A native of Canada, Trevor is an experienced data protection solicitor with 19 years’ experience both in-house and in private practice. The former head of the data protection and privacy practice at a top 50 UK law firm, Trevor is triple-qualified as a solicitor in Scotland, England & Wales, and British Columbia. He is also a Law Society of Scotland Certified Specialist in Cyber Security and has the data protection certifications CIPP/E and CIPM.
Drawing on a broad base of commercial experience, Trevor has a keen practical understanding of small and medium-sized businesses: two terms as a non-executive director with Modo (Vancouver’s car-sharing cooperative), more than four years as head of an in-house legal team at a rapidly-growing Scottish multinational, five more building his own legal practice from scratch in Scotland and a previous career as a chemical engineer in manufacturing and environmental consulting.
Clients value Trevor’s pragmatic approach to legal issues and the way he delivers advice in plain English.
Work highlights include:
- Advising UK universities on data breach response, including notifications to the ICO and data subjects.
- Developing the privacy management programme for a scale-up that trains young African software development talent and connects them with opportunities across the continent and around the world.
- Advising a global retailer on a data breach affecting over 3 million data subjects in the UK (50 million globally).
- Coordinating data breach response for a UK video game studio, including forensic cybersecurity analysis and containment.
- Due diligence investigations of data flows, sub-processors and international transfer safeguards on behalf of purchasers in numerous corporate M&A transactions.
Trevor lives in Edinburgh, where he is an avid (if not particularly good) golfer.
Start with what the business is trying to do. If you understand that well enough, the contracts and privacy notices almost write themselves.