Our Website Uses Cookies
We and the third parties that provide content, functionality, or business services on our website may use cookies to collect information about your browsing activities in order to provide you with more relevant content and promotional materials, on and off the website, and help us understand your interests and improve the website.
For more information, please contact us or consult our Privacy Notice.
Your binder contains too many pages, the maximum is 40.
We are unable to add this page to your binder, please try again later.
This page has been added to your binder.
Daniel P. Cooper

Daniel Cooper advises clients on information technology regulatory issues, particularly data protection, e-commerce and data security matters.
According to Chambers UK, his "level of expertise is second to none, but it's also equally paired with a keen understanding of our business and direction." It was noted that "he is very good at calibrating and helping to gauge risk."
Mr. Cooper also regularly assists leading technology companies, including social networking sites, online content and entertainment providers, and e-shopping sites, on their European and global compliance strategies. He also has deep experience with the regulation of mobile and e-health technologies. Mr. Cooper is also known for his ability to guide clients through the issues arising from data breach incidents, and has advised a number of high-profile clients in this area. Mr. Cooper co-authored the data protection standard that governs organized sport.
Mr. Cooper is qualified to practice law in the United States, the United Kingdom, and Ireland. He has also been appointed to the advisory and expert boards of privacy NGOs and agencies, such as Privacy International and the European security agency, ENISA.
- Represented Bristol-Myers Squibb transitioning its Binding Corporate Rules from France to Ireland.
- Advised the European Federation of pharmaceutical Industries and Associations on submissions to European institutions regarding proposals on upcoming regulations.
- Advised Arcelik on GDPR compliance across its 13 international subsidiaries and numerous jurisdictions in Europe, including Germany, UK, Finland, Sweden and Romania amongst others.
- Advised Arcelik on privacy considerations and regulatory issues related to connected devices and applications, including Smart TVs; and online behavioral advertising and electronic direct marketing rules in various EU jurisdictions.
- Represented AstraZeneca as it developed its GDPR-compliant Binding Corporate Rules, negotiating the terms with the UK Information Commissioner, as well as orchestrating the company’s transition of those BCRs to the Swedish regulators in anticipation of Brexit.
- Advised 100+ companies on substantive matters and compliance projects including: gap analyses for companies, remediation planning and implementation tailored to each company.
- Advised a wide range of clients in the life sciences sector on the proper application of the GDPR’s rules on scientific research.
- Advised numerous tech-focused companies on the regulation of AI, machine-learning and related technologies under the GDPR.
- Advised Facebook, the online social network, on its compliance with European data protection laws.
- Advised Expedia, and its sister company, TripAdvisor, on compliance with data protection and security rules in Europe and Asia.
- Advised Wikimedia Foundation, responsible for the Wikipedia publication, with respect to European laws regulating charitable organizations and cross-border transfers of data.
- Advised Deutsche Bank on various data protection issues in the UK and Germany.
- Advised Microsoft on its various online services and data protection compliance.
- Advised Pfizer, GlaxoSmithKline (GSK), Novartis, Abbott, Gilead, Alcon, Genzyme, Johnson & Johnson, MSD and UCB on their compliance with European data protection rules relating to clinical trials, e-health platforms, genetic testing and in other contexts.
- Advised the World Anti-Doping Agency (WADA) with respect to its compliance with European data privacy laws in connection with its global administration and management of athlete doping procedures.
- Advised UK Anti-Doping (UKAD) on UK privacy regulations as applied to athlete drug testing.
- Advised on the national laws relating to employee monitoring and surveillance in several EU Member States.
- Advised Procter & Gamble on its online behavioral advertising practices and related collaborations with ad networks.
- Advised CBS Interactive on its online privacy policies and data processing practices in Europe and Asia.
- Advised Viacom, the global mass media company, in connection with UK data protection law matters.
- Advised American Express in connection with its fraud detection program and initiatives involving “Big Data”.
- Assisted UnitedHealth Group (UHG) with cross-border transfers of personal data and compliance with European registration rules.
- Advised Privacy International, the privacy-rights NGO, with respect to emerging EU and other privacy and data retention laws
- Assisted several manufacturing companies with devising privacy audit tools and practical compliance tools and template documents.
- Assisted a multi-national client on compliance with pan-European notification requirements.
- Provided large US-based pharmaceutical company with information on privacy laws in 10 key markets, including countries in Europe, Central, North and South America, and Asia.
- Assisted large pharmaceutical company in dealing with privacy issues resulting from the migration of patient data from a clinical study to a web-based platform.
