Keily heads up the Cyber & Data Privacy Enforcement & Litigation Practice in London. Keily works with her clients to navigate privacy and cyber security crises to achieve better commercial, regulatory and judicial outcomes.

As a litigator, Keily has a different perspective on cybersecurity and data privacy issues. She has led the response to investigations by the UK’s Information Commissioner’s Office, the Irish Data Protection Commission, the Competition and Markets Authority, the FCA, the SFO, the U.S. Department of Justice, the FBI, the SEC and Parliamentary Select Committees. Keily has also acted as external legal counsel for privacy and financial service regulators.

On cybersecurity issues, Keily directs cybersecurity incidents and investigations across multiple jurisdictions and incident types from simple business email compromises, to enterprise-wide network intrusions and cyberattacks with national security implications. Keily has worked with national and international law enforcement and is called upon to act as external legal counsel to security and forensics firms when engaging with regulators.

In the civil arena, Keily has led on a number of high profile privacy litigation matters, including civil damages claims and collective actions following personal data breaches and privacy-related judicial reviews. She frequently counsels clients on the growing risk of privacy-related class actions and interventions by privacy advocates in the UK and the EU.

Keily uses the insights from her regulatory practice to inform her advisory work, where she regularly advises stakeholders from legal, information security, privacy and the C-suite on a host of privacy and cybersecurity governance, risk mitigation and regulatory engagement strategies.

She is ranked as a key practitioner in data protection, privacy and cybersecurity in The Legal 500 and has represented the private sector at the United Nations and the European Criminal Bar Association. Keily also sits on the Law360's 2020 Editorial Advisory Board on Cybersecurity & Privacy and also leads the IAPP Cyber & Privacy Investigations, Enforcement & Litigation Affinity Group. Keily has represented the private sector at the United Nations and the European Criminal Bar Association. She is committed to improving diversity and social mobility in the legal sector.    

Prior to joining Orrick, Keily led the Contentious Data Privacy, Law & Strategy practice at PwC having been a litigator at two international law firms before this.

    • Acting for a client specialising in data insights and identity verification services in connection with an assessment notice and compulsory audit by the Information Commissioner’s Office under DPA 2018.
    • Acting for a client which collects and aggregates financial and credit information in connection with an assessment notice and potential enforcement action by the Information Commissioner’s Office.
    • Acting for a client in connection with a ransomware attack impacting on service availability.
    • Acting for a client in connection with regulatory and governmental interference in individual privacy rights.
    • Acting for numerous clients in respect of small, medium and large personal data breaches often involving special category data from advice on regulatory notification to potential class action liability.
    • Acting as external counsel for international regulators in respect of investigations under the GDPR and the DPA 1998.

    Please note: Keily's experience includes that prior to joining Orrick.