Skip to content

Paula Barrett

Partner
Co-Lead of Global Cybersecurity and Data Privacy

Paula Barrett as Co-lead of Global Privacy & Cybersecurity helps clients achieve their data strategies and prevail when data or cyber incidents, regulatory or legal action arise.

Paula co-leads our Global Privacy & Cybersecurity practice. With over 20 year experience, she is ranked as a leading lawyer in this area by Chambers and Legal 500, and leads a team of more than 150 data, privacy and cybersecurity attorneys. Paula assists international clients to interprete new and existing data protection and cybersecurity laws, operationalizing their application and implementing a strategy for compliance globally. Her background in technology law makes her well-placed to help clients understand the application of data protection and cybersecurity laws in the digital environment within emerging technologies and new product development.

Her experience includes advising on breach incidents across multiple jurisdictions, high-profile breach investigations and responses, coordinating with multiple agencies and stakeholders, managing potential claims and damage to reputation, mounting challenges to regulatory enforcement and regulatory assessments/audits.

Paula's policy leadership experience includes drafting contributions to regulator guidance and standard documentation, as well as supporting trade bodies and global clients to develop sector adopted solutions and responses to emerging government or regulatory stances and proposals.

Paula works for clients across several sectors with particularly strong experience in the technology,  industrials, financial services and healthcare sectors.

 

 

Paula's experience includes:

  • assisting a global industrial business to create and maintain its international data protection compliance programme, protecting its workforce data and facilitating the post-completion integration of a major business acquisition
  • assisting a Fortune 20 technology and media client to create its global privacy incident assessment and notification approach, and its post acquisition integration of several businesses
  • assisting an industrial sector client to respond to a ransomware attack disrupting its business across 3 continents, including drafting notifications to regulators and affected individuals.
  • assisting a global client operating in multiple sectors with a wider range of data protection, from governance approaches, to CCTV, staff monitoring, background checking, biometrics, conducting legitimate interest and data protection impact assessments, and drafting global privacy notices, consents and record retention policies
  • supporting a client through a regulatory audit of its marketing data processing and assisting them to successfully challenge the draft regulatory enforcement action proposed
  • supporting a client on a very high profile international data security breach in the financial services sector, working closely with integrated team to support and manage contemporaneous investigations by multiple regulators in multiple jurisdictions
  • assisting a trade organisation to create an alternative payments mechanism for its members by assessing roles, responsibilities, legal basis for processing and documenting the appropriate contractual protections.
  • assisting aviation clients with the conduct of data protection impact assessments in relation to the deployment of new technologies
  • assisting client to create a data processing agreement it could adopt across 20+ countries.
  • assisting a global client to conduct background checks lawfully by surveying lawfulness, ability to conduct checks and compliance requirements across 90+ countries.
  • drafting data processing terms and privacy notices adopted as a template by more than 30 financial institutions
  • drafting the intragroup transfer agreement and transfer risk assessments to be adopted by an international technology business for customer and HR data
  • assisting client to understand its ability to send marketing communications to its customers by email and social media platforms in Europe and Latin America.
  • assisting the sponsor of a breast cancer research study to put in place the appropriate agreements, notices and consents with participants, sites and others to protect data.
  • advising a lifesciences client and financial services client on their respective potential secondary purpose use of existing data pools.
  • advising global financial services client on their record retention and destruction approach across multiple jurisdictions

 

Outside of client work, Paula has been quoted in various media including The Times, The Financial Times, Politico, and the Wall Street Journal, and interviewed on TV and Radio.

She has co-authored guidance on global data protection for well known knowledge platforms. 

Paula (and fellow co-lead Michael Bahar) worked alongside the @World Economic Forum and a global taskforce of data experts to develop frameworks for the potential of data intermediaries to act as a policy anchor through and around which individuals can navigate new data ecosystem models.

Paula is a regular speaker at external conferences.

 

  • Ranked lawyer (band 2) for data protection and information law (UK Wide) in Chambers UK 2022
  • Ranked as leading individual lawyer in The Legal 500 UK for Data Protection, Privacy and Cybersecurity
  • Leads Team ranked band 3 nationally for Data Protection in Chambers UK 2022
  • Leads Team ranked in band 2 London, Data Protection, Privacy and Cybersecurity in Legal 500
  • Data protection lead for the highly commended (runner-up) placement at the British Legal
    Awards in the TMT category for a deal on Internet of Things which was also
    nominated for two other awards in the same year.
  • Ranked in Chambers UK 2017, 2018, 2019
  • Ranked in Legal 500
  • Team award: Commercial Team of the year by LegalWeek The British Legal Awards Winner 2016

Paula is also a member of the International Chamber of Commerce Digital Economy Committee.

  • Qualified as Solicitor in England & Wales: 1993
  • Law Society Professional Exams: 1991
  • LLB (Hons) Law Degree:1987-90
Paula Barrett

Partner

Co-Lead of Global Cybersecurity and Data Privacy

Paula Barrett

Partner

Co-Lead of Global Cybersecurity and Data Privacy

Email