Inês Antas de Barros joined VdA in 2007. Managing Associate of the Information, Communication & Technology practice area, she focuses her practice on electronic communications, information technology and privacy and information security. In such capacity, she has been involved in data privacy and other similar projects which raise complex issues across multiple jurisdictions and/or legal or regulatory areas
(including health, pharmaceutical, insurance, banking and telecommunications).
Such projects include conducting data protection risk management reviews; dealing with international flows of personal data; advising on the implementation of privacy compliance programs; the roll-out of a global whistleblower hotlines; drafting privacy policies, codes of conducts, cross-border data transfer agreements, charters for the use of information and communication methods as well as guidance for data privacy officers.
Rafi Azim-Khan is Head of Data Privacy, Europe and Head of Marketing Law at Pillsbury Winthrop Shaw Pittman LLP. Mr. Azim-Khan has been listed in Chambers Global and UK Directories for his e-commerce expertise and was named one of the UK’s “digital dozen” e-commerce and data protection specialists by Legal 500’s Insider Guides. He is recognized as an expert by Who’s Who Legal: Data 2019. He has also been ranked as a leader in Chambers Directory for his IP and Marketing Law work for the past 20 years, particularly for digital marketing, social media, the launch of new products internationally or entering new markets/countries and dealing with claims, competitors and regulators. On the data side, Rafi has advised clients, ranging from GE and GM through to Silicon Valley startups, on the full range of data protection, cyber-security and e-commerce issues, including the GDPR, CCPA, BCRs and data transfers, Big Data use, cyber breach response/notifications and the e-Privacy Regulations. He has co-authored 5 books including Regulation of the Internet, the IPA’s Ad Law, The Encyclopaedia of E-Commerce Law, and E-Business: The Practical Guide.
Ann Bevitt has been advising clients on privacy and data security compliance for 20 years. Ann covers all aspects of privacy regulation and risk management. She regularly works with clients on issues such as dealing with data subject requests, effecting data transfers, drafting privacy policies, handling breach notification, drafting and negotiating data processing agreements, identifying the legal bases for processing special category data, electronic marketing, rolling out new technologies in the workplace, monitoring employees in and outside of the workplace, employee background checks, dealing with e-discovery, undertaking internal investigations (domestic and cross-border), handling regulatory investigations, and responding to disclosure requests and subpoenas in litigation.
Ann works with clients across a very broad range of industry sectors including technology, biotechnology and pharmaceuticals, venture capital and private equity, insurance, media, hotel and leisure, retail, restaurant, music, banking and financial services, recruitment and employment.
Ann is a regular speaker at privacy and data protection conferences and writer for legal and trade publications, including the Financial Times, CityAM and Management Today. She is a contributing author to ‘Employee Privacy: Guide to US and International Law’ and ‘A Practical Guide to UK and EU Data Protection Law’.
Peter’s practice encompasses a wide range of areas in which technology interfaces with the law including data privacy, ecommerce regulation and technology contracts. He has spent time on secondment at a number of global technology and communications companies. He is editor of Data Protected, a review of data protection laws across 52 jurisdictions around the world.
Rebecca is a partner in Slaughter and May’s corporate and commercial group in London, co-heads the firm’s global data protection and privacy practice and is a member of our cyber advisory unit. She advises on all aspects of data protection and privacy, including cyber or data breach preparation and incident response, challenges with new technologies, implications for contractual arrangements, privacy aspects of M&A and investigations, and on companies’ policies and procedures. Rebecca sits on the UK Information Commissioner’s Office’s Legal Reference Panel and is Vice-Chair of the City of London Law Society's Data Law Committee. She is also a frequent contributor to data protection journals and events.
