People

Jonathan McDonald, Partner

Jonathan is a commercial lawyer and leads the Data Protection and Privacy practice group at Charles Russell Speechlys.

/globalassets/CMSManaged/PeopleImages/jonathan-mcdonald.jpg

Contact Jonathan

Service:

Data Protection & Privacy

About

Jonathan specialises in data, technology and commercial law and leads the Data Protection and Privacy practice group at Charles Russell Speechlys. He advises clients across a broad range of sectors (including technology, financial services, healthcare and retail) on all issues relating to data protection and privacy. This includes advising in relation to, amongst other areas, complex commercial transactions with a data or technology element, managing compliance projects in the UK and internationally, cross border and domestic data transfers, preparing for and dealing with data security breaches and data subjects exercising their rights.

Jonathan is admitted to practise in England and Wales.

Experience

Implementing, reviewing and refining data protection compliance programmes, including data audits, data mapping exercises and compliance programmes as stand-alone exercises or alongside information security programmes (i.e. ISO 27001 assessments and follow-up audits).
Advising businesses on complex commercial and corporate transactions for which the use of data or technology is materially important.
Advising on cross border (and domestic) data transfers. This has included advising a global technology company through its application for UK Binding Corporate Rules, as well as assisting clients to comply with the rules regarding the use of Standard Contractual Clauses and/or the UK International Data Transfer Agreement and undertaking associated transfer risk assessments.
Advising in relation to contentious data protection matters, including in relation to major ICO investigations, immediate data breach response and the associated defence of compensation and other legal claims (alongside our specialist litigation team).
Managing and advising in relation to complex subject access requests.
Supporting businesses across a range of sectors (including healthcare and construction) on the Freedom of information and Environmental Information Regulations regimes (including in relation to their interaction with privacy laws).

Our thinking

WhatsAppGate - Should businesses be reviewing their social media policies?

Anna Rogers

quick reads
20 Mar 2023
The former Health Secretary, Matt Hancock, has found himself in hot water again this month after journalist Isabel Oakeshott leaked more than 100,0... Read More The former Health Secretary, Matt Hancock, has found himself in hot water again this month after journalist Isabel Oakeshott leaked more than 100,0...
Announcement of a new Data Bill as part of the Queen's Speech

Jonathan McDonald

quick reads
11 May 2022
There was a degree of fanfare regarding the announcement of the Data Bill as part of the Queen’s Speech and to what extent this may form part of th... Read More There was a degree of fanfare regarding the announcement of the Data Bill as part of the Queen’s Speech and to what extent this may form part of th...
Jonathan McDonald provides comment for City AM on the Data Reform Bill announced in the Queen's Speech

Jonathan McDonald

In the Press
11 May 2022
Jonathan McDonald provides comment for City AM on the Data Reform Bill announced in the Queen's Speech Read More Jonathan McDonald provides comment for City AM on the Data Reform Bill announced in the Queen's Speech
Jonathan McDonald and Ilona Bateson write for P3 Pharmacy on data protection compliance for pharmacy business owners

Jonathan McDonald

In the Press
06 Feb 2022
Health organisations hold more sensitive personal health data than ever. Read More Health organisations hold more sensitive personal health data than ever.
ICO’s final version of the UK international data transfer agreement (i.e. the new ‘UK SCCs’) published and will enter into force from 21 March 2022

Jonathan McDonald

quick reads
01 Feb 2022
On Friday 28 January 2022, the ICO’s new data transfer agreement (UK IDTA), and the international data transfer addendum (the UK Addendum) to the E... Read More On Friday 28 January 2022, the ICO’s new data transfer agreement (UK IDTA), and the international data transfer addendum (the UK Addendum) to the E...
Online safety – 2022 begins with regulatory developments in both the UK and the EU

Jonathan McDonald

Insights
24 Jan 2022
Last week saw developments within the UK and EU in their attempts to ensure online businesses do more to address illegal online content. Read More Last week saw developments within the UK and EU in their attempts to ensure online businesses do more to address illegal online content.
Jonathan McDonald quoted by The Guardian and the Evening Standard on the Google Supreme Court decision

Jonathan McDonald

In the Press
10 Nov 2021
Jonathan comments on the implications of Lloyd v Google LLC. Read More Jonathan comments on the implications of Lloyd v Google LLC.
Lloyd v Google – Supreme Court to deliver judgment tomorrow (on 10 November 2021) – a reminder of the issues at stake

Jonathan McDonald

quick reads
09 Nov 2021
It has been confirmed that the Supreme court will hand down its judgment in Lloyd v Google tomorrow: Future judgments - The Supreme CourtThis is a ... Read More It has been confirmed that the Supreme court will hand down its judgment in Lloyd v Google tomorrow: Future judgments - The Supreme CourtThis is a ...
Fairhurst v Woodard: Property audio and video surveillance system breached GDPR

Jonathan McDonald

Insights
04 Nov 2021
A recent judgment from Oxford County Court raises significant questions about the increasing use of smart doorbells and cameras. Read More A recent judgment from Oxford County Court raises significant questions about the increasing use of smart doorbells and cameras.
Top 5 Data Protection Tips

