-
decoded.legal's blog Ofcom amends GC C1 to prohibit inflation-linked price rises for new contracts from 17 January 2025
Ofcom amends GC C1 to prohibit inflation-linked price rises for new contracts from 17 January 2025
decoded.legal's blog decoded.legalAs expected, Ofcom has issued a new statement, prohibiting inflation-linked price rises in contracts for communications services. Providers can still change the price of a contract, with effect from part-way through - Ofcom has not banned that. The change is is just about how they can do it. The new requirements come into effect on 17 January 2025 and apply to any new contracts entered into from that date. You can...
-
decoded.legal's blog The UK/USA data access agreement, subpoenas from the FBI, and a brief update for UK telecoms operators
The UK/USA data access agreement, subpoenas from the FBI, and a brief update for UK telecoms operators
decoded.legal's blog decoded.legalRoughly two years ago - wow, how time flies - I wrote a blogpost about what UK telecoms operators need to know about the UK/USA Data Access Agreement and the US CLOUD Act. At the time, I didn’t think that UK telecoms operators would receive many, if any, requests under the agreement. I’ve seen a handful of them recently, so I thought it might be worth revisiting it. I had also hoped that a change to data protection...
-
decoded.legal's blog The UK's draft Code of Practice for Software Vendors
The UK's draft Code of Practice for Software Vendors
decoded.legal's blog decoded.legalThe UK government has published a consultation on its draft Code of Practice for Software Vendors. This call for evidence closes at 11:59pm on 9 August 2024. There is more information here. What this is about The stated aim is a voluntary Code of Practice for Software Vendors which is designed to ensure that software security is made fundamental to software vendors’ approaches to developing and distributing their...
-
decoded.legal's blog The Upper Tribunal's decision in ICO v Experian but mostly griping about a PDF file
The Upper Tribunal's decision in ICO v Experian but mostly griping about a PDF file
decoded.legal's blog decoded.legalYesterday, the Upper Tribunal released its decision on the Information Commissioner’s appeal against the First Tier Tribunal’s decision about the Information Commissioner’s enforcement action against data broker Experian. ([2024] UKUT 105 (AAC)) In short, the Upper Tribunal was not having any of it, and dismissed the ICO’s arguments on all five points. Perhaps the only shred of hope for the ICO was in the Upper...
-
decoded.legal's blog New rules for people making, importing, or distributing Internet-connected or connectable products (Part 3)
New rules for people making, importing, or distributing Internet-connected or connectable products (Part 3)
decoded.legal's blog decoded.legalI’ve written before about the UK’s Product Security and Telecommunications Infrastructure Act 2022, and the associated The Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) Regulations 2023. This regime imposes new security compliance requirements for certain “connected” and IoT products, to be sold to people in the UK. Part 1 covered the products in...
-
decoded.legal's blog New rules for people making, importing, or distributing Internet-connected or connectable products (Part 2)
New rules for people making, importing, or distributing Internet-connected or connectable products (Part 2)
decoded.legal's blog decoded.legalWay back in October 2023, I wrote an introduction to the Product Security and Telecommunications Infrastructure Act 2022, and the associated The Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) Regulations 2023. This is the UK’s new regime for establishing a baseline security level for connectable products. I’d meant to follow up swiftly with Part 2...
-
decoded.legal's blog Is DocuSign using your documents to train its AI?
Is DocuSign using your documents to train its AI?
decoded.legal's blog decoded.legalAccording to DocuSign’s website, DocuSign - a company most commonly used for helping people sign contracts digitally - is or may be (its information is not wholly clear) using your contracts and other documents to train AI. I didn’t know this, but then I don’t use DocuSign, although some of my clients do. Perhaps you do, and did. Either way, if you use DocuSign, or are asked to load your documents into DocuSign for...
-
decoded.legal's blog Ofcom's draft guidance on the Online Safety Act's porn provisions
Ofcom's draft guidance on the Online Safety Act's porn provisions
decoded.legal's blog decoded.legalOfcom has published draft guidance, and a consultation, on Part 5 Online Safety Act 2023 - this is the OSA’s porn (or, perhaps, anti-porn) provisions. I have previously written about Part 5. If you haven’t already read that, it’s probably worth starting there. This is a blogpost based on my thoughts from reading through the documents; it is not a fully-formed response to Ofcom’s consultation. The deadline for...