- Advised on the processing of sensitive health data (under clinical trials and pharmacompliance), exports to third countries such as the US, communication to third parties such as regulatory authorities and identification of the “controller” of data.
- Assisted several clients on the latest privacy developments in the areas of RFID and biometrics.
- Assisted several worldwide privacy audits of US-based multinationals, including a detailed safety assessment, and recommendations to address certain issues, drafting of SOPS, notices, checking notifications to data protection authorities, and preparing appropriate privacy policies.
Pro Bono
- Advising consortium of privacy-rights organizations in connection with the human rights implications of EU laws on data retention and amassing information from electronic communications services providers.
Memberships and Affiliations
- European Privacy Association (EPA) Scientific Committee, Member (2015-2017)
- DataGuidance Pharma Panel of Experts, Member
- European Privacy Association, Member
- Computer Law and Security Review, Member of the Professional Board
- U.K. Law Society's ad hoc group on data protection, Member
- Privacy International, Board of Trustees
- CASRO, General Counsel and Privacy Officer's Forum
- British Institute of International and Comparative Law, Data Protection Research and Policy Committee, Member
- European Privacy Officers Network (EPON), Member
- MI5, Advisor on data privacy issues
March 2021
As the legal, regulatory, and commercial implications of coronavirus COVID-19 continue to evolve, our lawyers and advisors are helping clients navigate the complex considerations that companies around the world are facing and develop plans and strategies in response. Reach out to our COVID-19 task force at COVID19@cov.com. Below is a compendium of resources ...
March 2, 2021, Inside Privacy
On February 19, 2021, the European Commission published two draft decisions finding that UK law provides an adequate level of protection for personal data. The first would allow private companies in the EU to continue to transfer personal data to the UK without the need for any additional safeguards (e.g., the Commission’s standard contractual clauses),...… ...
March 2, 2021, Inside Tech Media
On February 19, 2021, the European Commission published two draft decisions finding that UK law provides an adequate level of protection for personal data. The first would allow private companies in the EU to continue to transfer personal data to the UK without the need for any additional safeguards (e.g., the Commission’s standard contractual clauses),...… ...
February 24, 2021, Inside Privacy
The EU’s ePrivacy Regulation, like the EU GDPR, has been highly anticipated since it was first proposed in 2017. What are the current developments and next steps in the process to enactment? What are some of the complicating factors of the proposed Regulation? Are there major differences between the initial proposal and where the text...… Continue Reading
February 16, 2021, Inside Privacy
On February 14, 2021, the Abu Dhabi Global Market (“ADGM”), one of two significant financial services free zones in the United Arab Emirates, enacted its new Data Protection Regulations 2021 (the “Regulations”). The Regulations will come into force and replace the current Data Protection Regulations 2015 following a transition period of 12 months for ...
February 15, 2021, Inside Tech Media
On February 11, 2021, the European Commission launched a public consultation on its initiative to fight child sexual abuse online (the “Initiative”), which aims to impose obligations on online service providers to detect child sexual abuse online and to report it to public authorities. The consultation is part of the data collection activities announced in...… ...
February 15, 2021, Inside Privacy
On February 11, 2021, the European Commission launched a public consultation on its initiative to fight child sexual abuse online (the “Initiative”), which aims to impose obligations on online service providers to detect child sexual abuse online and to report it to public authorities. The consultation is part of the data collection activities announced in...… ...
February 11, 2021, International Financial Law Review
Dan Cooper spoke with International Financial Law Review about how COVID-19 has disjointed the GDPR. Mr. Cooper says, “the way that the GDPR works, companies that operate across the EU simply have to be nimble. As a result of this, companies have had to be nimble in their approach to implementing GDPR across different member states.” Mr. Cooper adds, “For ...
February 10, 2021, Inside Privacy
In this blog post, we look at a recent decision by the UK Court of Appeal and a separate prosecution brought by the Information Commissioner’s Office (“ICO”; the UK data protection authority), which together serve as a cautionary tale for employees and prospective future employers of the risks of civil liability and criminal conviction for...… Continue Reading
February 10, 2021, Covington Alert
In this alert we look at a recent decision by the UK Court of Appeal and a separate prosecution brought by the Information Commissioner’s Office (“ICO”; the UK data protection authority), which together serve as a cautionary tale for employees and prospective future employers of the risks of civil liability and criminal conviction for confidential information ...
