Q&As

Q&As

This subtopic is an archive of selected Q&As from Information Law.

Information Law Q&As

These Q&As seek to briefly address common questions faced when dealing with Information Law matters.

The Q&As supplement and link to other more detailed content within Lexis®+ UK, but are intentionally short. It is anticipated that a brief Q&A will be most helpful when you need a quick overview of an issue and its likely impact. This might arise, for example, where lawyers need to provide advice, business development or training at short notice. The Q&A content on Lexis®+ UK is date stamped. This date is the

To view the latest version of this document and thousands of others like it, sign-in with LexisNexis or register for a free trial.

TAKE A FREE TRIAL

Latest Information Law News

ICO consults on draft updated guidance on research, archiving and statistics provisions following DUAA 2025

The Information Commissioner's Office (ICO) has launched a consultation on draft updated guidance concerning the research, archiving and statistics (RAS) provisions. The updates follow the introduction of the Data (Use and Access) Act 2025 (DUAA 2025) and include revised criteria for scientific research, in response to requests for greater clarity. The consultation also seeks views on the ICO's approach to the new disproportionate effort exemption under DUAA 2025, s 77, which exempts organisations from the requirement to inform data subjects when re-using previously collected data for research purposes. The consultation closes on 27 April 2026.

ENISA publishes FAQ page on Cyber Resilience Act Single Reporting Platform

The European Union Agency for Cybersecurity (ENISA) has introduced a dedicated page featuring a collection of Frequently Asked Questions (FAQ) on the EU Cyber Resilience Act’s Single Reporting Platform (SRP). The FAQs explain, amongst other thing, what the SRP is, who is responsible for it, what must be reported, how the platform operates and the responsibilities of the key entities involved, supporting transparency and implementation of mandatory and voluntary reporting within the EU Digital Single Market. ENISA intends to update FAQ page as the SRP implementation progresses.

Information Law weekly highlights—26 February 2026

Welcome to this week’s edition of the Information Law weekly highlights: a hand-picked summary of news analysis, updates and new content related to laws governing the use and dissemination of information and personal data. Each week these highlights focus on developments in key topics such as data protection, ePrivacy, cybersecurity, breach of confidence, misuse of private information, and defamation.

ICO fines Reddit £14.47m for unlawful use of children’s personal data

The Information Commissioner’s Office (ICO) has fined Reddit £14.47m after finding it used children’s personal information unlawfully due to age assurance failures under UK data protection law. The ICO found Reddit failed to apply any robust age assurance mechanism or carry out a data protection impact assessment before January 2025, resulting in the unlawful processing of the personal information of children under 13 and exposing them to inappropriate and harmful content. Although Reddit introduced age verification and age declaration requirements in July 2025, the ICO highlighted that self‑declaration presents risks and confirmed it is keeping the platform’s processing of children’s personal information under review as part of its wider intervention to improve the safety of children’s data online. It emphasised that organisations must ensure they know the age of users, enforce minimum age requirements and apply appropriate and effective age assurance tools.

View Information Law by content type :

News