Oliver Yaros

• Artificial intelligence (AI) and robotic process automation technology projects;
• Cloud agreements (including the licensing terms, data protection and regulatory requirements);
• Strategic partnership and other types of agreements to develop, deploy and commercialise fintech and digital solutions;
• Consortia initiatives to create and operate fintech utility service providers and develop technologies for customers in the financial services industry;
• Blockchain technology and cryptocurrency initiatives;
• Agreements to generate, categorise, analyse and license the use of data;
• Initiatives to utilise internet connected (IoT) devices such as in autonomous vehicles, medical devices and in proptech solutions;
• IT and business process outsourcings (ITO and BPO), IaaS, PaaS, SaaS, software development and licensing agreements; and
• Complex IT and business process transactions as part of broader mergers, acquisitions and disposal activities, such as those relating to the portfolio companies of private equity clients;

On AI, data protection and cybersecurity matters, Oliver has extensive experience advising clients on:

• Conducting global projects to ensure multinational businesses comply with privacy laws worldwide;
• The requirements under current and upcoming UK and European AI, digital regulation and data protection laws such as the EU AI Act, the Digital Operational Resilience Act (DORA), the NIS Directives, the DMA, DSA and Data Act, the Online Safety Act, the GDPR, ePrivacy, and the EU Cybersecurity Act;
• The required and appropriate measures to take when sharing personal data with third party partners and service providers;
• Overcoming conflicts and restrictions in laws that prevent the international transfer of personal data;
• Using personal data in the context of big data analytics projects and the deployment of “internet of things” (IoT) autonomous technologies and other connected device based solutions;
• Creating AI and big data analytics risk governance frameworks that enable businesses to classify data sources and assess the risks for different use cases when seeking to utilize and monetize the insights and learnings obtained from AI supported data analytics performed on data sets;
• Conducting projects to respond to cybersecurity incidents and comply with requirements to notify authorities and affected individuals in multiple jurisdictions where personal data has been lost, stolen or held to ransom; and
• Engaging with data protection supervisory authorities during the conduct of investigations and responding to individuals that exercise their privacy rights, such as the right to be provided with copies of personal data and the right to be forgotten, under data protection legislation.

On intellectual property matters and issues, Oliver has represented clients on:

• The development, manufacture, licensing and commercialisation of technologies used in a wide range of sectors including financial services, life sciences, pharmaceuticals, media and entertainment, cybersecurity and consumer goods industries;
• The creation, management and protection of worldwide intellectual property portfolios;
• The establishment, transfer and disposal of intellectual property focussed businesses and assets as part of corporate mergers and acquisitions, restructuring and other transactions; and
• Patent, copyright, trade mark and domain name disputes.

Oliver is a member of the Data Committee of the City of London Solicitors’ Company and is a Certified Information Privacy Professional in Europe (CIPP/E) by the International Association of Privacy Professionals (IAPP).  Oliver is also a member of the UK International Chamber of Commerce (ICC) and former Chair of its Digital Economy Committee.

Oliver is a regular contributor to Mayer Brown’s Tech Talks Podcast, which provides insight on legal issues relating to technology & IP transactions and touches on relevant and timely topics.  Oliver currently co-hosts Mayer Brown’s Legal Eye on AI Podcast Series and contributes to the Financial Services Focus Podcast Series.

Earlier in his career, Oliver spent 18 months on secondment to the GBM Legal team of HSBC in London during which he advised the Global Banking and Markets (investment bank) division and worked with other divisions of HSBC on the creation of various global know your client / client onboarding and other types of banking industry utility joint ventures with other banks, on a number of multilateral and bilateral outsourcing projects, on investment banking technology procurement projects and on various worldwide IP portfolio management and data protection issues.

