Andrew N. Friedman is a partner at Cohen Milstein and the immediate past co-chair of the Consumer Protection practice. Practicing in the class action field since 1985, Andy is a nationally recognized leader in the area of complex, multi-state class action lawsuits against manufacturers and consumer service providers, such as banks, insurers, credit card companies, and others, who is ready to take litigation all the way through trial.
In 2018, Mr. Friedman was named a Law360’s MVP in Data Privacy and Security, an award recognizing only five lawyers in the United States in this emergent area of law. In addition, under his leadership, Cohen Milstein’s Consumer Protection practice received numerous industry awards, including Law360’s Practice Group of the Year for Consumer Protection in 2018-19, The National Law Journal’s Elite Trial Lawyers Consumer award in 2018, and Law360’s Practice Group of the Year – Privacy in 2017.
Over the years, Andy has been court-appointed Lead or Co-Lead Counsel in numerous high-profile and often precedent-setting class actions, bringing relief to millions of consumers and recovering hundreds of millions of dollars in class actions.
- Attorney, U.S. Patent and Trademark Office
- District of Columbia
- New York
- The George Washington University Law School, J.D., 1983
- Tufts University, B.A., magna cum laude, 1980
Current Cases
DZ Reserve et al. v. Meta Platforms
DZ Reserve et al. v. Meta Platforms (N.D. Cal.): Cohen Milstein represents advertisers who claim that Facebook’s Potential Reach metric is false and misleading due to systemic inflation of the Potential Reach. The court granted class certification on March 29, 2022. On March 21, 2024, the United States Court of Appeals for the Ninth Circuit affirmed the lower court's class certification ruling for the damages class.
In re MGM Resorts International Data Breach Litigation
In re MGM Resorts International Data Breach Litigation (D. Nev.): On February 1, 2021, Cohen Milstein’s Douglas J. McNamara was appointed Co-Lead Interim Class Counsel in this consolidated data breach class action against MGM Resorts for failing to implement reasonable data security practices, thereby allowing the personal information of between 10.6 million and 142 million MGM hotel guests and customers to be stolen on or about July 7, 2019.
In re Marriott International Inc. Customer Data Security Breach Litigation
In re Marriott International Inc. Customer Data Security Breach Litigation (D. Md.): Cohen Milstein serves as Co-Lead Counsel to oversee a putative nationwide class action related to the data breach of personal information of nearly 400 million customers of Starwood-branded hotels, subsequently acquired by Marriott in 2016, making it one of the largest data breaches in U.S. history.
Past Cases
Anthem Data Breach Litigation
In re Anthem Data Breach Litigation (N.D. Cal.): Cohen Milstein was co-lead counsel in a certified class action involving the 2015 cyberattack and massive data breach of Anthem, Inc., one of the nation’s largest for-profit managed health care companies, which resulted in the theft of personal identification and health information of 78.8 million insureds. On August 16, 2018, the Court granted final approval to a $115 million settlement in this class action – the largest data breach settlement in U.S. history.
Caterpillar, Inc. Engine Products Liability Litigation
Caterpillar Product Liability Litigation (D.N.J.): Cohen Milstein was co-lead counsel in a nationwide product liability class action lawsuit alleging Caterpillar sold diesel engines with defective exhaust emissions system that resulted in power losses and shutdowns. The case was settled in September 2016 for $60 million.
Herrera et al v. JFK Medical Center Limited Partnership and HCA, Inc.
Herrera v. JFK Medical Center and HCA, Inc. (M.D. Fla.): Cohen Milstein was lead counsel in a class action lawsuit alleging that four Florida plaintiffs and others like them were billed inflated and exorbitant fees for emergency radiology services, in excess of the amount allowed by law, covered in part by their mandatory Florida Personal Injury Protection insurance. When the district court struck plaintiffs’ class claims, Ms. Martin successfully petitioned the Eleventh Circuit Court of Appeals to accept immediate appellate review and obtained a reversal of the district court’s order. Cohen Milstein resolved the case and secured final approval of a $220 million injunctive relief settlement.
In Re Equifax, Inc., Customer Data Security Breach Litigation
n re Equifax, Inc., Customer Data Security Breach Litigation (N.D. Ga.): Cohen Milstein was a member of the Plaintiffs’ Steering Committee in this data privacy breach class action against Equifax, a leading credit-reporting company that safeguards some of the most sensitive financial and personal information of over 147 million individuals across the United States, for its failure to inform the public of a massive data breach and theft of client data. On December 19, 2019 the court granted final approval of a landmark $1.5 billion settlement, consisting of a record-breaking $425 million in monetary and injunctive benefits and requiring Equifax to spend $1 billion to upgrade its security and technology.