January 28, 2021, Inside Privacy
On this special tenth episode of our Inside Privacy Audiocast, we celebrate Data Privacy Day 2021. Join Dan Cooper and Kurt Wimmer as they discuss the key global data privacy developments in 2020 and trends to look out for in 2021. Covington’s Inside Privacy Audiocast offers insights into topical global privacy issues and trends. Subscribe...… Continue Reading
January 25, 2021, Inside Privacy
On the ninth episode of our Inside Privacy Audiocast, we peer through the looking glass at China’s approach to data protection and the latest developments in its emerging data protection and cybersecurity regime. Dan Cooper, Yan Luo and Zhijing Yu discuss the variety of legal instruments in China’s quickly-evolving data protection and cybersecurity regulatory ...
January 21, 2021, Inside Privacy
On January 19, 2021, the European Data Protection Board (“EDPB”) and the European Data Protection Supervisor (“EDPS”) issued a joint opinion on the draft standard contractual clauses for international data transfers (“draft SCCs”) published by the European Commission (“EC”) on November 12, 2020, including a marked-up version of the clauses. The EDPB/EDPS joint ...
January 15, 2021, Inside Privacy
On December 18, 2020, the Irish Data Protection Commission (“DPC”) published its draft Fundamentals for a Child-Oriented Approach to Data Processing (the “Fundamentals”). The Fundamentals introduce child-specific data protection principles and measures, which are designed to protect children against data processing risks when they access services, both online ...
January 2021, Covington Guide
The EU-UK Trade and Cooperation Agreement (EUTCA) reached on December 24th is a wide-ranging and complex agreement. Our Brexit Task Force offers these "bite-sized" recordings to give a snapshot of what you need to know in each area. Though the EUTCA provides the overall architecture of the future relationship in a number of areas, much of the detail must still ...
January 6, 2021, Inside Privacy
On January 5, 2021, the Council of the European Union released a new, draft version of the ePrivacy Regulation, which is meant to replace the ePrivacy Directive. The European Commission approved a first draft of the ePrivacy Regulation in January 2017. The draft regulation has since then been under discussion in the Council. On January...… Continue Reading
December 28, 2020, Covington Alert
On December 24, 2020, exactly four and a half years after the result of the UK’s EU Referendum, the UK and the EU reached an agreement on their future trade and cooperation arrangements: the EU-UK Trade and Cooperation Agreement (“EUTCA”). The transition period that has run since the UK left the EU in January 2020 will end at midnight Central European Time on ...
December 17, 2020, Inside Tech Media
On December 15, 2020, the European Commission published its proposed Regulation on a Single Market for Digital Services, more commonly known as the Digital Services Act (“DSA Proposal”). In publishing the Proposal, the Commission noted that its goal was to protect consumers and their fundamental rights online, establish an accountability framework for online ...
Global Data Review Names Covington to The GDR 100 Elite
December 10, 2020
WASHINGTON—Global Data Review has named Covington to The GDR 100 Elite. The ranking profiles the top 20 firms with a broad international presence and a consistent track record of delivering cutting-edge advice to household name clients around the world, who between them handle the lion’s share of cross-border work in data privacy. The firms featured in The GDR ...
December 3, 2020, Inside Tech Media
On 25 November 2020, the European Commission published a proposal for a Regulation on European Data Governance (“Data Governance Act”). The proposed Act aims to facilitate data sharing across the EU and between sectors, and is one of the deliverables included in the European Strategy for Data, adopted in February 2020. (See our previous blog...… Continue ...
November 12, 2020, Inside Tech Media
On 11 November 2020, the European Data Protection Board (“EDPB”) issued two draft recommendations relating to the rules on how organizations may lawfully transfer personal data from the EU to countries outside the EU (“third countries”). These draft recommendations, which are non-final and open for public consultation until 30 November 2020, follow the EU ...
October 23, 2020, Covington Alert
On October 21, 2020, the National People's Congress (“NPC”), China’s top legislative body, released its first draft of the Personal Information Protection Law (the “Draft Law”) for public comment (official Chinese version available here and Covington’s unofficial English translation here). The period for public comment ends on November 19, 2020 and comments can ...
September 14, 2020, Covington Alert
The English High Court has recently awarded damages in a data privacy case, with two features of particular interest1. First, the nature of the claim is more reminiscent of a claim in defamation than for data privacy breaches, which is a development in the use of data protection legislation. Secondly, the damages awarded (perhaps influenced by the nature of the ...
September 2, 2020
BRUSSELS–Covington has named Dan Cooper to lead its European data protection practice as co-chair of the firm’s global Data Privacy & Cybersecurity Practice, and he has relocated to Brussels to be closer to the institutions and courts that govern the European data privacy landscape. The firm has more than 100 lawyers focused on data privacy and cybersecurity ...