• Advising a global bank on the outsourcing of its regulatory change function in multiple jurisdictions to a professional services organisation;
• Advising an international bank on its participation and contribution of technology into Project Voltron, a R3 led consortium project with 11 other financial institutions to create blockchain based smart contracts technology that banks can use to automate the creation, exchange and execution of purchase contracts and letters of credit used in trade finance;
• Acting for Aurelius Equity Opportunities, a member of the Aurelius Group that focuses on investing in special situations and mid-market transaction opportunities in a broad range of industries, on the long-term outsourcing agreement entered into between BT Group plc and BT Fleet Solutions, under which BT Fleet Solutions, a leading end-to-end commercial fleet management operator, shall manage BT's vehicle fleet nationwide following Aurelius’ acquisition of BT Fleet Solutions from BT Group plc;
• Advising a leading provider of online consumer personal loans in relation to the adoption of a personal loan blockchain solution;
• Advising Previse, a fintech company that uses artificial intelligence (AI) to transform global B2B commerce, on the development, ownership and licensing of its AI based online instant payments platform and the terms on which it permits customers, suppliers and funders to use that platform as well as its subsequent entry into a strategic partnership agreement with Mastercard; 
• Advising a commodity exchange on the outsourcing of IT functions;
• Acting on a large IT outsourcing transaction for one of the largest banks in Denmark;
• Advising a service provider on the development and deployment of internet connected device (IoT) technologies;
• Acting on a global outsourcing project for a global chemicals company as part of a joint venture with a sovereign backed entity;
• Acting for an international agrochemicals conglomerate on the global outsourcing of the management of its facilities and logistics;
• Working on a large IT outsourcing transaction for a global insurance provider;
• Acting on global HR business process and European payroll outsourcing projects for global providers of food and household products;
• Advising a well-known retailer on a back office outsourcing transaction for its online business;
• Advising a major record label on a worldwide outsourcing of its IT systems; and
• Advising a wine merchant on the development and implementation of an online wine trading and warehousing platform for its customers.

Artificial intelligence, data protection and cybersecurity

Representative engagements include:

• Advising multinational clients operating in financial services, private equity, insurance, pension fund management, professional services, real estate and facilities management, fast moving consumer and industrial goods and vehicle manufacturing, airline, international logistics, media and entertainment, telecommunications, gambling, online marketing, further education and charity sectors on preparing to comply and their ongoing compliance with all aspects of European AI, digital regulation and data protection laws such as the EU AI Act, the Digital Operational Resilience Act (DORA), the NIS Directives, the DMA, DSA and Data Act, the Online Safety Act, the GDPR, ePrivacy, and the EU Cybersecurity Act. This has included advising on the scope, applicability of these laws and working on over forty global projects with clients to put in place measures to achieve compliance.
• Advising major car manufacturers on the design, development and implementation of connected and autonomous vehicles projects by which personal and non-personal data will be collected from vehicles in Europe and used to provide solutions to European users via connected devices;  
• Advising a global financial institution on its AI and big data analytics project, which involved creating an AI and big data analytics risk governance framework to enable the business to classify data sources, assess and make decisions about the risks when seeking to utilize and monetize the insights and learnings obtained from AI supported data analytics performed on data sets for different use cases, such as to develop new products and services;
• Advising a sovereign investment fund on the creation and implementation of their anonymisation and de-identification guidelines and policy requirements for conducting "big data" data analytics projects;
• Advising a major fast food corporation on the European data protection aspects of its data analytics project with respect to data obtained from interactions with consumers via takeaway food ordering service providers;
• Advising Overmore, a lead generation and data analytics technology company focused on data that helps clients to tailor marketing communications to consumers, on developing personal data validation and e-marketing systems that comply with the GDPR and ePrivacy Directive requirements;
• Advising Mitie, a facilities management provider, on the data protection compliance requirements relating to the implementation of a connected workspace (IoT) solution to track and analyse the use of workspace by personnel in its and its customers buildings;
• Acting for a leading global construction machinery and equipment company on its application and implementation of binding corporate rules (BCRs) for the transfer of personal data throughout its organisation;
• Advising a global financial institution on the data protection requirements related to the construction and deployment of an international trade finance platform;
• Advising a fintech start up on the use and analysis of personal data uploaded by customers, suppliers and funders in its AI based online instant payments platform;
• Acting for numerous multinational clients on projects to achieve compliance with data protection laws in multiple jurisdictions worldwide in connection with IT and business process outsourcings (ITOs and BPOs);
• Advising a global financial institution in relation to a cyber-incident. Obtaining appropriate urgent injunctive relief against persons unknown responsible for the theft of data and implementing a multinational project and methodology for assessing the risks resulting from the personal data affected and complying with the notification and other obligations pursuant to GDPR and other relevant international standards;
• Advising international businesses operating in multiple industries including financial services, professional services, aviation, freight, international logistics, industrial manufacturing, media, hospitality and leisure on responding to cyber incidents that resulted in the exposure of personal data, including advising on appropriate notification and communication strategies to regulators, data protection authorities, affected customers, suppliers and data subjects;  
• Advising clients operating in multiple industries on developing global cybersecurity response plans, procedures and playbooks as well as the running of cyber simulation exercises for management teams with respect to ransomware and other cyber threats;
• Advising a telecommunications provider on the recovery of customer personal data taken by a former senior employee and compliance with applicable data protection requirements;
• Advising a retail business establishment on responding to a series of personal data breaches concerning its customers in compliance with its data protection obligations;
• Acting for an international chemicals company on responding to the exercise of subject access and other data protection rights by activists; and
• Advising numerous clients on responding to requests for disclosure of personal data from government, judicial and law enforcement authorities and overcoming conflicts in laws that prevent personal data being shared cross-border with them.  Advising clients more broadly on how to complete international personal data transfers in a compliant way (including the implications of the invalidation of the EU-US Privacy Shield, the use of standard contractual clauses and the conduct of transfer impact assessments in response to the Schrems II decision and following the adoption of the EU-US Privacy Framework.;.

