Philip is a Senior Associate in Osborne Clarke’s dispute resolution team, with expertise in cyber security and technology disputes. He is part of Osborne Clarke’s international team of specialist data, technology and disputes lawyers.

Philip is an expert on contentious privacy and cyber security issues and advises clients on cyber security incident response, including investigations, regulatory issues, litigation, and risk and reputation management strategy, in the immediate (and longer-term) aftermath of cyber security incidents.

Immediately following any cyber security incident, he assists clients to urgently investigate what has happened, take remedial steps, manage any media crisis, deal with regulatory and customer notifications, and liaise with law enforcement.

He also advises in relation to both offensive litigation against those responsible for a cyber security incident and defensive action where clients face claims for loss or damage following an incident. His advice encompasses all stages of the dispute life cycle, from advising on resolving issues commercially before a dispute crystallises, through methods of alternative dispute resolution to advising on litigation and arbitration strategy. This often includes high-value technology and commercial disputes in the English High Court.

Helping you succeed in tomorrow's world

I have a keen interest in technology, data and systems, helping business to respond to and recover from cyber incidents and advising in relation to contentious data protection issues.



Advising a household name retailer in relation to incident response following a data incident which affected data subjects in multiple European jurisdictions.

Software company

Advising a large international software company in relation to incident response following a ransomware incident affecting its international operations.


Advising a retailer in relation to the defence of hundreds of data protection claims following a data incident.

Medical services provider

Coordinating advice across 57 jurisdictions for a medical services provider that had suffered a data incident.