Featured documents
This Practice Note outlines the law concerning criminal recklessness. The subjective test for recklessness Certain statutory and common law offences allow the prosecution to prove mens rea through ‘recklessness’. Put simply, recklessness is where the accused takes an unjustified risk that results in unlawful harm or damage. The House of Lords in R v G reaffirmed the subjective approach to recklessness. Before R v G, two distinct tests were used, depending on the offence charged: Subjective recklessness from R v Cunningham: the prosecution had to establish that the accused personally foresaw the risk. Objective recklessness from R v Caldwell: the prosecution only needed to show that the risk would have been obvious to a reasonable person, without proving the accused themselves foresaw it. In R v G, the House of Lords concluded that the objective test could operate unfairly where a defendant did not foresee the
This Practice Note examines the remedy of rescission, explaining when and in what manner a contract can be unwound (at common law, in equity and under statute) and thereby terminated and brought to an end. It covers the consequences and effects of rescission, the principal grounds for setting aside an agreement (misrepresentation, mistake, undue influence, duress, non‑disclosure, fiduciary misdealing and bribery) and the main obstacles to claiming rescission—affirmation, the intervention of third‑party rights and the impossibility of restitution. For further guidance on rescission in the context of misrepresentation, see Practice Note: Misrepresentation—rescission as a remedy. There are many ways in which a contract may reach its end; see: Terminating contracts—how and when a contract ends—overview for a brief and accessible summary, with links to the related further practical guidance, including Practice Note: Termination and expiry of contracts. For a table
What is a res judicata? A res judicata is a determination by a court or tribunal with jurisdiction over the cause of action and the parties, which finally disposes of the issues decided so they cannot be litigated again by those bound, save on appeal. Final judgments entered by default or by consent fall within this concept, whereas rulings on purely procedural points and any decision lacking finality do not. The doctrine’s aim is to bring litigation to an end and shield parties from being harassed by the same dispute twice. in personam—binds the parties and their privies in rem—binds all persons, privy or otherwise (ie a judgment binding the whole world) A party may rely on res judicata: as an estoppel to defeat an opponent’s claim or defence; and/or as the basis of their own claim or
The offence of causing grievous bodily harm with intent Wounding or causing grievous bodily harm (GBH) with intent can be tried solely in the Crown Court on indictment. Elements of the offence Under the Offences against the Person Act 1861 (OATPA 1861), the prosecution must establish that the defendant unlawfully and maliciously: wounded with the intention of causing GBH, or caused GBH with that intention, or wounded intending to resist or prevent the lawful arrest or detention of any person, or caused GBH intending to resist or prevent the lawful arrest or detention of any person ‘Unlawfully’ and ‘maliciously’ Unlawfully The wounding or causing of GBH must be unlawful. Such conduct may be lawful if used: in self-defence in defence of another in defence of property for the prevention of crime where the victim gave express or implied consent For further information on these defences, see below:
Most recent Practice notes
Financial sanctions seek to shape conduct. The UK runs a global anti-corruption sanctions regime to prevent and combat serious corruption. This Practice Note outlines the scope of that regime under the Global Anti- Corruption Sanctions Regulations 2021, SI 2021/488. It sets out the targeted activities, the sanctions available, who falls within scope, and guidance from the Office of Financial Sanctions Implementation ( OFSI). It also highlights practical issues for businesses. For the statutory purposes for sanctions under the Sanctions and Anti- Money Laundering Act 2018 ( SAMLA 2018), the duty to publish guidance, and how designations are made, varied and enforced, see Practice Note: The UK sanctions framework under SAMLA 2018. Key information The Global Anti- Corruption Sanctions Regulations 2021, SI 2021/488 permit financial measures and travel bans on persons involved in serious corruption. They replace the...