Intellectual property

Representative engagements include:

• Advising HSBC on a project to sell and monetise a “Know Your Client” software solution. The solution combines robotic process automation and machine learning technologies to significantly reduce the time it takes to check the compliance status of clients. Mayer Brown advised on the terms of the collaboration agreement with EXL to develop and bring the tool to market and to document the share of revenues earned by HSBC based on the uptake and success of the technology with other financial institutions;
• Acting for ARM Holdings on the acquisition of Sansa Security, a provider of hardware security IP and software for advanced system-on-chip components deployed in Internet of Things (IoT) and mobile devices;
• Advising Crédit Agricole’s wealth management arm, Indosuez, on its acquisition of majority stake in Wealth Dynamix, a fintech provider of lifecycle management solutions to private banks, and wealth management and asset management firms worldwide;
• Advising CDK Global, Inc., a leading provider of dealer management systems and integrated information technology solutions to the automotive retailing and adjacent industries, on the sale of its CDK international segment to Francisco Partners for $1.45 billion and also its acquisition of Roadster, Inc., an international digital automotive retail platform provider;
• Advising the founders of one of the most successful games ever released on the Roblox platform on the establishment of its new video games company and the complex IP ownership, branding and licensing arrangements put in place to enable the studio to protect, exploit and develop its games internationally;
• Advising Hasbro, Inc., the leading toy and game company, on the European aspects of the sale of its eOne film and TV division to Lionsgate for approximately US$500 million;
• Advising Entertainment One on the acquisition of Alliance Films, a major film distribution company, for £143m;
• Advising Sun Hung Kai & Co. Limited, a Hong Kong-listed alternative investment financial services institution, in its Series B investment in Sygnum Bank AG (Sygnum), the world's first digital asset bank based in Switzerland and Singapore;
• Advising Cloud Technology Solutions, a Marlin Equity Partners portfolio company, on its strategic merger with Appsbroker Ltd, a leading digital transformation consultancy with a focus on the retail, financial services, media and entertainment and manufacturing sectors;
• Advising EMK Capital, a private equity firm, on its acquisition of Trustonic Limited, a world-class provider of cybersecurity solutions for protecting critical mobile apps, smartphones, wearables, IoT devices, health tech, and automotive systems;
• Advising on the sale of the RBS Smaller Companies Index to Numis;
• Advising Inspirit Capital, a UK based PE investment fund, in connection with its acquisition of the civil training business of Babcock International plc;
• Advising Pernod Ricard SA on the acquisition of The Whisky Exchange direct to consumer online platform and on the disposal of the Tormore whisky brand and distillery; 
• Advising Mitsubishi Corporation and Nippon Telegraph and Telephone Corporation (NTT) on the purchase of a 30% interest in HERE Technologies, a provider of mapping and location data, navigation software and related services;
• Advising Brookfield on the acquisition of Center Parcs, a holiday resort operator;
• Advising Melrose Industries plc and GKN Aerospace on the sale of Fokker Services and Fokker Techniek, global independent aerospace service providers which will provide diverse services for various aircraft types;
• Advising a private investment company on its investment into a military and medical device research, development and manufacturing company and the subsequent licensing and transfer of the underlying intellectual property and manufacturing of products;
• Advising a medical device company on the licensing and sale of bloodline technology and business to healthcare providers;
• Advising a UK based cybersecurity firm on the development, distribution and licensing of its identification authentication technology to resellers and customers;
• Acting for pharmaceutical companies on a variety of manufacturing, distribution and marketing agreements with its suppliers and agents;
• Advising a pharmaceutical company on its collaboration agreement with other pharmaceutical companies to track and assess the successful use of various therapies in hospitals and clinics;
• Advising on the securitisations of copyright and royalties deriving from the back catalogues of major record labels;
• Acting on a number of copyright and trade mark infringement investigations and disputes on behalf of international publishers and TV show rights holders against UK based counterfeiters, US parallel importers and distributors of unauthorised merchandise on internet auction and mail order sites;
• Acting on various copyright infringement and misappropriation of online material disputes between financial market news and information providers; and
• Acting for WaveCrest, a global telecommunications provider, on the successful defence of a patent infringement action and first revocation of a UK patent on the ground of being a business method at High Court, Court of Appeal and House of Lords (Aerotel v Wavecrest).