In Re: Apple Inc. Device Performance Litigation
In re Apple Inc. Device Performance Litigation (N.D. Cal.): On March 17, 2021, the Court granted final approval of a $500 million settlement fund, which the Court called one of the largest class action settlements in the Ninth Circuit. Apple will use the fund to pay impacted owners of Apple’s iPhone SE, 6, 6 Plus, 6s, 6s Plus, 7, and 7 Plus who claimed that Apple failed to disclose material information about Apple’s iOS software operating system updates. Douglas McNamara was appointed to the Plaintiffs’ Steering Committee and was co-chair of the Expert Committee.
Khoday et al v. Symantec Corp. et al.
Khoday et al. v. Symantec Corp. et al. (D. Minn.): Cohen Milstein was lead counsel in a nationwide class action involving the marketing to consumers of a re-download service in conjunction with the sale of Norton software. In April 2016, the case settled in a $60 million all-cash deal a month before it was to go to trial – one of the most significant consumer settlements in years. Douglas McNamara was involved in all aspects of the case, from managing the litigation to overseeing a staff of contract attorneys to settlement discussions.
LLE One, LLC v. Facebook
LLE One, LLC v. Facebook (N.D. Cal.): Cohen Milstein served as co-lead counsel representing a class of advertising purchasers who claimed that Facebook breached its implied duty to perform with reasonable care and violated California’s Unfair Competition Law by intentionally miscalculating and inflating metrics related to its video advertisement services. If not for these miscalculations, plaintiffs claim, they would not have purchased more video advertisements and at a higher price than they otherwise would have paid. In June 2020, the Court granted final approval of a $40 million settlement against Facebook.
Tradex Global Master Fund SPC Ltd. et al. v. Lancelot Investment Management, LLC, et al.
Tradex Global Master Fund SPC Ltd. et al. v. Lancelot Investment Management, LLC, et al. (Crc. Crt., Cook Cnty., Ill.): In August 2018, the Court granted final approval of a $27.5 million settlement, concluding a nearly decade-old putative investor class action against McGladrey & Pullen LLP, an accounting firm, for its alleged fraud and negligence arising out of the Tom Petters’ Ponzi scheme, one of the largest Ponzi schemes in U.S. history.
- Benchmark Litigation, Litigation Star (2025)
- Legal 500, Leading Lawyers (2021-2024)
- Lawdragon 500 Leading Plaintiff Financial Lawyers (2021-2024)
- Law360 Cybersecurity and Privacy MVP (2018)
- The National Law Journal, Elite Trial Lawyers – Consumer (2018)
- Super Lawyer (2018-2024)
- The Best Lawyers in America (2023 – 2025)
October 9, 2024
Marriott Inks $52M Deal with States Over Guest Data Breach
Marriott International Inc. has agreed to pay $52 million to nearly every U.S. state and bolster its data security practices to resolve parallel investigations by state attorneys general and the Federal Trade Commission over a massive data breach at the hotel’s Starwood-branded properties. A coalition of attorneys general from the District of Columbia and every […]
In the News | Law360
August 8, 2024
9th Circ. Won’t Rethink OK’ing Ad Class Cert. Against Meta
The Ninth Circuit refused Thursday to rethink a split panel decision affirming certification of a damages class of potentially millions of advertisers who were allegedly deceived about Facebook’s “potential reach” tool, rejecting Meta Platforms Inc.’s warnings of unchecked fraud class actions. According to the one-page order, U.S. Circuit Judges J. Clifford Wallace and Sidney R. […]
In the News | Law360
August 1, 2023
LensCrafters Reaches $39M Deal To End AccuFit False Ad Suit
A proposed class of eyeglass wearers is asking a New York federal court to grant preliminary approval of a $39 million settlement to end a suit alleging LensCrafters misled consumers by advertising that its AccuFit Digital Measurement System was five times more accurate than competitors, having reached the agreement less than two weeks before trial. […]
In the News | Law360
December 1, 2023
Marriott Can’t Use Class Waiver To Block Cert. In Breach Row
A Maryland federal judge has reinstated certification for several classes of consumers suing Marriott and its information technology provider over a massive data breach at the hotel’s Starwood-branded properties, finding that Marriott’s response to the litigation has been “wholly inconsistent” with its argument that guests had agreed to pursue their claims individually. U.S. District Judge […]
In the News | Law360
April 6, 2023
Consumers Reject Marriott’s Challenge To Discovery Order
A class of consumers suing Marriott International Inc. in wide-ranging multidistrict litigation over a major data breach says it needs information on how the hotel company calculated the value of the consumers’ personally identifiable information, asking a Maryland federal judge to sign off on a special master’s report ordering discovery into the valuation. The consumers’ […]
In the News | Law360
May 5, 2022
Federal Judge Rules Marriott Data Breach Class Action May Proceed
Consumers might be able to recover damages for the inherent value of their personal information stolen during the breach based upon Marriott’s own valuation of that same data. A federal judge in Maryland has granted class certification in a data breach impacting over 133 million American consumers against hotel chain Marriott and its data security […]
