'Associate to Watch" - Data Protection & Information Law

"He is one of the most dedicated professionals I have worked with, and is willing to go the extra mile to help you when needed."

Chambers UK 2022

Calum Docherty

  • 99 Bishopsgate
  • London EC2M 3XF
  • United Kingdom

Calum Docherty advises EU and global clients across all market sectors on privacy, data protection, cybersecurity, and information law.

Mr. Docherty provides comprehensive advice on regulatory compliance and investigations related to:

  • Privacy and data security compliance and program management, in particular relating to the General Data Protection Regulation (GDPR)
  • Privacy and data security-related regulatory enforcement
  • Complex data breach incidents, including forensic investigations
  • Advertising and marketing practices, as well as other consumer protection issues

Mr. Docherty advises clients on all aspects of European data protection law, including data subject rights requests, online advertising and adtech strategies, use of sensitive data and children’s data, international data transfers, data sharing arrangements, internal and external policy creation and implementation, training programs, and strategic management of security incidents and breach notification procedures.

Mr. Docherty also has substantial expertise in M&A transactions, advising on privacy, data protection, and other deal-related requirements to assist deal teams.

Prior to joining Latham, Mr. Docherty spent two years working on Google’s public affairs team in Mountain View, California, and Singapore.

Mr. Docherty’s experience includes advising:

  • A significant social media company in matters before the Irish Data Protection Commission and other international regulatory bodies on issues related to privacy and security, including in connection with a data breach affecting tens of millions of users.
  • A publicly listed China-headquartered technology and internet group on global data privacy compliance for cross-border products, including products across the social media, gaming, cloud, television, and advertising space. This project has included a specific focus on data privacy compliance relating to the GDPR as well as across Asia.
  • A variety of multinational clients on compliance with current data protection laws in a number of EU Member States and GDPR.
  • A US gaming company in relation to a personal data breach before the UK Information Commissioner’s Office.
  • A chain of hospitals in relation to its use of sensitive personal data.
  • A leading online retailer in relation to its GDPR compliance program.
  • On contentious data subject rights requests for clients at all stages of the business life cycle, from emerging companies to global market leaders.
Notice: We appreciate your interest in Latham & Watkins. If your inquiry relates to a legal matter and you are not already a current client of the firm, please do not transmit any confidential information to us. Before taking on a representation, we must determine whether we are in a position to assist you and agree on the terms and conditions of engagement with you. Until we have completed such steps, we will not be deemed to have a lawyer-client relationship with you, and will have no duty to keep confidential the information we receive from you. Thank you for your understanding.