August 6, 2020, Covington Alert
On July 16, 2020, the Court of Justice of the European Union struck down the EU-U.S. Privacy Shield (“Privacy Shield”) in the Schrems II decision. Even though Schrems II invalidated the Privacy Shield with immediate effect as a matter of EU law, U.S. regulators swiftly indicated that they will continue to administer the Privacy Shield and that self-certified ...
July 22, 2020, LexisNexis
Daniel Cooper and Louise Freeman discuss the implications for data protection law under Collective Redress Directive with LexisNexis and Gloria Palazzi.
Summer 2020
Covington's European privacy team offers insights on the current state of play with respect to the intersection of European data privacy laws, and the transition around Europe and further abroad as government lockdown restrictions are lifted and companies begin to plan their return-to-work programs. In this on-demand briefing, we cover the guidance and positions ...
June 8, 2020, Covington Alert
On 19 May 2020, easyJet announced that personal data of approximately 9 million customers worldwide had been unlawfully accessed by third parties in a “highly sophisticated cyber-attack”. Data stolen by the cyber-attackers includes credit card details of 2,000 of the affected customers and, for most other customers, travel details such as departure and arrival ...
Spring 2020, Covington Guide
As businesses across Europe prepare to reopen following the COVID-19 lockdown, Covington is providing practical resources and guidance on the broad array of issues companies face as employees return to the workplace, including employment, privacy, competition, policy, environmental and regulatory considerations at the EU level, with a focus on Germany and the ...
May 19, 2020, Bloomberg
Daniel Cooper spoke with Bloomberg about new wearable technology devices that alert users when they are within close proximity of someone with COVID-19. Mr. Cooper notes that businesses are walking a fine line between keeping people safe and protecting their privacy. The absence of clear guidance from European regulators is forcing companies -- who could also be ...
Morrisons not liable for rogue employee data breach
April 1, 2020, Global Data Review
Daniel Cooper spoke with Global Data Review about a UK high court case involving the deliberate breach of personal information by a supermarket employee from Morrisons. The court ruled that the supermarket was not liable for the actions of the employee. Mr. Cooper described the decision as “dual-edged” and said that “when coupled with the Lloyd Court of Appeal ...
Telcos share location data for coronavirus efforts
March 20, 2020, Global Data Review
Dan Cooper spoke with Global Data Review about how telecommunications companies are providing data regulators location data to track the effects of social distancing in the wake of coronavirus. Mr. Cooper told GDR that the measures in Europe are “not too much of a concern” from a privacy perspective as the data being used by authorities is anonymized and ...
February 18, 2020, Inside Tech Media
On February 4, 2020, the United Kingdom’s Centre for Data Ethics and Innovation (“DEI”) published its final report on “online targeting” (the “Report”), examining practices used to monitor a person’s online behaviour and subsequently customize their experience. In October 2018, the UK government appointed the DEI, an expert committee that advises the UK ...
January 31, 2020, Covington Alert
This evening, at 11:00 p.m. GMT, the UK will leave the European Union. Brexit day marks a beginning, not an end. The UK today embarks on a complex process of negotiating new arrangements for trade and cooperation with the EU and partners around the world. Regulatory divergence seems inevitable, given that the UK will want to make its own decisions on existing ...
January 31, 2020, Covington Alert
At 11 p.m. tonight, the UK will officially leave the EU. Although this is a significant milestone in the development of the UK’s data protection framework, the UK will remain very closely linked to the EU in the short term at least, and for many the change may be imperceptible.
ICO hits electronics retailer with maximum pre-GDPR fine
January 10, 2020, Global Data Review
Daniel Cooper is quoted in Global Data Review regarding the UK ICO’s decision to fine DSG Retail £500,000 under pre-GDPR data protection law. The fine stems from the company being compromised by a cyberattack affecting at least 14 million people. Mr. Cooper says, “the ICO's imposition of a maximum fine appears due, in part, to the fact that it felt DSG should ...
January 9, 2020, Global Data Review
Daniel Cooper spoke with Global Data Review about the European Commission’s recommended changes to artificial intelligence liability rules. Mr. Cooper says the commission is keen to stress that the conclusions drawn from the report remain those of the expert group only. “One has to assume that the commission wants to be careful to test the waters first and gauge ...
October 10, 2019, Covington Alert
On October 2, 2019, the English Court of Appeal handed down a landmark judgment in Lloyd v Google LLC [2019] EWCA Civ 1599 (“Lloyd”) concerning Google’s alleged misuse of the personal data of over 4 million iPhone users via cookies placed on the Safari browser.
