Practice Expertise

  • Cloud Computing
  • Commercial Contracting and Sourcing Support
  • Commercial Contracting and Contract ...
  • Corporate

Areas of Practice

  • Cloud Computing
  • Commercial Contracting and Contract ...
  • Commercial Contracting and Sourcing Support
  • Corporate
  • Cybersecurity Incidents
  • Data Breach
  • European Data Protection and Privacy
  • Global Outsourcing and Technology
  • Global Privacy and Cybersecurity
  • Information Technology
  • Outsourcing, Technology and Commercial ...
  • Privacy and Cybersecurity
  • Records Management
  • View More

Profile

James’ practice focuses on all aspects of data protection and privacy law and TMT issues.

James is counsel on the global technology, outsourcing and privacy team. He advises a broad range of clients on all areas of UK and EU data protection law, from general compliance issues and cross-border data transfers to cutting-edge technology issues, such as social media, online behavioral advertising, geolocation and other technology, media and telecommunications matters.

James also has experience on IT law matters, including on technology, software, e-commerce and service agreements and on outsourcing matters.

Relevant Experience

  • Conducting global data protection and privacy compliance programs.
  • Advising on the cross-border transfer of personal data, including the adoption of model clauses and binding corporate rules, and Safe Harbor certification.
  • Advising on the data protection law implications of an industry-wide fraud data sharing and detection system.
  • Reviewing and drafting internal privacy and data protection policies, including those relating to employee monitoring.
  • Advising on the adoption of a “Bring Your Own Device” policy.
  • Reviewing website and app compliance with e-privacy and cookie rules for several large corporations.
  • Providing privacy advice in connection with investments in several data-driven businesses, including carrying out data protection due diligence, drafting contractual warranties and disclosures, and developing transaction documents.
  • Drafting and negotiating IT outsourcing agreements.
  • Drafting and negotiating commercial contracts.
  • Advising several private equity firms in relation to data protection and privacy due diligence in connection with the acquisition of several technology-based businesses in the retail, ad-tech and marketing sectors.

Bar Admissions

    Education
    LLB (Hons), University College London, 2009

    Areas of Practice

    • Cloud Computing
    • Commercial Contracting and Contract Lifecycle Management
    • Commercial Contracting and Sourcing Support
    • Corporate
    • Cybersecurity Incidents
    • Data Breach
    • European Data Protection and Privacy
    • Global Outsourcing and Technology
    • Global Privacy and Cybersecurity
    • Information Technology
    • Outsourcing, Technology and Commercial Contracting
    • Privacy and Cybersecurity
    • Records Management

    Professional Career

    Significant Accomplishments
    • Conducting global data protection and privacy compliance programs.
    • Advising on the cross-border transfer of personal data, including the adoption of model clauses and binding corporate rules, and Safe Harbor certification.
    • Advising on the data protection law implications of an industry-wide fraud data sharing and detection system.
    • Reviewing and drafting internal privacy and data protection policies, including those relating to employee monitoring.
    • Advising on the adoption of a “Bring Your Own Device” policy.
    • Reviewing website and app compliance with e-privacy and cookie rules for several large corporations.
    • Drafting and negotiating IT outsourcing agreements.
    • Drafting and negotiating commercial contracts.


    Professional Associations
    • Member, Law Society of England and Wales
    • Member, The Society for Computers and Law


    Articles

    • The Role of the DPO−What You Need to Know, Privacy & Data Protection Journal, Volume 16, Issue 8
    • The draft UK SCCs for international transfers, LexisPSL
    • Data Protection & Privacy 2022, United Kingdom, Getting the Deal Through
    • The Journey to GDPR: Compliance Did Not End on 25 May, Lawyer Monthly
    • Do We Need a Data Protection Officer? (Flowchart), Thomas Reuters Practical Law
    • Data Protection & Privacy 2021, United Kingdom, Getting the Deal Through
    • Data Protection & Privacy 2023, United Kingdom, Getting the Deal Through
    • Privacy Shield invalidated and use of appropriate safeguards (including Standard Contractual Clauses) require case by case assessments (Facebook Ireland and Schrems), LexisNexis
    • Data Protection & Privacy 2019, United Kingdom, Getting the Deal Through
    • The Demise of the US-EU Safe Harbor, Privacy & Data Protection Journal, Volume 11, Issue 1
    • Cross Device Profiling — Ensuring Compliance, Privacy & Data Protection Journal, Volume 15, Issue 6
    • Data Protection & Privacy 2020, United Kingdom, Getting the Deal Through
    • European Commission’s International Data Transfer Standard Contractual Clauses: What Businesses Need to Know, Practical Law
    • Data Protection & Privacy 2023, EU Overview, Getting the Deal Through
    • Data Protection & Privacy 2020, Overview, Getting the Deal Through
    • Data Protection & Privacy 2022, EU Overview, Getting the Deal Through
    • Data Protection & Privacy 2021, EU Overview, Getting the Deal Through
    • The Proposed EU General Data Protection Regulation: A guide for in-house lawyers

    Meet our Firms and Professionals

    WSG’s member firms include legal, investment banking and accounting experts across industries and on a global scale. We invite you to meet our member firms and professionals.