Data protection

  • Overview

    Expert advice in relation to all aspects of data protection information governance, privacy, cyber liability and electronic communications.

    For many organisations information, data and especially personal data are critical to the success of their businesses. Both public and private sector organisations are collecting, holding and processing ever greater amounts of personal data, sensitive personal data and other data in the course of their day to day operations.  This valuable asset should be commercialised effectively and adequately protected.

    The UK Government is committed to upholding information rights in the public interest and protecting the privacy of individuals in respect of their personal data. In an increasingly regulated environment, organisations must be aware of their obligations under relevant legislation including the current Data Protection Act 1998, (the "DPA") and the forthcoming GDPR. The GDPR, with its more stringent rules and increased penalty regime (which may be linked to annual turnover) means that the importance of compliance will become more acute for all organisations.

    Breaches of the DPA and the forthcoming GDPR may lead to significant reputational damage for organisations. Additionally, the financial penalties that can be levied for breaches are becoming increasingly severe. Undoubtedly the future will entail an increase in the data protection compliance obligations of all organisations that collect, hold and/or process personal data as part of their operations (both home and abroad).

    Weightmans' expert team provides advice in respect of a full range of data protection and information governance related issues including:

    Data Protection and e-commerce issues

    • GDPR compliance audits
    • Access to and use of personal data
    • Cyber liability and security breach management
    • Data sharing and information sharing protocols
    • Data subject access requests
    • ICO investigations and litigation
    • Employment related issues
    • International data transfers
    • Social media and CCTV
    • E-marketing
    • Cookies and cookie policies

    We have a significant practice advising a wide variety of clients on data protection and information governance matters, ranging from sole traders to multinationals. We regularly advise major data providers on complex and technical issues in this area.

    We have particular experience advising insurance industry bodies on data issues including the set up of fraud detection services, such as databases holding detailed claims data. Recent examples include our advice provided to the Motor Insurers’ Bureau in relation to the MyLicence Project (a major data sharing project supported by the UK Government, DVLA and ABI).

    We regularly act for a wide variety of clients, both in the public and private sectors, ranging from retail businesses, to data providers, to insurers and insurance industry bodies, to healthcare providers, universities, police forces and local authorities, to providers of short term loans and automotive companies.


    Protecting personal data is key for us and we found that when working with Weightmans we were able to find watertight solutions to data protection questions in critical areas such as data sharing and data security. 
    Kaushik Patel, Head of Risk and Compliance, Motor Insurers' Bureau

    Main Contact
    The impact of the recent decision on "smash and grab adjudications"

    M Davenport Builders Limited v Greer and Another

    Thomas Collins
    Thomas Collins Partner
    An employers guide to GDPR

    What has GDPR meant for employers? We offer guidance for employers on the key issues.

    Ross Hutchison Associate

    Spreading the net on vicarious liability

    The Court of Appeal has confirmed that an employer can be vicariously liable for the wrongful acts by its employees done with the intention of harming…

    Peter Forshaw
    Peter Forshaw Partner

    "Have you had a data breach in the last six years?"

    Solicitors and Claims Management Companies advertising for personal injury claims are out of touch - these days, a privacy breach is the new 'claim…

    Mark Brenlund
    Mark Brenlund Partner

    LEGAL COMMENT: British Airways cyber attack

    British Airways has announced a 'sophisticated and malicious' cyber attack, where for 16 days hackers were able to retrieve customer data from both…

    Ed Lewis
    Ed Lewis Partner

    Damages payable by employer for preventing access to an employee’s iTunes library, AOL, LinkedIn and WhatsApp accounts

    The claimant received damages for his employer’s negligent accessing of his internet accounts.

    Roddy Macleod
    Roddy Macleod Partner

    What are the implications of the GDPR for the retail sector?

    In this era of personalised communication strategies and targeted online marketing, radical changes to data protection laws have huge implications for…

    Is your smart meter spying on you?

    Is there a risk of smart meters being used to gather digital data that could fall in to the wrong hands? Simon Colvin assesses the threat.

    Simon Colvin
    Simon Colvin Partner

Share on Twitter