Home / People / John Armstrong
Picture of John Armstrong

John Armstrong


CMS Cameron McKenna Nabarro Olswang LLP
Cannon Place
78 Cannon Street
United Kingdom
Languages English

John Armstrong is a partner in the Technology Team at CMS UK. His practice focuses on IT and outsourcing transactions in the technology, media and telecommunications (TMT) sectors and on complex data protection matters which often have a cross-border element. John also regularly advises high profile international clients in relation to e-commerce, distance selling and cloud computing.

With over 30 years’ legal experience, John is an expert on IT, telecommunication, data protection, intellectual property, sales and distribution law. He has during this time advised clients across a range of sectors, including the TMT, consumer products and financial services sectors, on the development of their businesses through strategic commercial arrangements and has vast experience in drafting and negotiating commercial contracts, including licences, joint ventures and partnering agreements. 

more less

“Wonderfully calm … John Armstrong has the ability to make the complex and impossible realisable.”

Legal 500

Relevant experience

  • on its cloud computing solutions and customer offering as well as generally on its e-commerce activities including online launch, sales and promotion of goods and services.
  • BG Group on the renegotiation of a multi-million pound global application development and maintenance outsourcing and its global IT consultancy MSA.
  • BP on the outsourcing of its global HR services, employee flexible benefits scheme and various multi-million pound IS procurements.
  • National Grid in relation to three multi-million pound telecommunications outsourcings, sourcing of logistics and sourcing of other business critical functions.
  • Royal Mail Group on the outsourcing of document management services, FM services for its entire estate of properties, HR and recruitment services, health services, IT services and vehicle related services.
  • UK Government (DTI, Companies Registry, Home Office) on the development of new systems and the provision of IS, IT and voice telephony services.
  • A financial institution on their entire suite of commercial documentation for all financial services and their various procedures across all product lines for providing fair processing notices and obtaining consents and otherwise to ensure fair processing. John also advised on the strategy for ensuring data protection compliance in relation to all dealings with individuals including in relation to their Data Protection notifications.
  • A multinational fast food restaurant organisation on the data protection implications, and all related privacy considerations, of its impeding multi-million dollar launch of a new service, including providing advice on the collection of customer data, mobile phone applications, its websites and privacy policy, and its promotions and offers. A global marketing execution firm on the implementation and drafting of binding corporate rules and interfacing with the Information Commissioners Office (“ICO”). John also advised on the firm’s privacy and cookies policies, including on issues surrounding the suitability of specific terms for US and EU consumers.
  • A retail company on the data protection requirements of their sites worldwide including the privacy implications of its marketing activities, the use of websites and mobile phone apps for obtaining consent for processing and the collection of customer data, use of cloud computing, consent documentation, use of devices within their sites to obtain consent and collect customer details, its privacy policy and website terms and conditions.
more less


Show only
Sup­port­ing your busi­ness
Is there a FinTech boom in Africa?
Fin­an­cial Tech­no­logy, or ‘FinTech’, is in­creas­ingly be­com­ing a buzzword in parts of Africa’s tech­no­logy and ven­ture cap­it­al circles. In­vest­ment is grow­ing at a fast rate and, in 2016, it was meas­ured that there was an 84% in­crease in the num­ber of FinTech start-ups.
EU-US Pri­vacy Shield un­der High Scru­tiny
On 18 Septem­ber 2017, US Sec­ret­ary of Com­merce Wil­bur Ross and European Com­mis­sion­er Vĕra Jour­ova will launch the first an­nu­al re­view of the EU-US Pri­vacy Shield agree­ment (“Pri­vacy Shield”). The re­view will be a two-day ex­er­cise where European Com­mis­sion rep­res­ent­at­ives.
Does Trump’s Ex­ec­ut­ive Or­der threaten EU-US data trans­fers?
On Janu­ary 25th 2017 US Pres­id­ent Don­ald J. Trump ad­op­ted an Ex­ec­ut­ive Or­der titled “En­han­cing Pub­lic Safety in the In­teri­or of the United States”. The Ex­ec­ut­ive Or­der mainly fo­cuses on strength­en­ing im­mig­ra­tion en­force­ment.
New ICO pri­vacy no­tices, trans­par­ency and con­trol code – is it time...
The In­form­a­tion Com­mis­sion­er’s Of­fice (“ICO”) re­leased a re­vised code of prac­tice (the “Code”) fol­low­ing a con­sulta­tion on com­mu­nic­at­ing pri­vacy in­form­a­tion to in­di­vidu­als. The pur­pose of the Code is to en­sure trans­par­ency and ac­cess­ib­il­ity to in­form­a­tion re­gard­ing.
In­vest in data se­cur­ity, or pay the price…
Talk­Talk has been fined a re­cord £400,000 by the In­form­a­tion Com­mis­sion­er’s Of­fice (“ICO”) for web­site se­cur­ity fail­ings which led to the theft of the per­son­al data of cus­tom­ers. The Cy­ber At­tack In Oc­to­ber 2015 Talk­Talk was hit by a cy­ber-at­tack when at­tack­ers.
Brexit – Is the Gen­er­al Data Pro­tec­tion Reg­u­la­tion still the shape...
In­tro­duc­tion Even with the UK leav­ing the EU, the data pro­tec­tion laws that will ap­ply in the UK fol­low­ing Brexit are likely to either be the forth­com­ing Gen­er­al Data Pro­tec­tion Reg­u­la­tion (“GDPR”), or something equi­val­ent to the GDPR, de­pend­ing on the re­la­tion­ship.