Twitter Logo Youtube Circle Icon LinkedIn Icon

The Legal 500 Hall of Fame Icon The Legal 500 Hall of Fame highlights individuals who have received constant praise by their clients for continued excellence. The Hall of Fame highlights, to clients, the law firm partners who are at the pinnacle of the profession. In the United Kingdon, the criteria for entry is to have been recognised by The Legal 500 as one of the elite leading lawyers for eight years. These partners are highlighted below and throughout the editorial.
Click here for more details

United Kingdom > London > Risk advisory > Data protection, privacy and cybersecurity > Law firm and leading lawyer rankings



Index of tables

  1. Data protection, privacy and cybersecurity
  2. Leading individuals
  3. Next generation lawyers

Next generation lawyers

  1. 1

Who Represents Who

Find out which law firms are representing which Data protection, privacy and cybersecurity clients in London using The Legal 500's new comprehensive database of law firm/client relationships. Instantly search over 925,000 relationships, including over 83,000 Fortune 500, 46,000 FTSE350 and 13,000 DAX 30 relationships globally. Access is free for in-house lawyers, and by subscription for law firms. For more information, contact


Bird & Bird LLP’s ‘highly impressive’ five-partner team ‘stands out from the crowd’ as ‘an obvious leader in the field’ and is led by ‘industry doyen’ Ruth Boardman, who ‘has her finger on the pulse and exceptional insight into the industry and its workings’. General Data Protection Regulation (GDPR) work has been prominent for the team, with recent highlights including advising Treatwell on a GDPR compliance programme. The group is also highly regarded for its expertise in the advertising, financial services, pharmaceutical, health and technology sectors; its impressive client roster includes the European Digital Advertising Alliance, Adobe, Associated British Foods, and Time. Consultant Francis Aldhouse specialises in information law and policy-related issues; James Mullock’s expertise encompasses data protection, freedom of information and cyber law; and Graham Smith acts for a range of telecoms and internet clients and has substantial experience in the field of state surveillance. Clients also single out Gabriel Voisin (who made partner in 2017), senior associate Elizabeth Upton and Heledd Lloyd-Jones.

One of the best firms in the area’, Bristows LLP has an ‘excellent’ department, which is ‘technically strong, extremely responsive and highly considerate of the client’s needs’. The firm’s contentious strength (in areas including data breaches) sits alongside substantial expertise in global compliance programmes and privacy issues. It advised Google in the EU and US on the development and implementation of a GDPR strategy, and is assisting Samsung Electronics in relation to the data protection elements of its digital marketing operations. Other recent highlights include advising Facebook on its entry into the EU-US Privacy Shield, and acting for NBC Universal and Comcast on the development of a global data compliance programme. IBM, Amazon Web Services, British Airways and Dolby are also clients. Mark Watts, who has ‘incredible knowledge which he applies in a highly commercial way’, leads the team, which was recently bolstered by the arrival of Robert Bond and his team from Charles Russell Speechlys LLP. Of counsel Christopher Millard and Hannah Crowther are also recommended.

Covington & Burling LLP is also ranked.

With a substantial global platform to draw upon and a high-profile client roster including Virgin Media, Delta Airlines and EDF Energy, Dentons covers the full gamut of data protection issues including regulatory compliance, cybersecurity and international privacy. Department head Nick Graham is ‘one of the go-to names in the field’; his recent work includes advising John Lewis on various data protection strategies and data transfers, and acting for One Savings Bank on GDPR compliance. Martin Fanning attracts high praise from clients, and is noted for his ‘practical advice and all-encompassing sector knowledge’; he is handling Virgin Atlantic’s data protection governance projects; assisted Daily Mail and General Trust with a global data governance project; and advised Intralinks on the data issues related to its secure collaboration and virtual data room suite solutions. Scott Singer is a key name to note for international data transfers; he is advising First Data on compliance issues following the approval of its BCRs. Senior associate Simon Elliott is also recommended.

