Toby advises on and negotiates commercial, technology and outsourcing agreements. He has…

Technology regulation
We simplify tech regulation so you can focus on innovation.
The pace of technological change has accelerated over the past few years, and so too has the regulatory landscape.
Governments and regulators have been rapidly introducing new legislation that expands the scope of regulatory compliance faced by anyone in the technology sector, from developers, users or those deploying new technologies.
We understand that keeping up can feel overwhelming.
With our deep insight and understanding of both regulatory law and technology, we are uniquely placed to assist clients in navigating this emerging and fast changing regulatory landscape. Our multi-disciplinary teams simplify the legislative framework, delivering practical and commercially pragmatic advice to help you understand whether your products and services are regulated, and if so how and when.
Backed by longstanding experience in advising on and managing disputes and investigations related to privacy, cyber security, life sciences regulatory, competition, telecommunications, consumer protection, advertising and complex financial services regulation, our multi-disciplinary teams can advise on all key developments, helping you to respond with clarity and confidence.
Whether you’re developing new technology, entering a new sector or deploying new technology, we keep you informed and we deliver actionable solutions. From governance frameworks and regulatory audits to product counselling and contract playbooks, we help clients manage risk and stay ahead.
Advertising and AdTech
Our Advertising and Data Privacy teams act on many of the major investigations by applicable regulatory bodies into both the content of advertising and the technology used to promote them and this combined with our consumer protection and cyber security expertise mean we can provide holistic advice to clients as they look to market their products in both new and old media.
Artificial Intelligence
We are at the forefront of the generative AI revolution—working with major technology clients to bring products to market and helping a wide range of enterprise clients understand and adapt to this transformative technology. Our team advises on all aspects of AI projects, from development and procurement to implementation and use, including IP, data protection, regulatory compliance, and bespoke contracts. In digital health, we focus on the legal complexities of using medical and patient data in AI, offering sector-leading advice at the intersection of Life Sciences and Technology. This is potentially a world changing technology but also an area where general regulations such as GDPR, new laws such as the EU AI Act and sector specific regulations such as those in relation to medical devices mean only a highly knowledgeable, cross-disciplinary team can assist. Find out more about our expertise here.
Cybersecurity and Cyber-resilience
EU legislation like NIS 2 and the Cyber Resilience Act plus sector specific rules like DORA place new obligations on those who deploy or make software and related services, like never before. This includes the Critical Entities Resilience Directive (EU), which strengthens the physical resilience of critical entities across the EU and sits alongside NIS2—but goes beyond cyber to cover more sectors. In the UK, the Cyber Security and Resilience Bill—a proposed counterpart to NIS2—is expected to be published in autumn 2025. Additionally, the Product Security and Telecommunications Infrastructure Act (UK) introduces requirements for the security of consumer connected devices.
We use our deep knowledge of privacy law, cyber breaches and technology to advise both “buy side” users of technology and “sell side” suppliers on compliance and ensure they are not exposed to over-zealous interpretations of the regulations. Discover more.
Competition and Digital Markets
Our competition team is at the forefront of developments arising from the new digital markets competition regime introduced by the UK’s DMCC, as well as the EU’s Digital Markets Act (DMA).
Consumer protection
New EU and UK laws, such as the EU’s Accessibility Act, which improves accessibility of some products and services for people with disabilities and the additional consumer protections introduced by the EU’s Digital Services Act and the UK’s DMCC, have increased regulatory scrutiny of consumer facing terms and conditions. Our team has unparalleled experience of working with global clients providing goods and services online to do so in a compliant yet pragmatic way, as well as representing clients in any regulatory investigations that may arise.
Data
The EU Data Act and the EU Data Governance Act are laws that aim to unlock the value of industrial and public sector data by promoting fair access, responsible sharing, and legal clarity across the European data economy, each with distinct scopes and safeguards. Read more about our data team here, where you can also find out all about our practice in the field of data protection, privacy and cyber risk.
Digital health
Our digital health team helps life sciences and technology innovators navigate the legal and regulatory complexities of bringing digital health solutions to market. We guide clients through the regulatory, data protection, IP, and commercial hurdles of digital health, empowering them to deliver groundbreaking healthcare technologies to market with speed and confidence.
Financial Services and FinTech
Our technology lawyers have deep experience of advising financial services firms on the procurement and deployment of technology and material outsourcing transactions and the thicket of regulatory requirements that must be met in relation to the same. We also deploy that expertise for providers and developers of technology solutions for that sector.
Online Safety
The UK is leading the world in implementing online safety laws, which is creating new compliance demands for digital platforms. Our Safety Net hub offers practical guidance and resources.
Product Liability
Beyond sector specific liability regimes in relation to food and drink, medicines and the like, we also advise clients on the new product liability regimes arising from new EU and UK laws, in addition to the CRA and DORA, the EU Product Liability Directive imposes new product liability obligations on any organisation that produces software and we are already working with clients on their compliance with this new law.

Crick

Cook

Dautlich

Denoon

Khurana

Sim

Watts

Brooks

Hawes

Esuola-Grant

Katz
What others say
Legal 500 2025“Pragmatic approach to support the client needs.”
Legal 500 2025“They don’t simply bill for the hours they’ve worked. Instead, they evaluate whether those hours were reasonable and whether we, as their client, have derived sufficient value from them. If they feel that the value delivered doesn’t align with the hours billed, they’re more than willing to adjust the fee to ensure our satisfaction.”
Legal 500 2025“They possess an excellent understanding of our industry, and technology in particular, which sets them apart. While being a full-service law firm, they also embody the personalised attention and specialised expertise typically associated with boutique firms.”
Legal 500 2025“Known for its life sciences, pharma and engineering expertise, the team at Bristows LLP is praised by clients for its depth of commercial knowledge and ‘impeccable service’. Wielding specialist proficiency in regulatory issues such as intellectual property rights, competition and tax law, and data protection, the group are able to handle the full range of commercial issues.”
Legal 500 2025“They offer an excellent service – good and pragmatic/commercial legal advice coupled with good client-relationship management.”