Alice Wallbank is Shoosmiths’ dedicated Privacy & Data knowledge lawyer, providing specialist research, training and insight on all aspects of global privacy and data protection compliance. She was formerly principal legal counsel for the cyber division of a major defence tech company, involved in advising on early AI and data projects involving novel data use, scraping, data security and supply chain control.

Alice writes regularly on emerging technologies, and is actively involved in client-side advice across many jurisdictions. She also supports the firm’s internal AI governance, including its pilot of AI-assisted tools, development of its internal policy and AI literacy training.

Alice has extensive experience advising on anonymisation and privacy-enhancing technologies, data processing for law enforcement, managing cyber risks in the supply chain, cyber compliance, and using data in AI systems..

Andrew Gallie is a Partner at VWV. Andrew leads the data protection team at VWV.  He advises on all aspects of data protection and information law including cyber security, privacy, workforce monitoring, international data transfers and subject access requests as well as requests made under freedom of information and environmental information legislation.
 
He has advised on a number of high-profile data protection enforcement matters.  Clients include a variety of public and private sector organisations, such as local authorities, charities, universities and businesses in the technology and healthcare sectors.

Andy Kimble is a Partner and Head of the Data Protection Team at Womble Bond Dickinson LLP. He advises on all aspects of data protection and privacy work including data protection audits, data security incidents, international data transfer arrangements, data sharing and outsourcing arrangements, subject access requests, direct marketing and annual data protection compliance.

He advises the Interactive Media in Retail Group (the UK industry body for the online retail industry) on data protection matters and he is a member of the Society for Computers and the Law.

He has been actively involved through the Interactive Media in Retail Group in consultations at both a European and national level on data protection legislation.

Andy leads PDP's popular training session Data Protection in the Workplace. 

Bridget Treacy - For over 20 years Bridget’s legal practice has focused on all aspects of data protection, information governance and cybersecurity issues.  Her experience is wide-ranging, having advised large corporations across a range of industry sectors on how to navigate the data protection risks of emerging technologies, multi-jurisdictional security incidents, the creation of effective privacy management programmes, and cross border data transfers.  Bridget founded the UK Data Protection team at her previous firm, and served as London Office Managing Partner. For the past 15 years she has consistently been recognised as a leading ‘Leading Individual’ in data protection by Chambers.

Bridget is the Editor of Privacy & Data Protection Journal.

Claire Hall is Partner at VWV. Claire advises organisations on all aspects of data protection. Her expertise includes information security, accountability, data sharing and data subject rights. Claire also advises on freedom of information law.

Claire's experience includes:

• drafting documentation, such as, privacy notices, policies and procedures
• advising on responses to Subject Access Requests
• advising on marketing and fundraising compliance
• carrying out UK GDPR audits
• advising on complex Data Protection Impact Assessments

Claire leads PDP's highly popular training courses Freedom of Information - Level 1, Accountability - Achieving Compliance and Marketing & Data Protection.

Duc Tran is a senior data and privacy lawyer at Herbert Smith Freehills Kramer with 15 years' experience advising clients on complex issues in this highly regulated area. Duc's experience includes advising clients on all aspects of data-related compliance, policy design and implementation, data strategy, data breach response, data retention, data analytics/profiling and the use of AI. As well as providing advice to clients, Duc is heavily involved in the firm's thought leadership, including analysis of legal and industry developments. Duc has been quoted in journals and publications (including the Financial Times) regarding data issues, spoken at numerous external events and is a regular contributor of articles to PDP Journals, including Privacy & Data Protection, and Compliance & Risk.

Eleonor Duhs is a barrister and a Partner at Bates Wells LLP in the City of London. Before working in private practice she was a UK government lawyer.

She was the government’s lead lawyer in negotiations on the GDPR.  She is an expert on the UK’s post-Brexit legal landscape, having worked in the Department for Exiting the European Union on the domestic legislation to implement Brexit, as well as the EU-UK Withdrawal Agreement and the framework for the future EU-UK relationship.