August 12, 2019, Inside Tech Media
On July 24, 2019, the European Parliament published a study entitled “Blockchain and the General Data Protection Regulation: Can distributed ledgers be squared with European data protection law?” The study explores the tension between blockchain technology and compliance with the General Data Protection Regulation (the “GDPR”), the EU’s data protection law. ...
August 2, 2019, Inside Tech Media
On July 29, 2019, the Court of Justice of the European Union (“CJEU”) handed down its judgment in the Fashion ID case (Case C-40/17). The CJEU found that when a website operator embeds Facebook’s “Like” button on its website, Facebook and the website operator become joint controllers. The case clarifies the relationship between website operators...… Continue ...
August 1, 2019, Inside Tech Media
On July 16, 2019, the UK’s Information Commissioner’s Office (“ICO”) released a new draft Data sharing code of practice (“draft Code”), which provides practical guidance for organizations on how to share personal data in a manner that complies with data protection laws. The draft Code focuses on the sharing of personal data between controllers, with a section ...
May 21, 2019
WASHINGTON—Covington advised Merck & Co., Inc., in its definitive agreement under which Merck, through a subsidiary, will acquire privately held Peloton Therapeutics, Inc. in exchange for an upfront payment of $1.05 billion in cash. In addition, Peloton shareholders will be eligible to receive a further $1.15 billion contingent upon successful achievement of ...
October 23, 2018, The Law Society Gazette
Daniel Cooper spoke with The Law Society Gazette regarding a UK Court of Appeal decision that could make employers vicariously liable for employees’ actions even if they had taken preventative steps and bore no criminal responsibility. Mr. Cooper said the employer should bear the enterprise risk and assume liability for the actions of its employees, as long as ...
The five-minute management idea: wearable tech
March 2, 2018, Chartered Management Institute
Daniel Cooper is quoted in a Chartered Management Institute article regarding wearable technology. Providing the legal perspective, Cooper says, "Any employer processing personal information is subject to a range of obligations–this includes making sure they’re very transparent about what they collect, ensuring they have a legal basis for processing that data. ...
The EU Gets Serious About Cyber: The EU Cybersecurity Act and Other Elements of the "Cyber Package"
September 18, 2017, Covington Alert
Last week, in his annual State of the European Union Address, the President of the European Commission Jean-Claude Juncker called out cybersecurity as a key priority for the European Union in the year ahead. In terms of ranking those priorities, President Juncker placed tackling cyber threats just one place below the EU leading the fight against climate change, ...
China Seeks Comments on Updated Draft of Cross-Border Data Transfer Security Assessment Standard
August 31, 2017, Covington Alert
On August 31, 2017, China’s National Information Security Standardization Technical Committee (“NISSTC”), a standard-setting committee jointly supervised by the Standardization Administration of China (“SAC”) and the Cyberspace Administration of China (“CAC”), released an updated draft of the Information Security Technology - Guidelines for Data Cross-Border ...
May 24, 2017, Covington Alert
On May 25, 2018, employers located or with staff in the European Union (“EU”) will have to comply with a new data protection law—Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data—commonly referred to as the General Data Protection Regulation (“GDPR”). This will ...
May 19, 2017, Covington Alert
On May 19, 2017, the Cyberspace Administration of China (“CAC”) invited international stakeholders to attend a seminar to discuss an updated version of the Measures on Security Assessment of Cross-border Data Transfer of Personal Information and Important Data (“the Measures”). Given that the Measures have an intended effective date of June 1, 2017, it is likely ...
April 12, 2017, Covington Alert
On April 11, 2017, the Cyberspace Administration of China (“CAC”) released a draft of the Measures on Security Assessment of Cross-border Data Transfer of Personal Information and Important Data (“the Draft Measures”) for public comment (official Chinese version available here; Covington’s translation of the Draft Measures is appended at the end of this alert).
GDPR Planning and Preparation Conference for Employers
March 30, 2017, Business Forums International Ltd.
December 15, 2016, CCT News
Daniel Cooper is quoted by CCT News in an article regarding the use of wearable technology in the workplace. According to Cooper, the use of wearable devices is a good way, especially for insurers. However, the wearers’ privacy must be taken care of as well as their legitimate treatment concerns.
Wearable technology: gathering data from tooth to toe
November 21, 2016, Financial Times
Daniel Cooper is quoted in a Financial Times article regarding wearable technology in the workplace. According to Cooper, not everyone will welcome sharing intimate personal information with the boss, however. “Wearable devices could be a good way for insurers to get the data . . . but it’s essential to address wearers’ privacy and fair treatment concerns and ...
