Bristows LLP represents international market-leading tech corporations and life sciences companies and is equipped to handle the full gamut of the work in the sector. Under the supervision of Marc Dautlich, the practice is adept at handling AI governance matters, contentious multi-jurisdictional data protection litigation and broader compliance advice. Dautlich is particularly well known for his knowledge of the financial services industry and is experienced at providing both security and regulatory assistance. Mark Watts is renowned for his disputes expertise, while Hannah Crowther regularly advises clients on ICO investigations. Jamie Drucker has experience in both a tribunal and advisory setting, while Faye Harrison focuses on data breaches and compliance projects.

The privacy and cyber practice at Latham & Watkins consists of ‘brilliant people with in-depth expertise and experience in what they do’, led by Gail Crawford. The team boasts a particularly strong track record in the tech, artificial intelligence, media and financial services sectors across multiple jurisdictions. Crawford is well-versed in completing regulatory due diligence, offering commercial transaction support and drafting privacy policies. Ian Felstead forms the bedrock of the firm’s contentious data protection offering and has recently worked with the Information Commissioner’s Office on GDPR infringement issues. Fiona Maclean is recognised for her abilities in crisis management and day-to-day cybersecurity support. James Lloyd and Danielle van der Merwe are two key names who add additional strength to the roster. In February 2025, Sophie Goossens joined the team from Reed Smith LLP.

Linklaters LLP is home to a team of data protection specialists who are adept at handling advisory and contentious matters in multiple jurisdictions. The practice advises international companies, public authorities and financial services firms on matters ranging from data protection impact assessments (DPIA) to regulatory enforcement cases. At the helm of the practice, Richard Cumbley offers clients support after cyber attacks and assistance with investigations governed by the Information Commissioner’s Office (ICO). Georgina Kon is building a reputation in artificial intelligence matters and provides clients with governance and compliance advice. Greg Palmer is well-versed in media law-related matters and forms a key part of the practice’s litigation offering.

A&O Shearman boasts industry-leading tech, pharma, telecoms and financial services companies, under the joint supervision of Jane Finlayson-Brown and Ffion Flockhart. The practice frequently assists clients with cyber legal risk management, regulatory data protection matters and subject access requirements. Finlayson-Brown advises on international data transfers and artificial intelligence governance matters, while Flockhart excels in the investigations space, showcasing skill in both crisis management and group litigation. Nigel Parker is noted for his knowledge of Binding Corporate Rules.

Baker McKenzie is recognised for its broad data protection and cybersecurity offering, demonstrating particular proficiency in matters involving Digital Services Act compliance, self-identification projects and responses to complex cyber threats. The practice is active in the tech, artificial intelligence, banking, retail and transportation sectors. Department head Vinod Bange has recently led on investigations and enforcements brought forward by the Information Commissioner’s Office, but is equipped to handle Digital Subject Access Requests. In his practice, John McGovern utilises deep knowledge of relevant legislation in multiple jurisdictions.

CMS leaves international tech corporations, international banks and market-leading companies ‘in safe hands’ under the supervision of Emma Burnett. The practice frequently advises on the creation of internal data security policies, multi-jurisdictional legislative compliance and legal risk management. Burnett is renowned for her knowledge of artificial intelligence regulation, but her experience extends to regulatory investigations and enforcement notices. Based in Edinburgh, Duncan Turner focuses on multi-party transfer agreements, Data Subject Access Requests and ensuring that clients remain compliant with the Information Commissioner's Office. In October 2024, Loretta Pugh left the team.

The data protection team at DAC Beachcroft LLP is described by clients as ‘clear, approachable and down to earth’, and is very adept at managing the responses to damaging cyber incidents or ransomware attacks. The team is particularly well respected in the real estate and insurance sectors, but has experience which extends to the tech, education and healthcare industries. The team is jointly led by the ‘practical and immensely knowledgeable’ Jade Kowalski, who is involved in a lot of artificial intelligence governance matters, and the ‘first class’ Hans Allnutt, who spearheads the team’s contentious offering, having been involved in the response to several high-profile cyber attacks. In May 2024, Peter Given joined the team from EY Law and was followed by Andy Lucas from Dentons in November.

