-
Tom is a frequent contributor to the WSGR Data Advisor
Wilson Sonsini’s Data Advisor is your source for privacy news and insights, brought to you by our global data, privacy, and cybersecurity team. Visit wsgrdataadvisor.com and subscribe to stay connected.
Tom Evans is Of Counsel in the London office of Wilson Sonsini Goodrich & Rosati (UK) LLP. His practice focuses on digital regulatory issues, including issues relating to content and online safety, privacy, and cybersecurity.
Tom advises technology companies operating in the EU and the UK on compliance with content-related legislation, including the EU’s Digital Services Act and the UK’s Online Safety Act, and he has a particular interest in issues relating to children’s safety online. He also advises on consumer protection issues, as well as risks relating to business models that rely on data scraping. He has experience advising clients on engaging with regulators including Ofcom in this context.
Tom’s data protection and cybersecurity practice involves counseling clients on both contentious and non-contentious matters concerning the GDPR, UK GDPR, and e-privacy legislation. He regularly advises clients including start-ups and corporates on issues such as:
- Regulatory investigations, industry sweeps, and related actions, including regulator-led audits;
- Defending enforcement actions, including regulatory fines;
- Privacy issues arising in the context of clinical trials and other medical settings;
- The deployment of AI, including by “gig economy” clients;
- Product development, including for companies operating in the adtech ecosystem;
- Responding to complaints and requests made by individuals to exercise their rights under the data protection laws;
- Negotiating data processing provisions in commercial agreements;
- Navigating the UK Age Appropriate Design Code;
- Electronic marketing;
- Navigating data protection and marketing issues arising in the context of mergers and acquisitions; and
- Cross-border data transfers.
Tom is a regular speaker at industry events, including IAPP conferences and sessions arranged by the Society for Computers and Law.
Tom Evans is Of Counsel in the London office of Wilson Sonsini Goodrich & Rosati (UK) LLP. His practice focuses on digital regulatory issues, including issues relating to content and online safety, privacy, and cybersecurity.
Tom advises technology companies operating in the EU and the UK on compliance with content-related legislation, including the EU’s Digital Services Act and the UK’s Online Safety Act, and he has a particular interest in issues relating to children’s safety online. He also advises on consumer protection issues, as well as risks relating to business models that rely on data scraping. He has experience advising clients on engaging with regulators including Ofcom in this context.
Tom’s data protection and cybersecurity practice involves counseling clients on both contentious and non-contentious matters concerning the GDPR, UK GDPR, and e-privacy legislation. He regularly advises clients including start-ups and corporates on issues such as:
- Regulatory investigations, industry sweeps, and related actions, including regulator-led audits;
- Defending enforcement actions, including regulatory fines;
- Privacy issues arising in the context of clinical trials and other medical settings;
- The deployment of AI, including by “gig economy” clients;
- Product development, including for companies operating in the adtech ecosystem;
- Responding to complaints and requests made by individuals to exercise their rights under the data protection laws;
- Negotiating data processing provisions in commercial agreements;
- Navigating the UK Age Appropriate Design Code;
- Electronic marketing;
- Navigating data protection and marketing issues arising in the context of mergers and acquisitions; and
- Cross-border data transfers.
Tom is a regular speaker at industry events, including IAPP conferences and sessions arranged by the Society for Computers and Law.
- MA (LPC with Business), BPP Law School, 2013
- LL.B., Queen Mary University of London, 2012
- Solicitor, England and Wales
- Solicitor, Republic of Ireland
- MA (LPC with Business), BPP Law School, 2013
- LL.B., Queen Mary University of London, 2012
- Solicitor, England and Wales
- Solicitor, Republic of Ireland
Select Publications
- Co-author, “CMA's Actions Signal New Spotlight on UK Consumer Law,” Law360, May 18, 2026
- Co-author, “EDPB Issues First Guidelines on the Interplay Between the Digital Services Act and the GDPR,” Wilson Sonsini Alert, September 22, 2025
-
Co-author, “European Commission Publishes DSA Guidelines on the Protection of Minors Online,” Wilson Sonsini Alert, July 23, 2025
- Co-author, “Consumer Protection in the UK: Update on Reforms Taking Effect in 2025 and 2026,” Wilson Sonsini Alert, July 11, 2025
-
Co-author, “UK Introduces New Legislation Amending Privacy Laws,” Wilson Sonsini Alert, July 1, 2025
