Mid-Senior Level Digital Regulation, Data Protection and Cyber Security Lawyer (Tech/Digital)

Company Description

Who we are

We are one of the largest international law firms in the world. With over 30 offices across the globe, we strive to exceed the expectations of our clients, providing them with the highest-quality advice and legal insight, which combines the firm’s global standards with in-depth local expertise.

Our firm, work and people span jurisdictions, cultures, and languages. We offer our clients a truly international perspective. We believe every career should be rewarding and stimulating - full of opportunities to learn, thrive, and grow. That’s why we’re so proud of our inclusive, friendly, and team-based approach to work.

You’ll find our clients in commercial and industrial sectors, the financial investor community, governments, regulators, trade bodies, and not-for-profit organisations. But no matter who they are or why they’ve reached out to us, we provide a world-class service every step of the way. And that’s possible thanks to the entrepreneurial spirit and conscientious approach to work that you’ll find across all of our teams.

Whichever area of the business you join, you’ll become an integral part an innovative, diverse and ambitious team of people. Clifford Chance is a place where the brightest minds and the best of colleagues meet.

Group overview

Clifford Chance's London Tech//Digital Group sits within our London Corporate Practice. Recognising that technology underpins every aspect of business, significantly impacting business models, growth strategies, and day-to-day decisions, our team looks after the evolving needs of a wide group of clients, including technology companies, corporates, financial institutions and investors spanning every sector.

Our lawyers cover a range of technology-centered issues – we tackle the most pressing legal and regulatory issues impacting technology implementation and use in business on a global scale, including digital regulation, artificial intelligence, data privacy and protection, cyber and information security, and tech public policy. We also lead on tech M&A, business process and IT outsourcings, telecommunications, complex technology arrangements and business separations.

Our group is  market-leader in providing innovative solutions to both the tech industry and across the range of other sectors to which we provide legal support. We have substantial global resources, with dedicated Tech//Digital teams and a global cross-practice Tech sector focused group.

Below is a sample of our recent mandates:

Data Protection and cybersecurity

• Advising various global clients on ongoing compliance programs in relation to the EU and UK GDPR, NIS/NIS2 Directive, ePrivacy Directive/PECR, and eCommerce Directive. This includes programmatic data protection advice on new products and services, reviews of lawful bases, data protection impact assessments, data retention and transparency.

• advising on the design and implementation of a global tech, data and cyber security strategy, including managing data protection compliance projects across Europe, the US and APAC, with a focus on data retention and international transfers

• Supporting a US-headquartered technology company with global, follow-the-sun data breach and cybersecurity incident response across critical markets, including incident assessment and notification, coordinating forensics reviews, senior management support, public relations and communications, legal documentation and regulatory engagement through to case closure.

• Advising on a global framework for cyber incident response, proactive and reactive customer and regulatory engagement in key markets, including global regulation and risks dashboards, incident run-books and support with ongoing remediation measures.

• Supporting a global mining corporation with cyber incident response during a supply chain ransomware attack, involving notifications to regulators across 20+ jurisdictions and management of follow-on regulatory engagements

Digital Regulation

• Advising a US headquartered technology company on strategic, regulatory, compliance and public policy advice on emerging European digital regulation including the Digital Services Act, Digital Markets Act, Online Safety Act, Data Act, Cyber Resilience Act, Digital Operational Resilience Act and AI Act.

• Advising a selection of global technology companies on the applicability of the EU Digital Services Act, including key criteria, compliance requirements and regulatory engagement options, during a period of heightened regulatory interest

• responding to a US headquartered Fortune 100's RFIs and enforcement action relating to existing and emerging data laws such as the EU AI Act and Online Safety Act

Artificial Intelligence

•  advising a global automotive manufacturer on its AI risk management and oversight framework globally, including in the UK, EU, US, China and other countries where it operates.  Our role is broad and global, including regulatory, policy, privacy and data protection, contract, commercial, IP/copyright, governance, and risk and compliance considerations.

•  advising a U.S.-headquartered technology company on a range of business critical global and regional AI law and policy instructions. Our mandate covers full-circle advice to senior European and global legal leadership on the development and deployment of new AI products and services, proactive government and regulatory policy engagement, compliance programs for new and existing AI laws, high-value tech contracting and cross-border incident response

• Advising a Fortune 500 global PC business on the development of a negotiation handbook for their global in-house legal teams to use as a tool during the negotiation of AI service contracts, ensuring that the legal teams are well-equipped to handle the unique challenges these contracts present.•  providing comprehensive AI support, including responding to policy consultations, designing AI transparency and risk management frameworks and advising on AI contracting strategies and compliance with global regulations

•  Working with a global investment firm on the development of frameworks for the firm and its portfolio companies to engage with and develop AI systems.

Regulatory Engagement and Public Policy

• Strategic and compliance advice in relation to EU/UK AdTech law and guidance, including the ePrivacy Directive, EDPB and GDPR supervisory authority guidance and European Commission voluntary proposals.

