Featured documents
R (Greyhound Board of Great Britain Ltd) v Welsh Ministers [2026] EWHC 670 (Admin) What are the practical implications of this case? The ruling reinforces the constitutional divide between the courts and the legislature. It explains that the scheme and framework of the Government of Wales Act 2006 (GWA 2006) embody that separation of powers, and that any judicial attempt to recognise and enforce a common law obligation on Welsh Ministers to consult prior to introducing legislation in the Senedd would trespass upon that boundary. This is not a departure from established principle; case law has already upheld comparable rules for lawmakers in Scotland and at Westminster. However, this is the first express confirmation of the position for Welsh lawmakers, and the first time this dimension of the GWA 2006 has been analysed in such depth. The court examined earlier
The solution arrived through the United Nations Compensation Commission (UNCC), a quasi‑judicial body handling mass claims, created under UN Security Council Resolution 687. By addressing environmental harm—most notably via its ‘F4’ claim class—the UNCC set a seminal benchmark shaping how international law and contemporary arbitral panels allocate financial responsibility for wartime ecological devastation. With present-day wars in areas such as Eastern Europe and the Middle East bringing dam breaches, strikes on chemical facilities, and the burning of farmland, the UNCC’s legacy endures as an essential reference point for states, global investors, and companies engaged in post‑conflict arbitration. The F4 claims: Quantifying the unquantifiable Prior to the 1990s, mechanisms in international law for war reparations overwhelmingly favoured property loss, foregone earnings, and bodily injury. The natural world was commonly treated as a mute, non-compensable victim of armed hostilities...
Understanding the farming business as a business Many farms still use long-standing structures that arose by habit, not strategy. Sole traders, informal partnerships and outdated partnership deeds are common. While once effective, such setups can cause major issues around succession, tax planning and involving the next generation. A corporate team can take a fresh, business-led view of the farm, asking: Who owns the land and other critical assets? Who manages daily operations? Who carries the risk and who enjoys the return? What is the enduring plan for succession? From this review, the team can confirm whether the current setup is fit for purpose or if an alternative — for example an updated partnership agreement, a company, a limited liability partnership, or a blended model — would better meet the family’s aims. Tax efficiency through joined-up advice Tax sits at the centre of most
Most recent News
Farnsworth v The Information Commissioner ( IC) [2025] UKFTT 670 ( GRC) What are the practical implications of this case? This decision serves as a clear prompt for anyone managing information requests to scrutinise the applicability and breadth of exemptions under EIR 2004, SI 2004/3391, or FIOA 2000 where relevant. Erewash Council (the Council) treated the request as falling within EIR 2004, SI 2004/3391 and examined the exemptions in regulation 14. Initially, it considered relying on sub-paragraphs (a) and (e), but ultimately invoked sub-paragraph (d), covering ‘material which is still in the course of completion, to unfinished documents or to incomplete data’. Given that EIR 2004, SI 2004/3391 derives from European treaties to which the UK is a party, the judge stressed that such instruments must be read in good faith, according to their ordinary meaning, in context and in light of their...
In this issue: Data protection Lex Talk® Information Law: a Lexis®Nexis community Daily and weekly news alerts New and updated content Data protection ICO publishes new guidance on secure document disclosure to prevent data breaches The Information Commissioner’s Office ( ICO) has issued fresh guidance to assist organisations in safely releasing documents that contain substantial volumes of information, especially when responding to Freedom of Information ( FOI) and Subject Access Requests ( SARs). The new material highlights the risk of unintentionally exposing concealed personal data—such as metadata, hidden rows, columns, worksheets and active filters—and provides practical actions, checklists and how-to videos to help locate and remove that information. It also recommends converting files into simpler formats, steering clear of ineffective redaction approaches, and making use of tools like Microsoft Document Inspector. This guidance supersedes an advisory note......
In this issue: Data protection Lex Talk® Information Law: a Lexis®Nexis community Daily and weekly news alerts New and updated content Data protection DSIT guidance outlines four-stage commencement plan for Data ( Use and Access) Act The Department for Science, Innovation and Technology ( DSIT) has issued guidance setting out the roll-out timetable for the Data ( Use and Access) Act 2025. The Act secured Royal Assent on 19 June 2025 and will come into effect through four phases. The initial commencement instrument—the Data ( Use and Access) Act 2025 ( Commencement No.1) Regulations 2025—activates specified sections from 20 August 2025. See: LNB News 28/07/2025 33......