-
decoded.legal's blog An introduction to 'ethical licensing'
An introduction to 'ethical licensing'
decoded.legal's blog decoded.legalTechnology, and programming, has always been political. I’ve very little time for discussions which try to separate “tech” and “politics”. The same is true with licensing models. Over the last couple of years, I’ve seen more people talking about “ethical licensing”. And, while I’ve yet to see an “ethical licence” come up in the course of my work, I thought it might be an interesting topic for a blog post. FOSS...
-
decoded.legal's blog Being an Internet lawyer
Being an Internet lawyer
decoded.legal's blog decoded.legalA friend with a child at a local primary school asked if I would join their careers afternoon, to talk about being an Internet lawyer. I love this kind of thing, and the challenge of explaining what I do to 7/8/9 year olds was the icing on the cake. I went for a mix of slides / me talking, with audience participation, and a fun exercise about following instructions. In case you are interested, here are my slides:...
-
decoded.legal's blog Dealing with 'AI'-generated subject access requests
Dealing with 'AI'-generated subject access requests
decoded.legal's blog decoded.legalOver the past few months, I’ve seen an increase in the number of subject access requests received by data controllers, which appear to have been generated by, or at least infused with content generated by, “AI” tools. Perhaps you’ve seen this too? People getting help with SARs is nothing new, of course. Some people ask friends or family, others seek formal legal advice, and some use online templates. Not long after...
-
decoded.legal's blog Cookies: the letter that the ICO sent to 'top websites'
Cookies: the letter that the ICO sent to 'top websites'
decoded.legal's blog decoded.legalJust before Christmas, I wrote a short post about how the ICO appears to be finally taking some action in respect of cookies, in the sense that the ICO has written to “top websites” to express their concerns about the sites’ cookie handling practices. The ICO’s press release did not include the text of the letters sent to those sites, so I asked the ICO for a copy. The ICO has provided this, and you can see a copy...
-
decoded.legal's blog Happy Christmas!
Happy Christmas!
decoded.legal's blog decoded.legalSubtext: we are now on holiday until the new year. Wishing you a very merry Christmas, and a happy new year. We will be back in early January. And, for those who didn’t ask for a hard copy, here’s our 2023 Christmas Card: The card was designed by an Actual Artist, the talented Jennie Gyllblad - note that some of her art, while all hand-drawn cartoons, is “adult” in nature.
-
decoded.legal's blog DPDI Bill: a new amendment supporting the UK/USA Data Access Agreement
DPDI Bill: a new amendment supporting the UK/USA Data Access Agreement
decoded.legal's blog decoded.legalBack in July 2022, I wrote “What UK telecoms operators need to know about the UK/USA Data Access Agreement and the US CLOUD Act”. This is an update, prompted by a government amendment to the Data Protection and Digital Information Bill which is currently going through Parliament. It is an amendment; it is not law yet. tl;dr If the amendment passed, a UK telecommunications operator could more readily rely on “task in...
-
decoded.legal's blog Online Safety Act 2023: the UK's (anti-)pornographic content provisions
Online Safety Act 2023: the UK's (anti-)pornographic content provisions
decoded.legal's blog decoded.legalThis is a very quick overview of Part 5 of the Online Safety Act 2023, which deals with certain pornographic content. In summary I’m afraid that it is not good news if you are a sex blogger, or run a small porn site, in the UK. The rules are not currently in force. “Pornographic content” is wide. It does not include text-only content, but text-only content which is accompanied by an image, pornographic or not, is...
-
decoded.legal's blog Cookies: a brief reminder, now that the ICO is finally taking some action
Cookies: a brief reminder, now that the ICO is finally taking some action
decoded.legal's blog decoded.legalIt looks like the ICO has finally taken some enforcement action against the operators of websites which fail to comply with the UK’s “cookie law”. In a rather vague press release, the ICO has said: The Information Commissioner has warned some of the UK’s top websites they face enforcement action if they do not make changes to comply with data protection law. How many sites it has warned, or what makes a site a...