 

Emily Keaney, Deputy Commissioner Regulatory Policy, is responsible for overseeing the ICO’s policy work programme, both domestically and internationally, as well as leadership of legislative reform and the policy profession. Emily also provides ET support and oversight for the work of the ICO’s economic analysis directorate and research function, as well as overseeing the ICO's children's privacy strategy. 
 
Emily has had a long career in policy, strategy and research in a wide variety of regulatory and public policy contexts, including previous roles at the UK Regulators’ Network, Ofcom and the Institute for Public Policy Research. She has a strong interest in policy, current affairs and history and when not at work can generally be found reading history books and listening to history and current affairs podcasts.

Georgina Kon is a partner at Linklaters who specialises in all aspects of privacy, digital regulation and cyber security. She has helped many household names put in place innovative AI, privacy and online safety compliance structures, supporting them to harness the power of their data and technology safely and lawfully. Georgie also regularly advises on regulatory issues in connection with the use of innovative technology (including genAI), social listening, the Internet of Things, big data, digital health and more by global groups. Georgie co-leads Linklaters’ cybersecurity and online safety practices, and its multi-disciplinary privacy and cyber investigations teams.

Georgina is recognised as a leading individual in the Legal 500 for Data protection, privacy and cybersecurity. She is a co-Chair of the IT Law Summer School in Cambridge and a guest lecturer for the Chevening Cyber Scholars Programme. Clients describe Georgie as “pragmatic and friendly with foresight and an eye on new innovations, both technological and legal”, “technically savvy” and “professional, highly skilled and responsive” (Chambers, Data Protection and Information Law 2023).

Jade Kowalski is a Partner and co-leads DAC Beachcroft's Data, Privacy and Cyber team. She advises on the full range of data protection issues such as complex data sharing arrangements, the use of cookies, marketing and the use of artificial intelligence. She is known for her pragmatic approach to managing risk and ability to digest complex data protection issues into accessible, commercial advice. Her practical approach to problem solving and advising is highly regarded by clients.

Jamie Drucker is a Partner at Bristows. He advises clients on a wide range of privacy and data protection issues, including on the adoption of privacy strategies, assessing privacy risks in the context of new lines of business and the adoption of new technologies, notification and consent issues, individual rights requests, anonymisation, and data processing and transfer agreements.

​He has particular expertise advising clients on ad-tech compliance issues, in terms of navigating ePrivacy and GDPR requirements in the context of data collection, online tracking and profiling. Jamie also has experience in drafting Binding Corporate Rules (BCRs), both for processors and controllers, and in helping clients to navigate the complex BCR application and review process.

​Jamie also helps clients respond to data breach incidents, and defend regulatory enforcement action across Europe. He has also worked on high profile data protection litigation in the English High Court.

Kate Brimsted is a Partner at Shoosmiths and has over 20 years experience as an adviser to companies and organisations on data privacy regulation, information law and cyber security. Kate's practice includes supporting global privacy program implementation, developing international data transfer strategies, and helping operationalise responses to data subject requests, particularly complex or contentious DSARs. Her work includes assessing third-party vendors and advising on data retention policies.

In the area of cybersecurity, Kate offers breach prevention guidance, including policy updates and training for senior executives. She also leads data breach response efforts—managing regulatory filings and notifications across more than 30 jurisdictions—and provides post-breach support, such as evaluating mitigation steps and analyzing vendor liability.

Katie Simmonds is an experienced data and technology lawyer at Womble Bond Dickinson (UK) LLP.

Katie advises clients on a range of data-related issues, including data protection compliance, international data transfer requirements, advising on compliance with cookie laws and direct marketing rules and advising clients on their responses to regulatory investigations led by data protection and consumer authorities.  In parallel, Katie advises on large scale technology projects, including advising clients in distress situations and on the renegotiation of IT contracts.

