Countries

Jurisdiction-specific regulatory insights

Regulatory action | AI and Data Protection | Countries | Data Protection | DSIT | Telecoms regulation | UK

When Regulators Regulate Themselves: The UK judiciary and data protection regulator (ICO) guidelines for internal AI use
ByRob Bratby 6 November 202527 March 2026

UK Judges and ICO publish internal AI use guidelines In the UK’s rapidly developing AI governance landscape, two institutions have taken a decisive and self-reflective step. The Judiciary of England and Wales and the Information Commissioner’s Office (ICO) have both published their internal policies on the use of artificial intelligence. These are not external consultation papers or policy statements…

Read More When Regulators Regulate Themselves: The UK judiciary and data protection regulator (ICO) guidelines for internal AI use
Countries | Telecoms regulation | UK

UK Online Safety Act 2023: what platforms must do now
ByRob Bratby 4 November 202523 March 2026

UK Online Safety Act 2023: what platforms must do now The Online Safety Act 2023 establishes a statutory duty of care for UK-accessible platforms, search services and online publishers, creating one of the most detailed digital safety regimes internationally. Ofcom has begun phased implementation, with information notices, supervisory monitoring and early investigative steps already underway….

Read More UK Online Safety Act 2023: what platforms must do now
Regulatory action | AI and Data Protection | Countries | Data Protection | EU | Government policy | Telecoms regulation | UK

The Data (Use and Access) Act 2025: What It Means for UK Businesses
ByRob Bratby 28 October 202523 March 2026

The Data (Use and Access) Act 2025 (DUAA) introduces sweeping changes in UK data regimes, from smart-data schemes and digital verification services to amendments of the Data Protection Act 2018 and UK GDPR. Rob Bratby of bratby.law guides UK businesses through compliance, strategic opportunities, and contract implications. Essential reading for counsel, transaction teams and commercial leaders.

Read More The Data (Use and Access) Act 2025: What It Means for UK Businesses
UK | AI and Data Protection | Countries | Data Protection

UK AI Regulation: ICO’s Role
ByRob Bratby 26 October 202523 March 2026

UK AI Regulation: ICO’s Role How should businesses navigate AI compliance in the UK? In contrast to the EU’s broad, sector-agnostic AI Act, the UK has taken a different approach to AI regulation. The UK government has opted for a regulator-led, principles-based framework, asking existing sector regulators to oversee AI in their own domains, which…

Read More UK AI Regulation: ICO’s Role
Telecoms regulation | AI and Data Protection | Countries | Data Protection | EU | Ofcom | UK

UK AI Regulation: An overview
ByRob Bratby 26 October 202527 March 2026

UK AI Regulation: An overview Introduction In contrast to the overarching, prescriptive approach of the EU AI Act, the UK’s approach to regulating artificial intelligence (AI) is to focus on regulating the use of AI, rather than the underlying AI technology. The UK’s objective is to foster innovation whilst managing risks. 2023 UK AI Regulation…

Read More UK AI Regulation: An overview
Telecoms regulation | Countries | Data Protection | DSIT | Government policy | Regulatory action | UK

New UK data protection law proposals
ByRob Bratby 30 June 202227 March 2026

Government sets out response to consultation Commentary Following its September 2021 consultation on reform of UK data protection law, on 23 June 2022 the UK government published its response and proposals to move forward. Whilst the proposals for a post-GDPR data protection law in the UK contain some sensible reforms and updates, it is clear…

Read More New UK data protection law proposals
Telecoms regulation | Countries | DSIT | Government policy | Ofcom | Regulatory action | UK

New security obligations on UK telecoms providers
ByRob Bratby 27 June 202227 March 2026

On 17 November 2021, the Telecoms (Security) Act 2021, amending the Communications Act 2003, imposed new telecoms security obligations on UK communications providers. These telecoms security obligations represent a significant expansion of the regulatory framework, requiring providers to take active steps to manage network security risks. The legislation: New telecoms security obligations under UK law…

Read More New security obligations on UK telecoms providers
Telecoms regulation | Countries | Data Protection | DSIT | Government policy | Regulatory action | UK

Personal data export from the UK
ByRob Bratby 4 March 202227 March 2026

UK sets out two alternatives to provide adequate contractual protection for the export of personal data from the UK What happened? In February 2022, the UK government published 2 alternative sets of contracts that can be used by organisations wishing to export personal data from the UK to countries that do not otherwise provide adequate…

Read More Personal data export from the UK
Telecoms regulation | Countries | Data Protection | Government policy | Regulatory action | UK

UK’s proposed new data protection law
ByRob Bratby 30 September 202127 March 2026

UK data protection law: key proposed changes What is proposed? On 10 September 2021, the UK government published its proposals to reform UK data protection law. Whilst current UK data protection law in the form of UK GDPR mirrors EU data protection law, the proposals represent the UK government seizing the opportunity given by Brexit…

Read More UK’s proposed new data protection law
Countries | Data Protection | EU | Government policy | Regulatory action | Telecoms regulation | UK

EU finds UK has adequate protections for personal data
ByRob Bratby 29 June 202123 March 2026

On 28 June 2021, the EU Commission found that the UK provides adequate protection for personal data, enabling personal to freely flow from the EU (and EEA) to the UK. Background European privacy law (specifically articles 44-50 of the General Data Protection Regulation (GDPR)) prohibits the export of personal data from the EU to a third…

Read More EU finds UK has adequate protections for personal data
Countries | Data Protection | EU | UK

Using the new EU standard clauses to enable cross-border data export
ByRob Bratby 16 June 202123 March 2026

From 27 June 2021, organisations will be able to adopt new ‘standard contractual clauses’ (SCCs) to permit lawful export of personal data from the EU to ‘third countries’. This post: recommends what companies should do now describes the background to the EU’s data export rules explains how the new SCCs differ from prior versions What…

Read More Using the new EU standard clauses to enable cross-border data export
Countries | DSIT | Foreign direct investment | Government policy | M&A | Regulatory action | Telecoms regulation | Transactions | UK

New UK foreign investment law to impact telecoms, digital and data transactions
ByRob Bratby 24 May 202123 March 2026

Summary By the end of 2021, many corporate transactions in the communications, data infrastructure, artificial intelligence, satellite and space technologies sectors (and some others) will be subject to mandatory notification to, and national security review by, the UK government. Implementation timetable The National Security and Investment Act 2021 (“Act“) became part of UK law on…

Read More New UK foreign investment law to impact telecoms, digital and data transactions