Delivering ‘excellent service from the entire team’, Fieldfisher is ‘hands down one of the leaders in the field’ and is ‘unbeatable in terms of client care and industry knowledge’. Hazel Grant attracts praise for her ‘strong technical prowess’ and leads the group; Phil Lee has ‘a deep understanding of the law, the industry’s issues and his clients’ needs’; Antonis Patrikios is ‘one of the best lawyers on the scene. His extremely courteous approach makes him a one-of-a-kind leader’; and senior associate Nuria Pastor ‘has a great grasp of the market’s nuances’. Renzo Marchini recently joined the firm from Dechert LLP. The group advises on regulatory compliance, data security breaches, data disputes, freedom of information requests and international data projects for a high-profile client list including LinkedIn, Expedia and Nintendo. Recent work includes advising Whole Foods Market Services on the implementation of a compliant EU data protection strategy, and advising on European and Asian privacy policies for Abercrombie & Fitch.

Eduardo Ustaran (‘one of the market’s true characters and standout individuals’) heads the department at Hogan Lovells International LLP, which recently advised Verizon on its adoption of binding safe processor rules; acted for Ghostery on the implementation of the European Commission’s ‘cookie consent’ rules; and assisted the government of Bermuda with the drafting and implementation of data protection legislation allowing Bermudian companies to receive personal data originally from Europe. The team’s client roster also includes the British Heart Foundation and the Information Technology Industry Council, with Ustaran recently advising the latter on issues surrounding the EU-US Privacy Shield framework. Counsel Sian Rudgard regularly advises multinational companies on cross-border compliance programmes and BCRs, and was recently involved in successfully handling Salesforce’s controller and processor BCR applications. Also recommended is counsel Victoria Hordern, who was part of a team which assisted Publicis in implementing a group-wide privacy programme.

Linklaters LLP’s ‘fantastic expertise and outstanding pragmatism’ set it apart as ‘a genuinely brilliant practice at the top of its game’. ‘Quality lawyerRichard Cumbley heads the firm’s TMT and IP team, which features Julian Cunningham-Day, Georgina Kon (who made partner in 2016) and ‘utterly brilliant’ senior counsel Peter Church, with associate Alaister Johnson also recommended. The group utilises the firm’s global reach to advise on a wide range of cross-border issues including privacy matters and international compliance projects. Its track record includes acting for UBS, Live Nation, Disney, HSBC, Thomson Reuters and State Street.

Allen & Overy LLP provides clients with ‘a combination of brilliant technical advice and an utterly pragmatic approach that makes it a pleasure to work with’. The ‘excellent’ Jane Finlayson-Brown leads the department, which advises across the full gamut of issues at a national and global level and has notable expertise in the financial, retail, technology and health sectors. In a recent highlight, Finlayson-Brown advised WM Morrison Supermarkets on the unauthorised online publication of employee personal data. Nigel Parker acted for a global bank in civil and criminal litigation against a hacker following a cyber attack which compromised the bank’s systems, and handled various data privacy issues for Four Seasons Hotels including GDPR compliance, cross-border data transfers and employee privacy notices. Parker also led advice to a major pharmaceutical company on its GDPR compliance and several privacy projects, and is the key name in the group for cybersecurity issues. Other clients include Tullett Prebon and Endemol Shine Group.

Baker McKenzieis building a strong practice in this area’ under the leadership of the ‘genuinely excellent’ Dyann Heward-Mills, who is recognised for her cybersecurity expertise. She and Harry Small recently worked with L’Oréal, advising on its data retention and deletion policy and its customer-facing privacy policy. Of counsel Nadia Banno defended Associated Newspapers in a data protection claim brought by Ashton Kutcher and Mila Kunis relating to two articles published by MailOnline. Symantec, Google, Netflix, BBC Trust and Pinterest are also key clients. Small is highly regarded for his cross-border advice on data protection compliance, and also attracts praise for his experience in relation to data security breaches. Julia Wilson leads the firm’s employment data protection group, advising on compliance and global strategies, and senior associate Benjamin Slinn advises on compliance projects and international data transfers.

Emma Burnett, who is ‘an excellent advocate you will see in the trenches when negotiations are underway’, heads the practice at CMS, which ‘is starting to play in the upper leagues’ following its merger with legacy firms Nabarro LLP and Olswang LLP. The expanded team includes John Armstrong, the ‘hardworking and diligentIan Stevens, Sam De Silva, the ‘highly pragmaticElle Todd (who heads the firm’s digital and data team) and litigator Dan Tench. The team’s impressive client roster also includes Ford Credit, National Grid, Fiat, Metlife and Great Portland Estates; De Silva recently advised the latter on its compliance with UK data protection and privacy laws. In another highlight, Tench represented three Safari users whose data was obtained without their consent in a breach of confidence and privacy claim. The team is also recommended for cybersecurity issues, multi-jurisdictional projects and GDPR compliance.