-
decoded.legal's blog Would you like a decoded.legal Christmas card?
Would you like a decoded.legal Christmas card?
decoded.legal's blog decoded.legalUpdate: we’ve run out of cards, so we’ve closed the form for this year! Once again, we’d love to post you a physical, handwritten, Christmas card, if you want one. This year’s card was drawn by the talented Jennie Gyllblad. I love it. We just need your name and address If you would like a card, please complete this form. For information on how we (decoded.legal) process your personal data relating to this, please...
-
decoded.legal's blog More pressure on UK ISPs and telcos: a proposal to compel PECS providers to notify the ICO of suspected unlawful direct marketing
More pressure on UK ISPs and telcos: a proposal to compel PECS providers to notify the ICO of suspected unlawful direct marketing
decoded.legal's blog decoded.legalFrankly, I’m not as close to the Data Protection and Digital Information Bill as I ideally would be. There’s a lot going on at the moment… So it came as a bit of a surprise when I spotted a proposed new obligation on UK Internet access providers and telecommunications providers, relating to spam: a duty to notify the ICO of suspected unlawful direct marketing. I have seen nothing about this. I have only found a PDF...
-
decoded.legal's blog Online Privacy: slides from a recent lecture
Online Privacy: slides from a recent lecture
decoded.legal's blog decoded.legalI was lucky enough to be invited to give a talk about “Online Privacy”, from an English law point of view, to a mix of undergraduate and postgraduate students recently. Here are my slides. Note that the focus is on privacy, not data protection!
-
decoded.legal's blog Ofcom's >1,500 page consultation on the Online Safety Act 2023, and why small companies don't have a chance
Ofcom's >1,500 page consultation on the Online Safety Act 2023, and why small companies don't have a chance
decoded.legal's blog decoded.legalI know that I’ve got quite a downer on the Online Safety Act 2023. I’ve followed it closely and, each time I read it, I find something else to dislike about it. Today though, it’s a very practical concern: how on earth am I going to get to position where I can advise clients on it? Bear in mind that the Act is not just about “big tech” - it impacts many thousands for smaller organisations and individuals too. Here’s...
-
decoded.legal's blog My initial analysis of The Investigatory Powers (Amendment) Bill
My initial analysis of The Investigatory Powers (Amendment) Bill
decoded.legal's blog decoded.legalI have read through the 54 pages of the Investigatory Powers (Amendment) Bill. I’ve also had the benefit of reading the background notes in the King’s Speech, as well as the Home Office’s “notices” consultation from earlier this year, and David Anderson KC’s review. So these are my initial thoughts but they are, I hope, broadly along the right lines. I’m not commenting here on everything in the bill (the bits about...
-
decoded.legal's blog The Investigatory Powers (Amendment) Bill has arrived
The Investigatory Powers (Amendment) Bill has arrived
decoded.legal's blog decoded.legalAs expected, The Investigatory Powers (Amendment) Bill has been published. I’ll update this once I’ve had the chance to digest it properly.
-
decoded.legal's blog Coming soon: The Investigatory Powers (Amendment) Bill
Coming soon: The Investigatory Powers (Amendment) Bill
decoded.legal's blog decoded.legalThe government has announced that the Investigatory Powers Act 2016 is to be amended, via a not-yet-published The Investigatory Powers (Amendment) Bill. The information below comes from the background briefing note, but I’ve moved bits around to keep related things together. Bulk personal data set regime Make changes to the bulk personal dataset regime to ensure the UK’s intelligence agencies can more effectively...
-
decoded.legal's blog Ofcom's new guidance on open Internet / net neutrality, including zero rating and traffic management
Ofcom's new guidance on open Internet / net neutrality, including zero rating and traffic management
decoded.legal's blog decoded.legalOfcom has published an updated statement on net neutrality / open Internet, with accompanying annexes. If you just want the new guidance, read the annexes. If you want the background, policy, and thinking, read the statement. Overall, I’d describe Ofcom’s position as a “softening” one: it appears that Ofcom is willing to permit some behaviours which are hard to reconcile with the principle of “neutral” Internet...