This Practice Note is aimed at law firms, though it may equally assist in-house lawyers. It examines the potential lawful bases under the UK General Data Protection Regulation ( UK GDPR) for processing special category personal data relating to third parties that is received in the provision of legal services. It reflects the UK GDPR and guidance from the Information Commissioner’s Office ( ICO) on the scope of the condition allowing processing where it is necessary for the establishment, exercise or defence of legal claims. For guidance on processing clients’ special category personal data, see Practice Note: Processing special category personal data of clients—law firms. For broader guidance on special category personal data, see Practice Note: How to identify and manage special category personal data. Special category personal data is: personal data revealing racial or ethnic origin, political opinions, religious or...
This Practice Note examines issues, considerations, and recommended approaches for sharing personal data among controllers—covering both joint controllers and independent controllers—in general, commonly encountered business-to-business commercial situations, in line with the United Kingdom General Data Protection Regulation, Assimilated Regulation ( EU) 2016/679 ( UK GDPR). It presumes a level of reader familiarity with the principal data protection concepts and terms, as well as the role and remit of the Information Commissioner’s Office ( ICO). For a high-level introduction to this topic and related issues, see: Data sharing and transactions—overview. For a higher-level introduction to UK data protection laws more generally, see Practice Note: Data protection law—new starter guide. The UK data protection law collection brings together further general guidance, including guidance on key terms used in the legislation and their meaning, and is a recommended starting point for data protection...
This Practice Note is specifically aimed at private sector commercial organisations in the UK. It delivers practical, day to day guidance on managing data subject requests under the UK General Data Protection Regulation ( UK GDPR). It sets out typical elements shared by all such requests and the issues that can occur when receiving and responding to a data subject request. This Note also explores compliance strategies designed to best equip your organisation to manage, end‑to‑end, the process for dealing with data subject requests. Under the UK GDPR, individuals have several rights relating to their personal data: a right of access the rights to rectification, erasure and restriction of processing a right to data portability a right to object to processing For further guidance, see Practice Note: Rights of data subjects. A data subject can ask a data controller to exercise any one, or more than one, of these rights at any...
Data security sits at the heart of the UK General Data Protection Regulation ( UK GDPR). The sixth data protection principle — integrity and confidentiality — obliges you to implement suitable technical and organisational steps so that personal data is handled with appropriate safeguards and security when processed, including: protection against unauthorised or unlawful processing accidental loss, destruction or damage This Practice Note draws on ICO guidance regarding personal data breaches under the UK GDPR. It also incorporates further practical pointers and information drawn from ICO guidance on managing data security breaches issued under the previous data protection regime; that guidance has now been withdrawn. The Practice Note additionally aligns with materials from the European Data Protection Board ( EDPB). According to the ICO, although the UK has left the EU, these guidelines continue to be...
STOP PRESS: This document is currently being revised to incorporate the Data ( Use and Access) Act 2025 ( DUAA 2025), which amends the UK GDPR and the Data Protection Act 2018. For further guidance on the compliance implications of DUAA 2025, see Practice Note: Data ( Use and Access) Act 2025—compliance implications. This Practice Note sets out the circumstances in which legitimate interests can be used as a lawful basis for processing personal data under the UK General Data Protection Regulation ( UK GDPR). Its approach is grounded in the UK GDPR and informed by: Information Commissioner’s Office ( ICO) guidance— Legitimate interests under the UK GDPR; European Data Protection Board ( EDPB) Guidelines 1/2024 on processing personal data under Article 6(1)(f) GDPR—per the ICO, EDPB materials are no longer directly relevant or binding in the UK regime, though they may still offer...
This Practice Note offers additional guidance on the principal definitions found in the United Kingdom General Data Protection Regulation, Assimilated Regulation ( EU) 2016/679 (the UK GDPR). For a high-level overview of UK data protection legislation, see Practice Notes: The UK General Data Protection Regulation ( UK GDPR) and Data protection law—new starter guide. The UK data protection law collection brings together further general guidance and is a recommended first point of reference for research. Scope of this Practice Note Given the significant volume of data moving between the UK and the EEA, corresponding EEA data protection rules remain particularly relevant to UK practitioners. There continues to be substantial similarity between: the EU GDPR (which was applicable under UK laws until the close of the Brexit implementation period at 11 pm UK time on 31 December 2020 and still applies within the EEA) the UK GDPR...
