Jeremy Lua is a dual-qualified dispute resolution and investigations lawyer based in Singapore. He focuses on cybersecurity and privacy.

He is experienced in a broad range of complex regulatory investigations and compliance matters involving data protection, cybersecurity and technology.

He advises clients across various industry sectors on managing data and cyber security incidents, working closely with multi-disciplinary client teams and external experts including IT security and forensic consultants, crisis communications consultants, ransom negotiators, to help develop an effective response strategy to triage and obtain visibility over an incident; achieve containment and remediate the incident; address regulatory requirements; develop effective regulatory and communication strategies in order to preserve customer relationships; identify and preserve claims against third parties; and mitigate risks of regulatory investigations and litigation.

Leveraging his background as an investigations lawyer, Jeremy advises and represents clients on investigations arising out of data and security incidents initiated by regulators such as Singapore’s Personal Data Protection Commission (“PDPC”), the Singapore Monetary Authority of Singapore (“MAS”), the Technology Crime Investigation Branch (“TCIB”) of the Singapore Police Force (“SPF”), the Cyber Security Agency of Singapore (“CSA”) as well as engaging with foreign law enforcement agencies such as the U.S. Federal Bureau of Investigation (“FBI”).

He also assists clients on assessing privacy and security risks, including designing and implementing privacy and data security compliance programs, policies and procedures as well as incident response preparedness.

Jeremy's broader practice includes matters involving white collar and business crime matters such as anti-bribery and corruption, anti-money laundering, sanctions, export controls and financial fraud, as well as ESG issues like modern slavery and business human rights due diligence, health and safety matters, environmental regulatory disclosures and corporate governance.

Jeremy is recognised in 2025 by Chambers & Partners as an “Associate to Watch” in the Technology, Media, Telecoms (TMT): International – Singapore category and by the Legal 500 as a “Leading Associate” in the Data Protection and Cyber Security: Foreign Firm category.  Since 2022, Jeremy has been recognised by Chambers & Partners as an "Associate to Watch" for Corporate Investigations/Anti-Corruption: International category and a “Leading Associate” by The Legal 500 for the White-Collar Crime – Foreign Firms category.

Prior to joining the firm, Jeremy was a Deputy Public Prosecutor at AGC, with a focus on technology crime. As a technology crime prosecutor, Jeremy prosecuted offences under the Singapore Computer Misuse Act.

Jeremy is a Co-Chairperson of the Law Society of Singapore's Cybersecurity & Data Protection Committee since 2023 and is also Chairperson of the Law Society of Singapore’s Generative Artificial Intelligence Committee for 2025. He is also certified in Cyber Incident Planning and Response by the Cyber Management Alliance.