Get a good background to data protection law and view practical guidance focused on data protection matters for commercial transactions. See also our UK GDPR compliant pro-party clauses for use in commercial agreements.
Protect trade secrets and know-how using the law of confidentiality. Get information and a set of pro-party confidentiality agreements here.
View a range of trackers to enable horizon scanning and monitoring of key developments. The trackers are maintained - making them useful for keeping up-to-date and for business development.
It’s our online practical guidance product for contentious and non-contentious lawyers dealing with Data Protection, Confidential Information, Privacy, Cybersecurity and Freedom of Information issues.
The European Union Agency for Cybersecurity (ENISA) has published the ENISA NIS360 2026 report assessing the cybersecurity maturity and criticality of...
The Information Commissioner’s Office (ICO) has published final guidance on the application of UK data protection law and the Privacy and Electronic...
The Irish Presidency of the Council of the EU has published its programme for 1 July 2026 to 31 December 2026, outlining its priorities and direction....
The European Data Protection Board (EDPB) has adopted a common template for personal data breach notifications under Regulation (EU) 2016/679 ((the...
This week’s edition of Information Law weekly highlights includes a hand-picked summary of news analysis, updates and new content related to laws...
The freedom of information (FOI) case tracker records and summarises key decisions and case law rulings relating to the enforcement of the Freedom of...
This Practice Note provides a high level summary of key themes of divergence between the UK and EU in relation to the extent of their data protection...
This Practice Note links to a report produced by Bird & Bird that reviews the laws governing the use of cookies and other storage and access...
This Practice Note provides an overview of the rules about using storage and access technologies (SATs), including cookies, in the UK under the...
This Practice Note addresses frequently asked questions (FAQs) on the new lawful basis of recognised legitimate interest which has been added to...
Address of Website OperatorDear [insert organisation name]Notice and take-down letterWe act for [insert client details], on whose instructions we are...
ARCHIVED: This Precedent has been archived and is not maintained. It is for background information only. It links to international data transfer...
[insert address of sender]Our ref: [insert reference]Your ref: [insert reference][Insert address of recipient]Date: [insert date]Dear [insert...
This Agreement is made on [date]Parties1[Insert name of party] [of [insert address] OR a company incorporated in [England and Wales] under number...
[insert address of sender]Our ref: [insert reference]Your ref: [insert reference][insert address of recipient]Date: [insert date]Dear [insert...
The UK General Data Protection Regulation (UK GDPR)—NavigatorThis Practice Note serves as a reference guide to the Retained Regulation (EU) 2016/679...
Privacy law—misuse of private informationThe tort of misuse of private information is focused on ‘the protection of human autonomy and dignity—the...
Confidentiality agreement—mutualThis Agreement is made on [date]Parties1[insert name of party] [of [insert details ] OR a company incorporated in...
The Information Commissioner’s Office (ICO)The Information Commissioner’s Office (ICO) is the UK’s independent regulator designed to uphold...
The UK General Data Protection Regulation (UK GDPR)This Practice Note provides a summary of the UK GDPR regime. For a higher-level introduction to UK...
Letter of claim—breach of confidence[Insert name and address of recipient]Dear [insert organisation name],[Name of client] and confidential...
Trade secrets and confidential information—protection and enforcementThis Practice Note sets out the protection available for trade secrets and...
Introduction to the EU GDPR and UK GDPRThis Practice Note provides a high-level introduction to the EU’s General Data Protection Regulation,...
Data protection, privacy and confidential information case law trackerThis Practice Note tracks noteworthy High Court, Court of Appeal and Supreme...
Commercial use of photographs—data protection and privacy issuesThis Practice Note addresses issues affecting professional photographers taking...
Letter of claim—breach of data protection law[Insert name and address of recipient]Dear [insert organisation name],[Name of client] and breach of data...
What does IP completion day mean for Information Law? [Archived]ARCHIVED: This Practice Note has been archived and is not maintained.11 pm (GMT) on 31...
Confidential information, privacy and injunctionsThis Practice Note deals with the general principles of obtaining an injunction relating to...
The Data Protection Act 2018This Practice Note introduces the UK’s Data Protection Act 2018 (DPA 2018).For higher-level introductions to data...
a hearing forming part of the trial sometimes used in long and complex cases to settle various issues without requiring the jury to attend;
Public authorities and public bodies often carry out activities involving personal data. The terms ‘public authority’ and ‘public body’ are used throughout the GDPR regimes, including within several of the definitions, but are not expressly defined. The EDPB considers that under the EU GDPR: • these notions are broad enough to include both public bodies in third countries and ‘international organisations’ (ie an organisation and its subordinate bodies governed by public international law, or any other body which is set up by, or on the basis of, an agreement between two or more countries) • with respect to public bodies in third countries, the notion is to be determined under domestic law • public bodies include government authorities at different levels (eg national, regional and local authorities) and also other bodies governed by public law (eg executive agencies, universities, hospitals and so on)
“Telecommunications service” means any service that consists in the provision of access to, and of facilities for making use of, any telecommunication system (whether or not one provided by the person providing the service).