You need to implement suitable safeguards to stop personal data being exposed, whether by accident or on purpose. Information security goes beyond cyber security (the protection of your networks and information systems from attack), because it also includes physical and organisational controls. This Practice Note aligns with the UK General Data Protection Regulation ( UK GDPR) and the ICO’s expectations, as described in the ICO’s A guide to data security. The CIA triad The ICO’s guidance explicitly cites the ‘ CIA triad’: confidentiality, integrity and availability. If any of these three pillars is undermined, the consequences can be serious—for you as a data controller and for the individuals whose data you handle. You must also ensure the resilience of your processing systems and services. Resilience means: whether your systems can keep operating during adverse conditions, eg a physical or technical incident, and your...
This Practice Note is designed for law firms, though it may equally be of direct use to in-house lawyers. It examines the possible lawful bases under the UK General Data Protection Regulation ( UK GDPR) for handling clients’ special category personal data specifically. It mirrors the UK GDPR and the Information Commissioner’s Office ( ICO) current guidance on the reach of the condition that permits processing of special category personal data, ‘processing necessary for the establishment, exercise or defence of legal claims’. For further direction on processing special category personal data relating to third parties, see Practice Note: Processing special category personal data of third parties—law firms. For broader practical advice on special category personal data, see Practice Note: How to identify and manage special category personal data. What is special category personal data? Special category personal data is: personal data disclosing racial or ethnic origin,...
This Practice Note outlines, in straightforward terms, the principal features of the UK General Data Protection Regulation ( UK GDPR). See also: Precedent: Data protection quick reference guide—for staff. Aimed at non-privacy specialists, it is complemented by separate, more comprehensive, Practice Notes on the UK GDPR, for example: How to manage data protection compliance How to process personal data lawfully How to identify and manage special category personal data How to manage consent—personal data Data protection officer (or for law firms: Data protection officer—law firms) How to carry out data mapping How to handle data subject requests How to manage international personal data transfers How to handle data protection complaints How to develop a privacy risk register How to handle personal data for direct marketing How to implement data...
This Practice Note provides practical guidance on how to undertake data mapping Drawing on an article by Nicola Fulford of Hogan Lovells and Krysia Oastler of Kemp Little, first published in the Privacy and Data Protection Journal, this note explains how to approach data mapping. Data mapping—working out which personal data your organisation processes—is commonly identified as one of the first priorities in a data protection compliance programme. Data controllers must maintain a written record of processing activities, which must be produced to the supervisory authority on request. See Precedent: Data processing register... As set out in ICO Guidance: How do we document our processing activities?, a sensible first step is an information audit or data‑mapping exercise to confirm what personal data your organisation holds and where it resides. The guidance highlights the need to engage colleagues across the organisation so nothing is...
This Practice Note sets out the requirements of the United Kingdom General Data Protection Regulation, Assimilated Regulation ( EU) 2016/679 ( UK GDPR), where a processor handles personal data for a controller in a commercial setting. It proceeds on the basis that readers are already familiar with core data protection concepts, terminology, and the functions of key regulators. For an initial overview of data protection law, consult the ‘key principles and concepts’ tab in the UK Data Protection toolkit, which is a recommended starting point for research. For a higher-level primer on this topic and connected matters, see: Data sharing and transactions—overview. This Practice Note also sits within the Data protection negotiation guide—controller: processor—collection, which practitioners drafting or negotiating data protection clauses between a controller and a processor may find helpful. In brief UK data protection legislation aims to ensure information about living people (within the scope of...
