Technological change requires new responses to the use of data and protection of privacy 

Data is the raw ingredient for so many businesses, with the potential to unlock efficiency gains, power innovative business models, offer personalised, customer-centric services and create new revenue streams for commercial advantage.

However, data laws are in a state of evolution internationally, as technological change requires new responses to how data is used and privacy is protected. This shifting legal landscape can be a challenge for businesses and pose tricky regulatory and compliance issues across jurisdictions.

Regulatory clarity
With the General Data Protection Regulation (GDPR), Europe has set out a clear regulatory approach in respect of personal data, increasing  protection of individuals in the digital age and clarifying rules for companies and public bodies in the digital single market.

Meanwhile, the European Commission has progressed with its proposed regulatory regime for artificial intelligence (AI) and aims to harmonise the laws in this area across the EU, including significant GDPR-style fines for non-compliance and a proposed tiered system to categorise different AI systems and risk. 

There has been a market shift in using tech and data for environmental, social and corporate governance measures too – and the use of data can be intensive. There are rewards for businesses that can take advantage of emerging trends and the ever-growing number of nascent opportunities to make the most of their data, particularly when it comes to commercialising this resource compliantly. 

Handling complex projects
Osborne Clarke can handle substantial and complex data protection and data exploitation projects involving working across borders and offering a seamless international service, and practical solutions for pan-European and global projects. With many of our partners' drawing on experience of practising in this complex area since the 1990s and on extensive in-house experience, we can offer lawyers and non-lawyers alike practical and pragmatic solutions.

There has been a market shift in using tech and data for environmental, social and corporate governance measures too – and the use of data can be intensive."



Costim S.r.l (Chorus Life S.p.A.)

Assisting Chorus Life in designing the data flows in a strategic way to maximise collection of personal and non-personal data, mapping the processing of personal data, and drafting data processing agreements and related data clauses in the accompanying agreements.

Sony Music Entertainment

Advising Sony Music Entertainment Italy for more than 30 years on a wide range of legal issues, including privacy and data protection. We assisted Sony Music in complying with the GDPR in Italy and continue to assist on a variety of matters, ranging from the day - to -day issues to the most complex data-driven projects in the context of digital transformation initiatives.

Mail Boxes Etc.

Assisting MBE with data protection compliance in several key European jurisdictions, including MBE's franchising network, marketing initiatives websites and training activities training. We have also supported the management and definition of dataflows arising from the offer of new online services and the assessment of data transfers to jurisdictions outside the EU.


Carried out a data protection audit for Ferrero at all Ferrero companies in Germany and established a data protection policy as well as a new data protection organization. In addition, we advised Ferrero on the mitigation of the web hosting of approximately 25 product websites to the AWS cloud and several marketing activities.

Doctors without Borders

Advised on the global rollout of an integrated VSAT system and the implementation of a Health Information System.

World Compliance, Inc. and LexisNexis Risk Solutions UK Limited (as joint clients)

Cross-border: US, Antigua, Italy, UK and Venezuela we acted for World Compliance Inc and LexisNexis Risk Solutions (UK) Limited in what is the leading judgement on representative liability under the GDPR.

Wise Payments Limited

Defended the claim brought against BITMEX co-founder Ben Delo. Delo claimed that Wise violated his data protection rights by not providing various suspicious activity reports that it filed about him (and various other data) in response to a data subject access request.


Advised OncoDNA on the rollout of their AI Solution for determining optimal treatments for specific forms of cancer.