Data Protection & Privacy
New DIFC Data Protection Law: High-risk processing
Protecting your business against potential threats is the foundation of maintaining online data security and building a successful reputation in the sector. With effective measures in place, your customers can be confident that you and your business are looking after their best interests.
Our team works with you to develop the most appropriate solutions to your data protection needs; with first-hand experience in the technology sector, our data security lawyers have the intimate know how to give you on-point advice to build and maintain your data security.
Keeping your business in line with ever-maturing data legislation, we offer practical and commercial advice to pre-empt any potential threats and limit further liabilities. Our legal team are experienced in managing data security issues and have the knowledge and understanding to put address even the most complex issues.
Advising a Canadian insurer on cyber risk insurance wordings for use in the province of Quebec and compliance with Quebec law
International data breaches involving Fortune 100 companies and residents in numerous countries
Data breaches involving protected healthcare information (PHI) arising from both human error and external intrusions
A distributed denial of service attack, which caused the website of a major retailer to shut down for nearly 72 hours, leading to business interruption loss and other first party loss
Coverage and monitoring counsel to cyber insurers in connection with the largest data breaches in history, including breaches involving over one hundred million lost records and cutting edge forensic investigations, which have resulted in substantial breach response costs, public relations...
Advising high profile US insureds and insurers with respect to federal and state law requirements in connection with large scale breaches involving personal information and protected healthcare information
Advising US insureds and insurers with respect to the issuance of breach notification letters in connection with data breaches
Advising US insureds and insurers with respect to the handling of consumer lawsuits arising from data breaches
Advising US insureds and insurers with respect to regulatory investigations by the OCR and various state attorneys general following data breaches
Analysing available coverage and advising insurers and insureds involved in significant breaches of personally identifiable information and/or protected health information regarding coverage and/or coverage limitations in connection with first party, regulatory and third party claims
Advising international reinsurance company on internal data sharing security and management policies
Advising clients on their compliance with local and international data protection and privacy legislation, in particular in relation to the legal requirements relating to security of personal information, in the event of a data breach
Advising insurtech service providers on data privacy and security issues in connection with data-sharing, data processing and retention across the platforms
Advising clients in respect of data protection legislation applicable in various jurisdictions in the Middle East, including the Dubai International Financial Centre, Qatar Financial Centre, Dubai Healthcare City, Dubai Technology and Media Free Zone and twofour54
Advising a leading, household name technology company in relation to the compliance of its online products with data protection laws in various GCC countries.
Advising a multinational bank on its policy for employee monitoring in the DIFC.
Drafting a UAE focused data protection policy for a major hospitality and leisure company
Advising a telecommunications hardware provider in relation to a significant data breach involving the disclosure of sensitive employee data
Advising companies on the use of CCTV in office premises in various Emirates and free zones in the UAE
Advising an international retail bank on aspects of data protection, privacy and banking secrecy laws in the UAE and the DIFC
Advising various ratings agencies and retail banks on the DIFC Data Protection Law and Regulations
Carrying out a data protection law compliance audit of a major insurer, including preparing questionnaires, interviewing personnel and preparing a report with recommendations and actions for the business to mitigate the identified risks
Advising a university following a high profile phishing attack against its students’ university email addresses
Advising on data privacy and security including data breach investigation and response
Providing review and drafting of policy wordings for cyber liability and data breach insurance policies
Handling claims relating to product development, E&O cover including IT and cyber breach
Representation and defence of clients in respect of regulatory investigations, enforcement action and prosecutions
Advising in regards to data and information management, including compliance, auditing and risk management
We are highly experienced in data dispute resolution, including court, tribunal and enforcement representations
Advising in regards to cyber risk and dealing with both risk assessment and breach response, for example advising clients on the implementation of policies and procedures aimed at ensuring data security and integrity as well as dealing with the fallout where data security breaches have...
Advising a regulated business on the cyber hacking of its systems resulting in the loss of significant numbers of customer data including financial, sensitive personal data and credit card details, including identifying and assessing the risks, managing and mitigating loss and monitoring and...
Advising on and drafting cyber policy wordings for the London market
Advising a US promotions company on its notification obligations following a UK data breach
Local Partner, Clyde & Co Westlink JLV