Colin is a Managing Associate in our Cyber, Privacy and Data Innovation practice, based in London.

Working with clients particularly in the technology and data-rich sectors, Colin advises on data privacy and cybersecurity matters including cross-border transfers; data breach, cyber-incident response and regulatory investigations; privacy impact assessments and audits; global compliance strategies; and data governance matters.

In particular, Colin regularly advises clients with their commercial activities which involve utilizing and exploiting data, and personal data, on a large scale. This includes drafting and negotiating agreements, including data processing and data sharing agreements and identifying and advising on legal and regulatory risks.

Colin helps clients address their privacy and consumer protection obligations as they relate to direct marketing activities, profiling, online behavioural advertising and the use of cookies and similar technologies.

Colin also has experience in M&A and capital markets transactions, assisting deal teams by advising on privacy, data protection and other deal-related requirements.

Prior to joining Orrick, Colin worked for a U.S. regulatory consulting firm, supporting clients with regulatory issues relating to data privacy, cybersecurity and antifraud.

    • Advised clients from various sectors on conducting privacy impact assessments and data privacy audits involving customer and employee data.

    • Advised a global financial services company on a group-wide programme to address the requirements of the General Data Protection Regulation and to secure Binding Corporate Rules.

    • Advised a banking client on compliance and risk aspects of its international data transfers and vendor management procedure.

    • Advised clients from various sectors on the data privacy risks of major technology and business transformation programmes.