Eversheds Sutherland (International) LLPhas built an experienced and efficient team’ under Paula Barrett’s leadership. Clients also praise Liz Fitzsimons, who is ‘perhaps the most experienced person in the market when it comes to contentious freedom of information matters and environmental information work’ and is ‘a true heavyweight in the space, with vast knowledge at her fingertips’; and Gayle McFarlane, who re-joined the firm in 2016 from an in-house position and has a specialism in the interaction between technology and data protection. Recent mandates include advising National Grid Gas on the data protection and freedom of information elements of the separation and sale of its distribution business; advising a vehicle manufacturer on the data protection and e-privacy elements surrounding connected cars and proposals to collect data-roaming memory data from the vehicles when used; and assisting an industrial client in the multi-jurisdictional roll-out of data loss prevention and security tools. Other clients include Specsavers, Honda Europe, Hilton, Capital One Bank and the British Library.

Key data protection lawyers at Hunton & Williams include practice head Bridget Treacy, senior consultant Rosemary Jay and managing partner Aaron Simpson, who joined the London office in 2016 from his previous position in the firm’s New York office. The team has substantial expertise in GDPR and Privacy Shield compliance, and is advising multiple clients in the technology, retail and financial sectors on compliance programmes. It also advised a technology company on a cybersecurity incident, assisted a client in the development and implementation of a global privacy and data security programme, and advised on the data protection elements of various cross-border transactions. Clients include Procter & Gamble, Morgan Stanley, Google, UPS and AQR Capital Management. Senior associate Anita Bapat is recommended, and regularly acts on cross-border data transfer issues.

Pinsent Masons LLP’s ‘first-class team’ has ‘exceptional technical knowledge and business sense’, making it an ‘up-and-coming leader in the field’. Its expertise encompasses cybersecurity breaches, litigation, regulatory compliance, and freedom of information requests. In a recent highlight, it advised the Chief Constable of Staffordshire Police on multiple subject access and freedom of information requests. The University of Surrey, Google and Facebook are also clients. Marc Dautlich (‘an industry leading practitioner who is personable and knowledgeable, and scans the horizon for his clients to anticipate oncoming risks’) heads the team, which includes Cerys Wyn Davies in Birmingham; contentious specialist David Barker, who is ‘a fantastic, client-focused lawyer who is happy to roll up his sleeves and deliver advice at the top level’; newly promoted partner Ian Birdsey, who is recommended for cybersecurity issues; and senior associate Kathryn Wynn, who advises financial services clients.

Stewart Room leads PricewaterhouseCoopers Legal LLP’s ‘brilliant’ practice, which continued to grow with the hire of James Drury-Smith from Orrick, Herrington & Sutcliffe (Europe) LLP and Kate Macmillan from Collyer Bristow LLP. Macmillan attracts praise as ‘a real star in the space, who is building a formidable team around her’; she is ‘a very clever litigator with huge experience, and is masterful at managing tricky cases’. The practice, which ‘has made a real impact in the market’, is recognised as a leader for compliance projects and recently handled GDPR compliance programmes for Hewlett Packard Enterprise, Huawei Technologies, Prudential, Sainsbury’s Bank and State Street. It also delivered a privacy transformation project for Otsuka Pharmaceutical, and assisted Intel in reviewing the data protection practices of its outsourced service providers in India. Other clients include BBC Worldwide, Dixons Carphone, Network Rail, Visa Europe and TalkTalk Telecom Group.

