Michael Nahon is a Partner at Hassans, where he has specialised in Data Protection and privacy law since 2004.
Michael advises multinational corporations, local businesses, government departments and public authorities on their data protection and cyber law responsibilities, with particular strength across the gaming, banking, telecoms, automotive and security sectors. He also helps individuals understand and uphold their data protection rights.
With a keen interest in emerging areas of the law, Michael advises on the data protection challenges posed by connected and autonomous vehicles, and the growing use of artificial intelligence — helping clients stay ahead of evolving rules and best practice.
His practice covers data protection audits and compliance reviews, helping organisations put in place the right policies, procedures and training to meet their legal obligations under the Gibraltar GDPR. He also advises on international data transfers, ensuring clients have the appropriate safeguards and mechanisms in place. As an outsourced Data Protection Officer (DPO) for third-party organisations, he offers hands-on support and practical guidance on how they handle personal data.
On the contentious side, Michael regularly advises clients on data breach response, notification requirements and regulatory engagement. His advisory work extends to the rules around direct marketing, CCTV use and how websites handle personal data including the use of cookies, helping businesses operate in a way that is both effective and legally compliant.
Michael is a recognised voice in the data protection field and a contributing author to DLA’s Data Protection Laws of the World Handbook, PDP Journals and DataGuidance.