Tim Hickman

Partner, London


“Tim Hickman’s knowledge of data protection law is second to none. He is also personable and easy to work with. ... Clients appreciate the examples he provides, making the advice more tangible.” (Legal 500, UK Data Protection, 2020)

“Tim Hickman is known to sources as a walking encyclopaedia of the GDPR who brings unique perspective to the legislation and knows how to apply it.” (Chambers, UK Data Protection, 2019)


Tim is head of the Firm's Data, Privacy & Cybersecurity practice and advises on all aspects of privacy and data protection law and regulation. Tim has a detailed knowledge of the General Data Protection Regulation (GDPR) and the UK GDPR, and co-authored White & Case's GDPR Handbook, which provides in-depth guidance on the impact of that legislation, and White & Case's GDPR National Implementation Guide, which analyses national GDPR implementing laws in all 30 EEA jurisdictions and the UK. Tim is also a Contributing Editor of the International Comparative Legal Guide to Data Protection.

Clients appreciate Tim's ability to find pragmatic and commercial solutions to complex multi-jurisdictional data protection questions.

Tim has significant experience of working with a wide range of clients in the UK, the EU, Asia and the US. He has spent time on secondment at Google, advising on cutting-edge privacy and data protection issues. He has also spoken at several events at Harvard Law School, and he delivered the closing address at the Harvard European Law Conference 2019.

Bars and Courts
England and Wales
Nottingham Law School
University of Nottingham


Advised Meta (formerly Facebook) on pre-litigation and litigation matters involving privacy and data protection in the UK and the EU.

Two secondments to Google, advising on privacy and data protection matters.

Advised Nestlé on data protection compliance matters globally, including in relation to the GDPR.

Advised Boeing on various UK and EU data protection maters.

Advised Deutsche Bank AG (London Branch) on the negotiation of data protection clauses in a range of commercial agreements.

Advised fashion brands Oasis and Warehouse on GDPR compliance strategies and approaches to electronic direct marketing.

Advised MSI on global data protection issues.

Advised AGCO on EU data protection and electronic direct marketing compliance strategies.

Advised Centerbridge Partners on privacy and data protection matters.

Advised several clients on the successful implementation of Binding Corporate Rules for international data transfers.

Advised LINE Corporation on international data protection issues, including in the context of online instant messaging.

Represented several clients in compliance investigations by the Information Commissioner's Office.

Speaking Engagements

Conference on European Railways – GDPR Overview, Prague, June 2017

Association of Executive Search Consultants – European Conference, November 10, 2016: Zurich

The Law Society – Data Protection Seminar, September 28, 2016

British Chamber of Commerce – Safe Harbor and the General Data Protection Regulation, March 9, 2016

PDP Annual Data Protection Compliance Conference, 2013 and 2014

Awards and Recognition

2022 Legal500, Next Generation Partner, Data Protection, Privacy and Cybersecurity

2018 Global Data Review 40 Under 40

2017 Law360 Rising Star, Cybersecurity & Privacy

Member of the Law Society GDPR Working Group

Member of the City of London Law Society Data Law Committee

Winner, Lincoln's Inn Inter-Varsity Moot (2005) (judged by Lord Walker)