数据保护与隐私权

We provide businesses with full service data protection and privacy advice across all industry sectors, enabling clients to focus their resources on other business needs.

Data privacy and protection is absolutely fundamental to all types of organisation due to the increasing threat of malicious hackers with the ability to leverage and monetise information.

Multi-national organisations face a web of complex and conflicting laws and regulations surrounding the collection, use, retention, and disclosure of information.

This requires careful attention to data privacy at every stage of the business cycle to avoid the negative publicity surrounding data breaches.

Our team brings together a wealth of experience across a range of sectors and industries to keep you on the cutting edge of developments in the industry. Our strong working relationships with the regulators and industry bodies enable us to resolve issues and provide practical commercial advice.

We advise a wide range of businesses including retailers, insurers, hospitals, information service providers, technology start-ups, financial institutions, educational institutions and governments across the world on the full range of data issues.

Our Data Protection Work

  • All
  • 北美洲
  • 非洲
  • 亚太地区
  • 英国和欧洲
  • 中东
  • Advising a US multinational technology company

    Advising a US multinational technology company on the private consultation process with the Ministry of Communications & Information Technology prior to issuance of the Egypt Data Protection Law.

    Egypt

    Advising on the implications of the Egypt Data Protection Law

    Advising a global hotels and resorts operator on the implications of the Egypt Data Protection Law for its business, particularly in the context of the use of social media influencer advertising.

    Egypt

    Employee rights to accessing personal data on termination of employment

    Advising a large security services company that employs more than 300 employees in Kenya on the rights of the employee to access their personal data on termination of employment under the provisions of the Data Protection Act.

    Kenya

    Advising Cigna on Data Protection Laws

    Advising Cigna on Data Protection Laws in Kenya.

    Kenya

    Enforcement of constitutional rights

    Acting for a private client in a claim for enforcement of constitutional rights including the right to privacy against a large national publication.

    Kenya

    Advising a not-for-profit entity on Kenyan Data Protection laws

    Advising a not-for-profit entity registered in the United States with regard to the breach of data and related matters pursuant to the Kenyan Data Protection laws.

    Kenya

    Compliance with local and international data protection and privacy legislation

    Advising clients on their compliance with local and international data protection and privacy legislation, in particular in relation to the legal requirements relating to security of personal information, in the event of a data breach

    Australia

    Internal data sharing security and management policies

    Advising international reinsurance company on internal data sharing security and management policies

    Australia

    Advice on data protection for online sales

    Advising on data transfer, data protection and privacy in relation to the sale of an online portal and the spin-out of certain other online businesses

    United Kingdom

    Advice regarding data policy implementation

    Advising on and drafting cyber policy wordings for the London market

    United Kingdom
  • Ensuring compliance of law relating to cyber risk insurance

    Advising a Canadian insurer on cyber risk insurance wordings for use in the province of Quebec and compliance with Quebec law

    Canada

    Advising on matters involving significant breaches of personally information

    Analysing available coverage and advising insurers and insureds involved in significant breaches of personally identifiable information and/or protected health information regarding coverage and/or coverage limitations in connection with first party, regulatory and third party claims

    United States

    Advising regarding regulatory investigations by the OCR etc

    Advising US insureds and insurers with respect to regulatory investigations by the OCR and various state attorneys general following data breaches

    United States

    Advice regarding handling of consumer data breach

    Advising US insureds and insurers with respect to the handling of consumer lawsuits arising from data breaches

    United States

    Assist regarding the issuance of breach notification letters

    Advising US insureds and insurers with respect to the issuance of breach notification letters in connection with data breaches

    United States

    Advising high profile insureds and insurers regarding federal and state law requirements

    Advising high profile US insureds and insurers with respect to federal and state law requirements in connection with large scale breaches involving personal information and protected healthcare information

    United States

    Coverage and monitoring counsel to cyber insurers

    Coverage and monitoring counsel to cyber insurers in connection with the largest data breaches in history, including breaches involving over one hundred million lost records and cutting edge forensic investigations, which have resulted in substantial breach response costs, public relations expenses and business interruption losses, as well as class action lawsuits in the US and Canada, and regulatory investigations throughout the world

    United States

    Business loss cause by service attack

    A distributed denial of service attack, which caused the website of a major retailer to shut down for nearly 72 hours, leading to business interruption loss and other first party loss

    United States

    Data breaches arising from human or external error

    Data breaches involving protected healthcare information (PHI) arising from both human error and external intrusions

    United States

    International data breaches

    International data breaches involving Fortune 100 companies and residents in numerous countries

    United States
  • Employee rights to accessing personal data on termination of employment

    Advising a large security services company that employs more than 300 employees in Kenya on the rights of the employee to access their personal data on termination of employment under the provisions of the Data Protection Act.

    Kenya

    Advising Cigna on Data Protection Laws

    Advising Cigna on Data Protection Laws in Kenya.

    Kenya

    Enforcement of constitutional rights

    Acting for a private client in a claim for enforcement of constitutional rights including the right to privacy against a large national publication.

    Kenya

    Advising a not-for-profit entity on Kenyan Data Protection laws

    Advising a not-for-profit entity registered in the United States with regard to the breach of data and related matters pursuant to the Kenyan Data Protection laws.