Richard is Global Head of Linklaters’ TMT practice and has advised clients on privacy related issues for more than 20 years. He has worked on privacy projects across the globe including major data security incidents, large scale privacy litigation, appearances before regulators, contentious and large scale subject access issues, the privacy implications of new technology, online monitoring techniques (including by governments), cloud computing and “big data”. He has recently led teams advising Thomson Reuters, BlackRock, RBS, Hewlett Packard, News International, Disney, Live Nation, UBS, KPMG, Hyatt Hotels, AstraZeneca, Sainsburys, Deloitte and the administrators of Lehmans on domestic and international data protection and information governance projects. He is a past member of the IAPP editorial board, currently sits on Tech UK’s data advisory group and is a member of the ICC’s digital economy committee. He is listed by Chambers and Partners and Legal 500 as in the first rank of privacy and cybersecurity advisors in the UK.
Alison advises clients on data protection compliance issues, including drafting privacy notices and policies, delivering training, advising on international data transfers, advising on marketing compliance issues, dealing with ICO investigations, conducting audits, managing data breach incidents and advising on data sharing arrangements. Alison also has significant experience advising organisations on GDPR implementation requirements, assisting with data mapping exercises, updating policies and procedures and negotiating contracts. Alison is a member of the International Association of Privacy Professionals and holds the CIPP/E certification.
Jamie joined Bristows as a Senior Associate in June 2018, working in the Commercial IT department and specialising in data protection and privacy law.
Jamie’s practice includes advising clients on a wide range of privacy and data protection issues, including on the adoption of privacy strategies, assessing privacy risks in the context of new lines of business and the adoption of new technologies, notification and consent issues, individual rights requests, anonymization, and data processing and transfer agreements. He also advises on marketing issues, in particular helping clients understand e-Privacy and GDPR requirements in the context of email marketing, targeted advertising and other online tracking and profiling.
Over the last couple of years Jamie has assisted clients in making preparations for the General Data Protection Regulation and in implementing Binding Corporate Rules.
Jamie helps clients in responding to data breach incidents, and in defending regulatory enforcement action across Europe. He has also worked on high profile data protection litigation in the English High Court.
Simon specialises in advising multi-national corporates on a wide range of data protection and technology law issues. He has over ten years experience with Dentons' tier one ranked data privacy practice advising clients on data privacy and information governance matters, including global data transfer solutions, data processor engagement, marketing and CRM strategies and data incident responses. He regularly advises clients on compliance with the General Data Protection Regulation, leading multiple audit and gap assessments exercises and implementation projects. He has also advised on multiple Binding Corporate Rules applications – both for data controllers and data processors – and Privacy Shield applications. His clients span the financial services, technology, media, retail and transport sectors. Simon was identified as a "Next Generation Lawyer" by Legal 500 for data protection, privacy and cybersecurity and recognised by Global Data Review as one of its "40 under 40" data lawyers. He has also previously sat on the Executive Committee of the Data Protection Forum and regularly speaks on data protection topics. He also regularly advises clients on complex commercial and technology contracts, including vendor procurement, outsourcing and commercial partnership arrangements. Simon has previously been seconded to clients in the manufacturing and financial services sector.
James Fenelon is a senior associate in Bird & Bird's leading Privacy & Data Protection Group, based in London.
He advises on a wide variety of privacy matters including GDPR, e-Privacy laws, online marketing and data security.
James has particular experience advising on ad tech and analytics technologies, looking at issues such as cookies, online profiling, device recognition technologies, and custom audience initiatives (among others).
James acts as external Data Protection Officer for leading analytic and ad tech companies.
He speaks regularly at conferences on data and information law issues.
James holds a Bachelor of Civil Law from University College Dublin and a Master of Laws from University of Cambridge including specialism in Information Law. He is IAPP CIPP/E certified privacy professional.
Richard is a disputes and investigations partner in Slaughter and May’s Data Privacy Hub, advising across all aspects of data protection and privacy, including in response to data and cyber incidents, on data related litigation and in the context of global investigation and disputes. Richard acts for major corporates, trustees and financial institutions as well as governmental bodies and international organisations.
