Jonathan McDonald, Partner
Jonathan is a commercial lawyer and leads the Data Protection and Privacy practice group at Charles Russell Speechlys.
Contact Jonathan
-
+44 (0)20 7427 6725
Tel
-
Email Jonathan
Email: jonathan.mcdonald@crsblaw.com
- View Jonathan's LinkedIn Profile
- Download vCard
- London office
Service:
Data Protection & Privacy
About
Jonathan specialises in data, technology and commercial law and leads the Data Protection and Privacy practice group at Charles Russell Speechlys. He advises clients across a broad range of sectors (including technology, financial services, healthcare and retail) on all issues relating to data protection and privacy. This includes advising in relation to, amongst other areas, complex commercial transactions with a data or technology element, managing compliance projects in the UK and internationally, cross border and domestic data transfers, preparing for and dealing with data security breaches and data subjects exercising their rights.
Jonathan is admitted to practise in England and Wales.
Experience
- Implementing, reviewing and refining data protection compliance programmes, including data audits, data mapping exercises and compliance programmes as stand-alone exercises or alongside information security programmes (i.e. ISO 27001 assessments and follow-up audits).
- Advising businesses on complex commercial and corporate transactions for which the use of data or technology is materially important.
- Advising on cross border (and domestic) data transfers. This has included advising a global technology company through its application for UK Binding Corporate Rules, as well as assisting clients to comply with the rules regarding the use of Standard Contractual Clauses and/or the UK International Data Transfer Agreement and undertaking associated transfer risk assessments.
- Advising in relation to contentious data protection matters, including in relation to major ICO investigations, immediate data breach response and the associated defence of compensation and other legal claims (alongside our specialist litigation team).
- Managing and advising in relation to complex subject access requests.
- Supporting businesses across a range of sectors (including healthcare and construction) on the Freedom of information and Environmental Information Regulations regimes (including in relation to their interaction with privacy laws).
Our thinking
Jonathan McDonald
Announcement of a new Data Bill as part of the Queen's Speech
Jonathan McDonald
Jonathan McDonald provides comment for City AM on the Data Reform Bill announced in the Queen's Speech
Jonathan McDonald provides comment for City AM on the Data Reform Bill announced in the Queen's Speech
Jonathan McDonald
Jonathan McDonald and Ilona Bateson write for P3 Pharmacy on data protection compliance for pharmacy business owners
Health organisations hold more sensitive personal health data than ever.
Jonathan McDonald
ICO’s final version of the UK international data transfer agreement (i.e. the new ‘UK SCCs’) published and will enter into force from 21 March 2022
Jonathan McDonald
Online safety – 2022 begins with regulatory developments in both the UK and the EU
Last week saw developments within the UK and EU in their attempts to ensure online businesses do more to address illegal online content.
Jonathan McDonald
Jonathan McDonald quoted by The Guardian and the Evening Standard on the Google Supreme Court decision
Jonathan comments on the implications of Lloyd v Google LLC.
Jonathan McDonald
Lloyd v Google – Supreme Court to deliver judgment tomorrow (on 10 November 2021) – a reminder of the issues at stake
Jonathan McDonald
Fairhurst v Woodard: Property audio and video surveillance system breached GDPR
A recent judgment from Oxford County Court raises significant questions about the increasing use of smart doorbells and cameras.
Jonathan McDonald
Top 5 Data Protection Tips
Jonathan and Marc-Us explore the top 5 data protection tips
Jonathan McDonald
Regulating AI – the impact of two key recent proposals: the UK’s National AI Strategy and the EU’s proposed Artificial Intelligence Regulation
With the hype surrounding artificial intelligence continuing to gather pace, we pause and consider some of the proposed regulatory changes.
Henry Cuthbert
China’s Personal Information Protection Law – keeping up with the Joneses or increased cyber-security?
Up until recently, China’s data protection rules could be found through a number of laws and guidelines
James Broadhurst
Charles Russell Speechlys advises Fudco Partnership on sale to Exponent-backed Vibrant Foods
Fudco is a family-owned business selling South Asian ethnic foods in UK and Europe.
Jonathan McDonald
Jonathan McDonald and Rahim Hirji write for LawInSport on the relationship between data protection and referee reports in English football
Is data in reports submitted by referees to the Football Association subject to the General Data Protection Regulation?
Jonathan McDonald
Data Protection post Brexit
In the lead up to the UK's exit from the European Union, what data protection risks should your business be thinking about?
Jonathan McDonald
International Data Transfers
The European Data Protection Board has adopted new recommendations on international personal data transfers .
Nick Hurley
ICO publishes guidance on responding to subject access requests
Taking a closer look at the ICO's recently published Guidance on the right of access and how to apply it in practice .
Jonathan McDonald
Connect: Schrems II - the judgment and practical next steps for your business
Discussing the impact of the Schrems II decision
Jonathan McDonald
SCHREMS II judgment: privacy shield invalidated and SCCs scrutinised
In a surprising and arguably bold judgment, the CJEU have invalidated the EU-US Privacy Shield Privacy Shield mechanism.
Jonathan McDonald
Managing Data Protection Law when responding to COVID-19
What obligations businesses need to consider under the applicable data protection legislation to manage the outbreak of Coronavirus?
Jonathan McDonald
European Data Protection Board Guidelines: Data Protection by Design and by Default
The European Data Protection Board (EDPB) has adopted new Guidelines.