Data

Data

Overview
Data Theft
GDPR and Data Protection
Virtual Data Protection Officer

Protecting, controlling and leveraging your most valuable asset

Today data protection and information rights are integral to the lives of businesses and individuals. Barely a week goes by without a data or privacy story hitting the headlines. The advent of General Data Protection Regulation (GDPR) in 2018 requires businesses to understand its implications and comply with its rules. Failure to satisfy regulatory requirements can be a threat to any business. At the same time data breaches have become almost everyday news. However, with the right advice you can take issues of diversity, reputation, flexibility and regulatory risk and turn them into competitive advantages.

Key Services

We use Artificial Intelligence (AI) and other technologies to continually improve the level of service we deliver to our clients and meet their changing needs:

  • We were the first major UK law firm to launch an in-house eDiscovery business, MDR Discover. Using machine learning we review documents in a fraction of the time that armies of paralegals require.
  • Our Cyber Intelligence team, MDR Cyber, has developed proprietary tools that scrape the internet for connections that human analysts might take weeks to uncover. This saves our clients money and allows our lawyers more time to develop winning strategies.
  • Our Real Estate team uses data manipulation tools which automatically pull data from public sources, including the Land Registry and Companies House.

Our incubator, MDR LAB, has now run for three seasons and invested in several of the participating companies. Ping, for example, has used data analytics to completely overhaul our time recording system and give clients greater visibility on how money is spent.

With this experience and expertise we are able to offer a range of services that cover any client's data needs:

Cyber security

Our in-house cyber security consultant and data protection experts work closely alongside our data theft lawyers and reputation management specialists. With backgrounds in management consultancy and cyber security, our team helps clients to identify their cyber risks, protect against them and give a greater degree of assurance that these risks are being properly managed, from both a technical and operational standpoint.

Data theft, Confidential Information & Trade Secrets, Investigations

A company's confidential data, whether a database of client information, key financial information or trade secrets, is one of its most valuable assets. It gives the company a competitive edge in the market. Yet its misappropriation and misuse can provide a competitor with a significant and unfair advantage. Confidential data can be extremely vulnerable to theft and misuse. Our team of data theft specialists has 15 years' experience advising on and litigating high profile data theft cases, and is made up of experts from our fraud litigation, white collar crime and employment groups.

Reputation Protection

Digital technology allows publication of sensitive or damaging information to the world at large, and this can often happen unnoticed. Once sensitive information has been picked up by the media or spread online, an immediate response is vital to minimise its potential damage. 

But crisis management alone is not enough. We prepare strategy in advance, implement it swiftly and robustly when needed, and provide damage limitation advice during and after a crisis. We also have extensive experience of working with in-house teams to provide ongoing reputation management strategies.

Data Protection & GDPR

To us regulatory risk is not a cost that should simply be written off. It is something that can be managed and actually turned to your advantage. Of course, compliance with the GDPR regime is essential. With penalties for non-compliance having risen sharply, proper judgement and systems must be applied to data collection, and if data is lost, rapid notification is critical. Remember the risks of non-compliance are not only financial but reputational.

However, data is also a strategic issue. Choosing what data to collect, how to use it, and how to protect it can bring great benefits. The value of a business can be greatly increased by good data practice. We advise our clients on how best to achieve their strategic objectives while complying with an evolving regulatory regime. We highlight gaps in compliance, explain how to implement the requisite policies and procedures, resolve incidents and repair reputations.

Read more about our approach here.

Data strategy and analytics

Our in-house data strategy unit, led by UCL and Cambridge fellow Dr. Alastair Moore, provides data-focused support to businesses across a wide range of sectors. Working with data is a key way to acquire new knowledge, which, by asking the right questions, can then be turned into insight which can in turn unlock increased value within your business. Maintaining active ties with academic partners ensures our team are up to speed with the very latest in data management tools.

Employee data

Employers hold vast amounts of data on their employees, from salaries and bank details to personal information and medical records. Used correctly this data can enhance business outcomes; to ensure diversity – whether of age, race or ethnicity - or to measure and improve any gender pay gap. However, data can pose a considerable risk to employers if managed incorrectly. We advise clients on how to minimise risk by adopting the right practices and data management strategies, and we train staff to ensure compliance.

Customer data

We advise clients on the rules relating to marketing and how to collect, hold and use customer data.

