Legal Guidance and Research / Information Law / Data protection / Data protection in specific activities
Powered by Lexis+®
Jurisdiction(s):
United Kingdom
Latest Information News
NEWS
NDAs after the Victims and Courts Act 2026: voiding clauses that restrict disclosures of criminal conduct or responses, interaction with the iniquity rule, and drafting steps for commercial agreements

Section 6 of the Victims and Prisoners Act 2024 supersedes VPA 2024, s 17, scrapping the prior constraint that protected disclosures had to be made to particular recipients for specified purposes. Any term in any agreement, including commercial non-disclosure agreements (NDAs), is void to the extent it seeks to stop a victim, or someone who reasonably believes they are a victim, from revealing relevant criminal conduct-or the counterparty’s reaction to it-to anyone, for any purpose. The new provision binds the Crown, subject only to a tightly drawn national security exception. This analysis examines how these reforms align with existing common law limits on confidentiality and their consequences for standard commercial NDA templates. It is written by Richard Hanstock, a barrister at Cornerstone Barristers and the founder of Deeptech Legal, an SRA-authorised firm specialising in cybersecurity, artificial intelligence, defence technology and national security...

Read More Right Arrow
NEWS
UK information law weekly: rising cyber security threats, UK-Australia AI safety MoU, ICO confiscation order for unauthorised data access, and updates on deepfakes, direct marketing and PECR breach notification

In this issue: Cybersecurity Data protection Daily and weekly news alerts New and updated content Cybersecurity DSIT publishes speech by Digital Minister on rising cyber security threats The Department for Science, Innovation and Technology (DSIT) has released a speech delivered by the Digital Minister, Liz Lloyd, at the New Statesman Security and Resilience Conference on 5 May 2026, in which she characterised cyber security as ‘foundational’ to national security, economic resilience and business growth in a world facing growing instability. The minister cautioned that cyber threats are increasing in frequency, disruption and cost: 43% of businesses reported a cyber breach or attack in the past 12 months, rising to 69% among large organisations, while 29% encountered assaults at least weekly......

Read More Right Arrow
NEWS
UK-Australia AISI Memorandum of Understanding on AI security: information-sharing, joint research, evaluation standards and cyber-attack risk mitigation

The Department for Science, Innovation and Technology (DSIT) stated that the UK AI Security Institute (AISI), together with the Australian AISI, has agreed a memorandum of understanding aimed at bolstering co-operation regarding AI safety and security risks......

Read More Right Arrow
NEWS
Information law weekly update: EDPB DPIA template, EU age-verification app, EHDS consultation, EDPB 2025 report and UK DSIT enterprise connected device security (16 April 2026)

In this issue: Data protection Cybersecurity Daily and weekly news alerts New and updated content Data protection EDPB unveils DPIA template to bolster uniformity in GDPR compliance workflows The European Data Protection Board (EDPB) has approved a template for Data Protection Impact Assessments (DPIAs), seeking to simplify adherence to the EU’s General Data Protection Regulation, Regulation (EU) 2016/679 (EU GDPR), and to improve consistency and alignment across Europe. The template is designed to help organisations structure, harmonise, substantiate and evidence their DPIA reporting processes, and is accompanied by an explainer document intended to support its practical use. The template is open for public consultation until 9 June 2026. See: LNB News 15/04/2026 22. Commission to launch EU age-verification app The European Commission has announced and confirmed that its EU age verification app is technically ready and complete, and will soon be made available for citizens to use when accessing online...

Read More Right Arrow

Data protection in specific activities—overview

Copyright © 2026 LexisNexis

This subtopic focuses on adherence to the United Kingdom General Data Protection Regulation, Assimilated Regulation (EU) 2016/679 (UK GDPR), and the Data Protection Act 2018 (DPA 2018) in the context of particular organisational activities. For a general introduction to the data protection framework-covering the principles, the UK GDPR’s ‘assimilated law’ position, legislative terminology, territorial reach, applicability and exemptions-see: Data protection regime-overview and its related subtopic.

For further guidance on the following cross-cutting areas under the UK GDPR, consult the relevant overview and its associated subtopic:

  • Accountability, governance and compliance-overview
  • Rights of data subjects-overview
  • Transparency and privacy policies and notices-overview
  • Data sharing and transactions-overview
  • International transfers-overview
  • Data breaches, sanctions and enforcement-overview

For a collection bringing together key practical guidance, see: UK data protection law collection.

Subjects covered in this subtopic include:

Artificial intelligence

  • Artificial intelligence-data protection
  • Artificial intelligence (AI) resource kit
  • Artificial intelligence-explainability

Autonomous and connected vehicles

See Practice Note: Autonomous and...

To view the latest version of this document and thousands of others like it, sign-in with LexisNexis or register for a free trial.
CONTINUE READING

View Information Law by content type

News Practice notes Precedents Q&As

Popular documents

Using the Judicial College Guidelines to assess general damages in personal injury claims

When evaluating a general damages claim, the practitioner ought initially to refer to the Judicial College Guidelines (JCG)...

Read More Right Arrow
Tomlin orders in England and Wales: CPR guidance on drafting, confidentiality, approval, variation, enforcement, limitation, CCA issues, court-specific requirements, sample wording and precedents

This Practice Note This Practice Note reviews mechanisms used in settling litigation. A Tomlin order consists of a consent order paired with a schedule. It operates to stay proceedings on terms that have been agreed. The provisions contained in the schedule may remain confidential. This Practice Note describes the scope of confidentiality attaching to the schedule and sets out how it differs from a standard consent order. Sample wording for a Tomlin order is included, alongside links to precedents, as well as guidance on court approval. It also addresses varying, setting aside and enforcing a Tomlin order, including the considerations the court will take into account when handling applications for each. Further guidance is provided on interpreting and applying the relevant provisions of the CPR; however, some courts and divisions impose very specific requirements for both drafting and approval, and for approaching the schedule and confidentiality issues. Accordingly, you must consider the particular rules and court guide provisions in the forum where your claim is proceeding when drawing up the Tomlin order...

Read More Right Arrow
Precedent: Deed of Surrender of Lease with Optional Premium, Settlement and Release, Landlord, Mortgagee and Guarantor Consents, Reimbursement and HM Land Registry Provisions (England and Wales)

Date [ date ] Parties [ name of Landlord ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Landlord) [ name of Tenant ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Tenant) [ [ name of Guarantor ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Guarantor) ] [ [ name of Mortgagee ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Mortgagee) ] Definitions Within this Deed, the terms below shall be interpreted as follows: [ Annual Rent • the annual sum reserved under the Lease; ] [ Insurance Rent • the Tenant’s share of the Landlord’s costs of insuring the Property (as set out in the Lease); ] Lease • the lease of the Property dated [ date ], entered into between (1) [ the Landlord OR [ name ...

Read More Right Arrow
Precedent Statutory Declaration: Standard Wording under the Statutory Declarations Act 1835

I, [ name ], of [ address ], solemnly and sincerely state that: [ Matters to be verified, set out in numbered paragraphs ] I make this solemn statement in good conscience, believing it to be true, and pursuant to the provisions of the Statutory Declarations Act 1835. DECLARED at [ details ] this [ day ] day of [ month and year ] Before me ................................................................................ [ signature of the person before whom the declaration is made ] A [ commissioner for oaths OR [ solicitor OR [ insert other qualification ] ] authorised to administer oaths ]...

Read More Right Arrow

Discover more from LexisNexis