In the News | Hospitality Technology
May 5, 2022
Federal Judge Rules Massive Marriott Data Breach Class Action May Proceed
Claims about company’s lax data security, which led to breach that impacted over 133 million guest records, moving forward on behalf of nearly 45 million consumers as a certified class GREENBELT, Md.– A federal judge in Maryland has granted class certification in a data breach impacting over 133 million American consumers against hotel chain […]
Press Releases
May 4, 2022
8 Classes of Marriott Guests Certified in Data Breach MDL
A Maryland federal judge certified eight classes of Marriott International Inc. guests in multidistrict litigation over a major data breach that compromised the personal information of more than 100 million guests at its Starwood-branded hotels, although some other classes were denied certification. U.S. District Judge Paul W. Grimm granted certification on Tuesday to eight of 13 potential guest […]
In the News | Law360
May 4, 2022
Marriott Guests Get Partial Class Certification in Breach Suit
Some Marriott International Inc. guests were granted class status by a Maryland federal judge in litigation over a major data breach that compromised the personal information of 133.7 million guests at its Starwood-branded hotels, while others classes were denied certification. Plaintiffs filed a would-be class action alleging that Marriott took more than four years to […]
In the News | Bloomberg Law
August 4, 2021
Guests Slam MGM Resorts’ Attempt to Toss Data Breach Suit
A proposed consumer class has opposed MGM Resorts’ bid to dismiss a suit over a data breach that exposed the personal information of 10.6 million guests, telling a Nevada federal court that the company argues wrongly that the consumers fall short in claiming negligence and harm. The consumers argued that MGM Resorts International failed to […]
In the News | Law360
April 26, 2021
Facebook Advertising Chief Worried About Whether It Overstated Reach
Carolyn Everson’s emails in long-running lawsuit say social network should ‘prepare for worst’ Carolyn Everson, one of Facebook’s most senior advertising executives, said the company had to “prepare for the worst” over claims that it overstated the reach of its advertisements, according to newly released court filings. The world’s largest social network has been fighting […]
In the News | Financial Times
April 26, 2021
Facebook Advertisers Seek Cert. in Inflated Ad Reach Suit
Facebook advertisers asked a California federal judge Friday to certify their proposed class claims that the company bolsters its advertising revenue by inflating the potential estimated reach of ads on the platform. The case is ripe for class treatment because it alleges classwide fraud perpetrated by Facebook with its misleading data for how many people […]
In the News | Law360
February 18, 2021
Facebook Reported Revenue It ‘Should Have Never Made’, Manager Claimed
Lawsuit cites product executive’s qualms over figures provided to advertisers A Facebook employee warned that the company reported revenues it “should have never made” by overstating how many users advertisers could reach, according to internal emails revealed in a newly unsealed court filing. The world’s largest social media company has since 2018 been fighting a […]
In the News | Financial Times
March 31, 2020
Marriott Reveals New Data Breach Impacting 5.2M Guests
Marriott International Inc. said Tuesday that roughly 5.2 million guests’ loyalty information and other personal details had been exposed in a data breach earlier this year, a disclosure that class counsel pressing multidistrict litigation over a separate major hack of the hotel giant said highlights the company’s ongoing data security failings. In a notice posted […]
In the News | Law360
January 15, 2020
Equifax Data Breach Settlement Is a Good Deal, Judge Says
A landmark data breach deal that requires Equifax to pay up to $425 million to consumers provides valuable monetary and injunctive benefits that “likely exceed” what class members could have achieved at trial, a Georgia federal judge said in a lengthy ruling explaining why he approved the contested settlement. In a 122-page opinion issued on […]
In the News | Law360
May 31, 2019
Andrew Friedman Discusses the Marriott Data Breach Lawsuit: Data Breach Debacles
Andrew Friedman, co-chair of Cohen Milstein’s Consumer Protection practice and co-lead counsel in the Marriott data breach class-action suit, joins Aaron Freiwald, host of the weekly podcast Good Law | Bad Law, to discuss the Marriott case as well as other massive data breaches and the growing security concerns surrounding our personal information. In today’s […]
Multimedia | Good Law ǀ Bad Law Podcast
October 16, 2018
Advertisers Allege Facebook Failed to Disclose Key Metric Error for More Than a Year
Facebook knew of problems with how it measured viewership of video ads for more than a year before it revealed them in 2016, according to a complaint filed by advertisers. Advertisers allege that Facebook knew for more than a year about problems measuring viewership of video ads before disclosing the issue. Facebook Inc. knew of […]
In the News | The Wall Street Journal