Taylor Wessing LLP gives ‘outstanding specialist advice’; it is ‘presented in a digestible format which is refreshingly pragmatic and solution-focused’, and ‘cuts to the material point, stripped of unnecessary prose’. The practice is led by Vinod Bange, whose ‘extensive, specialist knowledge shines through his pragmatic, commercial and client-oriented advice’ – he ‘avoids unnecessary legalese: a rare trait for data protection lawyers’. Other key individuals are technology sector specialist Christopher Jeffrey and litigator Paul Glass, who acts on data security breaches and contractual disputes. The team is highly regarded for its expertise in global compliance projects and data export matters; recent examples include advising KPMG on international GDPR compliance issues, handling the data elements of Sky UK’s investment into iflix (a Southeast Asian streaming TV service), and assisting Just Eat in relation to its global data protection compliance programme. The department also advised News Corporation on the data protection elements of its £220m public takeover of Wireless Group.

Cooley (UK) LLP’s key practitioners include Ann Bevitt; Mark Deem, who specialises in contentious issues; and Sarah Pearce, who regularly handles e-commerce and data analytics matters. Chris Coulter is also recommended, and has notable transactional expertise, particularly in the technology and telecoms sectors; he recently led advice to the NFU Mutual on its cyber risk programme. Other recent work includes assisting Nikon Europe in relation to the privacy and cookie policies surrounding a new product launch; advising Lucozade Ribena Suntory on data protection guidelines for its employees and contractors; and advising Leidos on data processing agreements relating to the international roll-out of its whistleblowing hotline and website. Senseonics and Tracemyfile are also clients.

DLA Piper utilises its international footprint to advise on global compliance projects, particularly in the financial services, retail and pharmaceutical sectors. The team also assisted the Health and Social Care Information Centre in relation to the data protection aspects of its exit from several large outsourcing contracts, while other clients include Asda, Creative Content UK, Aviva, the London Stock Exchange, Boston Consulting Group and InterContinental Hotels Group. Practice head Ross McKean advises clients on data governance and compliance, breach responses, cybersecurity and global sourcing projects. The team also includes the ‘highly knowledgeable’ Andrew Dyson and associate Rachel de Souza.

Herbert Smith Freehills LLP’s team attracts praise for its ‘fantastic level of service, paired with very responsive and practical guidance and an efficient approach’. Andrew Moir is global head of the firm’s cybersecurity team; his recent work includes advising an online retailer on a data breach, including contact with data privacy regulators following the release of details highlighting a flaw in its Android and iPhone apps and the subsequent online publication of customer data; and assisting a consortium of global banks in the creation of the Cyber Defence Alliance. Marcus Turle is the key name in the data protection team, which also includes Nick Pantlin, employment specialist Christine Young and senior associate Duc Tran. Pantlin and Tran advised Tabcorp on data compliance issues following an acquisition. Hays, RBS and Standard Life are also clients.

Kemp Little LLP’s expertise in the financial services and technology sectors is apparent from its client roster, which includes Winton Capital Management, Onzo, PhotoBox and Close Brothers. The ‘innovative’ department, which has ‘an uncommon willingness to add value both within and outside specific instructions’, is led by Nicola Fulford and also features commercial technology practice head Calum Murray as a key practitioner; he is highly regarded for contractual and regulatory data protection matters. Notable areas of strength for the practice include advising on online operations, cloud-related data issues and international data transfers, and it also assists with data breaches and cybersecurity issues, employment-related data protection matters, and GDPR compliance.

Latham & Watkins is noted for its ‘strong and up-to-date technical knowledge and ability to communicate well with lawyers and non-lawyers alike’; its ‘commercial awareness is attractive to clients’. The team is led by the ‘excellentGail Crawford, whose recent work includes representing Facebook in abuse of dominance proceedings relating to alleged data protection violations; advising VimpelCom on the data protection issues surrounding the launch of its VEON digital platform; and assisting Majestic in relation to its GDPR compliance framework and third party data breach notification issues. Time, Addison Lee and EY are also noteworthy clients. Andrew Moyle and Oliver Browne are also recommended.

Lewis Silkin LLP is noted for its ‘good knowledge of the law, combined with providing practical and useful advice that enables it to meet the everyday challenges its clients face’. Practice head Simon Morrissey primarily focuses on data issues in the advertising, marketing and media sectors; his recent work includes advising on the privacy elements of marketing campaigns and freedom of information matters. Ellen Temperton is the key member in the team for workplace privacy issues and employment-related data matters; Nathalie Moreno, who joined fromCharles Russell Speechlys LLP, regularly handles multi-jurisdictional projects, David Deakin focuses on technology and digital content matters; James Gill specialises in consumer and e-commerce issues; and Giles Crown is the key name for contentious work.