Jonathan McDonald

Insights
01 Nov 2021
Jonathan and Marc-Us explore the top 5 data protection tips Read More Jonathan and Marc-Us explore the top 5 data protection tips
Regulating AI – the impact of two key recent proposals: the UK’s National AI Strategy and the EU’s proposed Artificial Intelligence Regulation

Jonathan McDonald

Insights
27 Oct 2021
With the hype surrounding artificial intelligence continuing to gather pace, we pause and consider some of the proposed regulatory changes. Read More With the hype surrounding artificial intelligence continuing to gather pace, we pause and consider some of the proposed regulatory changes.
China’s Personal Information Protection Law – keeping up with the Joneses or increased cyber-security?

Henry Cuthbert

Insights
21 Oct 2021
Up until recently, China’s data protection rules could be found through a number of laws and guidelines Read More Up until recently, China’s data protection rules could be found through a number of laws and guidelines
Charles Russell Speechlys advises Fudco Partnership on sale to Exponent-backed Vibrant Foods

James Broadhurst

News
27 Apr 2021
Fudco is a family-owned business selling South Asian ethnic foods in UK and Europe. Read More Fudco is a family-owned business selling South Asian ethnic foods in UK and Europe.
Jonathan McDonald and Rahim Hirji write for LawInSport on the relationship between data protection and referee reports in English football

Jonathan McDonald

In the Press
12 Feb 2021
Is data in reports submitted by referees to the Football Association subject to the General Data Protection Regulation? Read More Is data in reports submitted by referees to the Football Association subject to the General Data Protection Regulation?
Data Protection post Brexit

Jonathan McDonald

Insights
09 Dec 2020
In the lead up to the UK's exit from the European Union, what data protection risks should your business be thinking about? Read More In the lead up to the UK's exit from the European Union, what data protection risks should your business be thinking about?
International Data Transfers

Jonathan McDonald

Insights
25 Nov 2020
The European Data Protection Board has adopted new recommendations on international personal data transfers . Read More The European Data Protection Board has adopted new recommendations on international personal data transfers .
ICO publishes guidance on responding to subject access requests

Nick Hurley

Insights
18 Nov 2020
Taking a closer look at the ICO's recently published Guidance on the right of access and how to apply it in practice . Read More Taking a closer look at the ICO's recently published Guidance on the right of access and how to apply it in practice .
Connect: Schrems II - the judgment and practical next steps for your business

Jonathan McDonald

Podcasts
04 Aug 2020
Discussing the impact of the Schrems II decision Read More Discussing the impact of the Schrems II decision
SCHREMS II judgment: privacy shield invalidated and SCCs scrutinised

Jonathan McDonald

Insights
17 Jul 2020
In a surprising and arguably bold judgment, the CJEU have invalidated the EU-US Privacy Shield Privacy Shield mechanism. Read More In a surprising and arguably bold judgment, the CJEU have invalidated the EU-US Privacy Shield Privacy Shield mechanism.
Managing Data Protection Law when responding to COVID-19

Jonathan McDonald

Insights
10 Mar 2020
What obligations businesses need to consider under the applicable data protection legislation to manage the outbreak of Coronavirus? Read More What obligations businesses need to consider under the applicable data protection legislation to manage the outbreak of Coronavirus?

Show all News & Insights

Jonathan McDonald, Partner

About

Experience

Our thinking

WhatsAppGate - Should businesses be reviewing their social media policies?

Announcement of a new Data Bill as part of the Queen's Speech

Jonathan McDonald provides comment for City AM on the Data Reform Bill announced in the Queen's Speech

Jonathan McDonald and Ilona Bateson write for P3 Pharmacy on data protection compliance for pharmacy business owners

ICO’s final version of the UK international data transfer agreement (i.e. the new ‘UK SCCs’) published and will enter into force from 21 March 2022

Online safety – 2022 begins with regulatory developments in both the UK and the EU

Jonathan McDonald quoted by The Guardian and the Evening Standard on the Google Supreme Court decision

Lloyd v Google – Supreme Court to deliver judgment tomorrow (on 10 November 2021) – a reminder of the issues at stake

Fairhurst v Woodard: Property audio and video surveillance system breached GDPR

Top 5 Data Protection Tips

Regulating AI – the impact of two key recent proposals: the UK’s National AI Strategy and the EU’s proposed Artificial Intelligence Regulation

China’s Personal Information Protection Law – keeping up with the Joneses or increased cyber-security?

Charles Russell Speechlys advises Fudco Partnership on sale to Exponent-backed Vibrant Foods

Jonathan McDonald and Rahim Hirji write for LawInSport on the relationship between data protection and referee reports in English football

Data Protection post Brexit

International Data Transfers

ICO publishes guidance on responding to subject access requests

Connect: Schrems II - the judgment and practical next steps for your business

SCHREMS II judgment: privacy shield invalidated and SCCs scrutinised

Managing Data Protection Law when responding to COVID-19

Share this Page