Dentons has a renowned data protection advisory practice, noted for the assistance it provides to retail brands, social media corporations, financial institutions and multi-national conglomerates. Department lead Simon Elliott has a wealth of regulatory expertise and has experience introducing robust measures to respond to and prevent cyber breaches. Antonis Patrikios leverages sector-specific AI and adtech knowledge, representing market-leading American tech companies. Tatiana Kruse offers a multijurisdictional angle in her practice due to her intellectual property background. She is building a strong track record in dealing with privacy-related matters.

The data protection, privacy and cybersecurity team at Norton Rose Fulbright has ‘a broad range of specialisms’ ranging from high-stakes breach support work to broader legislative compliance. The team is jointly led by Marcus Evans, Jonathan Ball and Tim Jones. The ‘highly commended’ Jones is noted for his capabilities in the aviation sector, having assisted clients with personal data breach claims and cybersecurity investigations. Evans has significant experience in multiple jurisdictions and is especially useful with financial services clients who aim to remain compliant with evolving international legislative regimes. Ball frequently assists high-profile entities in the aftermath of significant ransomware attacks.

Pinsent Masons LLP houses a strong data protection team, boasting expertise in both advisory and contentious matters, which is used to assist clients in the retail, tech and automotive sectors. Jonathan Kirsop is recognised for his knowledge of the financial services space and is often focused on ensuring that international companies remain compliant with competing pieces of legislation. David McIlwaine is a cyber specialist who is a key contact for companies looking to recover after a ransomware attack. The team’s disputes offering is bolstered by David Barker, who has been involved in multiple class actions this year. Together, they form the practice’s leadership structure. Paul Hinton joined the team from Deloitte Legal in April 2024.

RPC has ‘an excellent and well-deserved reputation’ in the data protection market, exhibiting strength in both contentious and advisory matters. The department is jointly led by Jon Bartley, Richard Breavington and Rupert Cowper-Coles. Bartley is recognised as an authority in ad tech and artificial intelligence matters and is well-versed in various digital regulations. Breavington has a background in insurance law and is frequently called upon to respond to major cybersecurity incidents. Cowper-Coles is a disputes specialist and recently successfully argued a case against the HMRC.

The data privacy and cybersecurity practice at Ashurst stands out for ‘ its blend of expertise, innovative approach and commitment to client service’, and is especially experienced in the insurance, tech and banking sectors. The ‘experienced, commercial and solutions-oriented’ Rhiannon Webster leads the team and covers the entire scope of the area, advising on matters ranging from drafting data protection impact assessments and privacy policies to conducting internal data protection reviews and developing cyber attack response protocols. Shehana Cameron-Perera is a key part of the team.

Clifford Chance LLP has a ‘highly motivated and knowledgeable’ data protection and cybersecurity team, which is led by Jonathan Kewley. The team boasts an international client base and stands out for its work in the financial services, tech and mining sectors. Kewley boasts significant knowledge of artificial intelligence regulations and has recently assisted an international company with AI legislative compliance across the UK and EU. The team’s offering is strengthened by the ‘very knowledgeable’ Oscar Tang and Laia Bertran Manye. Arnav Joshi impresses with his knowledge of global privacy and cybersecurity developments. Simon Persoff left the firm in March 2024.

DWF boasts ‘deep knowledge of data privacy law’ and is particularly active in the telecoms, fintech and retail sectors across multiple jurisdictions. The practice is jointly led by the ‘phenomenal’ Stewart Room, James Drury-Smith and JP Buckley. Room brings experience as both a solicitor and a barrister and is well versed in regulatory investigations and proceedings. Drury-Smith has recently assisted international corporations with the development of internal artificial intelligence policies. Buckley has a strong track record with sports clients and has advised them on internal policy reviews and data protection investigations.

Eversheds Sutherland (International) LLP is a ‘brilliant firm’ with a comprehensive data protection offering which advises international tech conglomerates, public authorities and healthcare sector companies. Under the supervision of Paula Barrett, the team is particularly strong on the advisory side, assisting clients with legislative compliance, privacy policy construction and data protection risk assessments. Barrett leverages a wealth of multi-jurisdictional experience in her practice and is often consulted as lead cybersecurity counsel for domestic and international commercial entities. Liz Fitzsimons ‘always goes above and beyond’, particularly in freedom of information and data transfer matters. Gayle McFarlane left the team in September 2024.

Fieldfisher is particularly well known for the assistance it provides to healthcare tech clients, but possesses expertise in the financial services, retail and tech sectors. The tech and data practice is geared to support companies with privacy compliance, data subject access requests and GDPR issues. Department head Hazel Grant is praised by clients for her ‘outstanding client care skills’ and is noted for her capabilities in the artificial intelligence space. Leonie Power is noted for her capabilities in international data transfers, transfer impact assessments and she recently helped an international corporation remain compliant with new EU legislation. Nuria Pastor adds additional strength to the bench.

