Photo of Matthew M. Dybas

Matthew M. Dybas Associate

Areas of Practice

Bar Admissions

  • Admitted in Michigan and Washington, D.C. Only. Illinois Admission Pending.

Court Admissions

  • U.S. District Court, Eastern District of Michigan
  • U.S. District Court, Western District of Michigan


University of Michigan Law School, J.D.

Georgetown University, B.A.



Matthew Dybas is an associate in Dykema's privacy and data security group. Mr. Dybas' privacy and data security practice includes advising domestic and international clients on issues of breach response, employee training, risk assessment, policies and procedures, corporate compliance projects and revising services agreements to include adequate privacy and data security protections. Within this realm, Mr. Dybas has notable experience handling compliance matters related to the California Consumer Privacy Act (CCPA), the European Union General Data Protection Regulation (GDPR), the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA), the Illinois Biometric Information Privacy Act (BIPA), the Health Insurance Portability and Accountability Act (HIPAA) and the Telephone Consumer Protection Act (TCPA). He is a Certified Information Privacy Professional (CIPP/US), as certified by the International Association of Privacy Professionals (IAPP), and a member of the Sedona Conference Working Group 11 – Data Security and Privacy Liability.

Mr. Dybas also has experience litigating commercial real estate disputes, business torts and trade secret claims in state and federal courts. Prior to joining the firm, Mr. Dybas served as a Judicial Intern for former Chief Judge William B. Murphy of the Michigan Court of Appeals.


Mr. Dybas has experience advising domestic and international clients on issues of breach response and privacy compliance. His experience includes the following:

  • Advising domestic and international clients as they respond to data breaches including personal information, HIPAA-protected information and financial information, including notification to individuals and regulators;

  • Drafting privacy policies compliant with the CCPA, GDPR and BIPA;

  • Guiding clients through internal data inventories necessary to comply with domestic and international data protection statutes, such as the CCPA and GDPR; and

  • Assisting clients manage vendor relationships, including revising contractual privacy protections to comply with GDPR requirements.

Mr. Dybas has also achieved successful outcomes in federal and state courts at the trial and appellate levels, including:

  • Defending against TCPA class action claims alleging the use of automatic telephone dialing systems and artificial or prerecorded voices to call or text landlines and cell phones;

  • Federal jury trial experience representing a plaintiff on constitutional claims resulting in a favorable verdict.

Memberships & Involvement

  • International Association of Privacy Professionals, Member
  • Sedona Conference Working Group 11 – Data Security and Privacy Liability, Member