Katie's particular focus and interest is how the development of emerging technologies intersects with data privacy.  Katie leads the firm's emerging technologies group and is also passionate about mentoring and the development of other women in technology, having established a digital-focussed mentoring scheme while at WBD.

 

 

Leonie Power is a Partner in the Technology and Data group in Fieldfisher, specialising in data protection and privacy law, as well as emerging AI and broader tech reg issues. She has provided strategic and practical advice on the full range of privacy and data protection issues affecting business operations over a period of more than 20 years.

Leonie supports a wide range of clients on new product development, big data analytics, international data transfers, ad tech privacy issues, digital marketing, AI systems and applications and AI governance. She also provides support in developing and managing (often global) privacy compliance programmes and in relation to other multi-jurisdictional privacy projects. Leonie's practice has spanned a wide range of businesses from start-ups to global brands, as well as public sector entities, and a broad range of sectors, including the technology, retail, media, gaming, travel, pensions, property management, ad tech, premiership football, telecommunications, life sciences and financial services sectors. In addition, Leonie is a cyber-breach specialist. She helps clients to assess risk in the context of incidents and to navigate potentially complex notification matrices.

Liz Fitzsimons is Partner at Eversheds specialising in data protection and freedom of information and EIR.

Liz helps clients with all aspects of data protection, GDPR and e-privacy, freedom of information and compliance with environmental information regulations. Her work includes strategic advice on UK wide and multi-national data privacy, including assisting clients with audits, transfer and compliance programmes and development of supporting documents, such as privacy notices and policies. Liz has also worked closely with clients on key data sharing and shared service arrangements, in relation to mergers and acquisitions, and on critical data privacy issues when outsourcing.

Liz leads PDP's popular FOI Level 2 (Applying the Exemptions) training course. She is also a Member of the Examination Board for the Practitioner Certificate in Freedom of Information.

 

Peter Given is a Partner in DAC Beachcroft's Data, Privacy and Cyber team, specialising in data protection and privacy law. He advises clients on a wide range of data protection matters in a variety of contexts, including in relation to general data protection compliance, data processing and outsourcing arrangements, direct marketing, data subject access requests, data breaches, and cross-border transfers of data.
 
Peter has previously undertaken secondments to a global US-based bank, a global US-based insurer, and a major European pharmaceutical organisation. In these secondments Peter supported the internal legal teams on data protection and privacy matters and in one secondment acted as the organisation’s interim EMEA head of privacy.
 
Peter has co-authored the Electronic Communications chapter for Data Protection – a practical guide to UK law (6th Edition, Oxford University Press).
 
Peter leads PDP's popular training courses, Data (Use & Access) Bill and Breach Management, and also regularly contributes articles to Privacy and Data Protection Journal.

Tim Hickman is a partner, based in White & Case’s London office. He leads the Firm’s global Data, Privacy & Cybersecurity practice. He advises on all aspects of data protection law and artificial intelligence (AI) regulation. He also recently led the publication of AI Watch, a global regulatory tool keeping track of AI regulatory developments around the world. Tim has a detailed knowledge of the General Data Protection Regulation (GDPR) and the UK GDPR, and co-authored White & Case's GDPR Handbook which provides in-depth guidance on the impact of that legislation, and White & Case's GDPR National Implementation Guide, which analyses national GDPR implementing laws in all 30 EEA jurisdictions and the UK.

 

Vicki Bowles is a Partner and Barrister, specialising in information and privacy law. She has been providing strategic advice on data protection, privacy, confidentiality and access to information since 2005, when working as in house legal advisor within the government legal service.

Vicki advises on all areas of data protection, including compliance (audits, policies and accountability), data subject requests, data breaches, the data protection elements of cybersecurity, corporate due diligence, requests for disclosure made by authorities such as the police or courts, international transfers and TRAs, and contractual clauses relevant to information sharing.

Other areas of specialism include the Privacy and Electronic Communication Regulations both in terms of the requirements for marketing and the collection and use of data from cookies, and the sharing and use of confidential information for the purposes of research.