July 14, 2016, Covington Alert
At a joint press conference on July 12, 2016 in Brussels, EU Commissioner for Justice, Consumers and Gender Equality, Věra Jourová and the U.S. Secretary of Commerce, Penny Pritzker, presented the Privacy Shield (see Press Release here, Adequacy Decision text here, Annexes here, Communication here, and Q&A factsheet here). The press conference followed the ...
July 2016, BNA’s World Data Protection Report
Data Transfer Hurdles Have Companies Hedging Bets
March 24, 2016, The Wall Street Journal
Daniel Cooper is quoted in The Wall Street Journal’s “Morning Risk Report” discussing how companies should best comply with global data protection regulations. Commenting on the binding corporate rule process, Cooper said,“The one thing we know about binding corporate rules is [they tend] to have more appeal to European regulators.” He continues, “For a lot of ...
December 21, 2015, Covington Alert
On December 15, the EU institutions finally agreed the text of the new EU data protection law, the General Data Protection Regulation (“GDPR”), completing a process that began in January 2012. The LIBE committee has published the consolidated version of the GDPR text. The GDPR heralds a new era of data protection. It replaces the existing data protection ...
November 24, 2015, The Register
Dan Cooper is quoted by The Register in an article discussing the uncertainty and complications continuing to surround the Schrems decision that derailed Safe Harbour. Cooper stated that his business clients were both “surprise[d] and shock[ed]” by the European Court’s decision. “Businesses felt like the rug had been pulled out from under them,” said Cooper. ...
News Hour
October 6, 2015, Al Jazeera
Dan Cooper appeared on the show to discuss the implications of the ECJ Schrems judgment.
October 6, 2015, Covington Alert
Data Protection Law and International Commercial Arbitration
7/27/2015-7/31/2015, The Hague Academy of International Law 2015 Session
The EU General Data Protection Regulation: What’s Next and What It Means For Your Business
July 1, 2015, Webinar
June 8, 2015, Financial Times
Covington's Daniel Cooper is quoted regarding the legal implications of wearables in the workplace: “Historically European regulators in the data protection area have been very sceptical you can ever get a valid employee consent — they feel that for existing employees, [the relationship] is almost inherently coercive.”
Moving to the Cloud: Privacy and Other Key Considerations for Healthcare Entities
May 13, 2015, Life Sciences Essentials Webinar Series
The Future of Safe Harbor
May 7, 2015, International Data Exports – EU-US Data Transfers
Key Compliance Developments for Global Employers
May 4, 2015, Global Benefits Forum
Privacy Impact Assessments - The Latest Thinking
November 13, 2014, 9th Annual Data Protection Practical Compliance Conference
Privacy Impact Assessments – The Latest Thinking
October 10, 2014, 13th Annual Data Protection Compliance Conference
August 5, 2014
LONDON, 5 August, 2014 — Covington & Burling advised Illumina on its partnership with Genomics England to provide infrastructure and expertise for a four-year project that aims to make the UK the world leader in genetic research into cancer and rare diseases, through funding research to decode 100,000 human genomes - a patient's personal DNA code. The deal is ...
April 24, 2014, Inside EU Life Sciences
This post was originally published on our sister blog Inside Privacy On April 10, 2014, the Article 29 Working Party adopted an Opinion on anonymization techniques. The Working Party accepts that anonymization techniques can help individuals and society reap the benefits of “open data” initiatives – initiatives intended to make various types of data more freely ...
Protection of the Private Sphere, Fight Against Terrorism and Internet Surveillance: How to Reconcile These Priorities?
April 23, 2014, XIIth International CIFA Forum
Privacy/Data Protection Regulation of Biobanks
March 28, 2014, Biobanking Global Congress 2014 Europe
Reconciling Regulatory Requests with Data Privacy Obligations
December 5, 2013, Global Investigations Summit
November 27, 2013, Covington E-Alert
Protecting the Individual in a Growingly Connected World of Big Data
November 2013, ITU Telecom World 2013 Conference, Bangkok
October 24, 2013, Covington E-Alert
Privacy Impact Assessments – When They are Needed and How to Conduct Them
September 11, 2013, 12th Annual Data Protection Compliance Conference
July 11, 2013, Inside Tech Media
By Dan Cooper and Oliver Grazebrook On 20 June 2103, the Court of Rome in Italy ruled that the Wikimedia Foundation (the charitable organisation that operates Wikipedia) could not be liable for defamatory content posted by users on its site. The court deemed that Wikimedia fell within the exemptions in the Italian transposition of Articles...… Continue Reading
Doing Business over the Internet: Legal and Policy Challenges
July 8, 2013, 2013 IViR Summer Course on Privacy Law and Policy
June 26, 2013
LONDON, 26 June, 2013 — The UK Information Commissioner's Office has authorised GlaxoSmithKline’s 'Binding Corporate Rules' (BCRs) – a set of internal policies and procedures used to protect personal data across GSK’s operations globally. The privacy and data security team at Covington & Burling was instrumental in the development, implementation and ...