Herbert Smith Freehills Kramer LLP is recognised in the data protection market for ‘its exceptional blend of legal expertise and commercial acumen’, under the joint leadership of Miriam Everett, Andrew Moir and Christine Young. Moir is recognised for his ability to assist clients who look to respond to artificial intelligence developments and cyber attacks. Everett is praised by clients for her ‘solutions-focused approach’ and is particularly well known for her expertise in the financial services and several consumer-facing sectors.

Considered a go-to firm for clients in the artificial intelligence, gaming and software sectors, Mishcon de Reya LLP is equipped to advise on a wide array of matters, under the supervision of newly appointed department head James Boyle. Boyle is particularly impressive in data sharing projects and multi-jurisdictional compliance matters. Adam Rose is often called upon to assist with investigations brought forward by the Information Commissioner’s Office (ICO). In July 2024, Robert Griffiths joined the team from Deloitte Legal, and Ashley Winton left the firm in the following September.

Morrison Foerster leverages an international network to advise large tech corporations, financial services companies and large commercial entities on a host of multijurisdictional data protection and cybersecurity matters. Annabel Gillham leads the team and is equipped to assist with compliance projects, subject access requests, cybersecurity incidents and proceedings brought forward by the Information Commissioner’s Office. The team benefits from the additional expertise provided by Michelle Luo and Dan Alam.

Reed Smith LLP houses a ‘brilliant team that demonstrates exceptional efficiency and deep knowledge’ and is particularly impressive in multi-jurisdiction data protection projects across an array of sectors. Philip Thomas conducts privacy impact assessments and ensures that clients remain compliant with various international legislative regimes. He leads the team alongside Cynthia O’Donoghue, who has recently impressed with her expertise in matters relating to the Data Act. Elle Todd offers an ‘expert and comprehensive perspective’ and is particularly knowledgeable of GDPR regulations.

Shoosmiths LLP leverages a wealth of expertise to offer solutions to multinational corporations, tech companies and retail brands. Department head Sherif Malak has a strong track record in the automotive and adtech markets, advising on multi-jurisdictional compliance matters and intra-group data transfers. Nick Holland helps clients navigate the evolving data protection market, with his knowledge of the EU Artificial Intelligence Act and the Digital Operational Resilience Act. Kate Brimstead, a September 2024 arrival from Bryan Cave Leighton Paisner, is noted for her capabilities in the financial services sector.

Simmons & Simmons is a go-to firm for market-leading online retailers, tech companies, AI corporations and international banks, assisting with the full gamut of the sector. Heading up the team, Lawrence Brown is noted for his capabilities in UK and EU compliance matters as well as in the facilitation of international data transfers. In 2024, Rich Folsom, Andrew Joint and Calum Murray all joined from Deloitte Legal, in January, June and May, respectively. Hayley Davis joined from Goodwin in May 2024.

Stephenson Harwood houses a ‘pragmatic’ data protection team which maintains a strong position in the tech, financial services and transportation sectors. Department head Katie Hewson is a ‘true expert in her field’, proving especially useful in artificial intelligence matters and data subject access requests. In May 2024, Joanne Elieli moved from Cooley (UK) LLP and was joined by Sally Samadi from Clifford Chance in September. Michael Bywell and Jenna Franklin left the team in January and February 2025, respectively.

At TLT, the ‘bright and engaged’ data, privacy and cybersecurity team is recognised for its multijurisdictional expertise, varied clientele and deep legislative knowledge. Department head Gareth Oldale is equipped to handle the full gamut of the sector, from dictating responses to cyber attacks to supporting clients with data protection impact assessments. The team stands out for its comprehensive understanding of the Information Commissioner’s Office and its procedures. Other key team members include Louisa Williams, who leverages extensive public sector expertise in her practice, and Chris Elwell-Sutton, who clients praise for his ‘expertise and attention to detail’.

Under the leadership of the ‘approachable and knowledgeable’ Patrick Rennie, the data privacy practice at Wiggin LLP has an established presence in the media and entertainment industries, and has also recently been building upon its position in the sport sector. Rennie is well known in the market for the legislative compliance advice he offers, but he has recently assisted with data subject access requests, privacy notice drafting and intra-group transfers. The team, which also includes Christina Henry and Siobhan Lewis, has strong litigation capabilities as well, having recently acted in a landmark case relating to data held by betting companies.

