Use of cookies by
Norton Rose Fulbright
We use cookies to deliver our online services. Details and instructions on how to disable those cookies are set out at By continuing to use this website you agree to our use of our cookies unless you have disabled them.

Data protection, privacy and cybersecurity


Meet the team

An increasingly complex web of data protection, privacy and cybersecurity laws, self-regulatory frameworks, best practices and business contracts govern the processing and safeguarding of information around the world, as well as the protection of critical industrial infrastructure.

“A respected name in technology and telecoms matters, including regulatory issues relating to data privacy, cloud services, mobile payments, big data, cybersecurity and telecoms financing.” - Chambers Global, 2018

Our global group of dedicated data protection and cyber lawyers represents clients from across industries that operate in many corners of the world, each facing a unique set of data protection, privacy and cybersecurity concerns, ranging from business strategy issues to transactions, and from cyber incidents to government investigations and litigation. Advising clients across the globe affords us a 360-degree view of cyber issues that we leverage to provide advice that is holistic, informed and practical, and reflects industry- and region-specific risks.

We advise clients on complex issues associated with both personal and sensitive business data, including its collection, use, storage, disclosure, transfer and destruction. We counsel clients on legal compliance and business strategy relating to privacy and security risk management and cybersecurity and technology transactions. We also offer clients a comprehensive cyber risk management and incident response service which includes assisting clients in developing internal policies and procedures, drafting cyber incident response plans and stress testing those plans by conducting simulated cyber incidents.

Our clients include large corporate, government and specialist internet or data-rich companies operating across a broad range of sectors including financial services, life sciences, healthcare and pharmaceuticals, retail, insurance, energy, telecommunications and technology.

Our areas of work include

  • Bankruptcy proceedings involving personal information
  • Cloud services and computing
  • Cross-border data flow requirements, including Safe Harbor certification, EU Binding Corporate Rules and other solutions
  • Cybersecurity and privacy contract development and negotiation
  • Cyber risk management and incident response solutions
  • Data hub relocation projects
  • Data protection, privacy and cybersecurity audits, compliance risk assessment and remediation
  • Data protection program development, including supporting consumer engagement activities such as marketing and advertising
  • Data security, privacy and technology regulatory response and litigation
  • Development of security and privacy policies, best practices and procedures
  • Leveraging personal information for advertising and marketing
  • Management of employee information and patient medical records
  • M&A transactions
  • Mobile privacy issues
  • Privacy breaches
  • Privacy policies for organizations and their websites
  • Proactive incident response planning
  • Restrictions on collection and use of consumer information
  • Security incident investigation, response, and remediation
  • Strategic regulatory compliance advice
  • Technology transactions
  • Vendor management program development and implementation

Awards and accolades

  • The Insurance Insider’s Cyber Ranking Awards: Cyber Law Firm of the Year, Euromoney Institutional Investor PLC, 2018
  • Chambers Global, Global-wide: Outsourcing, Chambers & Partners, 2018
  • Chambers Global, Global-wide: TMT, Chambers & Partners, 2018