Technology regulation

<p>The primary focus of Toby’s work is on technology, communications and outsourcing projects where he has acted on both the client and supplier side in sectors such as financial services, telecommunications, healthcare, manufacturing, insurance and life sciences. Toby also advises on other complex commercial transactions and he has particular expertise on deals involving the use and exploitation of technology and intellectual property.</p> <p>Toby’s recent work includes:</p> <ul> <li>Leading international outsourcing deals (covering North America, Europe and Asia-Pacific operations) for clients in the UK, the US and the EU.</li> <li>Advising on the rollout of innovative “alt-net” fibre broadband networks.</li> <li>The acquisition of software, telecoms and fintech businesses and counselling targets and buyers on regulatory, IP and commercial risks.</li> <li>The use of emerging technologies (including AI and open source software) by regulated clients.</li> <li>The development and deployment of innovative “green-tech” and fintech solutions.</li> </ul> <p>Toby has also gained in-depth experience of advising clients on procurement strategies (eg supplier selection, pricing models and performance incentive mechanisms) and has spent time in-house with a large IT services company, an international telecommunications provider, and a mobile telecommunications company.</p> <p>Toby is a Trustee of the UK’s Society for Computers and Law and lectures widely on IT, e-commerce, cloud computing, agile software development and outsourcing including at ITechLaw, UCL and QMUL.</p> <p> </p> <p> </p>

<p>Anna has more than 25 years’ experience in commercial disputes, particularly disputes arising from technology contracts, including:</p> <ul> <li>leading the teams in some of the largest IT and outsourcing disputes, including two leading cases, <a href="https://www.bailii.org/ew/cases/EWHC/TCC/2010/3276.html"><em>De Beers -v- Atos Origin</em></a> and <a href="https://www.bailii.org/ew/cases/EWHC/TCC/2024/1185.html"><em>Tata Consultancy Services v Disclosure and Barring Service</em></a>; <em> </em></li> <li>advising both vendors and customers about managing change and how to rescue a “troubled project”, including the handling of contentious issues arising from delay, payment obligations and the availability of contractual remedies;</li> <li>addressing issues and risks relating to the licensing of technology, the enforcement of software audit rights, copyright infringement, misuse of confidential information and the availability of injunctive relief and other remedies; and</li> <li>advising technology clients about risk and commercial options, how to improve difficult relationships (especially long-term contracts), how to navigate legal structures and how to achieve negotiated solutions.</li> </ul> <p>Anna’s expertise includes litigation in the High Court and Court of Appeal as well as mediation, expert determination and adjudication. She also has extensive experience in international arbitration.</p> <p>Anna’s recent experience includes:</p> <ul> <li>Leading the large team acting for the DBS in <a href="https://www.bailii.org/ew/cases/EWHC/TCC/2024/1185.html"><em>Tata Consultancy Services v Disclosure and Barring Service.</em></a> This case was identified by <em>The Lawyer</em> as one of the Top 20 cases of 2023 and the judgment revolves around key issues affecting many IT projects, such as delay, limitation and exclusion clauses and other remedies.</li> <li>Acting for CityFibre in <a href="https://www.bailii.org/ew/cases/EWHC/Comm/2024/1694.html"><em>CityFibre Limited v GCI Network Solutions Limited</em></a><em>, </em>a dispute about the interpretation of a contract and obligations of cooperation.</li> <li>Acting for a software vendor in respect of a portfolio of cases involving breaches of its reseller agreements and instances of software infringement, including the enforcement of audit rights.</li> <li>Advising various telecoms clients in respect of disputes about infrastructure projects, contracts for the promotion of services, rights of access and wayleave agreements and the termination of contracts for the supply of goods and services.</li> <li>Acting for publishers and advertisers in respect of various adtech disputes including claims about commissions, the reliability of algorithms and Vickrey auctions, referral marketing and affiliate programs and disputes about the quality and availability of services.</li> <li>Acting for technology vendors in two international arbitrations relating to the misuse of software and the circumvention of software/technical protections, including enforcement proceedings in various jurisdictions.</li> <li>Acting for various financial institutions in respect of claims by software vendors that legacy software was being misused, including disputes about audit, the virtualisation of hardware and “direct and indirect” usage.</li> </ul> <p>Anna has long-standing experience in retail, logistics, supply chains and distribution contracts, both in the context of disputes, technology projects and also to advise clients about the “end-to-end” risks and commercial considerations.</p>