Bates Wells has strong capabilities as data protection advisors to clients in the charity, artificial intelligence and public sectors, under the stewardship of Eleonor Duhs. Duhs uses her prior experience in government to advise on GDPR compliance and other legislative matters. Her expertise also extends to data protection impact assessments and data subject access requests. Rayhaan Vankalwala  impresses with his ability ‘to understand the wider non-legal commercial, press and reputational issues involved’.

BCL Solicitors LLP is knowledgeable about data protection legislation and is actively involved in the legal development of the sector. The team is jointly led by Michael Drury CMG and Julian Hayes, who are regularly instructed to advise on multijurisdictional matters for large tech corporations, government entities and high-net-worth clients. Drury is a cybersecurity expert, while Hayes is noted for his capabilities in ransomware investigations and crisis management.

Bryan Cave Leighton Paisner draws on the firm’s wider international presence to offer clients assistance with an array of data protection matters across multiple jurisdictions and markets. The team is particularly well-versed in aviation matters, ranging from regulatory mapping to advising clients on protocols that ensure their legislative compliance. The team is spearheaded by Geraldine Scali, who is equipped to advise on digital subject requests, risk management and Information Commissioner’s Office procedures. In October 2024, Kate Brimstead left the firm.

Charles Russell Speechlys LLP  is trusted by both domestic and international clients on a broad range of data protection and cybersecurity matters. Under the leadership of Janine Regan, the team has a strong advisory offering and can advise on subject access requests and legislative compliance. Regan is noted for her capabilities in international data transfers. Rachael Muldoon, a January 2025 arrival from Maitland Chambers, bolsters the team’s contentious capabilities.

Mark Williamson, Ian Birdsey and Helen Bourne jointly chair the ‘extremely conscientious and laser-focused’ data protection practice at Clyde & Co, considered a point of reference in the sporting and manufacturing sectors. Williamson ‘really knows and understands the law’ and is able to assist clients with ICO compliance and intra-group data sharing agreements. Birdsey is respected in the market for his contentious cybersecurity expertise, having advised in the aftermath of several ransomware attacks. Bourne is an experienced litigator and is able to assist clients with the entire lifecycle of a cyber investigation.

Hunton Andrews Kurth LLP  has ‘great strength in depth for all things data privacy and cybersecurity across the UK and US’, demonstrating particularly proficiency in GDPR compliance matters, privacy programme development, and corporate transactional support. The team is led by the ‘responsive’ Sarah Pearce, who excels in regulatory investigations. James Henderson is particularly knowledgeable about Southeast Asian jurisdictions, while Jonathan Wright has repeatedly constructed global compliance programs for international market-leading commercial entities. Rosemary Jay impresses in ICO investigations and negotiations.

Lewis Silkin houses a ‘brilliant group’ that is able to advise on a wide array of data protection and cybersecurity issues for American headquartered tech companies, publishing houses and retail entities. Under the joint supervision of Bryony Long and Alexander Milner-Smith, the team has multijurisdictional policy and regulatory knowledge. Long regularly works on online advertising matters and has experience with the preparation of privacy notices and digital subject access requests. Milner-Smith’s multidisciplinary approach proves useful in cases involving employee data breaches and he is also well-versed in artificial intelligence development matters.

Mayer Brown International LLP  ‘has an excellent team of experts’ who are adept at handling AI regulatory compliance, responding to cyber attacks and engaging with Information Commissioner’s Office investigations. Department head Oliver Yaros is praised as ‘an exceptional lawyer’ and is noted for his capabilities on both the advisory and contentious side of data protection work. He is supported by Mark Prinsley, who is especially active in the manufacturing and tech sectors. Reece Randall uses his intellectual property background to adopt a multidisciplinary approach in his practice.

Sidley Austin LLP maintains an active presence in the financial services and life sciences sectors, under the supervision of William Long. The practice frequently advises on GDPR compliance, data privacy impact assessments, and regulatory changes. Long is noted for his capabilities in the creation of privacy policies and artificial intelligence governance programs, while Francesca Blythe is building a strong track record in cross-jurisdictional regulatory compliance, particularly in the pharma industry.

