Data Protection & Freedom of Information

The EU data protection landscape is shifting with a radical new regulatory framework on the horizon. Our 'extensive team' has the data protection expertise to handle the very largest and most complex local and multi-jurisdictional matters.

Our team is composed of experts in data protection and security, data loss and information management and can draw on our extensive experience in order to provide practical solutions for your business. We also advise clients on the risks and opportunities presented by freedom of information legislation and the strategic use of subject access requests.

What sets us apart is our specialist data protection sector expertise, particularly in highly regulated sectors like technology, media and communications, energy and utilities, healthcare and financial services.  

We are at the forefront of thought leadership and policy change in relation to GDPR. We have advised clients extensively on its implementation and have supported them in their lobbying activities in Europe and the US, responded to the Ministry of Justice call for evidence and provided guides, updates and training on the proposals every step of the way.

Our team provides counsel across a wide range of areas including data protection registration and policy development, data security and mobile device encryption, data transfer procedures using model clauses and binding corporate rules, freedom of information requests, data subject access requests and resolving data protection issues arising from outsourcing projects. 

We also advise various insurers and insureds in relation to cyber-attacks, systems failures and security breaches, through the CMS Cyber Network, covering over 40 countries.

The core data protection team is able to draw on the expertise of other practice areas across CMS such as employment, financial services and litigation.