Insights
Analysis of telecoms, data, payments and technology regulation and transactions
Clear, practical commentary on legal and regulatory developments affecting telecoms operators, digital infrastructure providers, technology companies, financial institutions, fintechs and investors.
Our blogging history
We have been publishing insights since 2010, when Rob first built the website on WordPress. From the outset, the aim was the same: careful research, precise language and analysis that explains not just the legal issue, but its practical and commercial effect.
That remains our approach today. Artificial intelligence now helps with parts of the research and drafting process, and it has supported the development of this website. But technology does not replace judgement, experience or specialist expertise. Our insights are shaped by real advisory work across regulation, compliance and transactions.
Through this Insights section, Bratby Law aims to provide clear analysis that helps organisations make informed decisions in complex and fast-moving areas of law and regulation. For advice on a specific issue, regulatory strategy or a transaction, please get in touch.
Recent articles
-
DSIT Statement of Strategic Priorities: What the SSP Means
In short: DSIT set Ofcom’s regulatory direction for the next five years by designating its statement of strategic priorities for telecoms, spectrum and postal services on 27 April 2026. Under section 2B of the Communications Act 2003, Ofcom must have regard to it, and must say by 6 June 2026 what it proposes to do….
-
FOIA section 44 keeps Ofcom investigations and enforcement out of FOI
In short: FOIA section 44 keeps the disclosures regulated firms make to Ofcom in investigations and enforcement out of Freedom of Information requests. Babbs v The Information Commissioner & Ofcom [2026] UKFTT 389 confirms that Communications Act 2003 section 393 covers voluntary as well as compulsory submissions, applies across telecoms, broadcasting and online safety, and…
-
The CCI product summary: a Consumer Duty test for payment-firm distributors
In short: The CCI product summary is the FCA’s new disclosure document for retail investment products, replacing the EU-derived Key Information Document. Under FCA PS25/20, firms can adopt it from 6 April 2026 and must use it from 8 June 2027. Whether to switch early is a Consumer Duty question, not a technical compliance one….
-
PSR annual plan 2026/27: card fees, APP fraud and the road into the FCA
In short: The PSR annual plan 2026/27, published 29 April 2026, sets three priorities for what may be the regulator’s last full year as a standalone body: implementing card fee remedies, publishing the first-year evaluation of mandatory APP fraud reimbursement, and planning the consolidation of PSR functions into the Financial Conduct Authority. Commercial variable recurring…
-
UK adequacy decision: inbound EU-to-UK transfer compliance
In short: The UK adequacy decision for inbound EU personal data was renewed by the European Commission on 19 December 2025 and runs to 27 December 2031. UK controllers should rely on it as the primary inbound transfer mechanism but maintain Standard Contractual Clauses and IDTA fallback documentation against the Commission’s monitoring conditions and the…
-
Ofcom information notice enforcement: sections 135 and 137A
In short: An Ofcom information notice under section 135 or section 137A of the Communications Act 2003 carries a maximum penalty of £2 million, plus £500 per day for continuing contraventions, enforced through the section 138 contravention process. Five enforcement cases since 2021 (Colt, BT/Connected Nations, TikTok, Meta and the new BT investigation opened on…
-
Section 166 DPA 2018: McDonnell and the Tribunal Jurisdiction Boundary
In short: Section 166 DPA 2018 is the only route a data subject has to take the Information Commissioner to a tribunal over how she handles a complaint. McDonnell [2026] UKFTT 524 (GRC), 9 April 2026, confirms the tribunal can push the ICO to act, but cannot make it change its answer. DUAA 2025 does…
-
Altnet PIA: the Framework, the Coalition and TAR 2026-31
In short: Altnet PIA, the Openreach product that lets operators build using its ducts and poles, is not new. It has been a regulated wholesale input since 2010, and the Electronic Communications Code requires operators to consider sharing apparatus more broadly. Two recent moves progress those arrangements. INCA’s Infrastructure Sharing Framework formalises operator-to-operator duct, pole…
-
DMCCA Part 3 enforcement: the CMA’s first consumer reviews investigations and their implications for transactions
The CMA’s coordinated push against fake and misleading consumer reviews lands the new Part 3 direct enforcement powers in the DMCCA 2024 on the consumer reviews supply chain. Five cases opened on 27 March 2026 reach across that supply chain at the same time and signal that consumer review compliance is now a discrete deal due diligence item.
-
CityFibre, nexfibre and the local market definition question
CityFibre’s intervention in the CMA’s nexfibre/Substantial inquiry turns on local market definition. Why that question shapes Phase 2 risk and the altnet consolidation pipeline.
-
ICO enquiry into Meta AI smart glasses: what it tells AI product teams about outsourced human review
In short: The ICO wrote to Meta in March 2026 over outsourced human review of audio-visual data captured by Ray-Ban Meta smart glasses. The enquiry tests controller/processor allocation under UK GDPR Article 28, lawful basis for AI training data, and whether the DUAA 2025 “meaningful human involvement” standard is met where reviewers validate AI outputs…
-
UK AI regulation: the practitioner framework
In short: There is no UK AI Act. UK AI regulation sits on the UK GDPR (as amended by the Data (Use and Access) Act 2025, in force 5 February 2026), sector regulators applying their existing rules (ICO, Ofcom, FCA), and DSIT policy direction. For clients with EU exposure the EU AI Act applies in…
Telecoms, data protection and payments regulation lawyers
Bratby Law advises on telecoms regulation, data protection, payments regulation and transactions across the communications, financial services and technology sectors.
How we work
Bratby Law works with clients in three ways: as direct legal advisors on specific matters, as specialist co-counsel supporting other legal teams, and as fractional general counsel on a longer-term retained basis. Each model delivers partner-level input without delegation.
Why Choose Bratby Law?
Sector expertise
Bratby Law advises exclusively on telecoms regulation, data protection, and payments regulation. That concentration means deeper knowledge of the regulatory environment, faster analysis, and advice that reflects how regulators actually behave: not how the textbook says they should.
Senior delivery
Every instruction is handled by Rob Bratby personally. With 30 years’ experience spanning Oftel, senior in-house roles at network operators, and partnership at international law firms, you receive the analysis directly: not through a junior team. The firm uses AI tools to extend research capacity and accelerate document review, so senior judgment is applied to more of your matter, not less.
Unique perspective
Rob Bratby has sat on all three sides of the regulatory table: as a regulator at Oftel, as General Counsel at major operators, and as external counsel. That inside-out perspective informs every piece of advice. He currently holds fractional General Counsel appointments at TOTSCo, UKPI, TelXL, and Core.
Ready to discuss your matter?
Prefer an RSS reader? Subscribe via RSS.