Norton Rose Fulbright’s ‘practical, approachable and friendly’ team ‘pulls out all the stops’ for a client list including BMW, Bank of Montreal, Telstra Global, PayPal and Deliveroo. Highlights included acting for NetScout on its GDPR compliance and similar requirements in India and China; providing a data breach response service to AIG; and producing a GDPR-compliant privacy notice form for Lloyds Market Association. Key areas of expertise include international data transfers, compliance policy audits and data breaches. The ‘excellentMarcus Evans heads the group, which also features litigator Jonathan Ball, IP team head Mike Knapper and insurance expert Ffion Flockhart. Clients also praise senior associate Miranda Byrne Hill, who has ‘strong technical knowledge’.

Osborne Clarke LLP provides ‘quick, accurate and carefully judged advice to clients facing cybersecurity issues’, and recently advised Yahoo! EMEA on a range of data protection issues relating to its digital advertising business. Further highlights included assisting Wirecard Group with the data elements of the payment processing delivery methods used in its mobile payment technology; handling multiple cross-border privacy projects for Alibaba; and representing Russian businessman Vladimir Scherbakov in a data privacy claim against the Daily Mail relating to issues of misidentification. Mark Taylor leads the department, which was recently bolstered by the arrival of Will Robertson and Ashley Hurst from Bond Dickinson LLP and legacy Olswang LLP respectively. Robertson is highly regarded for his cross-border data transfer expertise. Hurst focuses on litigation and is ‘a rising star with a deserved reputation as a high-quality lawyer’.

Highlights for the ‘excellent’ team at Paul Hastings LLP included advising Masimo on a cross-border privacy project including an international personal data transfer; assisting Lloyds Bank with GDPR compliance issues; and advising Telogis on data protection compliance obligations surrounding moving vehicles and telematics. The team also acted for American Express on the development of an audit structure for GDPR compliance, and is assisting Samsung Europe with the data storage and transfer aspects of the implementation of Samsung Pay in UK and Europe. Key names in the team include Suzanne Horne, whose focus is on employee-related privacy matters including outsourcings and TUPE issues; and Ben Regnard-Weinrabe, who is recommended for regulatory advice. Ashley Winton joined McDermott Will & Emery UK LLP.

Noted for its ‘tailor-made advice’, Reed Smith LLP is ‘one of the best for client care’. Cynthia O’Donoghue is ‘first class in terms of industry knowledge’ and leads the department. In a recent highlight, she led advice to the BBC on the development and launch of myBBC and related GDPR compliance issues. She also acted for Ascensia Diabetes Care on the data protection elements of a cross-border business sale, and advised Badoo Trading on the preparation of a GDPR compliance programme relating to its website and mobile app. Abbott Laboratories, Condé Nast International and Koch Industries are also clients.

John Casanova heads the practice at Sidley Austin LLP, which ‘delivers an integrated, seamless service’ and includes the highly rated William Long; his ‘forward-thinking and proactive approach keeps him ahead of the curve’, and his advice is ‘thorough, timely and on the leading edge’. Also recommended are counsel Geraldine Scali, who regularly handles cross-border data transfers, and associates Francesca Blythe and Vishnu Shankar; Blythe is ‘impressive, experienced and incredibly personable’, and Shankar has ‘excellent attention to detail, an amazing work ethic and tremendous research skills’. The department recently advised Goldman Sachs on GDPR issues and the implications of Brexit on UK data privacy, and assisted Helsinn Group with GDPR regulation and international data transfers.

Travers Smith LLP is ‘very responsive, with excellent technical knowledge’ and ‘understands the market, which is incredibly helpful to clients’. It advised new client Deliveroo on a wide variety of data protection and privacy matters; assisted the Ambassador Theatre Group in relation to the data protection elements of its roll-out of a new online ticketing platform and app; handled the storage and processing of Greatbatch’s European employee database in the US; and advised ETF Securities on an overhaul of its data protection compliance regime. Prudential, Attenda and Trainline are also clients. Practice head Dan Reavill is recommended along with Louisa Chambers, who is ‘knowledgeable, affable and a superb asset no matter the issue’.

