26 Mar 2026

The Lens Newsletter - March 2026

2 min read

Treasury's role in cyber resilience

Recent high profile cyber incidents underline how quickly operational disruption can create acute financial and liquidity challenges. In late 2025, Jaguar Land Rover was hit by a major cyberattack that forced production shutdowns, disrupted supply... Read more

Operational resilience: reporting rules herald the next chapter for the financial sector

On 18 March 2026 the FCA, PRA and Bank of England (the Bank) published policy statements introducing new requirements and expectations for the reporting of certain operational incidents, and expanding the scope of existing data collections on... Read more

Digital Regulation: Fleeting, Feature or Fallacy? Global Perspectives from our recent webinar

With the EU’s “digital omnibus” fuelling renewed debate about whether regulation is creating friction in the digital economy, we recently hosted a global webinar on digital regulation which examined whether this friction is ‘fleeting, a feature,... Read more

Is it all becoming clear? Guidance on the AI Act’s transparency rules

The AI Act wants people to know when they are interacting with AI generated or manipulated content such as deepfakes, but how is this achieved in practice? A new (currently draft) Code of Practice on Transparency of AI-Generated Content (the... Read more

Are the winds changing on the AI and copyright debate?

As readers of this blog will be aware, the rapid development of AI over the last few years has given rise to a number of significant debates on copyright. None more so than how best to balance the rights of AI developers and copyright owners when... Read more

ICO publishes guidance on data protection complaints processes

The Data (Use and Access) Act 2025 (DUA Act) requires organisations to have a data protection complaints process in place from 19 June this year. What does that mean in practice for organisations and how much work will be required? The ICO has... Read more

Identifiability in controllers' hands is key - Outcome of the DSG Retail appeal

The Court of Appeal’s February 2026 ruling in DSG Retail Ltd v Information Commissioner has confirmed the normal interpretation of the scope of controllers’ data security obligations under UK data protection law. Although the case was... Read more

CMA offers guidance on mitigating algorithm risks

The CMA has published a blog post on AI and algorithms, urging businesses to take proactive steps to understand the technology they are deploying and ensure that their use of such tools complies with competition and consumer law. Much of the blog... Read more

Children’s privacy in focus: ICO fines Reddit £14.47m

Whereas 2025 saw the ICO’s penalties firmly aimed at data security and cyber breaches, this year has seen the issue of two significant fines to online services, Imgur (£247,590) and Reddit (£14.47m), highlighting the regulator’s long-standing... Read more

CONTACT INFORMATION

Duncan Blaikie Partner

Laura Houston Partner

Will Manley Head of Digital Regulation

Natalie Donovan Head of Technology, Digital, Data and IP Knowledge

This material is provided for general information only. It does not constitute legal or other professional advice.