Data, Privacy & Platform Enforcement

From leading digital platforms and major financial institutions to other multinationals in data-heavy industries, our Data, Cyber & Privacy practice assists clients on complex data-related matters. These are often driven by European regulators or result from private enforcement through mass claims and cross-border litigation.

Our team stands out for its excellent reputation and extensive experience in dealing with relevant supervisory authorities and courts across Europe. We play a role in most major data-related litigation matters in the Netherlands, including collective actions, and assist clients in dealing with enforcement actions by data protection authorities, the European Commission, the Dutch Consumer and Markets Authority, and other Dutch and European regulators.

The size and breadth of our team allows us to adopt a multidisciplinary approach, bringing together experts in privacy, data protection, cybersecurity, competition, consumer protection, business and human rights, financial regulation, litigation, and administrative law: one multidisciplinary team of experts handling your high-stakes matters. We don't just stop at the law, we develop a deep understanding of the business needs, technology, as well as the market and societal dynamics underlying our client's legal needs and challenges.

Our approach enables us to understand the opportunities and risks associated with growing enforcement and an expanding platform economy, and to assist our clients in navigating the high risks associated with the complex and rapidly expanding legal landscape in our digital society.

We also act as trusted advisers to clients in major international cybercrime and cybersecurity matters, handling multi-jurisdictional data breaches and potential post-breach litigation.

Track record

• Representing several international platforms as lead counsel in various collective actions across Europe on alleged infringements of European data protection and consumer protection laws
• Assisting a Netherlands-headquartered international platform as lead counsel in landmark cases and potential follow-on litigation before regulators and courts across the EU that involve automated decision-making and the right to data portability under the GDPR
• Acting as lead counsel to several multinationals facing devastating cyberattacks that halted operations across the globe, coordinating incident response and recovery across the spectrum of legal workstreams (for example, notifying regulators and financial markets, coordinating regulatory enforcement and post-breach litigation, and advising on directors liability and customer and vendor management)
• Advising large Dutch-state enterprises on implementing European cybersecurity rules.