At Arnold & Porter Kaye Scholer LLP, Richard Dickinson leads the team and is recommended for his experience in cross-border data transfers, processing issues, matters relating to the EU-US Privacy Shield and data breaches; he recently advised Virtual Doctors on the data protection requirements surrounding medical data. The department also includes employment specialist Henry Clinton-Davis, who has a particular focus on the transfer of employee data outside Europe and pan-European data protection policies; corporate partner Jeremy Willcocks; and Rob Bratby, who handles cross-border matters involving Europe and Asia and joined the group in early 2017 from legacy firm Olswang LLP.

Berwin Leighton Paisner LLP’s ‘insightful’ practice is now led by Kate Brimsted following Ian De Freitas’ move to Farrer & Co; Brimsted joined the group from Reed Smith LLP in early 2017 and is highly regarded for data protection strategies and compliance, particularly relating to GDPR. The team, which sits within the firm’s commercial department, advises on data transactions and personal data issues, with a particular emphasis on the transport, energy and financial services sectors. Consultant Tamara Quinn is recommended for non-contentious mandates including data mapping, audits and GDPR compliance.

Bond Dickinson LLP has notable expertise in the retail, financial services and public sectors, with a client base including Kingfisher, AIG, Old Mutual Wealth, NHS Digital and New Look. Among its recent highlights, litigation specialist Andrew Parsons advised an international retailer following the theft of a portable device containing customer data and the subsequent ICO investigation; practice head Andrew Kimble acted for an international telecoms provider on a data security breach involving fraudsters accessing customer account information; and Peter Given advised Hibu on the procurement of SAP’s Cloud for Customer platform and related data protection issues. Jackie Gray heads the freedom of information practice.

Browne Jacobson LLP’s team is led by Mark Gleeson, who joined in 2016 from Squire Patton Boggs and is highly regarded for his experience in global data compliance projects, freedom of information, cyber breaches and data projects. Other key team members include Helena Wootton, who is the key figure in the team for freedom of information matters, and Ros Foster, who primarily acts for public sector clients. The firm’s client base includes Experian, National Trust, the Independent Parliamentary Standards Authority, NHS England and Oasis Charitable Trust.

DAC Beachcroft LLP is ‘a first-rate practice in the insurance space’ and has ‘a deep and sound understanding of the insurance industry that sets it apart from others, paired with a positive and pragmatic approach and excellent client care’; the team handles data breaches and regulatory matters for a client list which includes Hiscox, Beazley and QBE. Practice head Rhiannon Webster is recommended for cross-border data transfers, and the team also includes litigator Hans Allnutt, Bristol-based public sector specialist Rosalind Ashcroft, and Emma Bate, who is ‘a pleasure to work with’.

John Benjamin leads the department at DWF, which attracts praise for its data breach experience; in a recent work example, Benjamin and Andrew Harris defended WM Morrison Supermarkets in a civil claim brought by employees whose confidential data was published online by a former colleague. The team also includes senior associate Joshua Fineman, who is recommended for contentious matters, and director Elaine Fletcher in Leeds, who recently advised American Eagle Outfitters on its UK and Europe data protection compliance. Evergreen Life, Yodel, Arcadia and Amlin are also clients.

Highlights for Harbottle & Lewis LLP included advising Open Table International on its UK data protection compliance, assisting Hindawi with an audit of its data protection and marketing practices, and advising Virgin Red on data compliance including the collection and sharing of third party sources of data. Daniel Tozer and Jo Sanders jointly lead the group; Tozer focuses on non-contentious commercial data protection, while Sanders is recommended for contentious matters. Senior associate Rebecca Collard is also well regarded. The team’s client list includes We Charity, Pokémon Company International and Sony Home Entertainment.

Clients praise the team at Orrick, Herrington & Sutcliffe (Europe) LLP as ‘genuinely excellent due to its strong business acumen and approach to matters from a practical perspective’; it provides ‘responsive and customer-focused advice’. Practice head Kolvin Stone ‘combines strategic thinking with a proactive approach’ and is recognised for his cross-border expertise, particularly in the technology sector. In a recent highlight, he assisted Microsoft with European privacy issues and cross-border data transfer restrictions; and also advised Telenor on the data protection elements of its acquisition of Tapad. James Drury-Smith is now with PricewaterhouseCoopers Legal LLP.

