In today’s digital economy, legal advice alone isn’t enough. You need solutions that flex, scale, and deliver. That’s where we come in.

Shoosmiths’ Privacy, Data and Cybersecurity team helps you build, run, and evolve your data function, from global compliance programmes to breach response and commercial strategy. We tailor our support to your business, giving you control and confidence.

Whether you need outsourced global DPO support, AI governance or crisis management, we’re here to help you stay ahead. Our team includes over 20 specialists — lawyers, ex-in-house counsel, and regulatory experts — combining legal precision with commercial insight and tech fluency. We work globally, blending sector expertise with smart technology to deliver practical, forward-thinking solutions.

We shape your privacy and data function in seven key ways:

• build: design and implement global privacy, AI, cyber and data compliance foundations
• support: day-to-day and ad-hoc support, including fully outsourced global DPO services
• optimise: turn your data function into a centre of excellence
• protect: keep your data and systems secure with expert guidance on security laws and standards around the world
• commercialise: unlock the full value of your data with licensing, IP and consultancy advice
• automate: deploy AI and automation safely, responsibly and compliantly
• resolve: navigate with confidence global disputes, complaints, investigations and crisis situations with regulators

• acted as outsourced global DPO for multinationals across leisure, advertising, real estate, tech, life sciences and retail, freeing up time and energy for business leaders
• litigated a multi-million-pound data breach dispute, managing ICO, FCA, police, and data subject notifications, protecting reputation and legal standing
• enabled over 20 Binding Corporate Rules (BCRs) applications, including the world’s first controller/processor BCR approved by the EDPB
• developed a re-permissioning strategy for a 100m-subscriber CRM database, balancing compliance with commercial goals

• negotiated training data licenses with AI vendors and aggregators on behalf of a business intelligence provider created a streamlined global CCTV request policy for a client facing operational overload
• advised a leading FMCG business on data protection and AI aspects of the migration of its e-commerce operations globally
• assisted a global automotive manufacturer monetise connected car data using privacy-enhancing technologies, unlocking pure IP income
• acted for US multinationals on their Chinese CAC applications for data transfers to the US and advised on their NIS2, DORA and CRA requirements