The data and cyber team at Taylor Wessing LLP is jointly led by Christopher Jeffery and Victoria Hordern and is rated for its data protection corporate support work and legislative compliance advice across multiple jurisdictions. Jeffrey leverages significant knowledge of UK and international regulatory regimes to advise a range of clients on the full gamut of issues. Hordern is a reference in the life sciences and healthcare markets. In February 2025, Michael Yates left the team.

As the new tech and commercial transactions department head at Travers Smith LLP, Louisa Chambers impresses a wide array of clients with her ‘thoughtful, clear and pragmatic advice’. The team’s comprehensive offering includes data security evaluations, corporate transactional support and compliance work. Chambers offers multi-jurisdictional expertise and has a particularly strong track record in the financial services and automotive sectors. James Longster is another key part of the team. In March 2025, Dan Reavill left the firm.

The data team at Womble Bond Dickinson (UK) LLP offers a ‘truly forward-thinking and reliable service’ to clients in the energy, tech and chemicals industries. Under the tutelage of Andrew Kimble, the team conducts risk assessments, responds to regulatory investigations and drafts data sharing agreements. Kimble is equipped to offer GDPR and EU legislative compliance advice. Katie Simmonds impresses with her ‘exceptional professionalism and responsiveness’, while Sarah Daun is capable of drafting complex multi-jurisdictional data processing agreements.

Addleshaw Goddard places a strong focus on complex data protection advisory work, ranging from subject access requests and outsourcing arrangements to software licensing arrangements and international data transfers. Under the supervision of Helena Browne in Edinburgh, the team maintains a strong market presence in the retail, energy, F&B and manufacturing sectors. He is supported by Ross McKenzie in Aberdeen and Claire Edwards in Manchester. In July 2024, Nathalie Moreno left the firm.

Under the tutelage of ‘outstanding professional’ Guadalupe Sampedro, the data protection team at Cooley (UK) LLP offers comprehensive advice to global commercial entities, especially those in the artificial intelligence, public and tech sectors. The dual-qualified Sampedro is an authority in the fintech space and is equally equipped to advise on the full gamut of the sector. Bryony Hurst, a 2024 arrival from Bird & Bird LLP, is reputed for her depth of expertise in regulatory and contentious matters.

Covington & Burling LLP stands out for its deep legislative knowledge, which the team uses to assist clients in remaining compliant across multiple jurisdictions. Mark Young is particularly well known in the tech and pharma sectors and has been involved in several significant cybersecurity investigations in England and the EU. Lisa Peets is building a strong reputation for her AI expertise. Claudia Berg joined the firm from the Information Commissioner’s Office in January 2025.

Phil Lee is considered a ‘guru of privacy and now AI law’, which he leverages as head of the privacy, AI and digital regulation practice at Digiphile. The team boasts several market-leading American tech corporations as part of its client base, and is equipped to advise on data protection impact assessments and data processing agreements. Lee has recently assisted clients with GDPR compliance issues, ICO investigations and internal data protection training.

Farrer & Co is well known in the media, education and sporting sectors and offers clients a broad data protection service on both the contentious and advisory side. The team is led by the capable trio of Alan Baker, Ian De Freitas and Owen O’Rorke. De Freitas is a dispute specialist who was recently successful in a case involving data ownership and usage in a supply chain. O’Rorke has experience defending subject access request claims, while Baker focuses on GDPR compliance and data audit projects.

Freeths LLP is praised by clients as an ‘excellent firm’ for its data and information practice, which advises on novel tech matters, crisis management and disputes. It is particularly well known in the retail and financial sectors. The team operates under the supervision of Luke Dixon, who excels in advisory work, while Will Richmond-Coggan forms the bedrock of the practice’s contentious offering. He is adept at handling mass group litigation claims.

Gowling WLG is considered a go-to firm for government departments, public sector entities and international corporations on a variety of data protection issues. The team, which is jointly spearheaded by Jocelyn Paulley and Loretta Pugh, frequently advises on data sharing agreements, prepares internal governance documentation, and advises on broader cybersecurity problems. In Birmingham, Paulley frequently conducts Data Protection Impact Assessments and cybersafety reviews. Pugh, who joined the team from CMS in October 2024, is praised as a ‘real asset to the team’.

The data protection team at Mills & Reeve LLP is led by the capable trio of Helen Tringham, Paul Knight and Peter Wainman. The practice is prepared to offer GDPR compliance advice, construct data sharing agreements and prepare responses in the aftermath of ransomware attacks. Kang is praised as a ‘brilliant lawyer’ and is noted for his capabilities in international data transfers.

