Data protection and cyber law

Advances in data processing and technology present a huge opportunity for your business – but recent scandals involving major multinationals have shown how damaging any breach of these systems can be.

Organizations in all sectors face a triple threat of greater scrutiny from the public and regulators, more stringent data protection regulation and increasing external and internal threats.

It is not only large corporations that are under attack. This affects clients of all sizes. In one shocking recent case, we acted for a small company that had fallen victim to ransomware, used to steal data that is then withheld until a ransom is paid. We reviewed what legal responsibilities they had, with reference to how mission-critical the stolen information was. Ultimately the client opted not to pay the ransom that had been demanded, and took our advice on how to strengthen its online protection.

We cut through regulatory jargon and help you to manage risks efficiently

Whatever the scale of your business, we will advise you on how to store, process and manage data to ensure compliance with the ever-expanding body of international rules and regulations. Our firm regularly deals with cross-border data protection issues and we have reviewed privacy compliance for a leading internet brand and conducted data privacy audits for international manufacturers. Our lawyers cut through regulatory jargon and help you to manage risks efficiently.

If you fear you may be vulnerable to threats arising from employees losing data, systems being inadequate or information being taken by clandestine means, we offer guidance on protective measures to take. When a data breach has occurred, we advise as to who needs to be notified and how to communicate with your clients, if necessary calling on colleagues in our reputation management team to assist. When one client faced legal action over a major data-handling failure, we helped its management team with regulatory fallout and negotiated a quick settlement.

We have also assisted a number of clients in dealing with regulatory investigations in relation to marketing practices, including a major investigation of the charity fundraising sector by the UK Information Commissioner, which has received extensive press coverage. We frequently deal with issues around data subject access requests, working with colleagues in our employment and other teams to deal with requests for data disclosure, often in the context of wider disputes. We are also active members of the International Association for Privacy Professionals (IAPP), which offers access to a rich database of privacy know-how and professionals worldwide.

‘Withers is the extra man on your team, someone immediately accessible, who can help,’ says partner Kenneth Mullen, who regularly advises on commercial technology and data protection issues.

For further help or information

Get in touch

02 April 2020 - Article

Morrisons ruled not on the hook for a true 'rogue employee' stealing personal data

Read More


Meet the team

How the team can help

We can also help with

Would you like to hear more from us?

Visit our subscriptions page to tell us a bit more about what you’re interested in so we can send you relevant news.