Cybersecurity

Safeguarding digital assets is crucial in the modern landscape. This practical guidance offers legal professionals comprehensive insights into fortifying client data, understanding regulatory frameworks, and responding effectively to cyber threats. Equip yourself with the necessary tools to navigate the evolving realm of cybersecurity, ensuring a robust defence against cyber risks and compliance with pertinent laws. Dive into expert advice, case studies, and latest developments to enhance your practice and client trust in the digital age.

View Information Law by content type:

News
Practice notes
Precedents
Q&As

Sub Topics We Cover

Cybersecurity, threats and risk management

Latest Information Law News

EDPB and EDPS adopt joint opinion on EU Cybersecurity Act and NIS2 amendments

EDPB launches 2026 coordinated enforcement action on EU GDPR transparency obligations

Information Law weekly highlights—19 March 2026

The following Information Law news provides comprehensive and up to date legal information on Information Law weekly highlights—19 March 2026

ENISA launches SME survey on EU Cyber Resilience Act implementation readiness

Featured Information Law content

The UK General Data Protection Regulation (UK GDPR)—Navigator [Archived]

The UK General Data Protection Regulation (UK GDPR)—Navigator [Archived]

The UK General Data Protection Regulation (UK GDPR)—NavigatorThis Practice Note serves as a reference guide to the Retained Regulation (EU) 2016/679...

Privacy law—misuse of private information

Privacy law—misuse of private information

Privacy law—misuse of private informationThe tort of misuse of private information is focused on ‘the protection of human autonomy and dignity—the...

Confidentiality agreement—mutual

Confidentiality agreement—mutual

Confidentiality agreement—mutualThis Agreement is made on [date]Parties1[insert name of party] [of [insert details ] OR a company incorporated in...

The Information Commissioner’s Office (ICO)

The Information Commissioner’s Office (ICO)

The Information Commissioner’s Office (ICO)The Information Commissioner’s Office (ICO) is the UK’s independent regulator designed to uphold...

Practice notes

The UK General Data Protection Regulation (UK GDPR)

The UK General Data Protection Regulation (UK GDPR)This Practice Note provides a summary of the UK GDPR regime. For a higher-level introduction to UK...
Read More >
30th May
Q&As

Are recorded conversations between lay people legal and can they be used in legal proceedings?

Are recorded conversations between lay people legal and can they be used in legal proceedings?The law relating to the recording of conversations...
Read More >
Produced in partnership with Chris Bryden of 4 King’s Bench Walk
13th Oct
Q&As

Is it standard for a non-disclosure agreement to contain liability limitations (eg for loss of information and/or breach) and what arguments could be used to seek to remove any such provisions added by another party?

Is it standard for a non-disclosure agreement to contain liability limitations (eg for loss of information and/or breach) and what arguments could be...
Read More >
2nd Jun
Q&As

In the context of confidentiality agreements, what constitutes an ‘indirect’ disclosure? Is it necessary to specifically use the word ‘indirect’ to capture all types of disclosure by the main disclosing party?

In the context of confidentiality agreements, what constitutes an ‘indirect’ disclosure? Is it necessary to specifically use the word ‘indirect’ to...
Read More >
Produced in partnership with Michelle Last of Keystone law
30th May
Precedents

Letter of claim—breach of confidence

Letter of claim—breach of confidence[Insert name and address of recipient]Dear [insert organisation name],[Name of client] and confidential...
Read More >
30th May
Practice notes

Trade secrets and confidential information—protection and enforcement

Trade secrets and confidential information—protection and enforcementThis Practice Note sets out the protection available for trade secrets and...
Read More >
Produced in partnership with Will Smith of Anglo American
30th May
tag iconIn-house
Practice notes

Introduction to the EU GDPR and UK GDPR

Introduction to the EU GDPR and UK GDPRThis Practice Note provides a high-level introduction to the EU’s General Data Protection Regulation,...
Read More >
30th May
tag iconIn-house
Practice notes

Data protection, privacy and confidential information case law tracker

Data protection, privacy and confidential information case law trackerThis Practice Note tracks noteworthy High Court, Court of Appeal and Supreme...
Read More >
30th May
Practice notes

Commercial use of photographs—data protection and privacy issues

Commercial use of photographs—data protection and privacy issuesThis Practice Note addresses issues affecting professional photographers taking...
Read More >
2nd Jun
Precedents

Letter of claim—breach of data protection law

Letter of claim—breach of data protection law[Insert name and address of recipient]Dear [insert organisation name],[Name of client] and breach of data...
Read More >
2nd Jun
Practice notes

What does IP completion day mean for Information Law? [Archived]

What does IP completion day mean for Information Law? [Archived]ARCHIVED: This Practice Note has been archived and is not maintained.11 pm (GMT) on 31...
Read More >
30th May
Practice notes

Confidential information, privacy and injunctions

Confidential information, privacy and injunctionsThis Practice Note deals with the general principles of obtaining an injunction relating to...
Read More >
30th May
Practice notes

The Data Protection Act 2018

The Data Protection Act 2018This Practice Note introduces the UK’s Data Protection Act 2018 (DPA 2018).For higher-level introductions to data...
Read More >
30th May
tag iconIn-house tag iconBrexit tag iconData Protection Toolkit
Q&As

Is someone’s voice personal identifiable information under GDPR? If someone is to do a voice over for content of some training for a business, would a consent form be needed?

Is someone’s voice personal identifiable information under GDPR? If someone is to do a voice over for content of some training for a business, would a...
Read More >
30th May
Practice notes

The Network and Information Systems Regulations 2018

The Network and Information Systems Regulations 2018This Practice Note provides an overview of the Network and Information Systems Regulations 2018...
Read More >
30th May
Practice notes

Limitation of data protection liability in contracts—market practice in general business services agreements between controllers and processors [Archived]

Limitation of data protection liability in contracts—market practice in general business services agreements between controllers and processors...
Read More >
2nd Jun

Popular documents

If a rentcharge is shown as being informally exonerated on title information, does this apply to the

If a rentcharge is shown as being informally exonerated on title information, does this apply to the current registered owner? Or does the informal exoneration only apply to the parties to the document which informally exonerated the rentcharge?This Q&A considers the situation where, at some

Late payment penalties—inheritance tax

Late payment penalties—inheritance taxWhile interest often accrues on overdue tax, the late payment of certain taxes may also attract a penalty. For information on the interest accruing on overdue tax, see Practice Notes: IHT—payment deadlines on death—Interest on IHT and Interest on late paid

Strike out—making an application to strike out a statement of case

Strike out—making an application to strike out a statement of caseA strike out order can be made either following an application by the parties or on the court's own initiative. This Practice Note deals with the scenario of the order being made following a party's application.Making an application

Template for regulatory references given by SMCR firms and disclosure requirements

Template for regulatory references given by SMCR firms and disclosure requirements[Insert addressee details]Dear [insert name][It is our understanding that [insert name of prospective employee] [was an employee of yours between the dates of [insert dates as appropriate] OR is a current employee of