Cybersecurity and data privacy

Most incidents handled by our Norton Rose Fulbright cyber team originate from the customer’s service provider. In many cases it is the service provider’s systems, infrastructure and environment which proves to be the most vulnerable to cyber breaches and security issues.

A discussion on data privacy and security considerations in internal and regulatory investigations

Businesses investing in, financing or operating data centres face a complex matrix of laws and regulatory requirements. Ensuring compliance is important for lender and investor due diligence and is crucial to avoiding fines, penalties and contractual or regulatory breaches that can significantly impact the business and any investment in, or financing of, data centres.

A discussion on the preservation, collection and transfer of data in investigations.

Reviewing the recent decision in TR v Land Hessen (C‑768/21).

The UK Supreme Court handed down the much anticipated judgment in Lloyd v Google LLC [2021] UKSC 50, unanimously allowing Google’s appeal and reversing the decision of the Court of Appeal.

The Turkish Data Protection Law (the “Law”) regulates the transfer of personal data outside of Turkey in detail.

Service providers who wish to use electronic messaging for commercial purposes are required to register with the Commercial Electronic Communication Management System (“CMS”, İleti Yönetim Sistemi).

On 2 November 2020, a federal trial court in New York issued a ruling regarding the use of a photograph taken from a social media post (Boesen v United Sports Publications, Ltd., 20-CV-1552 (ARR) (SIL) (E.D.N.Y. Nov. 2, 2020).

In July, the CJEU gave judgment in the case known as Schrems II, a landmark data protection case about how companies can lawfully transfer personal data around the world.