The rapidly evolving area of information law covers a breadth of specialisms including GDPR/Data Protection legislation, freedom of information and cyber security.
The success of any business relies on being able to use data effectively, but in an increasingly complex regulatory landscape, and with increasing scrutiny regarding the security and use of personal information, the costs and risks of mismanaging data are significant. Getting things wrong can result in significant fines, claims for damages and reputational damage.
Our specialist information law team provides contentious and non-contentious data protection, privacy and cyber security advice to a diverse range of clients across the Scottish business community.
The team is led by Laura Irvine, one of the leading data protection and cyber security specialists in Scotland. As well as advising clients across all sectors on how to implement the changes that the General Data Protection Regulation and the Data Protection Act 2018 brought in, Laura also wrote the Law Society of Scotland’s Guide to GDPR.
The breadth of work undertaken by the team includes supporting businesses with GDPR implementation; assisting clients to deal with the aftermath of data breaches and handling the ICO; defending data breach claims from individuals impacted by a data breach; advising on Data Subject Rights, regularly dealing with unusual Subject Access Requests; developing data sharing agreements and advising businesses on how to handle requests for personal data.
We regularly advise clients on how to ensure that their marketing activities are not breaching Data Protection legislation and ePrivacy laws. We are conscious of the myths that were created by the introduction of the GDPR and we provide advice on what the law actually says, as well as looking to the future to see what changes are likely to be made to marketing regulation.
Our expertise also extends to providing advice on handling freedom of information requests by public sector bodies and for organisations who are asked to make representations to public sector bodies in relation to the non-disclosure of information they have provided.
The team routinely advises on the legal aspects of cyber security. We work collaboratively with many of the specialist cyber security firms in Scotland and provide practical advice to organisations who suffer cyber-attacks resulting in the loss of personal data on how to react and deal with the aftermath and the regulators.
