Published 06 December 2019

Ireland's data bar

One year on from the implementation of the GDPR, Ireland’s data protection community is thriving. The country hosts the headquarters of the biggest tech companies in the world, so data privacy firms based in Ireland have plenty to do.

Ireland’s data bar, which operates from Dublin, is mainly made up of firms with a strong domestic presence and a limited number of offices established abroad. William Fry, Arthur Cox and A&L Goodbody are the largest, with bases in California, London and Ireland. All the firms on this list have a vast international reach in relation to data privacy compliance.

A&L Goodbody

View more

 John Whelan is the head of A&L Goodbody’s commercial and technology group. He leads a team of four other principals and 14 associates. The firm gives clients pre-incident advice, assists with policy formation and helps multinationals monitor their compliance with privacy legislation and regulation. The practice has a specialised response team that deals with subject access requests and assists companies in dealing with litigation following data security incidents.

The practice has recently advised multinationals on one-stop-shop inquiries commenced by Ireland’s Data Protection Commission. It is currently assisting Airbnb Ireland in ongoing subject access request matters, and is advising the Bank of Ireland on a compliance review of its outsourcing contracts. A&L Goodbody has also advised government agency Enterprise Ireland and Liberty Insurance on aspects of GDPR compliance, such as data processing agreements, internal policies and training.

Arthur Cox

View more

Rob Corbet heads Arthur Cox’s technology and innovation practice. The cybersecurity and technology practices within that group are made up of four partners and eight associates who focus on data protection, IT and IP. The team advises multinational companies on EU data protection strategies, data breach response incidents and cyber liability issues.

The practice assists both domestic and international clients with tech transactions and contracts, including advice on cloud deployment strategies and IT disputes. The team also represents US tech companies with data protection main establishments in Ireland.

Mason Hayes & Curran

View more

Philip Nolan leads Mason Hayes & Curran’s five-partner privacy and data security team. The group focuses on data and cybersecurity protection, data breach and providing advice related to new technology. It advises US and other international companies on Europe-wide privacy compliance and outsourcing arrangements, and has assisted public bodies with data security incidents.

The firm is Facebook’s EU privacy counsel, advising the social network on potential jurisdictional conflicts, the interaction between US and EU law and its cross-border data transfer agreements. The team has also assisted Facebook in litigation such as Schrems II, and represents the social network and Adobe in investigations by Ireland’s Data Protection Commission.

McCann Fitzgerald

View more

Paul Lavery leads the data protection and privacy practice at McCann Fitzgerald, which this year separated itself from the firm’s broader technology and innovation team. The practice counts eight partners and six non-partners. The group, which focuses on data protection, cybersecurity and litigation, advises multinational tech clients including Microsoft and subsidiary LinkedIn, and also services public sector clients. This year, the practice launched an AI-driven GDPR Gap Analysis app to allow organisations to assess their level of GDPR compliance and identify areas of major risk.

McCann Fitzgerald has advised clients such as Independent News & Media, Pandora Media, the Bank of Scotland, Morgan Stanley and Deutsche Bank on international transfers, data protection policies and data breach management. The US federal government has instructed the firm in its European Court of Justice Schrems II intervention. It acts for the US federal government in Digital Rights Ireland’s and La Quadrature du Net’s challenges to the EU’s Privacy Shield.

Philip Lee

View more

Sean McElligott heads the data privacy and technology group at Philip Lee in Dublin. The group, which consists of four partners, four associates and one consultant, focuses on GDPR compliance, privacy impact assessments and data outsourcing in addition to IT projects that involve personal data. The firm has assisted both private and public sector companies across pharmaceutical, technology and media sectors with establishing privacy policies and how to appropriately collect and store personal information.

The group advises regulatory bodies such as Ireland’s Data Protection Commission and the UK’s Information Commissioner’s Office on data protection compliance and enforcement. It has also assisted pharmaceutical companies in establishing patient databases and advised companies that collect personal information through apps and social media accounts.

William Fry

View more

David Cullen leads William Fry’s technology practice, which includes the firm’s smaller data protection team. The data protection group consists of four partners and one associate. It provides both start-ups and international companies with assistance on international transfers, obtaining data subjects’ consent and direct marketing. The technology team as a whole also advises on e-commerce issues, large-scale outsourcing projects, software licensing and cloud computing.

The group has advised Microsoft regarding GDPR compliance and data storage in Ireland and currently represents members of the BSA Software Alliance – which includes Apple, Intel and Siemens – in technology matters. William Fry currently advises Siemens in its role as an amicus curiae party in Schrems II.