Milbank advises some of the world’s leading corporations and financial institutions on data privacy and information security. We have a wealth of experience in privacy and information security regulation, and advise clients on a wide range of matters, including privacy and security policies and audits, employee and customer privacy issues in multi-jurisdictional outsourcing transactions, international data transfer arrangements, security breach response and the development of new products and services.
We have assisted numerous clients in navigating the increasing - and increasingly complex - body of legislation affecting how multi-national organisations collect, manage and monetise personal data. Our expertise covers everything from advising on privacy issues at national level to representing clients on global projects and compliance programs.
Examples of our work in this area include:
- Advising a global service provider on joining the US Safe Harbor program, including the development and implementation of its global privacy policies
- Advising a major global corporation on data privacy issues arising from the implementation of cloud computing services throughout its enterprise, including on dealings with data privacy authorities in several EU member states
- Advising a leading global financial institution over several years on data privacy issues involving customer and employee personal data, including the development of privacy policies and outsourcing of a wide range of data processing services
- Advising a global travel services firm, a global engineering firm and several other clients on data privacy issues arising in the development and roll-out of global human resources information systems
- Advising numerous corporations and financial institutions on data privacy issues arising in information technology and business process outsourcing transactions, including the implementation of international data transfers
- Advising a number of major corporations and financial institutions on response to security breaches involving unauthorised disclosure of personal data
- Advising several clients on online data privacy issues, including website privacy policies, user profiling and compliance with the new EU rules on website cookies
- Advising a number of clients on data privacy issues arising from disclosure requirements in multi-jurisdictional litigation and regulatory investigations
- Advising a leading global securities exchange group on data privacy issues arising in relation to its dealings with global regulatory authorities