<p>Marc helps clients to evaluate and manage data protection and cyber risk in cross-border compliance programs, in technology projects involving the development of machine learning/artificial intelligence, Internet of Things, cloud applications, in life sciences and medical device projects covering healthcare apps, remote diagnostics, clinical trials and investigations and genomic research, and in the financial services sector across the lifecycle of product development and FinTech applications.</p> <p>Marc also advises on cyber security incidents, and regulatory investigations and disputes involving data protection, misuse of private information and breaches of confidentiality, and has experience of devising voluntary redress schemes for individuals affected by such misuse or breaches.</p> <p>In the area of digital regulation, Marc assists clients to navigate the EU’s digital services legislative framework, advising amongst others on the Data Act, the DSA, NIS2, DORA and related legislation.</p> <p>Some of Marc’s work highlights include:</p> <ul> <li><strong>Defending</strong> a global advertising technology platform <strong>against proceedings</strong> brought by a leading privacy campaigner for alleged breaches of GDPR i<strong>n the field of real time bidding.</strong></li> <li>Advising on numerous <strong>cyber incidents</strong>, with a sector focus advising banks, law firms and barristers chambers on <strong>responding to incidents</strong> and on <strong>subsequent investigations and enforcement action</strong> by data protection authorities.</li> <li><strong>Defending</strong> a leading global advisory services firm against threatened <strong>SLAPP proceedings</strong> and advising them on numerous <strong>subject access requests.</strong></li> <li>Advising <strong>providers and deployers of AI</strong>, including a sector focus in <strong>HR</strong>, advising international leadership consulting firms on the <strong>development of AI</strong> in the field of recruitment and performance management.</li> <li>Defending a multinational <strong>data analytics and consumer credit reporting </strong>company in <strong>enforcement proceedings</strong> brought by the <strong>ICO.</strong></li> <li> Advising firms in the life sciences and healthcare sectors on the full range of GDPR issues in their sector, including research institutions on <strong>anonymised data</strong>, pharmaceutical companies on <strong>medical research and clinical trials</strong>, medical device companies on development of devices, an NGO in the field of <strong>vaccine development against pandemics</strong>, and a global leading university on <strong>Freedom of Information</strong> and on <strong>international data transfers.</strong></li> <li>Advising <strong>banks in the UK, EU and Middle East</strong> on data transfer impact assessments, the adoption of <strong>cloud</strong>, <strong>AI customer service operations</strong> and <strong>anti-fraud technologies.</strong></li> <li>Advising <strong>technology suppliers</strong> on the development and supply of technologies with a particular focus on <strong>EU ePrivacy</strong> rules and their intersection with the GDPR.</li> <li>Advising a <strong>Chinese FinTech</strong> on GDPR compliance in the development of its <strong>AML solutions</strong> for banks.</li> <li>Supporting a leading <strong>global car manufacturer </strong>on its <strong>connected vehicle strategy.</strong></li> <li>Advising a <strong>FTSE100 retailer</strong> on a range of GDPR compliance issues.</li> <li>Defending firms in several sectors against <strong>noyb</strong> complaints.</li> <li>Supporting our <strong>Corporate and Medical Regulatory teams</strong> on data protection due diligence on a range of <strong>mid-tier acquisitions and disposals</strong>.</li> <li>Advising an <strong>MVNO</strong> on its obligations under <strong>UK interception of communications legislation</strong> and on a range of GDPR issues.</li> <li>Supporting a <strong>multinational commodities company</strong> on its end-to-end GDPR compliance programme.</li> <li>Developing <strong>BCRs</strong> for a global <strong>management consulting and technology firm.</strong></li> </ul> <p>Marc advises on both UK and EU law, covering GDPR, the Data Protection Act 2018 and the ePrivacy Directive, the Network and Information Systems Regulations including NIS2, DORA and the Cyber Resilience Act, the Digital Services Act, the EU AI Act and the EU Data Act, the Freedom of Information Act and Environmental Information Regulations, the Investigatory Powers Act and the data protection and security aspects of financial services legislation and regulation (such as PSD2 and the SYSC rules in the FCA Handbook).</p> <p>Marc is a member of the International Association of Defense Counsel, International Association of Privacy Professionals and ITech Law.</p> <p>Marc has a good working knowledge of German and Swedish.</p>