• Public policy, regulatory engagement and compliance advice relating to children's rights and e-safety codes of practice, guidance and legislation in the UK and Europe, including the ICO's Children's Code, DPC Ireland Guidance On Processing Children's Personal Data and proposed EU-wide guidance on children's privacy.

• Horizon scanning and strategic legal advice in relation to global data protection and cybersecurity laws, including telecoms and cloud computing, artificial intelligence, digital infrastructure and online safety.

Job Description

The role

Who you will work with

As a key part of the London Tech//Digital strategy, you will help support our banking, financial investor, corporate and technology clients.  You will work in a close-knit London TechDigital team (of data privacy and digital regulation,  IT/outsourcing, telecoms and M&A specialists), co-ordinating efforts across the Firm on strategy, client/business development and thought leadership. You will often work as part of cross-border and interdisciplinary teams to advise on strategically important matters, ensuring compliance with local laws and business requirements.

What you will be responsible for

As an associate or senior associate in our leading practice, you will work at the forefront of the market across a diverse range of technology-focused work including:

• Designing and implementing regulatory compliance programmes for compliance with incoming digital regulations, including the EU Digital Services Act, Digital Markets Act and the Data Act.

• Advising on AI governance, compliance with AI regulation and the adoption of generative AI, LLMs and other AI products.

• Assessment of lawfulness of new products and services, including conducting data protection impact assessments.

• Designing and implementing data transfer strategies, both on an intragroup basis and to third parties, including designing and conducting risk assessments in relation to the adequacy of appropriate safeguards.

• Advising on the prevention and management of cyber incidents, regulatory enforcement proceedings and any related disputes.

• Advising clients in relation to the exercise of data subject rights.

• Supporting clients on data protection issues in relation to corporate transactions, including working on due diligence and drafting data protection warranties and indemnities.

• Drafting and reviewing strategic commercial, IT, AI and software agreements.

• Advising on regulatory engagement, consultations, inquiries, enforcement involving UK, EU and other international regulators.

• Developing relationships with clients and actively engaging in business development and thought leadership initiatives and seeking out opportunities for new work.

• Drafting legal documents clearly and concisely, creating solutions using legal knowledge and commercial judgement to advise and support leading multi-national corporates.

Qualifications

Your experience

• You will have a solid background as a mid to senior level lawyer within the Tech and Data space, probably gained at a leading global with a highly regarded profile. 

• You will have an outstanding academic history and proven first rate legal skills, combined with a strong reputation amongst existing clients for providing practical, commercial solutions, excellent analytical and managements skills, and be recognised as a lawyer that is sought out by existing clients.

• If you have more senior experience, you will be expected to demonstrate both specific (and preferably high value) experience managing client mandates.

• You will naturally be able to demonstrate excellent document drafting skills. You should demonstrate strong communication and analytical skills along with a high level of commercial awareness.

• You will need to demonstrate that you can thrive in a team with high professional standards and a flexible client-friendly commercial approach. You will have had strong exposure of collaborating with multi-jurisdictional and multi-disciplinary teams.

• It is crucial that you can demonstrate an appetite for business development, client relationship management and thought leadership.

How we will support you

From your first day with us, you will have varied opportunities to continuously grow and development your skills and knowledge. From formal (internal and external) training, coaching and mentoring through to skills-based and technical training and on-the-job learning.

• You will be working for a firm and team which is ranked #1 in Tech and Data.

• You will be working with a broad range clients and the Firm's other teams and practice areas, not only in London, but across the globe.

• You will have exposure to work in often complex, high value matters that frequently headline in the financial and business press, and also involving emerging markets and technologies.

• You will have extensive client contact both as part of your daily working routine but will also have the opportunity to develop client contacts through organising training, seminars and events for our key clients.

• You will develop an unbeatable multi-disciplinary skill set as well as client-facing skills whilst working with some of the best-known market leaders in their respective practice areas.

• We will provide the opportunity for you to develop as a recognised practitioner in the field.

Additional Information

Hybrid Working

This role follows our 'balanced' hybrid working approach and as long as business needs allow, you will be supported to work in a hybrid way with the expectation of working from the office for a minimum of 50% of your time.

What we offer including our broad range of benefits and working environment

When you join Clifford Chance, you will have access to a broad range of benefits to support you across many aspects of your personal and professional life including financial, wellbeing, lifestyle, and family friendly benefits. For more information on what we offer specifically in the UK, please visit our What We Offer page on our career site.

Equal opportunities statement

At Clifford Chance, we understand that our true asset is our people. Inclusion is good for our team and their families, our firm and society.

We are committed to treating all employees and applicants fairly and equally regardless of their gender, gender identity and expression, marital or civil partnership status, race, colour, national or ethnic origin, social or economic background, disability, religious belief, sexual orientation, or age.  This applies to recruitment and selection, terms and conditions of employment including pay, promotion, training, transfer and every other aspect of employment.

We have a variety of flourishing employee networks. These networks are a place for colleagues to share experiences and advocate for change wherever they see an opportunity for improvement.

Our goal is to deliver an equality of opportunity, an equality of aspiration and an equality of experience to everyone who works in our firm.

Find out more about our inclusive culture here.