Home / People / Emma Burnett
Picture of Emma Burnett

Emma Burnett

Partner
Head of Data Protection

CMS Cameron McKenna Nabarro Olswang LLP
Cannon Place
78 Cannon Street
London
EC4N 6AF
United Kingdom
Languages English

Emma Burnett is a partner in the Commercial Team and her practice focuses on data protection, technology and outsourcing. She regularly advises high profile international clients on her core specialism of data protection and has significant experience in information technology and intellectual property law, having previously undertaken a secondment to Royal Mail Group Limited as acting Head of the IT/IP legal team.

Emma has extensive experience in drafting and negotiating commercial agreements, including licences and terms and conditions for the supply of goods and services. Emma is known for her proactive, solutions orientated approach and acts for clients across a wide range of industry sectors, including the technology, media and telecommunications, life sciences and financial services sector. Emma sits on the editorial board of Lexis PSL where she advises on data protection, IT and telecoms. She is also a member of the Financial Markets Law Committee, as part of which she has participated in a European Data Protection Reforms Working Group on the EU’s General Data Protection Regulation. 

more less

We think Emma Burnett is great, really proactive and helpful. She comes up with solutions and does what she says she will do.

Client Feedback

Relevant experience

  • A retail company in relation to a comprehensive IT transformation project with a value of between £1-2bn.  The new IT operating model involves the appointment of a ‘service integrator’ supplier who will manage and integrate all IT services. 
  • An international telecoms company drafting binding corporate rules and interfacing with the Information Commissioners Office  including assisting in the analysis of the business’ data flows, current methods of international data transfer and managing the project as a whole, as well as presenting it to internal stakeholders.
  • A retail company on an MVNO creating a major new entrant in the mobile retail sector. As this was a multi supplier solution, Emma advised the business on the overall contracting structure and on each individual agreement with over 11 suppliers to ensure the integration of services, devices and systems to ensure a seamless customer experience. 
  • A major logistics business on the implementation of a group wide governance strategy including advising on the personal data and security issues relating to the development, launch and operation of an HR IT platform; support in lobbying and responding to the Ministry of Justice call for evidence on the proposed draft General Data Protection Regulation and on the strategic approach to a requested ICO audit.
  • A leading international asset manager on a complex multi-jurisdictional project co-ordinating advice from 14 countries across Europe. The project related to the client’s direct marketing and privacy notice requirements in each jurisdiction. Emma also advised in the development of a single comprehensive website privacy notice designed to address the legal requirements across multi-jurisdictions.
  • An international retailer on the unified procurement of its global communication services for all group companies in the UK, Ireland, France, Germany, Spain, Portugal, Poland, Russia, Turkey, Hong Kong and China.
  • A retail bank on the licensing, hosting and support arrangements for a European trading platform.
  • A multinational organisation on a review of its privacy policies across 85 jurisdictions worldwide.
  • Clients in various sectors on installation and monitoring of CCTV and telemetry systems within vehicles, including specific advice on undertaking impact assessments.
  • A retail bank on the outsourcing of its group-wide domestic and global courier services.
more less

Education

  • 1996 – LPC (Commendation), College of Law, Guildford
  • 1995 – CPE (Commendation), College of Law, Guildford
  • 1994 – BA (Hons) History (2:1), University of Exeter, Exeter
more less

Memberships

  • Member,  the Financial Markets Law Committee
  • Member, the editorial board of Lexis PSL
more less

Feed

Show only
21 March 2019
CMS Fin­an­cial In­sti­tu­tions Op­er­a­tion­al Re­si­li­ence Re­port
Risk, Re­si­li­ence & Repu­ta­tion
30 Oct 19
Shar­ing is (S)caring
An­nu­al Tech­no­logy, Me­dia and Com­mu­nic­a­tions Con­fer­ence
10/07/2019
Watch this (adtech) space – ICO re­port on adtech and real time bid­ding
The UK In­form­a­tion Com­mis­sion­er’s Of­fice (ICO) has is­sued an up­date re­port on adtech and real time bid­ding (RTB). The reg­u­lat­or has iden­ti­fied sev­er­al areas as need­ing im­prove­ment, and sees this as just the start of its en­gage­ment with the adtech sec­tor on.
4 December 2017
Risk Mat­ters: In­sur­ance Sec­tor Up­date (Winter 2017/18)
06/06/2019
GDPR: 12 months on, 12 Takeaways
Some com­ment­at­ors were ex­pect­ing the GDPR to be the new Y2K, and oth­ers the dawn­ing of the data apo­ca­lypse. The real­ity has been less dra­mat­ic, but has non­ethe­less brought a range of chal­lenges and les­sons learned.
14/05/2014
Out­sourcing
Sup­port­ing your busi­ness
26/04/2019
Re­li­ance on the EU-U.S. Pri­vacy Shield for UK data fol­low­ing Brexit
There has been wel­come cla­ri­fic­a­tion on the scope of the EU-U. S. Pri­vacy Shield on UK data fol­low­ing the UK's ex­pec­ted de­par­ture from the EU. Guid­ance from the U. S. De­part­ment of Com­merce, which ad­min­is­ters the Pri­vacy Shield, con­firms that busi­nesses cur­rently.
01/03/2019
Count­down to Brexit: A No Deal Check­list for busi­ness
The UK is due to leave the EU in just 28 days' time, with or without a Brexit deal. It is pos­sible that the UK and EU27 gov­ern­ments will agree an ex­ten­sion to the dead­line, but this is not cer­tain. If it does hap­pen, it might come as late as the last week.
19/10/2018
ICO launches tech strategy
The In­form­a­tion Com­mis­sion­er­'s Of­fice (ICO) re­leased its first tech­no­logy strategy in sup­port of its In­form­a­tion Rights Stra­tegic Plan 2017-2021 The strategy out­lines eight tech­no­logy goals that the ICO hopes to achieve in or­der to en­hance its tech­nic­al know­ledge.
23/05/2018
Data Pro­tec­tion Act 2018 be­comes law
Less than two days be­fore the Gen­er­al Data Pro­tec­tion Reg­u­la­tion enters in­to force on 25 May 2018, the Data Pro­tec­tion Bill (the “Bill”) has passed in­to law. Since its first read­ing in the House of Lords on 13 Septem­ber 2017, the Bill has been de­bated by both.
14/03/2018
Data pro­tec­tion un­der the draft Brexit with­draw­al agree­ment
The European Com­mis­sion pub­lished the first draft of the pro­posed Brexit with­draw­al agree­ment on 28 Feb­ru­ary 2018. It in­cludes pro­vi­sions in re­la­tion to the pro­cessing of per­son­al data dur­ing a ‘trans­ition peri­od’, and in cer­tain cir­cum­stances there­after.
30/10/2017
What next for in­ter­na­tion­al data trans­fers?
Sum­mary The Ir­ish High Court has made a pre­lim­in­ary ref­er­ence to the Court of Justice of the European Uni­on (the “CJEU”), ask­ing wheth­er stand­ard data pro­tec­tion clauses (“stand­ard clauses”) are com­pat­ible with the leg­al rights of data sub­jects un­der EU law.