Ruth Hughes

Experience

Ruth Hughes is a partner in our Technology and Innovation Group and advises on a wide range of information technology, intellectual property, data protection, artificial intelligence, freedom of information, confidentiality and advertising issues.

Ruth has extensive experience drafting and negotiating outsourcing agreements, software licences and IT services agreements, particularly for State and semi‑State bodies, and regularly advises on large‑scale and strategically important infrastructure projects. She also advises both suppliers and customers in the private sector on a wide range of IT and technology contracts, bringing a pragmatic and commercially focused approach to negotiations.

In addition, Ruth advises clients in the public and private sectors on all aspects of data protection law. Her experience includes assisting clients with data mapping and inventories, carrying out  data protection impact assessments, drafting data protection notices and data sharing agreements and responding to data subject rights requests.

Ruth also has particular expertise in the food and agri sector and provides specialised advice on compliance with EU food law and unfair trading practices in the agri food sector. Ruth also has a particular interest in advertising and consumer protection law.

Key highlights include advising:

• A variety of clients on data protection compliance, data protection audits, data protection policies and data security matters;
• Transport Infrastructure Ireland on various large scale technology and outsourcing agreements in connection with the open road tolling and the management of the national road network;
• National Transport Authority on significant technology outsourcing agreements, including in relation to NTA’s Next Generation Ticketing project (the intended successor to the Leap system) and the implementation of a new automatic vehicle location system, as well as a broad range of data protection and freedom of information matters;
• CnaM on its functions and powers under the Broadcasting Act 2009 (as amended) and the Digital Services Act;
• McDonald’s Restaurants on Irish advertising and consumer protection law complaints and queries;
• Trace International on the legal basis for processing criminal conviction data under the GDPR in connection with anti-bribery due diligence, including liaising with the Data Protection Commission and assisting in the project to put in place necessary legislative amendments.