Lewis Brady

Managing Associate


Lewis focuses on pre- and post-data breach handling, investigations by domestic and international regulators (the Information Commissioner's Office) and associated litigation.

Lewis has worked on a significant number of high-profile international data breaches and regulatory investigations, and works with experts from forensics, consulting and cybersecurity to help clients respond to cyberattacks and data privacy incidents.

Although Lewis focuses on contentious incident response matters, he has experience in data protection advisory projects, and is able to assist clients in developing risk mitigation strategies and to understand the practical and organisational challenges of the GDPR and the wider data protection environment.

    • Acting for a client specialising in data insights and identity verification services in connection with a compulsory data protection audit by the Information Commissioner’s Office.
    • Acting for a client that collects and aggregates financial and credit information in connection with a data protection audit and preliminary enforcement action by the Information Commissioner’s Office.
    • Acting for a client challenging the decision of a governmental body to create a centralised database of consumers. Challenging the creation of the database on both public law and data protection grounds.
    • Providing representation to the ICO on a high-profile data breach affecting over 10 million data subjects worldwide, one of the first post-GDPR.

    Please note: Lewis' experience includes that prior to joining Orrick