Sign up for the Freshfields TQ digest
Data and cyber
Cyber attacks, data breaches and litigation
We advise on the largest and most complex data crises, and are one of only a handful of firms in the world to have managed a major data breach since the advent of the EU’s General Data Protection Regulation (GDPR).
This experience gives us unrivalled insight into how regulators think, what they look for in their investigations, how they calculate fines and what remediation measures they expect.
Our global team of data attorneys, litigators and investigations lawyers know how to respond to an attack in a way that will manage your exposure, position you to defend follow-on litigation and help you quickly rebuild consumer and stakeholder trust.
We track data privacy developments globally - including the strength of different authorities’ statutory powers, their likelihood of taking action and the associated class action risk – so when you suffer a breach we can immediately pinpoint where you need to focus your energy.
Our cyber attacks, data breaches and litigation insights
Ransomware victims beware: UK & US tackle ransomware with first multilateral sanctions and UK victims’ reporting guidance
The coordinated designation of individuals under both the UK and US cyber sanctions regimes, in an effort to combat ransomware attacks, highlights the importance for the victims of ransomware attacks…
And we’re off!: Updated California Consumer Privacy Act regulations near the finish line, with invitations to comment on further rulemaking
The California Privacy Rights Act (CPRA) significantly expanded the California Consumer Privacy Act (CCPA) as of January 1, 2023, but companies are still awaiting the updated regulations. On Friday,…
Security vs. convenience: EBA clarifies application of Strong Customer Authentication for Digital Wallets
It's been a while since strong customer authentication (SCA) has been in the spotlight. For those who do not immediately remember what SCA is about: the rules for SCA aim to reduce fraud and make…
China’s TC260 issues revised guidelines on cross-border processing of personal information certification
Following a consultation, the National Information Security Standardisation Technical Committee of China (colloquially known as ‘TC260') has issued version 2.0 of the Cybersecurity Standard Practice…
Our cyber attacks, data breaches and litigation experience
Advising Marriott, the US hotel chain, on the global coordination of its response to its Starwood database security incident.
International travel operator
Advising an international travel operator following the loss of customer and business data
International investment fund
Advising an investment fund on a cyber attack, including working with criminal, data protection and industry regulators in the UK and Germany.
Meet the team
Rachael Annear Counsel
Richard Bird Partner
Georgia Dawson Senior Partner
Brock Dahl Data privacy and security, Head of U.S. Fintech
Washington, DC, Silicon Valley
Geoff Nicholas Partner
Norbert Nolte Partner
Giles Pratt Partner
Rhodri Thomas Partner
Dr. Christoph Werkmeister Partner