In this issue: Public sector information Data protection Cybersecurity Lex Talk®Information Law: a Lexis®Nexis community Daily and weekly news alerts New and updated content Public sector information Supreme Court confirms cumulative approach to public interest exemptions under FIA 2000 In Department for Business and Trade v The Information Commissioner [2025] UKSC 27, the UK Supreme Court ruled that where material engages multiple qualified exemptions ( QEs) under the Freedom of Information Act 2000 ( FIA 2000), a public authority may weigh the aggregate public interest in upholding all relevant exemptions. The Court rejected an ‘independent approach’, which would have compelled a discrete public interest assessment for each exemption. Dr Lewis Graham of Christ’s College Cambridge, together with the Lexis Nexis Public Law team, reflect on what this means in practice. See News Analysis: Supreme Court confirms cumulative approach to public...
Department for Business and Trade ( Respondent) v The Information Commissioner ( Appellant) [2025] UKSC 27 Background FIA 2000 grants a right to access information held by public bodies, save where the Act’s exemptions apply. On 15 November 2017, journalist Mr Montague asked the Department of Business and Trade (‘the Department’) for material about the Trade Working Groups established to undertake preliminary work on post‑ Brexit trade agreements. The Department released some material on 8 February 2018 and added more on 25 March 2019 (while the Commissioner’s investigation was ongoing), but retained the rest, invoking FIA 2000, s 27, concerning international relations, and s 35(1)(a) concerning the development of government policy. Those provisions are ‘qualified exemptions’, as they are governed by the public interest balancing exercise in FIA 2000, s 2(2)(b), which states that ‘in all the circumstances of the case, the public interest in...
In this issue: e Privacy Data protection Cybersecurity Lex Talk®Information Law: a Lexis®Nexis community Daily and weekly news alerts New and updated content e Privacy PECR 2003 reform—rules relating to electronic marketing and cookies in the UK The Data ( Use and Access) Act 2025 ( DUAA 2025), which received Royal Assent in June 2025, introduces a suite of amendments to the Privacy and Electronic Communications ( EC Directive) Regulations 2003 ( PECR 2003), SI 2003/2426. The updates address fines, cookie provisions and breach notification timeframes, and also import the Data Protection Act 2018 definition of direct marketing. Oliver Yaros and Ana Hadnes Bruder, partners, together with Reece Randall, Ellen Hepworth, Alasdair Maher and Katie Steval, associates, and Laura Taylor, trainee, at Mayer Brown International LLP, review the developments. See News Analysis: PECR 2003 reform—rules relating to...
DUAA 2025 secured Royal Assent on 19 June 2025, bringing it into law in the UK after being approved by Parliament on 11 June 2025. The Act primarily revises Assimilated Regulation ( EU) 2016/679, the United Kingdom General Data Protection Regulation (the UK GDPR), and PECR 2003. This article centres on the updates DUAA 2025 makes to PECR 2003—the UK rules that oversee the use of cookies and other online tracking tools—as well as the requirements relating to electronic marketing communications......
The French music streaming platform alleged in a High Court claim that Mobius Solutions Ltd compromised Deezer user data by keeping it insecurely and not erasing it after pledging to do so. According to the particulars lodged with the court on 15 June 2025 and only recently disclosed, Deezer says ‘ Mobius did not adequately shield Deezer’s confidential information from unauthorised use, access or disclosure, failing to apply the level of care Mobius would afford its own information of similar significance and/or a reasonable standard of care’. Deezer seeks an order requiring Mobius (best known for its Optimove digital marketing platform) to indemnify the company in respect of proceedings brought by more than 6,000 users arising out of the incident as detailed within the High Court claim......
Map your supply chain As noted in the UK Government’s Cyber Security Breaches Survey 2025 (2025 Survey), 45% of large businesses reviewed the cyber security risks arising from their immediate suppliers, compared with 21% of small businesses. This marks a decline from 55% in 2023. Only 25% looked at the risks presented by their wider supply chain. Cyber threats originating outside your organisation are generally harder to detect and to control. Understanding who your direct and indirect suppliers are, what they provide, how they provide it, and which data they hold and can access will help you pick out your critical providers and manage cyber security risks to your business more effectively. Mapping your supply chain will also show which measures can be enforced easily through contracts and place you to respond more quickly to supply chain related cyber incidents and to...
In this issue: Data protection e Privacy Lex Talk®Information Law: a Lexis®Nexis community Daily and weekly news alerts New and updated content Data protection Tik Tok’s initial challenge of UK data protection fine rejected by court MLex reports that Tik Tok’s first bid to overturn an appeal seeking to restore a £12.7m penalty from the UK privacy regulator, imposed in April 2023 for the misuse of children’s data, has failed, according to court records dated 4 July 2025. The First-tier Tribunal, which hears matters involving regulators, has therefore cleared the way for the dispute to proceed to a hearing focused on the core allegations of unlawful processing of children’s data, although a hearing date has not yet been confirmed. See News Analysis: Tik Tok’s initial challenge of UK data protection fine rejected by court......
