Our team works across the world to shape, apply and enforce data rights for a technological future abundant in protection, trust and accountability.


Research and development of better public policy and regulation.

  • Topics: artificial intelligence, online content regulation, cyber security, competition, export control regulation, data protection and the future of work.
  • Analysis: conducting research and mapping policy and regulatory landscapes.
  • Research & Development advice: assistance on the development and implementation of research projects concerning data rights and technology governance issues.
  • Public policy: monitoring and analysis of regulatory initiatives and development of original public policy proposals, designing coalition and stakeholder strategies, and impact strategies.
  • Public affairs representation: Representing organisations seeking to influence public policy.


Bespoke solutions to regulatory and ethical challenges.

  • Data protection: Internal policy development, documentation and advice on legislation including the GDPR and UK DPA
  • Data Protection Impact Assessment: bespoke DPIAs and risk mitigation for new technologies, applications, projects and organisations
  • Data protection and privacy-by-design: Ensuring new initiatives are feasible and compliant, from conception to implementation
  • Institutional relations: Data sharing agreements, controller-processor agreements, partnership management and contractual review
  • Risk management and documentation: Registers of data processing operations, risk assessment and accountability frameworks
  • Ethical impact assessment: Individual project evaluation, portfolio management and comprehensive oversight frameworks
  • Audits and certification: Information management, data protection and security
  • Training: bespoke training packages for data protection, information security, fundamental rights and applied ethics
  • Human Rights Impact Assessments: Identifying, understanding, assessing and addressing adverse effects of a project, activity or technology
  • IT Law advice: Advising on information technology law, such as e-Privacy and PECR


Data rights violations, regulatory enforcement and litigation.

  • Legal services: A UK regulated law firm providing a full range of advice on data rights issues.
  • Claims: Asserting rights through legal proceedings, including claims under the GDPR and UK Data Protection Act 2018 and beyond.
  • Remedies: Experienced in seeking complete remedies for clients, including financial compensation and wider remedies such as compliance orders and the “right to be forgotten”, through to reputation management cases.
  • Regulatory complaints: Matters before data protection supervisory authorities, such as the UK Information Commissioners Office (ICO).
  • Judicial reviews: Challenges to the use of technology and data by state authorities.