Gail Crawford

Partner, Latham & Watkins

Gail Crawford, Global Chair of Latham’s Data & Technology Transactions Practice, helps clients navigate complex data privacy and security matters, as well as to license, develop, and exploit disruptive technology.

Ms. Crawford advises many of the world’s leading global technology companies on multifaceted and precedent-defining data privacy and security matters. Her work in the data privacy and security space encompasses advising on compliance programs, product counseling, responding to data breaches and regulatory inquiries, advising on optimal organizational structures, and supporting large, strategic alliances and M&A transactions. She also helps clients navigate a myriad of issues in technology law, including commercial contracts, collaborations, and intellectual property.

Ms. Crawford draws on her experience handling some of the most complicated and sensitive data privacy matters in the global market to provide pragmatic and commercially driven counsel. She brings a deep understanding of the innate value of data and the complex, ever-changing global regulatory framework to help clients achieve their business objectives.

Ms. Crawford regularly writes and speaks on topics related to data privacy and disruptive technology, and serves as an editor of the Latham & Watkins Global Privacy & Security Compliance Law Blog.
Due to the growth of the office under GDPR, John has become a Head of Regulatory Activity with responsibility for Access Request complaint handling, some cross border investigations, issues and complaints arising from the Law Enforcement Directive, breach notifications and assessment, breach complaints and international data transfers. Along with the Commissioner and other Deputy Commissioners, he represents Ireland on the European Data Protection Board. He has also worked in Brussels on two occasions during Ireland’s Presidency of the EU in 2004 and 2013.

Responsible Units:

Complaint handling and Inquiries relating to Access Requests (National)
Cross Border Access Request cases and other cases where DPC is a concerned supervisory authority.
Breach notifications and assessment. Breach complaint handling.
International transfers including consideration of applications for Binding Corporate Rules (BCR’s)
Law Enforcement complaints and Inquiries. EU Database supervision.