Paul is a partner and the head of the Technology & Innovation Group in McCann FitzGerald and advises on a wide range of data protection, data security, information technology, outsourcing and confidentiality issues. He writes and lectures widely on these and other topics. Paul is the author of Commercial Secrets: The Action for Breach of Confidence in Ireland. The book has been quoted with approval in judgments of the Irish High Court and Supreme Court. Paul has provided specialist advice in the complex and evolving area of privacy and data protection law for over 21 years and is considered an expert in the field in Ireland. He advises clients on all aspects of data privacy compliance, including appropriate notices and policies, records of processing activities, the legal basis for processing, access requests, marketing obligations, international data transfers and appropriate processing exemptions. He has also been involved in a number of “market firsts” in Ireland including the first case in Ireland on the meaning of personal data, the first case in Ireland on processing causing distress and the first set of Binding Corporate Rules to be approved with the Irish Data Protection Commissioner as lead regulator. Paul is also advising a number of clients on their preparation for and on-going compliance with the General Data Protection Regulation and the Irish Data Protection Act 2018 Paul’s clients in the area of privacy and data protection include public and private sector bodies including government departments, state agencies, semi-state companies, leading IT companies, telecommunication service providers, financial institutions, professional bodies, pharmaceutical and insurance companies.
Lore Leitner is Of Counsel in the London office of Wilson Sonsini Goodrich & Rosati. For nearly a decade, Lore has advised clients on data protection and privacy, as well as cybersecurity and intellectual property-related issues. She assists clients with the design and implementation of data protection compliance programs, including those driven by the General Data Protection Regulation (GDPR), and has advised companies on data privacy in developing proactive business strategies that involve large-scale data use, regulatory investigations, and damage mitigation tactics related to cyber intrusions or data breaches. Lore also has substantial expertise in M&A and capital markets transactions, assisting deal teams by advising on privacy, data protection, and other deal-related requirements.
In addition to English, Lore speaks Dutch, French, and German.
Jenai has extensive experience advising UK and US businesses on European privacy requirements including the GDPR, negotiating multi-national data transfer agreements, handling breach notifications and investigations, undertaking data protection audits, and providing data protection training. Jenai is a member of the International Association of Privacy Professionals and holds the CIPP/E and CIPM certification. She also holds the PDP Practitioners Certificate in Data Protection and the ICA Certificate in Compliance.
Isabel Ornelas joined VdA in 2006. Senior Associate of the Information, Communication & Technology practice area. In such capacity she has been involved in several transactions, in Portugal and abroad. She has worked in particular in the field of privacy and data protection, having taken an active role in several privacy compliance audits carried out by companies in various sectors (in particular, banking and finance, health, insurance and telecommunications), in the set-up of privacy policies and ethics lines, as well as providing project-oriented
legal counselling in various operations and market products and services, particularly those including international data transfer.
She also organised training sessions and workshops. She lectures at the Post-Graduate course in Compliance at the Institute of Banking Management.
Kwang Bae Park is the head of Lee & Ko‘s DPP (data protection and privacy) practice group and key partner in the Technologies, Media and Telecommunications (TMT) practice group. He is recognized as one of the foremost lawyers in DPP and TMT practice sectors in Korea.
He has been recognized from various legal assessment institutions as a leading lawyer in the TMT (including DPP) practices sector, such as Asia Law, Chambers Asia, International Who’s Who Legal from around 2010 to date.
He has consistently been representing and advising various domestic and multinational companies on the data protection framework of Korea, cross-border data transfer (that may involve outsourcing or cloud computing) of employee/customer data, safeguards and data breach cases proactively and/or after the incidents.
He has contributed articles more than 30 times during last 10 years and made speeches on various topics including DPP and TMT (including FinTech), and participated a various international or domestic forums thereon.
Nigel specialises in data protection, commercial contracts and intellectual property law. He works across a wide variety of business sectors, with a focus on financial services, technology, media and life-sciences. Nigel regularly advises on multi-jurisdictional data protection matters. He advises companies across various sectors on strategic issues relating to personal data management and new technologies such as the EU General Data Protection Regulation, privacy impact assessment, privacy by design, and crisis management (eg data breaches). Nigel is described in Chambers 2015 as "technically faultless" as well as "very practical and very good at finding solutions".
