Edward Machin joined the privacy & cybersecurity group of Ropes & Gray’s London office as an associate in 2018. Before joining the firm, Edward worked in the tier 1 data protection practice of a UK law firm where he advised clients on a variety of privacy, data security, e-commerce and information law issues.
Edward’s practice encompasses regulatory compliance, advisory, public policy and transactional work for start-up and established companies across the technology, life sciences, food and beverage, professional services, entertainment and media sectors. He also represents clients before EU regulators and in litigation relating to privacy and data protection.
During his training contract, Edward was seconded to a global pharmaceutical firm where he advised on a range of data protection matters, including subject access requests, direct marketing campaigns and medical consent requirements. Before commencing his training, Edward worked for six years as an award-winning legal journalist.
- Providing day-to-day counsel to a leading electronic cigarette manufacturer, a multinational digital printing company and one of the world’s largest investment management firms on a wide range of data protection, cybersecurity and information law issues
- Designing and implementing GDPR compliance programmes for private investment houses, asset managers and hedge funds in the US, UK, Europe and Asia
- Advising a US technology company in its response to a data breach, one of the largest global security incidents in 2018, which affected more than 400 million individuals
- Advising a major financial institution in relation to global law enforcement demands
- Conducting data protection risk assessments into multiple private equity-backed investee companies
Notable transactions in which Edward has been involved prior to joining the firm include:
- Provided day-to-day counsel to a multinational car rental company on the GDPR and ePrivacy Directive
- Advised a UK restaurant chain on its collection and use of CCTV footage
- Assisted multiple e-commerce platforms in reporting their data breach incidents to national regulators
- Advised a technology trade alliance on its outreach strategies relating to UK data protection legislation and litigation before the European Court of Justice
- Represented a prominent media organisation in threatened litigation under the Data Protection Act 1998
- Quoted, “Data breaches,” Wall Street Journal (November 6, 2020)
- Quoted, “Post-Brexit Digital Economy at Risk After EU Court Ruling”, InfoSecurity Magazine (October 7, 2020)
- Quoted, “ECJ judgement on mass surveillance,” Financial Times, (October 6, 2020)
- Quoted, “Marriott data breach,” Privacy Laws & Business (August 19, 2020)
- Quoted, “BA Data breach,” Wall Street Journal (August 12, 2020)
- Quoted, “BA Data breach,” The Telegraph (August 2, 2020)
- Co-author, “ECJ Schrems II ruling,” GDR (July 17, 2020)
- Quoted, “WSJ - ECJ Schrems II ruling,” Wall Street Journal (July 17, 2020)
- Co-author, “Cyber Trends and Investigations in the European Union: A Practitioner’s Perspective,” The Guide to Cyber Investigations, first edition (2019)
- Quoted, “Warnings over GDPR effect on compliance investigations,” Ignites Europe (May 13, 2019)
- Quoted, “GPEN Report Highlights Key Areas for Data Privacy Improvement,” The Cybersecurity Law Report (April 17, 2019)
- Co-author, “5 UK Privacy And Data Protection Predictions For 2019,” Law360 (February 25, 2019)
DisclaimerRopes & Gray International LLP is a limited liability partnership registered in Delaware, United States of America and is a recognised body regulated by the Solicitors Regulation Authority (with registered number 521000).
- LLB (Law), First Class, University of Liverpool, 2008
- LLM (Law), Merit, London School of Economics and Political Science, 2014
- LPC, Distinction, BPP University, London, 2015