- Co-author, “The UK’s Online Child Safety Duties Are Coming into Force: Steps to Take Now,” Wilson Sonsini Alert, April 25, 2025
- Co-author, “Upcoming Reporting Obligations Under the EU Digital Services Act,” Wilson Sonsini Alert, February 10, 2025
- Co-author, “Ransomware Attacks: UK Government Proposes Ransom Payment Ban and Mandatory Notification Requirements,“ Wilson Sonsini Alert, January 24, 2025
- Co-author, “The UK’s Online Safety Regime Is Coming into Force: Steps to Take Now,“ Wilson Sonsini Alert, January 23, 2025
- Co-author, “Increased Focus on the Protection of Minors and Age Verification in the EU and the UK,” Wilson Sonsini Alert, January 9, 2025
- Co-author, "UK Brings Forward Bill to Reform UK Privacy Laws," Wilson Sonsini Alert, November 5, 2024
- Co-author, “Online Safety Act 2023: A Revolution in Regulation,” PLC Magazine, December 2023
- Co-author, “Unlocking the Data Transfer Dilemma: the EU-US Data Privacy Framework,” Infosecurity Magazine, September 2023
- Co-author, “UK and US Data Transfer Framework: Bridging the Gap,” PLC Magazine, June 2023
- Co-author, “UK: A new recipe for lighter cookies,” Data Guidance, November 2021
- Co-author, “Measuring global diversity and inclusion: the art of the possible,” International Association of Privacy Professionals, November 2021
- Co-author, “Data protection reform: setting the course for a new direction,” PLC Magazine, September 2021
- Co-author, “Selling adequacy after sunset,” Global Data Review, August 2021
- Co-author, “M&A in the technology sector: understanding the key issues,” PLC Magazine, September 2019
- Co-author, “Cookies and Adtech: the ICO’s ambitious recipe for compliance,” Society for Computers and Law, August 2019
- Co-author, “Data subject access requests – three illuminating cases,” PDP Journals, July 2019
- Co-author, “Practice note: Brexit: the implications for data protection,” PLC Magazine, September 2018
- Co-author, "GDPR one year on: taking stock,” PLC Magazine, May 2019
- Co-author, “Legitimate interests under the GDPR: flexibility, but at a cost,” PLC Magazine, July 2018
- Co-author, “Data Protection Bill: aspiring to equivalence,” PLC Magazine, September 2017
Select Publications
- Co-author, “CMA's Actions Signal New Spotlight on UK Consumer Law,” Law360, May 18, 2026
- Co-author, “EDPB Issues First Guidelines on the Interplay Between the Digital Services Act and the GDPR,” Wilson Sonsini Alert, September 22, 2025
-
Co-author, “European Commission Publishes DSA Guidelines on the Protection of Minors Online,” Wilson Sonsini Alert, July 23, 2025
- Co-author, “Consumer Protection in the UK: Update on Reforms Taking Effect in 2025 and 2026,” Wilson Sonsini Alert, July 11, 2025
-
Co-author, “UK Introduces New Legislation Amending Privacy Laws,” Wilson Sonsini Alert, July 1, 2025
- Co-author, “The UK’s Online Child Safety Duties Are Coming into Force: Steps to Take Now,” Wilson Sonsini Alert, April 25, 2025
- Co-author, “Upcoming Reporting Obligations Under the EU Digital Services Act,” Wilson Sonsini Alert, February 10, 2025
- Co-author, “Ransomware Attacks: UK Government Proposes Ransom Payment Ban and Mandatory Notification Requirements,“ Wilson Sonsini Alert, January 24, 2025
- Co-author, “The UK’s Online Safety Regime Is Coming into Force: Steps to Take Now,“ Wilson Sonsini Alert, January 23, 2025
- Co-author, “Increased Focus on the Protection of Minors and Age Verification in the EU and the UK,” Wilson Sonsini Alert, January 9, 2025
- Co-author, "UK Brings Forward Bill to Reform UK Privacy Laws," Wilson Sonsini Alert, November 5, 2024
- Co-author, “Online Safety Act 2023: A Revolution in Regulation,” PLC Magazine, December 2023
- Co-author, “Unlocking the Data Transfer Dilemma: the EU-US Data Privacy Framework,” Infosecurity Magazine, September 2023
- Co-author, “UK and US Data Transfer Framework: Bridging the Gap,” PLC Magazine, June 2023
- Co-author, “UK: A new recipe for lighter cookies,” Data Guidance, November 2021
- Co-author, “Measuring global diversity and inclusion: the art of the possible,” International Association of Privacy Professionals, November 2021
- Co-author, “Data protection reform: setting the course for a new direction,” PLC Magazine, September 2021
- Co-author, “Selling adequacy after sunset,” Global Data Review, August 2021
- Co-author, “M&A in the technology sector: understanding the key issues,” PLC Magazine, September 2019
- Co-author, “Cookies and Adtech: the ICO’s ambitious recipe for compliance,” Society for Computers and Law, August 2019
- Co-author, “Data subject access requests – three illuminating cases,” PDP Journals, July 2019
- Co-author, “Practice note: Brexit: the implications for data protection,” PLC Magazine, September 2018
- Co-author, "GDPR one year on: taking stock,” PLC Magazine, May 2019
- Co-author, “Legitimate interests under the GDPR: flexibility, but at a cost,” PLC Magazine, July 2018
- Co-author, “Data Protection Bill: aspiring to equivalence,” PLC Magazine, September 2017
- Privacy Policy
- Terms of Use
- Accessibility