Work highlights

Work highlight

Assisting clients

Assisting clients in their dealings with the Information Commissioner's Office in connection with potential enforcement action, and in handling subject access requests and refusals to supply personal data, by or to our clients

Work highlight

Online gaming business

Representing a major online gaming business on its multijurisdictional data protection compliance obligations and its handling of personal data in the context of the Data Protection Act, gambling regulation and historic player terms, and under GDPR, as well as on its direct marketing 

Work highlight

Advising an investor

Advising an investor corporate on handling difficult subject access requests made by directors of a hostile target business

Work highlight

Pharmaceutical company

Acting for a pharmaceutical company whose processor suffered a data hack and advising on notification and other GDPR matters

Work highlight

Lloyd v Google

Acting for Richard Lloyd as representative claimant against Google in respect of the 'Safari Workaround', which enabled Google to access iPhone users' surfing histories to serve targeted adverts 

Work highlight

Claimant taxpayer

Advising a claimant taxpayer on a disputed subject matter access request made to HMRC, resulting in his gaining considerable understanding of the internal file structures and processes adopted

Work highlight

Commodities wholesaler

Representing a wholesaler in the commodities market on local compliance considerations across some 30 countries

Work highlight

Recruitment client

Advising on multi-jurisdictional data handling arrangements for a client in the recruitment sector

Data Theft

Learn More

GDPR and Data Protection

Learn more

Virtual DPO

Learn more

Services

Sectors

Latest

Media

Mishcon Academy: Digital Sessions podcast – GDPR 2 years on

02 Jun 2020

News

Data Protection Impact Assessments (DPIAs): critical in the next phase of our "new normal"

13 May 2020

News

Jon Baines discusses the NHS COVID-19 contact tracing app in Wired

13 May 2020

News

ICO appears to announce yet further delays to BA and Marriott investigations

12 May 2020

News

COVID-19: ICO issues statement on its regulatory approach

16 Apr 2020

News

Supreme Court rules Morrisons was not liable for 2014 data breach

01 Apr 2020

News

Further delays to ICO proposed fines for BA and Marriott

31 Mar 2020

News

How to sign documents during the COVID-19 "lockdown" – a guide to signing electronically

26 Mar 2020

News

Data protection: UK Government sets out its position on "essential equivalence" between the UK and EU

25 Mar 2020

News

Data protection: solicitors' paper files were not a 'relevant filing system'

16 Mar 2020

News

COVID-19 and ICO's proposed fines for BA and Marriott

16 Mar 2020

News

European Commission announces need for AI law

27 Feb 2020

News

Are fashion brands being transparent about data?

24 Feb 2020

News

Joe Hancock comments on Huawei 5G decision

29 Jan 2020

News

Regulators begin to set boundaries for Artificial Intelligence

08 Jan 2020

News

ICO to write to all UK companies asking for data protection fee

04 Dec 2019

The Economist: America’s notorious tax-compliance law faces another challenge
News

The Economist: America’s notorious tax-compliance law faces another challenge

04 Oct 2019

Working with The Machines: 5 key things to consider when dealing with AI
News

Working with The Machines: 5 key things to consider when dealing with AI

17 Jul 2019

MPs, Lords, councillors exempt from data protection fee
News

MPs, Lords, councillors exempt from data protection fee

11 Mar 2019

Fundraising regulator refers 59 charities to Information Commissioner
News

Fundraising regulator refers 59 charities to Information Commissioner

06 Mar 2019

News

Further guidance on data transfers in the event of a no-deal Brexit

25 Feb 2019

Data protection fees and accountability
News

Data Protection Fees and Accountability

08 Feb 2019

Shaping Cities: The multichannel future of retail
News

Shaping Cities: The multichannel future of retail

18 Dec 2018

Sir Alex Ferguson's Doctors investigated for potential breach of data protection
News

Doctors at hospital which treated Sir Alex Ferguson investigated over data protection breaches

04 Dec 2018

Island of AI: Singapore emerges at the new tech frontier
News

Island of AI: Singapore emerges at the new tech frontier

25 Oct 2018

Google+: the importance of notifying users of a data breach
News

Google+: the importance of notifying users of a data breach

10 Oct 2018

The Data Revolution: transforming healthcare now
News

The Data Revolution: transforming healthcare now

04 Oct 2018

Mishcon Academy: Digital Sessions podcast – GDPR 2 years on

02/06/2020

Data Protection Impact Assessments (DPIAs): critical in the next phase of our "new normal"

13/05/2020

Jon Baines discusses the NHS COVID-19 contact tracing app in Wired

13/05/2020

ICO appears to announce yet further delays to BA and Marriott investigations

12/05/2020
How can we help you?

How can we help you?

Subscribe: I'd like to keep in touch

If your enquiry is urgent please call +44 20 3321 7000

Crisis Hotline

Emergency number:

Tel: +44 80 0260 0546

COVID-19 Enquiry

Please enter your first name
Please enter your last name
Please enter your enquiry
Please select a contact method

I'm a client

Please enter your first name
Please enter your last name
Please enter your enquiry
Please enter a value

I'm looking for advice

Please enter your first name
Please enter your last name
Please enter your enquiry
Please select a department
Please select a contact method

Something else

Please enter your first name
Please enter your last name
Please enter your enquiry
Please select your contact method of choice