Data protection essentials

Data protection laws in both the UK and EEA (the EU plus Iceland, Norway, and Liechtenstein) are intended to ensure information about living individuals (within the definition of ‘personal data’) is used fairly and responsibly.

To help ensure that, both the UK and EEA data protection laws impose a large number of obligations on those ‘processing’ personal data (and on controllers of such processing) and grant rights to those whose personal data is processed (the ‘data subjects’). In summary, ‘processing’ includes doing almost anything with personal data, including storing, sharing, deleting or using it.

UK data protection law is largely derived from EEA data protection laws and is therefore generally based on similar principles, although there are some detailed differences.

This subtopic provides certain core resources commonly required by commercial lawyers when addressing UK and EEA data protection laws under:

•
the EU’s General Data Protection Regulation, Regulation (EU) 2016/679 (EU GDPR) regime, which applies under the

To view the latest version of this document and thousands of others like it, sign-in with LexisNexis or register for a free trial.

TAKE A FREE TRIAL

Latest Commercial News

Court entertains argument that statements in draft disclosure letter amounted to misrepresentations (Veranova Bidco LP v Johnson Matthey plc)

Commercial analysis: The High Court has entertained the argument that an allegedly false statement contained in a draft disclosure letter produced during the course of transaction negotiations may have amounted to a misrepresentation. The decision follows an application for summary judgment and strike-out and so does not create binding precedent on the point. The case will proceed to a full trial. However, the judge’s comments are interesting and the ensuing decision, if a full trial takes place, will be one to watch. Dominic Sedghi, head of knowledge, Lois Horne, partner, and Tom Rose, partner, all at Macfarlanes LLP discuss the implication of the decision.

Commercial weekly highlights—17 July 2025

This week's edition of Commercial weekly highlights includes: the judgement of the Court of Appeal in Berge Bulk Shipping Pte Ltd v Taumata Plantation Ltd where the court dismissed an appeal against an order holding that the English court had no jurisdiction to hear a claim against three New Zealand companies regarding various letters of indemnity, news that the Office for Product Safety and Standards has published research detailing major AI regulatory developments, and news that the Department for Business and Trade has published the outcome of its review and consultation on the operation of the UK Internal Market Act 2020.

Commission launches Digital Fairness Act consultation on online consumer protection

The European Commission has launched a consultation for its proposed Digital Fairness Act. Grounded in the existing EU digital rule book, the initiative targets several problematic practices, including unfair commercial practices associated with dark patterns, misleading influencer marketing, addictive design of digital products, and unfair personalisation practices. The Act aims to ensure a level playing field for online traders, enhance enforcement mechanisms, and potentially simplify regulatory frameworks. This call for evidence is open to stakeholder feedback from 17 July 2025 until 9 October 2025 (midnight Brussels time).

DBT publishes consultation outcome following review of UK Internal Market Act 2020

The Department for Business and Trade (DBT) has published the outcome of its review and consultation on the operation of the UK Internal Market Act 2020. The review, which covered Parts 1, 2, 3 and 4 of the Act, sought views on what is and is not working well. It focused on the market access principles for goods and services, the recognition of professional qualifications and the role of the Office for the Internal Market. DBT received 85 responses and held six stakeholder meetings across the four nations. The outcome sets out a series of actions the UK government intend to take to improve the operation of the Act, particularly in relation to the exclusions process and intergovernmental engagement.