Biobanks and Compliance with Data Protection Laws
June 25, 2013, SMi’s 3rd Annual Biobanking Conference
May 2013, International Data Privacy Law
April 2013, World Data Protection Report
Data Protection in Anti-Doping ― Recent Developments
March 13, 2013, Tackling Doping in Sport 2013
Enforcement and Sanctions - Present and Future Concerns
February 27, 2013, Data Protection & Privacy for In-House Advisers
China Releases New National Standard for Personal Information Collected Over Information Systems
February 15, 2013, Covington E-Alert
Privacy & Financial Institutiions
November 16, 2012, Data Protection in the Financial Services Sector 2012, DataGuidance
The Legal Attack Vector, How To Protect Yourself
October 9, 2012, RSA Conference Europe 2012
March 27, 2012, Covington E-Alert
The New EU Data Protection Framework - Significant Changes Proposed for Business and Consumers
February 2, 2012, International Association of Privacy Professionals (Webinar)
A Step-by-Step Action Plan to Respond to Corruption Allegations while Navigating the Complexities of Data Privacy Requirements
January 25, 2012, C5’s 5th Annual European Forum on Anti-Corruption - Effective Anti-Corruption Compliance Strategies to Prepare for Increased Regulatory Scrutiny and Global Enforcement, Munich
Health Data in the Cloud
October 18, 2011, European Privacy Association First International Conference in Europe on Cloud Computing for e-Health, Castelfranco Veneto, Italy
Social Media: Dealing with Employment Issues
October 13, 2011, PDP 10th Annual Data Protection Compliance Conference
Privacy Laws as Related to Anti-corruption Compliance
June 24, 2011, European Healthcare Compliance Ethics & Regulation
EU Data Protection Law
June 23, 2011, Council of American Survey Research Organizations (Webinar)
Covington Advises Microsoft in $8.5 Billion Skype Deal
May 10, 2011
WASHINGTON, SAN FRANCISCO, BRUSSELS, AND LONDON, May 10, 2011 —Covington & Burling LLP is advising Microsoft Corp. in its acquisition of Skype Global S.à.r.l., the leading Internet communications company, for $8.5 billion in cash. Microsoft’s purchase of Skype from the investor group led by Silver Lake is expected to increase the accessibility of real-time ...
Privacy in Finance & Health
April 26, 2011, Innovation and Privacy Conference
International Sports Anti-Doping Law a Model for Global Law Making?
April 5, 2011, Law Accord 2011 Program - Why Sports Law Matters
International Sports Anti‐Doping Law a Model for Global Law Making?
April 5, 2011, Law Accord 2011 Program - Why Sports Law Matters
February 15, 2011, EuroWatch
February 10, 2011, Covington Advisory
January 2011, World Data Protection Report
December 21, 2010, Covington Advisory
November/December 2010, Data Protection Ireland: Volume 3, Issue 6
March 29, 2010, Covington Advisory
February 9, 2010, Covington E-Alert
January/February 2010, The Privacy Advisor
A Step-by-Step Corporate Approach for Conducting a Thorough and Satisfactory Internal Investigation
January 26, 2010, 5th European Forum on Anti-Corruption
January 5, 2010, Covington Advisory
November 23, 2009, Covington Advisory
EU Employment Law Issues
November 2009, 20th Pandemic Swine Flu Summit, Royal College of Surgeons, London
October 26, 2009, Covington Advisory
Data Security and Data Breaches: Being Prepared
October 2009, PDP 8th Annual Data Protection Compliance Conference
October 2009, The Privacy Advisor
Conducting Cross-Border Discovery and Data Breach Investigations
September 2009, IAPP Privacy Conference, Boston
June 24, 2009, Covington E-Alert
6/09/2009
LONDON, June 9, 2009 — An enhanced version of the world’s first data protection standard for athletes took effect on June 1, 2009. The International Standard for the Protection of Privacy and Personal Information took effect on January 1, 2009, and an enhanced version was unanimously approved in early May 2009 by the Executive Committee of the World Anti-Doping ...