<p>Alex is passionate about the life sciences sector and advises about regulatory issues all day every day. Alex’s advice is informed by a BSc in Human Genetics and in-house experience, including as GC of a biopharmaceutical company, and brings 25 years’ experience advising clients in the sector.</p> <p>In addition to a wide array of contentious (judicial review) matters, he enjoys working with clients to devise and implement regulatory strategies throughout the product life cycle of pharmaceuticals and medical devices (including in vitro diagnostics).</p> <p>Alex advises clients in relation to challenging issues including genomics, cell and gene therapies, 3D printing, healthcare Apps, companion diagnostics, borderline products and combination products.</p> <p>The life sciences sector sees some of the most exciting and influential deployments of Artificial Intelligence and machine learning. The increasing use of AI in the sector poses a number of regulatory challenges (including entirely new regulations) and he specialises in helping clients navigate these.</p> <p>Alex has been involved in the development of a number of regulatory frameworks and guidelines.</p> <p>Legal 500 describes Alex as “a straight-talking, commercially astute technology specialist who is always willing to take a view” and who delivers “out-of-the-box solutions”.</p>

<p>Vik specialises in all aspects of commercial technology law. He regularly leads complex and strategic technology projects, including:</p> <ul> <li>digital transformation</li> <li>IT outsourcing</li> <li>business process outsourcing</li> <li>cloud implementations</li> <li>technology platform roll-outs</li> <li>application design and build</li> <li>other projects involving the use or exploitation of IP, data and technology</li> </ul> <p>Vik regularly advises clients on <a href="https://www.bristows.com/expertise/sectors/artificial-intelligence/">artificial intelligence</a> and machine learning, ranging from some of the world’s leading developers on their AI product launches, through to sophisticated users in life sciences, financial services and the public sector seeking to implement AI in a responsible and compliant way.</p> <p>He is also the co-lead of our digital health business, co-ordinating teams of Bristows specialists to help growing healthtech businesses as well as large pharma, medical device and public health organisations leverage new technologies to deliver better health outcomes.</p> <p>In addition, Vik is the host of our popular technology law podcast, <a href="https://bristowstheroadmap.buzzsprout.com/">The Roadmap</a>, each month diving into the digital transformation trends that are re-shaping modern businesses.</p> <p>Recent projects Vik has led include:</p> <ul> <li>The launch of an artificial intelligence product designed to transform scientific research and result in significant medical breakthroughs in coming years.</li> <li>Two of the UK’s biggest fintech infrastructure programmes, including new payments networks and digital currencies.</li> <li>A £1bn global customer operations outsourcing involving cutting-edge robotic process automation technology.</li> <li>An agile software development project relating to critical national infrastructure.</li> <li>A core banking platform design, build and implementation project.</li> <li>A collaboration to roll-out a carbon emissions tracking platform to help the energy industry reduce greenhouse gas emissions and meet sustainability goals.</li> </ul> <p>Vik is an Officer of the Technology Committee at the International Bar Association, and is the Vice-Chair of the Technology Transactions Group at the Society for Computers & Law.</p>