-
decoded.legal's blog Free software developers and fiduciary obligations: is an English Bitcoin a cause for concern?
Free software developers and fiduciary obligations: is an English Bitcoin a cause for concern?
decoded.legal's blog decoded.legalThere are a couple of ongoing cases before the courts of England and Wales about Bitcoin. One is about libel, and the identity of “Satoshi Nakamoto”, which has nothing to do with this blogpost. The other case is, to me at least, far more interesting, as it concerns the extent to which developers or operators of software which runs Bitcoin networks owe fiduciary obligations to users of the networks. I am looking at...
-
decoded.legal's blog The UK's updated voluntary code of practice for App Stores, whatever those are...
The UK's updated voluntary code of practice for App Stores, whatever those are...
decoded.legal's blog decoded.legalThe UK government has updated its Code of practice for app store operators and app developers. At this point it is only a voluntary code of practice; no-one is obliged to comply with it. (Note: I say “App” and “App Store” a lot in this blogpost. Both terms annoy me, for being a bit childish and worse, rather vague.) What is an “App Store”? A key part of the code of practice is understanding who or what falls within...
-
decoded.legal's blog New rules for people making, importing, or distributing Internet-connected or connectable products (Part 1)
New rules for people making, importing, or distributing Internet-connected or connectable products (Part 1)
decoded.legal's blog decoded.legalThis blogpost is an introduction to the Product Security and Telecommunications Infrastructure Act 2022, and the associated The Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) Regulations 2023. The focus here is on the “product security” aspect and, in particular, what products fall in scope. It does not cover the “telecommunications infrastructure”...
-
decoded.legal's blog ICO guidance on workplace monitoring
ICO guidance on workplace monitoring
decoded.legal's blog decoded.legalThe ICO has published new guidance on workplace monitoring. If you are not sure where to start in thinking about workplace monitoring, this is a useful document. It is pleasing to see the ICO recognise that this is not just a technical, tickbox, exercise: Excessive monitoring can have an adverse impact on the data protection rights and freedoms of workers. Excessive monitoring is likely to intrude into workers’...
-
decoded.legal's blog Going darker...
Going darker...
decoded.legal's blog decoded.legalIf you’re looking at this blogpost, or our website, or one of our presentations (1), thinking “why is it darker?”, here’s the explanation. And if you’re now looking at this thinking “it still looks the same to me”, here’s why. Reimplementing “dark mode” support Many devices / operating systems offer a “dark mode”, where colours are inverted / darkened, to make the screen more pleasant to use in low-light...
-
decoded.legal's blog UK GDPR recognises the USA as adequate for some (many?) transfers of personal data
UK GDPR recognises the USA as adequate for some (many?) transfers of personal data
decoded.legal's blog decoded.legalFrom 12th October 2023, the USA is “adequate” for the purposes of the UK GDPR for any transfer which (a) is to a person in the United States of America who is indicated on the Data Privacy Framework List as participating in the UK Extension to the EU-US Data Privacy Framework; and (b) will be subject to the EU-US Data Privacy Framework Principles on receipt by that person. This is set out in The Data Protection...
-
decoded.legal's blog But lawyers know nothing about tech...
But lawyers know nothing about tech...
decoded.legal's blog decoded.legalPretty much every day, I read something to the effect of “lawyers are clueless when it comes to tech lol”. Different people, different publications, but it’s a theme which has been constant pretty much for as long as I have been a lawyer (which is approaching 20 years now). Today is no different, with a piece in The Law Society Gazette saying a lot of legal professionals are still sitting on the fence when it comes...
-
decoded.legal's blog Consultation on changes to the Investigatory Powers Act 2016's notices regime
Consultation on changes to the Investigatory Powers Act 2016's notices regime
decoded.legal's blog decoded.legalThe government has launched a consultation on proposed changes to the notices regime under the Investigatory Powers Act 2016, following the statutory review, and David Anderson KC’s (separate, and currently unpublished) review. The “notices regime” refers to the powers available to the Secretary of State to impose data retention notices, as well as technical capability notices and national security notices on...
