Katie is an experienced data and technology lawyer, specialising in data privacy, cybersecurity, digital regulation and technology transactions.

Katie advises clients on a range of data-related issues, including data protection compliance, international data transfer requirements, advising on compliance with cookie laws and direct marketing rules and advising clients on their responses to regulatory investigations led by data protection and consumer authorities. In parallel, Katie advises on large scale technology projects, including advising clients in distress situations and on the renegotiation of IT contracts.

Katie's particular focus and interest is how the development of emerging technologies intersects with data privacy. Katie leads the firm's emerging technologies group and chairs the SCL's IT Disputes Committee. She is also passionate about mentoring and the development of other women in technology, having established a digital-focussed mentoring scheme while at WBD. 


Examples of experience include advising:

  • A UK financial institution in relation to a major IT Transformation and Service Delivery Project, including drafting a negotiating a full IT outsourcing agreement for all of the client's infrastructure management, application support and maintenance, development and end-user services
  • A leading UK energy company in relation to a number of large scale data protection projects, including the adoption of AI technologies within the business and the implementation of energy saving events contributing towards the organisation's net zero aims
  • An eCommerce software company in relation to its deployment of tracking technologies, including recommended changes the company needs to make to in relation to (1) its deployment of cookies; and (2) how it contracts with its customers to ensure compliance with GDPR/PECR
  • A US based tech company on responding to a data security incident involving the hacking of its customer data bases, including advising in relation to claims from individuals and advising in relation to ongoing regulatory investigation from UK and US regulators
  • A national organisation in relation to a potential cybersecurity incident involving the hacking of its CRM system, including liaising with the ICO. The ICO concluded its investigation and determined that no regulatory action was required against the client
  • A telecoms provider in relation to a potential risk of a group litigation, including providing strategic advice on managing this risk
  • A global energy provider in relation to a business critical IT dispute, including successfully renegotiating the future scope of work and achieving a settlement of historic issues
  • A UK based eCommerce Software and Digital Marketing Agency in relation to the early termination of an IT contract.

Profile insights