This "Brexit Musing" features Keily Blair and James Lloyd, who are both Partners in ORRICK HERRINGTON & SUTCLIFF's cyber and privacy group in London. They will dive into the potential effects of Brexit on companies responding to cyber attacks and the impact on regulatory enforcement off the back of such incidents.
Keily Blair heads up ORRICK's Cyber & Data Privacy Enforcement & Litigation Practice in London. Keily works with her clients as a "strategic business partner" to navigate privacy and cyber security crises to achieve better commercial, regulatory and judicial outcomes.
As a litigator, Keily has a different perspective on cybersecurity and data privacy issues. She has led the response to investigations by the UK’s Information Commissioner’s Office, the Irish Data Protection Commission, the Competition and Markets Authority, the FCA, the SFO, the U.S. Department of Justice, the FBI, the SEC and Parliamentary Select Committees. Keily has also acted as external legal counsel for privacy and financial service regulators.
On cybersecurity issues, Keily directs cybersecurity incidents and investigations across multiple jurisdictions and incident types from simple business email compromises, to enterprise-wide network intrusions and cyberattacks with national security implications. Keily has worked with national and international law enforcement and is called upon to act as external legal counsel to security and forensics firms when engaging with regulators.
In the civil arena, Keily has led on a number of high profile privacy litigation matters, including civil damages claims and collective actions following personal data breaches and privacy-related judicial reviews. She frequently counsels clients on the growing risk of privacy-related class actions and interventions by privacy advocates in the UK and the EU.
James Lloyd is a Partner in ORRICK's Cyber & Data Privacy Enforcement & Litigation Practice in London. Working with clients to navigate all aspects of international data privacy and cyber security crises to achieve better commercial, regulatory and judicial outcomes.
Bringing a unique approach to cybersecurity and privacy in the UK and Europe, James serves his clients in guiding their response to cyberattacks, data breaches and enforcement action by data protection regulators. Described by his clients as “extremely knowledgeable and can always be relied on to provide timely, pragmatic and commercial advice,” James helps them navigate the confusing and, at times, contradictory world of privacy with confidence, and support them to achieve their overall business aims and objectives.
James has led the response to significant enforcement investigations by international and domestic regulators, including the UK’s Information Commissioner’s Office, law enforcement agencies and Parliamentary Select Committees and also has significant expertise in conducting internal investigations on behalf of international corporations. Backed by extensive litigation experience, he is able to defend his clients when data privacy issues lead to litigation.