Data protection, privacy and cybersecurity

An increasingly complex web of data protection, privacy and cybersecurity laws, self-regulatory frameworks, best practices and business contracts govern the processing and safeguarding of information around the world, as well as the protection of critical industrial infrastructure.

“Especially sought out for its expertise in data privacy, Blockchain services and smart contracts.” Chambers Global, 2019

Our global group of dedicated data protection and cyber lawyers represents clients from across industries that operate in many corners of the world, each facing a unique set of data protection, privacy and cybersecurity concerns, ranging from business strategy issues to transactions, and from cyber incidents to government investigations and litigation. Advising clients across the globe affords us a 360-degree view of cyber issues that we leverage to provide advice that is holistic, informed and practical, and reflects industry- and region-specific risks.

We advise clients on complex issues associated with both personal and sensitive business data, including its collection, use, storage, disclosure, transfer and destruction. We counsel clients on legal compliance and business strategy relating to privacy and security risk management and cybersecurity and technology transactions. We also offer clients a comprehensive cyber risk management and incident response service which includes assisting clients in developing internal policies and procedures, drafting cyber incident response plans and stress testing those plans by conducting simulated cyber incidents.

Our clients include large corporate, government and specialist internet or data-rich companies operating across a broad range of sectors including financial services, life sciences, healthcare and pharmaceuticals, retail, insurance, energy, telecommunications and technology.

Our areas of work include

Bankruptcy proceedings involving personal information
Cloud services and computing
Cross-border data flow requirements, including Safe Harbor certification, EU Binding Corporate Rules and other solutions
Cybersecurity and privacy contract development and negotiation
Cyber risk management and incident response solutions
Data hub relocation projects
Data protection, privacy and cybersecurity audits, compliance risk assessment and remediation
Data protection program development, including supporting consumer engagement activities such as marketing and advertising
Data security, privacy and technology regulatory response and litigation
Development of security and privacy policies, best practices and procedures
Leveraging personal information for advertising and marketing
Management of employee information and patient medical records
M&A transactions
Mobile privacy issues
Privacy breaches
Privacy policies for organizations and their websites
Proactive incident response planning
Restrictions on collection and use of consumer information
Security incident investigation, response, and remediation
Strategic regulatory compliance advice
Technology transactions
Vendor management program development and implementation