On November 4, 2020, Vincent Pitaro of the Cybersecurity Law Report published: Comparing U.S. and E.U. Approaches to Incident Response and Breach Notification.

The article summarises a panel discussion at the European Incident Response Forum 2020 which featured Robert Maddox from Debevoise & Plimpton’s London office. The panel compared the U.S. and E.U. approaches to incident response across a variety of key issues including:

  • breach notification regimes and fragmentation in the E.U. landscape in spite of the GDPR;
  • the evolving role of counsel and attorney-client privilege; and
  • differing approaches to dealing with regulators.

A full copy of the article is available here.

To subscribe to the Data Blog, please click here.


Robert Maddox is International Counsel and a member of Debevoise & Plimpton LLP’s Data Strategy & Security practice and White Collar & Regulatory Defense Group in London. His work focuses on cybersecurity incident preparation and response, data protection and strategy, internal investigations, compliance reviews, and regulatory defense. In 2021, Robert was named to Global Data Review’s “40 Under 40”. He is described as “a rising star” in cyber law by The Legal 500 US (2022). He can be reached at rmaddox@debevoise.com.