-
decoded.legal's blog Ofcoms changes to its guidance on incident reporting thresholds for the digital infrastructure subsector under The Network and Information Systems Regulations
Ofcoms changes to its guidance on incident reporting thresholds for the digital infrastructure subsector under The Network and Information Systems Regulations
decoded.legal's blog decoded.legalOn 31st May 2023, Ofcom published a statement and new guidance, setting out changes to the guidance on incident reporting thresholds for what Ofcom calls “the digital infrastructure subsector”. The gist is that Ofcom expects in-scope providers to report incidents to which have a lower level of impact on their services than was previously the case. The “digital infrastructure subsector” Regulation 8(1) of the Amended...
-
decoded.legal's blog Tech law predictions for 2073
Tech law predictions for 2073
decoded.legal's blog decoded.legalThe wonderful Society for Computers and Law is 50 this year, and it is producing a book of predictions of what tech law will look like in 50 years’ time. Here is my small contribution: In 50 years time, when the Society for Computers and Law celebrates its centenary, I will be 90. Whether I will still be around, or still thinking about Internet and telecoms law, who knows. Will there even be “Internet law” in 2073,...
-
decoded.legal's blog Ofcom investigates broadband providers for failing to implement simpler switching
Ofcom investigates broadband providers for failing to implement simpler switching
decoded.legal's blog decoded.legalFirst, my apologies: I haven’t blogged here for a while. Work has been busy and, well, I’ve spent far too much time blogging about Linux-related stuff on my personal blog. But anyway. Readers may recall that, back in February, I blogged about the changes to the General Conditions of Entitlement which were to take effect on 3rd April 2023. This included the changes relating to Ofcom’s desired new switching process,...
-
decoded.legal's blog Changes to the Legal Ombudsman's complaints procedure
Changes to the Legal Ombudsman's complaints procedure
decoded.legal's blog decoded.legalThe Legal Ombudsman is changing its timescales for considering complaints. I’ve updated our complaints policy, which I hope you will never need. The new rules apply from 1st April 2023. The key change is this: Until April 1 2023, you must refer your complaint to the Legal Ombudsman within either six years of the problem happening or within three years from when you should reasonably have known there was cause for...
-
decoded.legal's blog Quick, easy and reliable switching: changes coming to Ofcom's General Conditions on 3 April 2023
Quick, easy and reliable switching: changes coming to Ofcom's General Conditions on 3 April 2023
decoded.legal's blog decoded.legalIf you run a telco or ISP - fixed or mobile - make sure you’re aware of the imminent changes to Ofcom’s General Conditions, around switching (customers moving from one provider to another). Ofcom has made changes to the General Conditions - GC C7, in particular - and these take effect on 3rd April 2023. You can find the modified GC C7 here, and unofficial consolidated GCs here. Fixed location services: The amended...
-
decoded.legal's blog There is no copyright in a file format ... unless there is
There is no copyright in a file format ... unless there is
decoded.legal's blog decoded.legalThere’s a lot of litigation around Bitcoin at the moment, on a number of different fronts. The litigation around the purported fiduciary duty of developers is interesting, but for another day. Today, we’re looking at file formats and copyrightability, following last week’s decision in Wright & Ors v BTC Core & Ors [2023] EWHC 222 (Ch). The interesting bit of the case is whether or not copyright arises in the...
-
decoded.legal's blog The ICO and breach reporting under Reg 5A PECR: take two
The ICO and breach reporting under Reg 5A PECR: take two
decoded.legal's blog decoded.legalA couple of weeks ago, the ICO published a statement saying that it had “decided to stop enforcing personal data breach reports made under Regulation 5A.” Even if the intent behind it was meant well, the announcement wasn’t the best thought-through statement, and I blogged to that effect. The ICO withdrew the statement - I can only guess that others shared similar sentiments to mine - and now it is back with a...