<p>Adrian currently serves as one of the firm’s Joint Managing Partners and is an information technology specialist who has market-leading experience advising clients on technology, cloud and digital transformation transactions.</p> <p>Adrian’s practice spans a range of sectors including technology, financial services, life sciences and consumer products. He regularly leads and negotiates high profile IT procurement, outsourcing, cloud and complex systems development and integration projects on both the customer and supplier side. In addition, Adrian counsels organisations developing and deploying AI systems and implementing AI governance frameworks.</p> <p>Recent projects Adrian has led include:</p> <ul> <li>Advising a global airline on its IT infrastructure and mainframe operations, including cloud migration and data centre colocation projects.</li> <li>Leading negotiations for a global supermarket on its enterprise-wide business critical SaaS and on-premises software licences, payment gateway services and cloud infrastructure arrangements.</li> <li>Advising a leading energy company on its digital transformation projects and AI contracting and governance approach.</li> <li>Product counselling for a technology services organisation on the launch of its client AI system.</li> <li>Advising a public sector, genomic medicine body on its commercialising strategy and implementation of world-leading sequencing, data and technology arrangements.</li> <li>The digital transformation of a global life sciences company’s IT, network and online systems, including a multi-million pound IT outsourcing transaction.</li> <li>Advising a Premier League football club on its technology arrangements across its business operations from content and digital media management platforms to payment processing systems.</li> </ul> <p>Having spent considerable time seconded to various clients such as a global IT services provider, a telecommunications company and an international digital services organisation, Adrian always delivers practical and business-focused solutions to deliver technology projects in the most effective and efficient way.</p>

<p>Mark heads Bristows’s data protection practice and is also leader of the firm’s technology sector group. He has a doctorate in semiconductor physics from the University of Oxford and specialises in how data protection works in a technology context, particularly new technologies, such as cloud computing, AI, facial recognition and Adtech. For several years, Mark was in-house at IBM where he held various roles, including that of Global Data Privacy Counsel.</p> <p>Mark’s practice comprises helping clients to establish proportionate and pragmatic compliance programs globally, product counselling for several of the largest technology companies and representing companies in connection with regulatory enforcement. Mark has defended companies in several of the largest, most high profile regulatory enforcement actions in the world, both in respect of data breaches and also data misuse cases.</p>

<p>Francion has significant experience of competition litigation, including cases involving a cross-over with IP law. She has over 10 years’ experience of acting in FRAND cases for the likes of Samsung, Philips and Panasonic, with a particular focus on the competition law and economic valuation aspects of those cases.</p> <p>Francion also frequently advises on merger control and interactions with the CMA including investigations, market studies and third party RFIs. She has a particular interest in the new digital markets competition regime (under the DMCC Act) which establishes new powers for the CMA to regulate big tech firms in the UK.</p> <p>Francion’s practice also involves advising clients on complex agreements and behavioural issues across all sectors. This includes issues arising from the cross-over with IP law for which many of her clients are in high technology sectors including tech and life sciences.</p> <p>Francion has a background in Mathematics and Competition Economics making her well placed to advise on complex competition law issues.</p> <p>Some of Francion’s recent experience includes:</p> <ul> <li>Acting for Panasonic in UK litigation seeking a FRAND licence.</li> <li>Acting for Philips in UK litigation seeking a FRAND licence.</li> <li>Advising Bestway on its acquisition of the UK pharmacy wholesale and retail business of Lexon, one of the fastest Phase 1 clearance decisions before the Competition and Markets Authority (CMA).</li> <li>Leading on the competition law defence for a Japanese pharmaceutical company in an arbitration in connection with the development and subsequent commercialisation of a blockbuster monoclonal antibody therapeutic.</li> <li>Assisting an animal medicines manufacturer with the CMA’s market investigation into the veterinary sector.</li> <li>Working at the CMA (on secondment) to develop the new Vertical Agreements Block Exemption Order (VABEO).</li> </ul> <p>Francion has spent time on secondment at the CMA, Google and at the antitrust teams of two Chinese law firms. She is the resident lawyer for the British Brands Group’s competition law compliance training programme.</p>

<p>Charlie advises clients on a wide range of commercial and regulatory issues, including in relation to IT outsourcing and services agreements, software development and licensing, data protection, artificial intelligence and machine learning, SaaS and cloud contracts, e-commerce and telecommunications law. Prior to qualifying as a lawyer, Charlie was a producer and director of award-winning factual television documentaries.</p> <p>Charlie trained and qualified at an international law firm and joined Bristows in April 2018. Charlie has a proven track record of running complex multi-jurisdictional projects from start to finish, and has hands-on experience working with in-house legal and business teams.</p>