Orrick, Herrington & Sutcliffe (UK) LLP is home to an experienced cyber, privacy and data innovation practice, which boasts AI start-ups, international technology conglomerates, and financial services institutions as part of its client base. Department head Alex Sobolev frequently advises clients across multiple jurisdictions on privacy compliance, GDPR obligations, risk management and internal policy reviews. Adele Harrison and Anna O’Kelly are key members of the team’s contentious and regulatory offering. In September 2024, Kelly Hagedorn left the team.

Pillsbury Winthrop Shaw Pittman LLP excels while advising clients on data transfer issues, breaches and legislative compliance. Steven Farmer leads the team and is described by clients as ‘extremely knowledgeable and resourceful’. He has a strong track record in the health tech space and is well equipped to advise companies on their obligations under the Digital Operational Resilience Act (DORA). Scott Morton has multi-jurisdictional experience and strength in cybersecurity matters.

AWO houses a strong contentious data protection team, having recently been involved in several claims for a broad range of key stakeholders. The team's 'amazing leader’ Ravi Naik has a background in human rights and is recognised for his strength in the digital tech space. The team also includes the ‘intellectually robust’ Alex Lawrence-Archer and the ‘extremely impressive’ Lucie Audibert.

The ‘highly attentive’ data, privacy and cybersecurity practice at Goodwin has a notable emphasis on artificial intelligence matters, assisting clients with legislative compliance. The team is jointly led by Gretchen Scott, who recently advised a domestic commercial entity on drafting data protection agreements for its subsidiaries, and Curtis McCluskey, who is adept at constructing and implementing privacy notices. Lore Leitner left the firm in July 2024.

The ‘nimble, responsive and practical’ information law team at Kingsley Napley LLP is recognised for the assistance it provides to clients, particularly those in the public and education sectors. Under the ‘calm, competent leadership’ of Emily Carter and Melanie Hart, the team offers GDPR advice and assistance in tribunal proceedings. Hart is equipped to build cyber response strategies for clients, while Carter is strong on the non contentious side. In April 2024, Adam Chapman left the firm, and in December, Chris Perrin joined from Spencer West LLP.

Leigh Day is committed to offering individuals support in the aftermath of data breaches that have impacted utilities companies, public authorities and retailers. Department head Sean Humber is often instructed to act against government departments and has acted in several class actions, particularly in those related to the healthcare sector. Gene Matthews has a background in human and consumer rights law.

Paul Hastings LLP

Penningtons Manches Cooper LLP

Pritchetts Law houses a data protection team which is proficient in cybersecurity and artificial intelligence mandates. The team is under the joint supervision of Stephanie Pritchett, who is adept at offering regulatory compliance and data protection advice, and Ben Wootton, who is well-positioned to conduct DPIAs.

PwC LLP stands out for the advice it offers on data breaches, legislative compliance and subject access requests. The team, which is led by the ‘highly skilled data protection lawyer’ Chris Cartmell, is active in the financial services, commercial and public sectors, working on projects in multiple jurisdictions. Cartmell frequently advises clients on cybersecurity matters and is noted for his specific knowledge of South East Asian markets. Stephanie Baker and Lucas Saric are key members of the team.

The data privacy and cyber practice at Slaughter and May is prepared to advise on multijurisdictional cyber breaches, data concerns related to commercial transactions and international data transfers. The team is led by the capable trio of Rebecca Cousin, noted for her capabilities in M&A matters, Richard Jeens, who spearheads the team’s contentious offering and Rob Sumroy, who excels when offering clients risk management and cyber preparedness services.

Squire Patton Boggs is particularly active in the automotive, sport and life sciences sectors, under the supervision of David Naylor. The team regularly handles matters relating to artificial intelligence regulation, data breaches and cybersecurity in multiple jurisdictions. Naylor is praised by clients for his ‘great experience’ in corporate data protection advice, due diligence and contentious disputes. Based in Leeds, Francesca Fellows brings additional strength and depth to the practice.

In Guildford, Stevens & Bolton LLP offers ‘agility and strategic foresight’ in its data protection practice, assisting clients in the hospitality, tech and automotive sectors. The ‘pragmatic’ team is led by Beverley Flynn, who frequently advises on data issues related to artificial intelligence, legislative compliance and ad tech. Gary Parnell is adept at multi-jurisdictional data transfer matters and GDPR issues.