At Pritchetts Law, team head Stephanie Pritchett ‘has a phenomenal reputation in the space’; she is ‘hugely experienced, and commercial in her thinking, and has a very hands-on approach which allows for solid, practical and relevant advice’. Consultant solicitor Ben Wootton is also recommended; he ‘has extensive commercial experience and clearly understands how the sector works’. The team recently led advice to DFS on a cybersecurity and data protection audit, and advised Unison on its GDPR compliance programme and its use of personal data. Other clients include Thomson Reuters, Development Initiatives and Risk Factory.

RPCmasters the balance between delivering great and timely advice that is commercially effective, and horizon gazing to ensure clients are knowledgeable on the space as it stands’. Oliver Bray regularly acts for clients in the media and online retail sectors and leads the non-contentious practice, while Keith Mathieson leads on the contentious side. The team’s impressive client roster includes Virgin Media and Coca-Cola European Partners, with legal director Robert Johnson (who ‘deserves to be put in the spotlight for his incredible knowledge and commercial guidance’) recently acting for the latter on an international data transfer and related compliance issues.

Rohan Massey heads the department at Ropes & Gray International LLP, which is noted for its cross-border experience, particularly in international data transfers between the US and the UK. In a recent highlight, Massey was part of a team advising Bain Capital and the Blackstone Group as sellers on the privacy issues involved in IBM’s acquisition of the Weather Company’s business-to-business, mobile and cloud-based web properties. The group also regularly assists US and Asian investors in relation to data protection transactions and regulatory issues surrounding their entrance into the European market.

At Sheridans, practice head Philip James has particular expertise in cyber risk and fraud prevention, and is ‘always helpful, responsive and informed’; he ‘takes his time to understand how clients work and adjusts his service delivery accordingly’. The team also includes Eitan Jankelewitz, who advises on e-commerce and internet marketing issues. Recent highlights include assisting Sport England with a privacy impact assessment, GDPR compliance and a data strategy, and advising TripAdvisor on its use of cookies and the handling of subject access requests. The Internet Advertising Bureau, Agatha Christie Productions and The Body Coach Online are also clients.

Simmons & Simmons’ team is noted for its cross-border expertise and its experience across the financial services, investment funds, TMT and life sciences sectors. It is advising Telefónica UK on several big data projects, as well as handling an international data compliance audit for Idemitsu Petroleum UK and assisting Huawei Technologies with data protection and cybersecurity issues relating to the supply of equipment for telecoms networks. Other clients include Moody’s, the University of Oxford, Virgin Media, GlaxoSmithKline and the Discovery Channel. Alexander Brown is the practice head, and other key team members are employment specialist Philip Bartlett and litigator Robert Allen.

Stephenson Harwood is highlighted for its ‘technical knowledge, extensive experience and practical approach’, and its responsiveness is ‘impressive to say the least’. The group is highly experienced in GDPR compliance and Privacy Shield matters as well as international data transfers and data breach issues. Jonathan Kirsop heads the group and recently led advice to Barclays Bank on a range of matters including subject access requests, data transactions and GDPR compliance. Sara George is the key name for regulatory and criminal investigations, and regularly advises on data breaches and investigations involving the Data Protection Act.

Wedlake Bell LLP’s ‘excellent’ department is ‘very knowledgeable and well trusted’ by a client roster which includes new gain Deltanet International and Wates Group; practice head James Castro-Edwards is advising the latter on data protection issues surrounding its employees and on GDPR compliance. Castro-Edwards also assisted the MI Group in relation to its compliance with UK data protection legislation, including employee personal data transfers; and is handling data protection matters for Countrywide. Other key practitioners include Jonathan Cornthwaite, Adam Edwards, Adrian Heath-Saunders and solicitor Jonathan Wright, who is ‘a highly experienced individual’.

Press releases

The latest news direct from law firms. If you would like to submit press releases for your firm, send an email request to

Legal Developments in the UK

Legal Developments and updates from the leading lawyers in each jurisdiction. To contribute, send an email request to

Press Releases in the UK

The latest news direct from law firms. If you would like to submit press releases for your firm, send an email request to