Insights

London – November 11, 2025: Computer Weekly has named Emma Wright, co-chair of Crowell & Moring’s Privacy and Cybersecurity Group, to its “50 Most Influential Women in UK Tech” list for 2025. The annual list recognizes women who are driving innovation and leadership within the UK technology sector.

London – October 16, 2025: Chambers and Partners has ranked Crowell & Moring U.K. LLP and its lawyers across the United Kingdom as leaders in their respective practice areas in the Chambers UK 2026 Guide.

London – October 14, 2025: Crowell & Moring U.K. LLP has been recommended in five practice areas in the Legal 500 United Kingdom 2026.

In a significant ruling on the application of data protection law in the United Kingdom, on 19 February 2026, the UK’s Court of Appeal (CA) ruled in favour of the UK Information Commissioner (ICO) in its appeal against the decision of the Upper Tribunal (UT) in the case of DSG Retail Ltd v The Information Commissioner [2026] EWCA Civ 140. This ruling clarifies the scope of data controllers’ security obligations with pseudonymised personal data and confirms that a controller’s duty to safeguard personal data is not diminished merely because a cyber attacker who exfiltrates that data would be unable to re-identify the individuals concerned.

Major changes have been proposed to EU AI, data and wider digital laws. On 19th November 2025, the European Union Commission issued its much anticipated Digital Omnibus Regulation Proposal, (the “Digital Omnibus”) and also its Digital Omnibus on AI Regulation Proposal, (the “AI Omnibus”). The mooted changes potentially impact the “Brussels effect” seen post GDPR and add potential complexities to the compliance efforts of businesses.

On 12 November, the highly anticipated Cyber Security and Resilience (Network and Information Systems) Bill (“Bill”) was introduced to Parliament, representing a significant expansion and modernisation of the UK’s cyber security rules. Building on the foundation set by the Network & Information Systems Regulations 2018 (“NIS”), the Bill aims to enhance national security and safeguard essential services. The Department for Science, Innovation and Technology (“DSIT”) has published a policy paper detailing the Bill’s objectives.