The ruling permits the case to move forward to a hearing on the substantive issues and key questions surrounding allegations of unlawful handling of children’s data, although no date has yet been fixed. The Information Commissioner’s Office ( ICO) is contesting a court’s decision to overturn Tik Tok’s 2023 penalty. Tik Tok contended that, as its platform fosters artistic expression, the use of personal data, including that of under-13 users, fell......
In this issue: Cybersecurity Data protection Lex Talk®Information Law: a Lexis®Nexis community Daily and weekly news alerts New and updated content Latest Q& A Cybersecurity DSIT launches evaluation survey for Software Security Code of Practice implementation The Department for Science, Innovation and Technology ( DSIT) has begun a formal review of the Software Security Code of Practice, inviting input from both suppliers and users on how implementation has worked in practice. The review covers how organisations access and interpret the Code, the National Cyber Security Centre’s Implementation Guidance, and self-attestation obligations. Participation is open to organisations, whatever their implementation stage, with responses intended to guide future policy design and development. The survey closes on 16 December 2026. See: LNB News 30/06/2025 13. Danish Presidency of Council of the EU publishes presidency programme The Danish Presidency of the Council of the EU has issued its programme for 1 July to 31 December 2025, setting out its...
In this issue: Data protection Confidential information Lex Talk® Information Law: a Lexis®Nexis community Daily and weekly news alerts New and updated content Data protection Data ( Use and Access) Act 2025 The Act sets out arrangements for access to customer and business data; covers services that rely on information to determine and verify facts about individuals; addresses the recording, sharing, and maintenance of registers concerning apparatus in streets; provides for the keeping and upkeep of registers of births and deaths; regulates processing of data about identified or identifiable living persons; deals with privacy and electronic communications; establishes the Information Commission; specifies information standards for health and social care; provides for granting smart meter communication licences; enables disclosure of information to enhance public service delivery; makes provision for the retention of information by providers of internet services in connection with investigations into child deaths; and supports the provision of...
UK data reform act rollout plans UK businesses should anticipate the country’s data reform act being delivered through secondary legislation over the next six to nine months, with the first changes likely by autumn 2025 and the final measures pencilled in for winter 2025 under the UK privacy watchdog’s plans. The data reform bill, which entered into law on 19 June 2025, brings a range of updates to the UK data protection framework. However, the rollout will be staged, as various elements hinge on secondary legislation not yet put before lawmakers, or on additional materials still to be released by the data protection regulator. The Information Commissioner’s Office ( ICO) has signalled intentions to prepare guidance and start implementing some aspects, though firm dates are yet to be confirmed. Overall, the timetable indicates a lead-in period of six to nine months from the law’s...
A victim of crime Under VPA 2024, a ‘victim’ is any person who has suffered harm directly from being subjected to criminal behaviour, or from seeing, hearing or otherwise directly experiencing its effects as it occurred. Someone is also a victim where any of the following apply: their birth was the direct consequence of criminal behaviour the death of a close family member was the direct result of criminal behaviour they are a child who is a victim of domestic abuse that amounts to criminal behaviour ‘ Harm’ covers physical, psychological or emotional harm, as well as financial loss. There is no requirement for the offence to have been reported, for any investigation to have taken place, or for any charge or conviction to have followed. Permitted disclosures The following are permitted disclosures under VPA 2024, section 17: disclosures made to the police or......
In this issue: Data protection Artificial intelligence Lex Talk®Information Law: a Lexis®Nexis community Daily and weekly news alerts New and updated content Data protection Data ( Use and Access) Bill receives Royal Assent on 19 June 2025 On Thursday 19 June 2025, the Data ( Use and Access) Bill ( DUA) secured Royal Assent, thereby becoming an Act of Parliament. Its parliamentary scrutiny concluded on 11 June 2025, drawing to a close almost eight months of legislative process. Under section 139 of the DUA, most provisions will begin when regulations are made by the Secretary of State appointing commencement dates. A limited set, however, took effect immediately on Royal Assent: section 78, addressing reasonable and proportionate searches for data subject access requests; sections 126–128, relating to the retention of biometric data; and schedule 16, concerning the grant of energy smart meter...