    Kenya
  • Compliance with local and international data protection and privacy legislation

    Advising clients on their compliance with local and international data protection and privacy legislation, in particular in relation to the legal requirements relating to security of personal information, in the event of a data breach

    Australia

    Internal data sharing security and management policies

    Advising international reinsurance company on internal data sharing security and management policies

    Australia

    Post breach review

    Advising international financial services company on post breach review and enhancement of deficient systems, and in relation to staff training and awareness of systems and obligations

    Australia

    Data protection and privacy legislation

    Advising clients on their compliance with local and international data protection and privacy legislation

    Australia

    Major government and regulatory inquiries/investigations

    Managing major government and regulatory inquiries/investigations with expertise in dealing with all of the main Australian regulators including APRA, ASIC, ACCC and the OAIC

    Australia

    First response to data breaches and cyber threats

    Advising clients with regards to first response to data breaches and cyber threats, including in relation to cyber breaches, systems failures and inadvertent disclosures

    Australia

    Advising clients on the ‘breach readiness’ of their systems

    Advising insurance and financial services clients on the review and audit of their systems and processes to ensure procedures are in place to detect, report and investigate personal data breaches

    Australia
  • Advising clients on compliance with the new EU General Data Protection Regulation

    Clyde & Co acts for a number of airlines in respect of their data protection compliance, often carrying out large scale compliance projects regarding the protection and use of personal data and general data and document retention. These complex projects involve analysing the collection and processing of personal data of an airline and ensuring that the airline is compliant with UK laws in this area including reviewing current agreements and policies in place and drafting appropriate data...

    United Kingdom

    Advice relating to data storage and disaster recovery

    Advising clients on the international transfer of data for the purposes of data storage and disaster recovery

    United Kingdom

    Advice on data protection for online sales

    Advising on data transfer, data protection and privacy in relation to the sale of an online portal and the spin-out of certain other online businesses

    United Kingdom

    Advising regarding email data breaches

    Advising a university following a high profile phishing attack against its students’ university email addresses

    United Kingdom

    Data protection law compliance audit

    Carrying out a data protection law compliance audit of a major insurer, including preparing questionnaires, interviewing personnel and preparing a report with recommendations and actions for the business to mitigate the identified risks

    United Kingdom

    Recommend wording for drafting policy

    Advising on and drafting IT policy wordings and proposal forms and on IT risk management issues

    United Kingdom

    Inform companies of their notification obligations

    Advising a US promotions company on its notification obligations following a UK data breach

    United Kingdom

    Advice regarding data policy implementation

    Advising on and drafting cyber policy wordings for the London market

    United Kingdom

    Advising on cyber hacking and loss of customer data

    Advising a regulated business on the cyber hacking of its systems resulting in the loss of significant numbers of customer data including financial, sensitive personal data and credit card details, including identifying and assessing the risks, managing and mitigating loss and monitoring and reporting to the FCA, Fraud Squad and Information Commissioners Office

    United Kingdom

    Ensuring data security and integrity

    Advising in regards to cyber risk and dealing with both risk assessment and breach response, for example advising clients on the implementation of policies and procedures aimed at ensuring data security and integrity as well as dealing with the fallout where data security breaches have occurred

    United Kingdom
  • Advising on the implications of the Egypt Data Protection Law

    Advising a global hotels and resorts operator on the implications of the Egypt Data Protection Law for its business, particularly in the context of the use of social media influencer advertising.

    Egypt

    Advising a US multinational technology company

    Advising a US multinational technology company on the private consultation process with the Ministry of Communications & Information Technology prior to issuance of the Egypt Data Protection Law.

    Egypt

    Website privacy policies

    Drafting website privacy policies for various multinational and regionally based companies in various sectors including insurance, retail, travel and media

    United Arab Emirates

    Sale of an online portal and spin out

    Advising on data transfer, data protection and privacy in relation to the sale of an online portal and the spin-out of certain other online businesses

    United Arab Emirates

    Mixing business and personal data

    Advising a bank in connection with the use of personal mobile devices for work purposes and the risks associated with mixing business and personal data on non-business owned devices

    United Arab Emirates

    University students phishing attack

    Advising a university following a high profile phishing attack against its students’ university email addresses

    United Arab Emirates

    Data protection law compliance audit

    Carrying out a data protection law compliance audit of a major insurer, including preparing questionnaires, interviewing personnel and preparing a report with recommendations and actions for the business to mitigate the identified risks

    United Arab Emirates

    DIFC data protection laws and regulations

    Advising various ratings agencies and retail banks on the DIFC Data Protection Law and Regulations

    United Arab Emirates

    International bank's data protection in the UAE

    Advising an international retail bank on aspects of data protection, privacy and banking secrecy laws in the UAE and the DIFC

    United Arab Emirates

    CCTV in the office

    Advising companies on the use of CCTV in office premises in various Emirates and free zones in the UAE

    United Arab Emirates

Our Data, Protection & Privacy team

Rosehana Amin
Rosehana Amin

Partner

Lee Astfalck
Lee Astfalck

Partner

Mohamed Barakat
Mohamed Barakat

Managing Partner – Cairo

Nicholas Bathurst
Nicholas Bathurst

Partner

Richard Berkahn
Richard Berkahn

Partner

Scott Bertschi
Scott Bertschi

Partner

Ian Birdsey
Ian Birdsey

Partner

Harry Boyle
Harry Boyle

Partner

Anthony Brown
Anthony Brown

Partner

Chris Burdett
Chris Burdett

Partner

Fergal Cathie
Fergal Cathie

Partner

Show more
View all Data, Protection & Privacy partners

Show more