ransomware, phishing, malware, employee misconduct, and other cyber-attacks.

Counseled multiple clients on compliance with U.S. privacy laws and privacy notices.

Professional Biography

Matt White is a Certified Information Privacy Professional (CIPP/US, CIPP/E) and a Certified Information Privacy Manager (CIPM). Matt is also a Payment Card Industry Professional (PCIP). His practice focuses on representing financial institutions, including banks, credit unions, insurance companies, investment advisory firms, broker-dealer firms, and other highly regulated businesses. He counsels clients on all aspects of privacy and cybersecurity, including litigation and breach response, privacy compliance, transactional diligence, and the defense of regulatory actions.

Matt has significant experience:

  • Advising clients on privacy, information security, supply chain and vendor management, insurance, document retention, e-discovery, and data and technology issues;
  • Assisting clients with compliance-related matters including internal policy creation and training;
  • Preparing customized website and mobile device policies and notices including terms of use, privacy policies, state-specific notices, and cookie notices;
  • Counseling on the investigation, response, notification, and defense of data breaches and incidents; and
  • Representing clients in responding to regulatory investigations and in litigation and class action matters involving cybersecurity and data privacy issues.

He routinely advises clients on data privacy and security matters arising from a variety of state and federal laws and regulations including the Gramm-Leach-Bliley Act (GLBA), the Fair Credit Reporting Act (FCRA), the Fair and Accurate Credit Transactions Act (FACTA), the Telephone Consumer Protection Act (TCPA), the Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM), the Electronic Communications Privacy Act (ECPA), the Stored Communications Act (SCA), the California Consumer Privacy Act (CCPA), and the New York Department of Financial Services Cybersecurity Regulation. He also counsels clients on global data protection laws including the General Data Protection Regulation (GDPR), and on compliance with Payment Card Industry (PCI-DSS) requirements.

Matt particularly focuses on helping financial institutions and other businesses implement policies, procedures, and best practices concerning data privacy and security, and assisting clients in strategically navigating through cyber incidents and litigation.

In addition to his privacy and security experience, Matt also represents financial institutions, broker-dealers, investment advisors, and other companies in litigation, arbitration, regulatory and compliance matters, and in investigations and enforcement proceedings. He regularly represents national and regional securities firms and their registered representatives in a wide range of matters including customer-initiated arbitrations and litigation, as well as in enforcement proceedings and investigations by the SEC, self-regulatory organizations and state securities agencies.

As an experienced litigator, Matt has represented clients in numerous complex commercial and general business litigation. He has successfully litigated trial and appellate matters in both state and federal courts, and in mediation and arbitration. Matt has also defended financial institutions and other corporations in class action litigation.

You can follow Matt on Twitter, @mattwhitejd, and connect with him on LinkedIn.

  • Represented numerous financial institutions with regard to compliance with privacy and cybersecurity laws and regulations, including GLBA, CCPA, CPRA, GDPR, HIPAA, FCRA, and TCPA.

  • Assisted numerous clients with remediation and reporting of security incidents, including those caused by ransomware, phishing, malware, employee misconduct, and other cyber-attacks.

  • Counseled multiple clients on compliance with U.S. privacy laws and privacy notices.

  • Represented a company in class action litigation alleging violations of the FTC Guidelines arising out of a data breach.

  • Represented numerous broker-dealers and registered investment advisers in litigation and in arbitrations involving claims of unsuitability, unauthorized trading, misrepresentation, churning, failure to supervise and breach of fiduciary duty.

  • Successfully defended broker-dealers and registered investment advisers in SEC enforcement actions.

  • Successfully defended broker-dealers in FINRA enforcement actions.

  • Successfully defended a corporate executive in an SEC insider trading investigation.

  • Successfully defended the officer of a company in a SEC inquiry regarding alleged material misrepresentations.

  • Represented numerous broker-dealer firms and their registered representatives in responding to subpoenas, document requests from regulators, and informal inquiries as well as formal SRO investigations involving investment banking activities, alleged sales practice violations, failure to supervise and other matters.

  • Represented the officers of a public company in bankruptcy and in a parallel criminal investigation, civil litigation and regulatory investigation
  • Successfully defended a financial institution on appeal in a U.S. Court of Appeals case arising out of the disposition of a business unit in which former employees claimed $2.4 million in damages for the alleged breach of a payment agreement. Obtained affirmance in the client's favor.

  • Represented a mortgage company in a case before the Tennessee Court of Appeals in which the Court held that there is no private right of action to enforce the Home Affordable Modification Program.
  • Won a dismissal of action alleging breach of contract and fraud filed in a U.S. District Court based on lack of personal jurisdiction.

  • Represented a local government in litigation arising from school system consolidation.
  • Successfully defended a broker-dealer in a federal court action alleging violations of federal and state securities laws, aiding and abetting breach of fiduciary duties, and commercial bribery in the wake of the bankruptcy of a registered investment adviser.

  • Member – International Association of Privacy Professionals (CIPP/US, CIPP/E, CIPM)
    • Co-Chair, IAPP KnowledgeNet Memphis Chapter
  • Distinguished™ Peer Review Rated by Martindale-Hubbell
  • Named a Mid-South Rising Star by Mid-South Super Lawyers (2014 – 2020)
  • Named a 2018 Best of the Bar Ace Associate by the Memphis Business Journal
  • Named a 2016 Top 40 Under 40 by the Memphis Business Journal
  • Recipient – Baker Donelson Firmwide Pro Bono Award (2016, 2018)
  • Member – American Bar Association
    • Securities Litigation Committee
  • Member – Memphis Bar Association
  • Member – Tennessee Bar Association
  • Member – Virginia Bar Association
  • Member – Bar Association of the District of Columbia
  • Member – DRI
    • Commercial Litigation Committee
    • Government Enforcement and Corporate Compliance Committee
    • Securities Enforcement Subcommittee
    • Complex Commercial Litigation Subcommittee
  • Community Co-Chair – DRI Complex Commercial Litigation SLG
  • Member – Financial Markets Association, Seminar Planning Committee
  • Member – Leo Bearman, Sr. American Inn of Court
  • Named a Tennessee Supreme Court Attorney for Justice
  • President – Memphis Area Gator Club


  • University of Florida, Levin College of Law, J.D., cum laude
    • Research Editor, Florida Law Review
    • Member – Florida Journal of Technology Law and Policy
    • Member – Florida Entertainment Law Review
    • Officer – Corporate and Securities Litigation Group
    • Placed First in the Florida Intramural Securities Moot Court Competition
    • Book Awards in Legal Drafting and Advanced Techniques in Appellate Advocacy
    • Dean's List
  • University of Florida, B.A., magna cum laude


  • Tennessee, 2012
  • District of Columbia, 2010
  • Virginia, 2009
  • U.S. District Court for the Western, Middle, and Eastern Districts of Tennessee
  • U.S. District Court for the Eastern and Western Districts of Virginia
  • U.S. District Court for the District of Columbia
  • U.S. Court of Federal Claims
  • U.S. Court of Appeals for the Federal Circuit
  • U.S. Court of Appeals for the Sixth Circuit

Email Disclaimer

NOTICE: The mailing of this email is not intended to create, and receipt of it does not constitute an attorney-client relationship. Anything that you send to anyone at our Firm will not be confidential or privileged unless we have agreed to represent you. If you send this email, you confirm that you have read and understand this notice.
Cancel Accept