Venner Shipley welcomes Brookes IP Read more
  • Great Britain
  • Germany
  • France
  • China
  • Souht Korea

Data Protection & Cyber Security

Data Protection compliance is a must for any business which processes data relating to people – which is most businesses in the world. Failure to comply with the regulatory regime in Europe can lead to significant fines and injunctions. So you should do regular checks to ensure your policies and procedures are up to date. Making sure that your computer systems are safe and secure is now an item which ought to be on the top of the agenda of every business. Failures to adequately protect data can leave your business at significant risk.

What you need to know

Making sure that you are aware of and understand your data flows, have clear and clearly understood policies in place, are engaged on security issues and have all of your processes and procedures in place is a must.

Good, well thought out and compliant policies will enable you, your customers, your employees and, most importantly, the information regulator, to recognise that you take the data processing rules and cyber security seriously. This will engender confidence in your organisation, and it lowers your risk if subject to investigation following a failure.

How can we help?

We have experience and expertise in data protection and cyber security at every stage including policy assessment and drafting, insurance, data subject access requests, cross-border data flows, cyber breach, litigation and dealing with information regulators. A member of our team also advised the UK Government on the Data Protection Act 2018, giving us a unique understanding of the new data regime.

Our support extends through Privacy, Cyber Security and Data Protection to Blockchain use, crypto-currency and all required online regulatory compliance issues.

Key contact

James Tumbridge has considerable expertise in contentious and non-contentious aspects of data protection and cyber security.

James advises on global data protection solutions for outsourcing businesses as well on general data policy compliance. James additionally has experience opposing applications brought by the police for data disclosure across Europe, and before the English Courts. His experience includes addressing a UK police application to an English Court against GB Company directors with links to a Luxembourg Company, the police sought data possibly held by that Luxembourg Company. The matter raised questions of jurisdiction and control, and the powers of the Court. Our team advised on the limits/powers of Court disclosure orders as against companies outside the court jurisdiction including companies with a group, and on directors liabilities inter-group. James also led the team protecting a company’s seismic data from release where a government claimed rights over data in the public interest. James has additionally advised political parties and campaigns on their dealings with the UK Information Commissioner responding to complaints, and considering the appropriateness of orders restraining them from certain forms of communications. James additionally sits as Police Tribunal Chairman and has given rulings concerning police officer data breaches, and use of the Automatic Number Plate Recognition system.

Our wider team is experienced in all aspects of data protection including pharma, smart buildings, security and database rights (both contentious and non-contentious). We have represented a wide range of clients in their dealings with the UK ICO. Our experience includes helping in multi-party solutions to complex data protection problems with cross-border elements involving sensitive personal data and acting. We have also assisted pharma clients concerning the handling of clinical trial data as well as regulatory data protection. Our clients also include charities and political organisations who turn to us for our unique understanding of the inter play between data and their regulator environment.

We regularly offer bespoke training to a wide range of entities. Those we have assisted include the Serious Fraud Office, three UK police forces, charities, political campaigns, various companies from theme parks to software service providers, loss adjustors and their clients in relation to insurability and claims concerning cyber security.

James is supported by Robert Peake and David Pountney.

  • Data Blast: Campaigning risks, Meta’s security measure issue and much more…

  • OBN – Belgian Economic Mission: Belgium, The Health & Biotech Valley of Tomorrow

  • OBN BioTuesday: Life Sciences Spotlight – AI and Data Innovation in the East of England

  • Data Blast: Privacy in the spotlight as Home Office criticises encryption for online messaging and much more…

  • Bloomberg V ZXC – Privacy and Justice

  • The Court of Appeal Extends Territorial Reach of GDPR to Overseas Companies Offering Subscription Services – Including News Journalism

  • Data Blast: Clearview AI facing prospect of £17M fine for its facial recognition algorithm and more…

  • Data Blast: Facial recognition technology continues to stir debate; Ransomware warning as public transport in Toronto falls prey to cyber attack…

  • Data Blast: UK government publishes plans for post-Brexit reform of UK GDPR…

  • James Tumbridge named 2021 Client Choice Award Winner by Lexology

  • Data Blast: Information Commissioner issues call to action on cookie pop-ups; Table service apps called out for excessive data collection and more…

  • Data Blast: Amazon fined 746 million euros for targeted ads; Hundreds of European businesses face cookie complaints to regulators and more…