Data protection, privacy and cybersecurity

Our dedicated global practice is composed of more than 80 data protection, privacy and cybersecurity lawyers based in many of the world’s key risk jurisdictions.

Risk advice icon

Risk advice

We help clients manage legal risks related to cybersecurity, privacy, data governance, eDiscovery, information technology, eCommerce and intellectual property.

Industry experience icon

Industry experience

Our clients include large corporates, government and specialist internet and datarich companies operating across a broad range of sectors including financial services; aviation; life sciences, healthcare and pharmaceuticals; retail; insurance; energy; telecommunications and technology.

Global coverage icon

Global coverage

We advise our clients across multiple jurisdictions and regions, including Europe, the United States, Canada, Latin America, Asia, Australia, Africa and the Middle East. As an integrated cross-border group, we provide our clients with an integrated worldwide service.

Our areas of work 

Investigation, containment and remediation of sophisticated data breaches and cybersecurity incidents

Data protection, privacy and cybersecurity audits, compliance risk assessment and remediation

Data security, privacy and technology regulatory response and litigation

Regulatory investigations by data protection authorities and sector specific regulators

Development of security and privacy policies, best practices and procedures

Privacy policies for organizations and their websites

Security incident investigation, response and remediation

Cloud services and computing

Cross-border data flow requirements, including Privacy Shield, EU Binding Corporate Rules and other solutions

Cybersecurity and privacy contract development and negotiation

Cyber risk management and incident response

Data hub relocation projects

Data protection program development, including supporting consumer engagement activities such as marketing and advertising

Leveraging personal information for advertising and marketing

Management of employee information and patient medical records

M&A transactions

Mobile privacy issues

Proactive incident response planning

Restrictions on collection and use of consumer information

Strategic regulatory compliance advice

Technology transactions

Vendor management program development and implementation

Data protection and privacy

Our deep industry experience and global perspective means that we can advise our clients at each stage of the data lifecycle. At the front end, we help our clients assess and reduce their privacy and security risks and comply with applicable laws.

When developing marketing programs or new products and services, we assist clients by advising on privacy and security at the outset to maximize the effectiveness of their offerings and avoid legal and regulatory pitfalls.

We advise clients on complex issues associated with both personal and sensitive business data, including its collection, use, storage, disclosure, transfer and destruction.

We counsel clients on legal compliance and business strategy relating to privacy and security risk management, cybersecurity and technology transactions.

Incident response

We are able to draw upon our global experience to advise clients on the investigation, containment and remediation of a broad range of data breaches and other cybersecurity incidents and have acted in relation to many of the world’s most high-profile incidents in this area in recent years.

Minimizing financial loss and reputational damage is our highest priority, and we have an established reputation of achieving that objective for our clients. We frequently provide immediate incident response services across multiple jurisdictions and have advised clients in the context of cyber incidents with implications in over 120 jurisdictions and affecting many millions of individuals.

We know the key regulators well across a broad range of jurisdictions and have developed a deep understanding of those regulators’ priorities from a data protection, privacy and cybersecurity perspective.

In addition to assisting clients in their response to regulator investigations, we advise on class action lawsuits and other claims that arise out of privacy violations and security breaches. We are available to our clients on a 24/7/365 basis, and provide immediate assistance via our incident response team members across the globe.

Insights

 

Data stream concept
Data Protection Report

Data protection legal insight at the speed of technology

Visit our blog

Filter articles

Filter Articles Update Filters

Awards

BTI CyberSavvy 16

Listed among the leading 16 law firms for cybersecurity and data privacy matters, The BTI Consulting Group, 2020

Chambers Global

Global-wide: Outsourcing, Chambers and Partners, 2020

Chambers Global

Global-wide: TMT, Chambers and Partners, 2020

New Products and Services Award

FT Innovative Lawyers North America Awards, The Financial Times Ltd., 2019

Contacts

Nick Abrahams
Nick Abrahams
Global Head of Technology and Innovation; Partner
Ffion Flockhart
Ffion Flockhart
Global Co-Head of Data Protection, Privacy and Cybersecurity; Partner
Stella Cramer
Stella Cramer
Partner
Chris Cwalina
Chris Cwalina
Global Co-Head of Data Protection, Privacy and Cybersecurity
Marcus Evans
Marcus Evans
Partner
Anna Gamvros
Anna Gamvros
Partner
Julie Himo
Julie Himo
Partner
Tricia Hobson
Tricia Hobson
Partner
David Kessler
David Kessler
Head of Data and Information Risk, United States
Christoph Ritzer
Christoph Ritzer
Partner
Meet the team

News

News

Norton Rose Fulbright launches global payments practice

Global | March 12, 2019

Financial institutions

News

Norton Rose Fulbright launches AI-powered chatbot on EU GDPR

May 14, 2018

Technology and innovation

Related services

Risk advisory Technology and innovation