This Practice Note is aimed at private-sector commercial organisations in the UK. It explains the Information Commissioner’s Office ( ICO) expectations for securing, recording and managing consent to process personal data, and mirrors UK General Data Protection Regulation ( UK GDPR) requirements concerning consent... What is consent? Consent is a freely given, specific, informed and unambiguous sign of the data subject’s wishes whereby they, by a statement or a clear positive action, confirm agreement to the processing of personal data. Accordingly, consent must be: freely given specific informed unambiguous There are two levels of consent based on the type of data processed: standard consent, required when relying on consent to process non-sensitive personal data explicit consent, required when relying on consent to process special category (sensitive) personal data—there is no definition of explicit consent but see Practice Note: How to...
Data protection by design and default ( DPb DD) Organisations often pay insufficient attention to data protection by design and default ( DPb DD) when assessing their UK GDPR obligations. This is understandable, as DPb DD is an intangible, pervasive concept that can be hard to turn into specific measures, especially when compared with other discrete duties under the UK GDPR. Nonetheless, the UK GDPR contains a dedicated provision on DPb DD ( Article 25) and the Information Commissioner’s Office provides extensive guidance: ICO, UK GDPR guidance and resources, Data protection by design and default. In essence, DPb DD requires you to consider privacy and data protection from the outset in everything you do, embedding it into your processing and business practices from initial design through the entire lifecycle. Taking a DPb DD approach from the beginning, rather than retrofitting at the end: helps you...
Summary of the UK GDPR regime This Practice Note condenses the UK GDPR framework. For a higher-level primer on UK data protection, see Practice Note: Data protection law—new starter guide. The UK data protection law collection assembles key guidance on this regime and is a recommended first stop for research. For information on the EU’s General Data Protection Regulation, Regulation ( EU) 2016/679, see Practice Note: The EU’s General Data Protection Regulation ( EU GDPR). This Practice Note covers: principal legislation substantive scope territorial reach core concepts data protection principles legal bases for processing special category personal data criminal conviction and offence data individual rights accountability and governance security personal data breaches international transfers of personal data exemptions the Information Commissioner data protection fees ...
The Sanctions and Anti- Money Laundering Act 2018 ( SAMLA 2018) SAMLA 2018 establishes the UK framework governing how international sanctions are applied and enforced. Brought in after Brexit, its aim is to support the UK’s continued adherence to international law, while giving the UK the agility to adopt or revise sanctions swiftly. It grants the Secretary of State authority to create sanctions regimes through secondary legislation, namely Statutory Instruments ( SIs). Consequently, the substantive detail of the UK’s sanctions regimes resides in SIs, particularly in regulations that are country-focused or thematic, rather than in SAMLA 2018 itself. The Act also permits regulations to be made concerning the enforcement of any prohibition or obligation imposed by a regulation. See Practice Notes: The UK sanctions framework under SAMLA 2018 and UK sanctions regimes currently in force......
This Practice Note outlines how the UK sanctions framework operates. The financial sanctions regime applies to every organisation. This Practice Note sets out: what financial sanctions are and who sets them how the UK administers and enforces financial sanctions a brief overview of offences and penalties key components of the regime, including asset freezes, lists and licences how the regime differs from anti-money laundering ( AML), counter-terrorist financing ( CTF) and counter-proliferation financing the consequences of getting it wrong For practical steps on compliance, see Practice Notes: How to manage sanctions compliance; for law firms: How to manage sanctions compliance—law firms; Sanctions—systems and controls; for law firms: Sanctions—systems and controls—law firms; and Financial sanctions compliance—examples of good (and poor) practice. What are sanctions and who imposes them? Sanctions are time-limited international restrictions or bans intended to: encourage a shift in the...
The sanctions regime applies to all businesses This Practice Note sets out what that means for your organisation. See also Practice Note: Sanctions—systems and controls, which gives practical guidance on creating systems and controls to secure compliance with the financial sanctions regime. What are sanctions? Sanctions are international measures designed to: encourage a shift in the behaviour of a particular country or regime apply pressure on certain countries or regimes to meet specified objectives prevent and suppress the financing of terrorism They are also deployed as a last‑resort enforcement tool where international peace and security are at risk. Sanctions can be directed at countries, regimes, organisations, individuals and entities. For fuller explanations, see Practice Notes: Understanding the financial sanctions regime and Understanding the UK trade sanctions regime. The law The sanctions regime applies to every business. Sanctions are commonly grouped by the nature of the...
