Data, Privacy & Platform Enforcement
+ 14 other expertsOne multidisciplinary team handling high-stakes data matters
From leading digital platforms and major financial institutions to other multinationals in data-intensive industries, our Data, Privacy & Platform Enforcement practice advises clients on a range of complex matters. These may be driven by European regulators or arise from private enforcement using mass claims and strategic litigation.
Our team has an excellent reputation across Europe for its extensive experience with regulators and courts at the highest level. We are involved in most key data-related matters in the Netherlands, including collective actions, and regularly advise clients on enforcement proceedings initiated by data protection authorities, the European Commission, the Dutch Authority for Consumers and Markets, and other Dutch and European regulators.
Data protection and platform economy have long moved beyond straightforward GDPR compliance. Today, the two subjects are so deeply intertwined with other areas of law and with our clients' broader business objectives that only a truly multidisciplinary approach can deliver effective results. That is why our practice brings together a core team of experts in data protection, cybersecurity, digital platform regulation and artificial intelligence, working closely alongside specialists in administrative law, financial regulation, consumer protection, competition, and litigation. Our work goes beyond legal analysis: we develop a thorough understanding of our clients' business needs, the technologies they use, and the broader market and societal dynamics that shape their legal challenges.
Due to this integrated approach, we can identify the risks and opportunities that come with increasing enforcement activity and an expanding platform economy, and help our clients navigate a complex and rapidly evolving digital legal landscape with confidence.
Contact
Geert Potjewijd
Partner
Axel Arnbak
Partner
Justyna M. Niemczyk
Senior Associate
Related expertise
Artificial IntelligenceConsumer Protection & Product LiabilityLitigationMass Claims & Class ActionsTech & DigitalRecent Matters
De Brauw advises Bolton on acquisition of Repair Care
De Brauw advises Pontegadea on acquisition of minority stake in Q-Park
De Brauw advises Parcom on its acquisition of Robin Radar
“All the lawyers I work with at De Brauw are excellent, from the leaders of the team to the junior associates.”
TRACK RECORD
Our past and current work includes:
- Representing several international platforms and multinationals as lead counsel in various collective actions across Europe involving alleged infringements of GDPR, AI Act, DSA, and consumer protection laws.
- Assisting a Netherlands-headquartered international platform in landmark cases before regulators and courts across the EU and the UK in matters that involve automated decision-making, data transfers and the right to data portability under the GDPR.
- Assisting international platforms in summary proceedings on novel issues under the DSA.
- Assisting a Netherlands-headquartered international platform in contacts with the Dutch Authority for Consumers and Markets.
- Assisting a Netherlands-headquartered international platform on the implementation of the Platform Work Directive and AI Act rules.
- Acting as lead counsel to several multinationals facing devastating cyberattacks that halted operations across the globe, coordinating incident response and recovery across all relevant legal workstreams (including, notifying regulators and financial markets, coordinating regulatory enforcement and post-breach litigation, and advising on directors' liability and the management of customer and vendor relationships)
- Advising large Dutch state-owned enterprises on implementing European cybersecurity rules.
“De Brauw is in a league of their own.”
PRIVACY AND DATA PROTECTION
Data protection law is evolving fast, and so is enforcement. We act as lead counsel in some of the continent's most significant (cross-border) collective actions and strategic litigation under the GDPR and related frameworks, such as consumer protection legislation, product liability and audiovisual media services rules. We are able to scale up swiftly and – thanks to our active Best Friends network – coordinate litigation strategy across Europe efficiently and seamlessly.
Our extensive experience with European data protection regulators means we understand the dynamics of public enforcement inside out. We know when to push back hard – and when a smarter move is to de-escalate. Whether you are at the start of an investigation or facing a fine, we are in your corner with the strategy to match.
“De Brauw offers a superb combination of data protection with Dutch administrative law. This is very helpful when dealing with investigations and litigation.”
DIGITAL PLATFORM ENFORCEMENT AND AI
Despite these being the early days of platform regulation, our team has already gathered extensive experience acting as lead counsel in collective actions and regulatory proceedings involving the Digital Services Act and the AI Act. This allows us to leverage our "data" experience and deliver strategic and consistent advice in an increasingly complex enforcement landscape.
“Very experienced with tech-related class actions in the Netherlands. Very professional and able to advise on the strategic questions concerning legal disputes in this area.”
CYBERSECURITY INCIDENTS
We also serve as trusted advisers in major international cybercrime and cybersecurity matters, managing multi-jurisdictional data breaches and advising on potential post-breach litigation.
Our team's deep understanding of both the technical and legal dimensions of cybersecurity risks allows us to act quickly and provide practical, backward-and forward-looking advice that helps clients manage exposure and build resilience in the face of high-stakes cybersecurity incidents.
Team
Geert Potjewijd
Partner
Axel Arnbak
Partner
Justyna M. Niemczyk
Senior Associate
Maarten Jansen
Senior Associate