Conflicts of Law and E-Discovery
April 2009, Society for Computers & Law Data Protection Group, London
Breach Notification in the EU
March 2009, UC Berkeley School of Law, Security Breach Notification Symposium, California
Medical Research and EU Data Privacy Law
March 2009, Medical Research and EU Data Privacy Law
International Data Protection Laws
February 2009, ABA Brown Bag Series (In-House Webinar)
What was on the law firms agenda in 2008?
January 2009, Computer, Privacy and Data Protection (CPDP) 2nd International Conference, Brussels
11/15/2008
LONDON, 15 November, 2008 — The latest editions of Chambers UK and Legal 500 UK have recognised the London office of Covington & Burling LLP in a combined 22 categories, praising the firm’s lawyers for “best-in-class business acumen” and “excellent industry knowledge” as well as “consistent, absolutely top-tier service.” The firm’s London office has also ...
Covington Promotes 12 Lawyers to the Partnership
10/1/2008
WASHINGTON, DC, October 1, 2008 — Covington & Burling LLP today announced that 12 of its lawyers have been elected to the firm’s partnership. These new partners are resident in four of the firm’s offices and practice in the litigation, corporate/tax, and regulatory fields. Timothy Hester, chair of the firm’s management committee, commented: “These young and ...
July 19, 2008, Covington E-Alert
Corporate Investigations & EU Data Privacy Laws - What Every In-House Counsel Should Know
2008, Covington Report
Covington Advises Bank of China, London Branch on the Transfer of its Non-Wholesale Banking Business
November 15, 2007
LONDON, November 15, 2007 - Covington & Burling LLP is pleased to announce its role in advising Bank of China’s London Branch on the transfer of its UK retail and part of its UK corporate banking business (based in London, Birmingham, Manchester and Glasgow) to Bank of China (UK) Ltd. Bank of China (UK) Ltd is a newly established UK bank and a wholly-owned ...
Covington Announces Ten New Counsel
April 3, 2007
WASHINGTON, DC, April 3, 2007 — Covington & Burling LLP has announced the promotion of four new Of Counsel and six new Special Counsel.The four new Of Counsel are Daniel P. Cooper, Christian Neira, Matthew J. O’Connor, and Kevin J. Shortill.Daniel P. Cooper advises on European privacy and data protection matters, as well as on contentious and non-contentious ...
Corporate Investigations and EU Data Privacy Laws
September 2006, 5th Annual Data Protection Compliance Conference and Workshop Series, London
August 2006, Computer Law & Security Report
Employee Monitoring and Surveillance Across Europe
July 2006, Privacy Laws & Business 19th Annual International Conference on Data Protection, Cambridge University, UK
EU Data Privacy Update & Employee Vetting
June 2006, Business Forums International
Legal & Policy Considerations: Avian Flu
January/February 2006, Avian Flu Summit, Royal College of Surgeons, London
July 2005, BNA International World Data Protection Report
July 2005, World Data Protection Report
The Legal Challenge - Market Research in Europe
July 2005, Council of American Survey Research Organizations (CASRO) University Conference, New York
Developments in Data Protection Law: Central and Eastern Europe
July 2004, Privacy Laws & Business 17th Annual International Conference on Data Protection, Cambridge University, England
July 2004, Data Protection Law & Policy
October 2003, Privacy International
July 2003, Privacy Laws & Business 16th Annual International Conference on Data Protection, Cambridge University, England
2003, Aspen Copyright Treatise
Developments in European Privacy Laws
November 2002, United Nations Economic Commission for Europe, Moscow, Russia
Intellectual Property Rights in the Developing World
June 2001, United Nations Economic Commission for Europe, Geneva, Switzerland
- Chambers UK, Data Protection and Information Law (2009-2021)
- Chambers Europe, Data Protection (2015-2018)
- Chambers Global, Data Protection (2008-2018)
- Legal 500 UK, Data Protection (2012-2021)
- Legal 500 UK, Sport (2013-2016)
- Legal 500 UK, Media & Entertainment (2013)
- Best Lawyers in the United Kingdom, Privacy & Data Protection Law (2014)
- Super Lawyers - London, Computer and IT Law (2013)
- Who's Who Legal, Data (2018) and Information Technology (2013)
- Legal 500 EMEA, EU Regulatory, Privacy and Data Protection - Belgium (2011)

COVID-19: Legal and Business Toolkit
We are helping clients around the world navigate this evolving, complex situation.
Practices
Education
Harvard Law School, J.D., 1995
- cum laude
University of Oxford, M.St., 1992
Princeton University, B.A., 1991
- magna cum laude