The Criminal Finances Act 2017 ( CFA 2017) created a specific corporate offence for failing to stop the facilitation of tax evasion, effective from 30 September 2017. The government also published detailed guidance explaining what it expects from compliance frameworks and controls. This Practice Note draws on the finalised statutory provisions and the accompanying official guidance. That guidance should be considered, then approached and implemented on a proportionate, risk‑focused basis. This entails factoring in your organisation’s scale, character, structure and complexity. A small entity and a vast multinational may apply the principles quite differently: what is sensible for a low‑risk small business could be wholly unsuitable for a large enterprise operating in a high‑risk area, in practice. The Law Society has likewise issued Criminal Finances Act 2017 guidance for law firms, which was approved by the chancellor on 21 November 2018. Per the Law...
This Practice Note This Practice Note offers a high-level overview of the data protection framework relevant to direct marketing, particularly how such activities may give rise to compliance obligations under the Assimilated Regulation ( EU) 2016/679, the United Kingdom General Data Protection Regulation ( UK GDPR), the Data Protection Act 2018 ( DPA 2018) and the Privacy and Electronic Communications ( EC Directive) Regulations 2003 ( PECR 2003), SI 2003/2426. It is aimed at commercial organisations in the UK, with further, scenario-specific guidance signposted. The main difficulty in direct marketing is determining what the UK GDPR and PECR 2003 permit and whether consent is needed, which will differ according to the activity undertaken and the audience targeted. This Practice Note reflects the following ICO guidance: Direct marketing guidance Direct marketing using live calls Making live marketing calls about claims...
Popular documents
When evaluating a general damages claim, the practitioner ought initially to refer to the Judicial College Guidelines (JCG)...
This Practice Note This Practice Note reviews mechanisms used in settling litigation. A Tomlin order consists of a consent order paired with a schedule. It operates to stay proceedings on terms that have been agreed. The provisions contained in the schedule may remain confidential. This Practice Note describes the scope of confidentiality attaching to the schedule and sets out how it differs from a standard consent order. Sample wording for a Tomlin order is included, alongside links to precedents, as well as guidance on court approval. It also addresses varying, setting aside and enforcing a Tomlin order, including the considerations the court will take into account when handling applications for each. Further guidance is provided on interpreting and applying the relevant provisions of the CPR; however, some courts and divisions impose very specific requirements for both drafting and approval, and for approaching the schedule and confidentiality issues. Accordingly, you must consider the particular rules and court guide provisions in the forum where your claim is proceeding when drawing up the Tomlin order...
Date [ date ] Parties [ name of Landlord ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Landlord) [ name of Tenant ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Tenant) [ [ name of Guarantor ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Guarantor) ] [ [ name of Mortgagee ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Mortgagee) ] Definitions Within this Deed, the terms below shall be interpreted as follows: [ Annual Rent • the annual sum reserved under the Lease; ] [ Insurance Rent • the Tenant’s share of the Landlord’s costs of insuring the Property (as set out in the Lease); ] Lease • the lease of the Property dated [ date ], entered into between (1) [ the Landlord OR [ name ...
I, [ name ], of [ address ], solemnly and sincerely state that: [ Matters to be verified, set out in numbered paragraphs ] I make this solemn statement in good conscience, believing it to be true, and pursuant to the provisions of the Statutory Declarations Act 1835. DECLARED at [ details ] this [ day ] day of [ month and year ] Before me ................................................................................ [ signature of the person before whom the declaration is made ] A [ commissioner for oaths OR [ solicitor OR [ insert other qualification ] ] authorised to administer oaths ]...
Discover more from LexisNexis
