Today’s rapidly evolving technologies have made it easier than ever for companies to collect, use and transfer data throughout the world. The regulation of data has expanded, imposing complex and often inconsistent privacy and data protection standards. At the same time, the legal and business risks associated with non-compliance have escalated. We advise multinational companies on all aspects of data privacy, security and information management, including:

Global privacy and data protection

Our global privacy practitioners understand the interplay of privacy requirements with labor and employment laws, consumer protection laws and other local laws. We advise on privacy policies, data storage, retention and destruction, privacy complaints and investigations, disputes, data access requests and transfer and disclosure agreements. We also conduct multi-jurisdictional reviews of the collection, use and transfer of data.

Data security

Our team helps companies understand how to manage data security from a legal, technical and reputational perspective. We advise on investigations in the event of personal data breaches and handle mandatory notifications to data protection authorities and affected individuals. We also help clients navigate local laws that often require remediation to prevent future breaches and manage the legal and reputation impact of these incidents.


By adopting BYOD policies, companies can improve compliance, flexibility, data security and cost efficiencies. We make sure clients have the right policies in place to mitigate the risk of data loss and other data security considerations related to personal mobile devices and company-issued equipment.

Privacy issues for financial institutions

We have extensive experience helping financial institutions comply with global privacy and data security requirements, advice that is crucial for navigating the current “perfect privacy storm” environment of more data, more regulation and more enforcement at a global level.