About

I am a London-based Associate in our Data, Privacy & Cyber group, specialising in EU and UK data protection law. Over the past 6 years, I have advised clients across several industries, including the pharmaceutical, media, gaming, automative, and technology industries, on the GDPR, ePrivacy legislation, UK data protection law, and the implementation of privacy programmes. I also work on projects to implement local privacy advice, most recently completing a secondment at a global car company.

Prior to joining Lewis Silkin, I worked at 2 private practice firms advising multinational corporations on complex data protection issues. My experience also includes 2 years in-house in Switzerland at an international pharmaceutical company and an international reinsurance company.

Recently, I have advised on artificial intelligence regulation, including the EU AI Act, and legislative developments in the UK, and I have also drafted AI related policies.

Experience

Data, privacy & cyber

  • Assisting organisations in navigating evolving data protection laws, including recent developments in the UK framework on AI regulation and possible data protection reform
  • Advising on and drafting DPIAs, including those involving special category data and novel technology; for example, considering the definition of 'systematic monitoring on a large scale' in the context of a video surveillance system
  • Conducting training sessions on data protection law, tailored to existing knowledge and needs
  • Providing guidance on data privacy considerations related to industry specific considerations, such as age-verification in the gaming industry, and competition law investigations, including advice on scanning employee personal devices
  • Advising on the use of data loss prevention tools

Data protection policies & processes

  • Assisting with handling data breaches, drafting breach reports, submissions to EU / UK authorities, and informing affected individuals within the relevant reporting deadlines, including swift engagement of local lawyers to fulfil other reporting obligations outside the EU / UK, where necessary
  • Guiding organisations in responses to individual rights requests, including data subject access requests
  • Reviewing and advising on privacy notices, cookies policies and consent mechanisms including advice relating to 'dark patterns', legitimate interests assessments, and privacy statements
  • Negotiating and drafting data sharing and processing agreements involving high-profile influencers, and considering controllership status
  • Drafting customised data protection policies, addressing specific issues relevant to each client; for example, considering the role of researchers for life sciences clients

Artificial intelligence

  • Addressing queries related to data protection implications arising from the use of generative AI technologies
  • Advising organisations on the implementation of AI technologies, specifically in relation to the scope of the EU AI Act and upcoming AI regulation in the UK

Services

Sectors