<p>Alice is a senior associate in the commercial IP, IT & data privacy team at Bristows, advising clients on a range of commercial matters.</p> <p>She has assisted and advised clients on the drafting, negotiation and interpretation of a variety of commercial arrangements relating to e-commerce, media rights and services, the development and exploitation of intellectual property and technology procurement, development and licensing. In addition, Alice has a particular specialism in advising consumer-facing clients and regularly advises on consumer protection, advertising and marketing law compliance.</p> <p>Alice has undertaken secondments to the in-house legal teams of a news and media group, a global media organisation and a leading technology company. She is also Chair of the Society for Computer and Law’s Digital Media Group. In addition to invaluable industry experience, her experiences have given her a good grounding to provide tailored and commercially-focussed legal advice which helps clients to achieve their strategic aims.</p>

<p>With over 30 years’ experience in the <a href="/expertise/sectors/technology/">technology</a> field, Andrew is a leading free and open-source software lawyer. He regularly advises clients on technology law, computer software licensing and distribution, open source licensing, business structures and compliance, open hardware licensing, open data, the legal aspects of AI, and particularly <a href="/expertise/transactions/commercial-ip-transactions/">IP</a> and regulatory aspects of large language models.</p> <p>Andrew’s clients range across the spectrum of startups to multinationals and he also advises foundations, public sector bodies, academic institutions and trans-national bodies.</p> <p>Andrew is a Fellow of both the Free Software Foundation Europe and the Open Forum Academy, and for seven years held the post of visiting lecturer at Queen Mary, University of London, where he taught postgraduates free and open source software law. He is co-author of Open Source Law, Policy and Practice published by Oxford University Press in 2022, as well as a number of other books and papers on open source law and technology law. He is currently a visiting researcher on standards and open source at the University of Skövde, Sweden.</p> <p>He has also recently launched an initiative to manage risk in the open source and AI software supply chains, through the structures of process, procedure and insurance.</p> <p><strong>Andrew’s previous clients include:</strong></p> <ul> <li>Canonical Limited (Ubuntu)</li> <li>The Linux Foundation</li> <li>The Eclipse Foundation</li> </ul> <p><strong>Recent work includes:</strong></p> <ul> <li>Negotiating the business transfer of the CentOS project to Red Hat.</li> <li>Drafting the widely-used Solderpad Open Hardware License and is on the core legal team which drafted the CERN Open Hardware Licence.</li> <li>Leading the Open Hardware section of the European Commission’s Impact Study on Open Source Software and Hardware which was published in 2021. The study is frequently cited by MEPs and the European Commission in relation to EU law and policy.</li> </ul> <p>Andrew has been a board member of the Telecommunications Industry Association, the MariaDB Foundation, Public Software CIC, and general counsel of OpenUK.</p> <p>In 2019, he founded and became CEO of Orcro Limited, a company which provides advice and consultancy on Open Source compliance and supply chain management. Orcro is an accredited partner of the Linux Foundation’s OpenChain project.</p> <p>He is project lead of the Eclipse Foundation’s Corinthian Project, a multi-national project to manage risk in the software supply chain by publishing template documents legal documents intended for use in technology transactions.</p> <p>Andrew is heavily involved in the Linux Foundation’s OpenChain project, where he chairs the UK WorkGroup and the Education Work Group, and is currently working on the OpenChain Capability Maturity Model.</p> <p><strong>Additional affiliations include:</strong></p> <ul> <li>Founding Editor of the International Free and Open Source Law Review, JOLTS (Journal of Open Law, Technology and Society)</li> <li>Advisory panel (formerly editor): Journal of Open Hardware</li> <li>Advisor: Low RISC Foundation. Technical</li> <li>Advisory Board Advisor: OpenHW Group</li> <li>Licensing Panel: FOSSi Foundation</li> <li>United Nations Technology Innovation Labs: advisory panel</li> <li>SurgHub (UN initiative for dissemination of clinical learning): advisory panel</li> </ul>