Data Protection & Privacy
Data is one of the most valuable commodities in the world. As it becomes increasingly important, it is also subject to more global regulation, from comprehensive data protection regimes (such as in the European Union with the General Data Protection Regulation (GDPR) framework) to the more embryonic and evolving regulation of data protection and privacy matters seen in various emerging markets. Some of the matters on which our consultants advise clients in this area include:
- Providing advice on the applicable legal and regulatory principles for various aspects of data processing (for example, collection, security, retention, access, etc.)
- Drafting and advising on data processing and related agreements
- Advising on the legal and regulatory implications of cross-border data transfers (for example, in the context of major outsourcing arrangements)
- Conducting data protection audits of client procedures and policies to identify and suggest potential remediation steps for any potential compliance issues
- Advising clients across various jurisdictions on the potential for extraterritorial application of other data protection frameworks (such as the GDPR)
- Drafting and providing advice on privacy policies and implementing appropriate data collection consent mechanisms
- Advising on the appropriate steps to take in the event of a data breach, including corresponding reporting obligations
Our consultants work across various jurisdictions and are able to advise on both established, comprehensive data protection frameworks and those found (or currently being developed) in emerging markets – as well as the interplay between the two. The ability to leverage an extensive foundation of knowledge and experience ensures that we can deliver advice in an efficient and cost-effective manner for our clients.