GPAI model developers should still get a final draft of the EU Code of Practice from the Commission in July 2025, despite a potential ‘stop the clock’ on the EU AI Act, MLex has learned Bilateral talks are continuing, and the draft is foreseen for the first week of July. MLex earlier reported that the Commission was weighing a hold on the EU AI Act after a critical letter from the Trump administration in the US and a visit to Washington by the Commission’s Executive Vice- President for Tech Sovereignty, Security and Democracy, Henna Virkkunen. The matter was recently put on the agenda of a meeting of EU digital ministers, where Virkkunen formally indicated that parts of the EU AI Act could be paused if technical standards and administrative guidance are not ready when the rules take effect. The EU AI Act phases in over...
In this issue: Data protection Cybersecurity Lex Talk®Information Law: a Lexis®Nexis community Daily and weekly news alerts New and updated content Data protection Data ( Use and Access) Bill passes through Parliament and heads for royal assent On 11 June 2025, Parliament approved the Data ( Use and Access) Bill ( DUA Bill). First brought forward in October 2024, its approval concludes a lengthy legislative journey marked by notable legislative ‘ping pong’, comprising nine rounds of exchanges between the two Houses of Parliament over the Bill. A key flashpoint concerned the use of copyright-protected works in the development and training of AI systems. In the final debate on 11 June 2025, the House of Lords chose not to insist once again on its amendment, which would have triggered further government legislation on copyright infringement and transparency in AI. Instead, peers...
It marks the fifth bid by the House of Lords to harness the Data ( Use and Access) Bill to shield the creative sectors, taken despite ministers urging the upper revising chamber to step aside. Though the government is almost certain to strip out the amendment when the Bill returns to the House of Commons, where it commands a substantial majority, the mounting stand-off between both houses endangers the Bill’s prospects, with consequences for UK data protection law and the nation’s EU data adequacy standing. The Data ( Use and Access) Bill is a post- Brexit initiative to adjust elements of the United Kingdom General Data Protection Regulation, Assimilated Regulation ( EU) 2016/679, carried over from EU membership. The Bill is already on its third version, having been tabled and then heavily reworked by the previous Conservative...
The impact of cyberattacks The repercussions of hacking for organisations, across both public and private sectors, are wide-ranging and deep. Financially, the toll can be vast. IBM’s 2024 Cost of a Data Breach Report notes UK breaches now average nearly £3.6m; public sector incidents are a little lower on average, yet climbing quickly. Immediate spend covers incident response and the restoration of systems, while longer-term exposure includes potential regulatory fines, legal liabilities, and enduring reputational harm that can linger. For the LAA, reputational repercussions are already plain to see. The Law Society has openly criticised the Mo J’s handling of the breach, pressing government to ‘get a grip of the situation’ and to notify affected individuals directly. Trust—the bedrock of the legal system—has been unsettled. Legal aid applicants, many already in vulnerable positions, now carry the extra risk of identity theft, fraud, and...
Popular documents
When evaluating a general damages claim, the practitioner ought initially to refer to the Judicial College Guidelines (JCG)...
This Practice Note This Practice Note reviews mechanisms used in settling litigation. A Tomlin order consists of a consent order paired with a schedule. It operates to stay proceedings on terms that have been agreed. The provisions contained in the schedule may remain confidential. This Practice Note describes the scope of confidentiality attaching to the schedule and sets out how it differs from a standard consent order. Sample wording for a Tomlin order is included, alongside links to precedents, as well as guidance on court approval. It also addresses varying, setting aside and enforcing a Tomlin order, including the considerations the court will take into account when handling applications for each. Further guidance is provided on interpreting and applying the relevant provisions of the CPR; however, some courts and divisions impose very specific requirements for both drafting and approval, and for approaching the schedule and confidentiality issues. Accordingly, you must consider the particular rules and court guide provisions in the forum where your claim is proceeding when drawing up the Tomlin order...
Date [ date ] Parties [ name of Landlord ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Landlord) [ name of Tenant ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Tenant) [ [ name of Guarantor ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Guarantor) ] [ [ name of Mortgagee ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Mortgagee) ] Definitions Within this Deed, the terms below shall be interpreted as follows: [ Annual Rent • the annual sum reserved under the Lease; ] [ Insurance Rent • the Tenant’s share of the Landlord’s costs of insuring the Property (as set out in the Lease); ] Lease • the lease of the Property dated [ date ], entered into between (1) [ the Landlord OR [ name ...
I, [ name ], of [ address ], solemnly and sincerely state that: [ Matters to be verified, set out in numbered paragraphs ] I make this solemn statement in good conscience, believing it to be true, and pursuant to the provisions of the Statutory Declarations Act 1835. DECLARED at [ details ] this [ day ] day of [ month and year ] Before me ................................................................................ [ signature of the person before whom the declaration is made ] A [ commissioner for oaths OR [ solicitor OR [ insert other qualification ] ] authorised to administer oaths ]...
Discover more from LexisNexis