David retired from his role as Deputy Data Protection Commissioner in November 2015 and joined A&O as special adviser on data protection on 1 January 2016. David was instrumental in shaping the UK position on the General Data Protection Regulation. He was widely quoted giving the ICO view on regulatory developments – e.g. Safe harbour and the Google decision on the right to be forgotten. He also represented the ICO in the Article 29 Working Party of European Supervisory Authorities set up under the Data Protection Directive. The Article 29 Working Party is a highly influential group of national regulators across Europe who issue opinions on compliance. David was also involved at the highest level of the ICO’s enforcement regime. His wealth of experience and knowledge of data protection policy and enforcement bolsters Allen & Overy’s existing data protection team in London at a time of significant regulatory change and growing client demand for advice and support in this fast moving area. During his time as Deputy Commissioner, David saw first-hand how this area of law has evolved and the impact it can have on businesses and ordinary citizens.
Rob is head of the firm’s Technology and Strategic Sourcing practices and co-heads our global data protection and privacy practice, Fintech and Cyber Advisory units. He advises on all things ‘data’, including data protection, privacy, cyber security and direct marketing. He regularly helps clients understand and mitigate risk, whether linked to a changing regulatory compliance framework or otherwise. Rob frequently writes and speaks at industry forums, has been published in PLC, Cyber Security Practitioner and Digital Business Lawyer, and is on the editorial board of Global Data Review. Rob was the independent member of the Government selection panel that appointed the current UK Information Commissioner.
With over 30 years’ experience, Tanguy has led Linklaters’ Global Data Protection Practice and its Technology Media & Telecommunications team in Belgium for more than a decade. He is advised numerous multinational companies on all aspects of information governance and cyber security having successfully led multiple GDPR implementation projects, binding corporate rules adoption processes as well as a large variety of other data protection related matters at local, EU and global levels.
He is extremely well-known in privacy circles, as he is active in a number of professional organisations aiming at fostering information management and reviewing the related regulatory environment. He was elected by the EU Commission as one of the 27 experts of the multi-stakeholder expert group supporting the application of the GDPR. He is data protection issue lead of the Digital Economy Committee of the American Chamber of Commerce to the European Union and is a member of its Board of Directors. For four years, he has been a member of the European Advisory Board of the International Association of Privacy Professionals (IAPP). He is also a member of the GDPR Advisory Committee of the University of Brussels and a member of the Editorial Boards of Digital Health Legal and Computer and the Telecommunications Law Review. Tanguy teaches on data protection and sourcing at the Solvay Brussels School of Economics and Management, which is part of the University of Brussels. He speaks at major conferences on data protection and IT related matters throughout Europe and beyond.
Mark is a technology specialist with over 20 years’ experience. He advises companies on technology issues such as cloud computing, machine learning, Apps and facial recognition. Much of Mark’s experience was gained in-house at IBM where he held various roles, including Global Data Privacy Counsel.
Mark has particular expertise in data privacy. He advises multinational companies on implementing General Data Protection Regulation compliant programs, Privacy Shield and Binding Corporate Rules. Mark has been involved in many of the most high profile data privacy cases in the world and regularly advises companies in relation to incident response and defending regulatory enforcement actions all over Europe.
Ashley Winton focuses his practice on global data protection and privacy, information governance and cybersecurity compliance. He has particularly in-depth knowledge of cyber breach response, cybersecurity in the context of payment systems, the lawful interception of data, and the conflict of laws in relation to corporate and government investigations and international litigation. Ashley frequently represents major corporations, trade associations, charities and government entities on a range of data privacy and cybersecurity issues and he has significant experience in advising on the impact of privacy and cybersecurity law on cloud services, health care and international data transfers.
Ashley is a fellow of the Ponemon Institute and current Chairman of the Data Protection Forum, the leading data protection association in the UK.