Photo of Paul Glass

Paul Glass

Baker & McKenzie LLP


Paul is head of cybersecurity in the UK and a key member of our wider data protection team. For 15 years, Paul has guided clients through all types of major data security incidents as well as complex technology and data disputes. Paul pioneered an award-winning data breach and dark web scanning tool which was the first product of its kind in the legal market.

Practice Focus

Paul is experienced in data breaches, cybersecurity, technology and data disputes. His technology disputes practice focuses on new and emerging technologies such as cryptoassets, AI and blockchain.

If you suffer a data breach, Paul is the experienced and knowledgeable advisor you need to minimise the damage. He has advised on data security incidents ranging from hacking and unlawful acquisition of data through to accidental data loss, data mismanagement and employee data theft. If you are affected, Paul will advise you on investigations in the immediate aftermath of a breach, managing the breach in conjunction with forensic IT consultants, PR advisors and insurers, and advising on potential regulatory action and litigation.

Prevention is preferable to cure with cybersecurity. Paul will also work with your organisation proactively on breach preparation, data legal risk management, the security aspects of GDPR projects and other non-contentious issues.

As part of his technology disputes practice, Paul advises on contentious matters around large IT projects, data centres, hardware and chipsets, technology product development and licensing. Paul has also advised on a significant number of contractual disputes in the life sciences sector.

Representative Legal Matters

  • Advised a UK listed company on the theft of data and subsequent ransom of the company. This included obtaining the first cyber injunction before the English courts with the protection of permanent anonymity (PML v Persons Unknown), and co-ordinating the entire incident response, working with UK cybercrime police and advising on potential disputes with third parties.

  • Advised a cryptocurrency trading platform on a significant data breach and theft of cryptocurrency, including advising on the investigation, claims by victims, regulatory investigations and working with law enforcement in multiple jurisdictions.

  • Advised on a significant investigation by the ICO into the use of facial recognition technology in large public-private spaces.

  • Advised a global listed technology company on a significant volume of claims for alleged breaches of data protection legislation.

  • Advised a global games company on various cyber attacks and harassment of employees.

  • Advised a multi-billion dollar global company on a number of thefts of personal data by employees working in conjunction with third parties, including obtaining search orders and freezing injunctions against wrongdoers, managing ICO investigations and supporting the ICO in its criminal prosecutions of those involved.

  • Advised a FTSE100 company on all data breach and contentious data matters.

  • Advised a large Middle Eastern bank on security aspects of the global implementation of its GDPR compliance project.

  • Advised a US technology platform business on EU aspects of its global data breach, including managing regulatory investigations and threatening claims, and co-ordinating global (non-US) response.

Professional Honors

  • Winner for Innovation Through Technology - Legal Week British Legal Awards 2019
  • Legal Week Rising Stars - Rising Star in Litigation


  • England & Wales~United Kingdom (2002)


  • Oxford University (Magdalen College) (BA Jurisprudence) (1999)


  • English