• Listed as a key lawyer for Data Protection, Privacy and Cybersecurity, Fintech, Corporate and Commercial Fintech, Regulatory, IT & Telecoms and Media: Film & TV. Legal 500
• "Oliver Yaros is exceptionally responsive to our needs and requests. He is very knowledgeable and also shares innovative and practical business solutions." Legal 500
• Band 4: Data Protection & Information Law. Oliver Yaros of Mayer Brown is regularly called upon to provide strategic and compliance advice often concerning data projects involving artificial intelligence and adtech. "Oliver Yaros has exceptional client service skills and brings practical business sense to the solutions he provides to us." "Oliver demonstrates excellence in responsiveness and legal acumen." Chambers UK
• Listed as a key lawyer for Fintech and IT and Telecoms Legal 500
• Band 4 Data Protection & Information Law: Oliver Yaros of Mayer Brown is regularly called upon to provide strategic and compliance advice often concerning data projects involving artificial intelligence and adtech. "Oliver Yaros has good data security expertise and is a safe pair of hands." "Oliver is exceptionally responsive and provides creative solutions fitting our profession, legal structure and internal resources. He's our go-to adviser for privacy issues in the EU and UK." Chambers UK
•  Listed as a key lawyer for TMT and Data Protection, Privacy and Cybersecurity, Oliver Yaros is recommended for handling fintech and digital transformation projects. ‘Mark Prinsley and Oliver Yaros are exceptional.’ ‘Oliver Yaros is exceptionally talented at asking the right questions in order to create a programme that meets our needs as privacy laws and regulations change rapidly. He works very well and coordinates with the Mayer Brown team in the US to ensure that the EU and UK solutions work with our US compliance programme. He is energetic and responsive and provides great value for the work.’ ‘Mayer Brown has key capabilities in data protection and cybersecurity risk, steps to mitigate risks and in event of a breach, guidance on response and remediation. Oliver Yaros is a key partner.’ Legal 500
• The data protection, privacy and cybersecurity team is ‘exceptional at providing astute, intelligent legal advice’. ‘Quick and efficient and well explained’; ‘Oliver Yaros is an excellent lawyer with excellent in depth legal knowledge of this sector’; ‘Aside from being savvy about tech matters, they are extremely responsive and deliver a product that is of actual use for the client’; ‘They become like an extension of the in-house team’ Legal 500: Data Protection, Privacy and Cybersecurity
• Oliver Yaros is also a core member of the team, with a wealth of experience assisting clients in the financial services industry with utility projects, technology outsourcing and IT systems procurement. 'In this ICT/IT area we would mention Oliver Yaros, who we consider to be an outstanding individual.’ ‘Aside from being savvy about tech matters, they are extremely responsive and deliver a product that is of actual use to the client. They become like an extension of the in-house team.' Legal 500: IT and Telecoms
• Oliver Yaros is recommended for digital transformation projects and IP transactions.Legal 500: Fintech
• Listed as a 'key lawyer' for Fintech, TMT and IT and Telecoms. Legal 500
• Listed as a 'key lawyer' for Fintech and IT and Telecoms Legal 500
• Listed as a 'key lawyer' for IT and Telecoms. Legal 500
• IP and IT expert Oliver Yaros was promoted to partner and has particular knowledge of fintech and cryptocurrencies. Legal 500