-
decoded.legal's blog The ICO, breach reporting under Reg 5A PECR, and muddy (muddier?) waters
The ICO, breach reporting under Reg 5A PECR, and muddy (muddier?) waters
decoded.legal's blog decoded.legalUpdate: the ICO has simplified its statement (full text of which is at the end of this post), which now reads “The page you requested was removed.”. The ICO has announced a “change to regulation concerning communication service providers”. This relates to the breach reporting obligations under Regulation 5A of the Privacy and Electronic Communications Regulations 2003. While quite possibly a statement that will be...
-
decoded.legal's blog Can ISPs, telcos, and tech companies lobby?
Can ISPs, telcos, and tech companies lobby?
decoded.legal's blog decoded.legalThis is a slightly unusual one for a blog on which I normally cover solely Internet, tech, and telecoms issues. But there is a link! A friend asked me a while back whether, if they emailed their MP about an issue of concern for their ISP business, or if they responded to an Ofcom consultation, or spoke with civil servants in a government department, it would constitute “lobbying”, and if they needed to do anything...
-
decoded.legal's blog Want a Christmas card?
Want a Christmas card?
decoded.legal's blog decoded.legalEach year, we produce a geeky joke-y tech-y/legal-y Christmas card. If you’d like me to post you a card, just fill in this form with your details. We are in the UK, and happy to post internationally. Here’s what we do with your data.
-
decoded.legal's blog Notes on operating fediverse services (Mastodon, Pleroma etc) from an English law point of view
Notes on operating fediverse services (Mastodon, Pleroma etc) from an English law point of view
decoded.legal's blog decoded.legalIn this monologue post, I set out an introductory analysis / overview of the English laws which are likely to apply to people in England who operate decentralised fediverse services which implement the ActivityPub protocol. In particular, people who run instances of Mastodon, Pleroma, and other similar software for others to use. There are some health warnings: as always, nothing here is legal advice. this post...
-
decoded.legal's blog Running a law firm on Linux - a year or so in
Running a law firm on Linux - a year or so in
decoded.legal's blog decoded.legalAbout a year ago, I wrote about my experience of running a law firm on Linux, three months in. It was, to be sure, early days. Now I’ve had the chance to get used to it a bit more, here are some follow-on thoughts. YMMV This works for me, and my (English law) practice. It might not work for you and yours. I’m not advocating that you switch, but rather just writing about my own experiences. A brief overview of my...
-
decoded.legal's blog Proposed new law to ban (some?) computer code in UK company names
Proposed new law to ban (some?) computer code in UK company names
decoded.legal's blog decoded.legalA new bill, the Economic Crime and Corporate Transparency Bill, proposes to prohibit the inclusion of “computer code” in UK company names. It’s only a bill - it is not yet law - but it amused me, so here we are. What the bill says Clause 11 of the bill says: A company must not be registered under this Act by a name that, in the opinion of the Secretary of State, consists of or includes computer code. But aren’t...
-
decoded.legal's blog Jury service (19 - 30 September) and what to expect while Im away
Jury service (19 - 30 September) and what to expect while Im away
decoded.legal's blog decoded.legalThis is a post to explain how I will try to help you during my impending two weeks of jury service. Updates 23rd September: I am not needed, so I am free all day for calls/meetings 21st September: I’m not needed until 14:00, so I am available for calls in the morning (until, say, 12:00) if needed. Just email as usual. 20th September: needed for jury service, so please assume that the information below applies 19th...
-
decoded.legal's blog Law and the metaverse: new(ish) tech, existing principles?
Law and the metaverse: new(ish) tech, existing principles?
decoded.legal's blog decoded.legalA friend asked me, a while back, if I would write a few thoughts about law and “the metaverse”. Honestly, I’ve been a bit hesitant about this. I’m not convinced that there’s anything particularly exciting or interesting to write about. But (a) my blog is hardly a bundle of laughs at any other time, and (b) what I take as a given, in terms of existing thinking and scholarship, might be new to some or all of you...
-
decoded.legal's blog What UK telecoms operators need to know about the UK/USA Data Access Agreement and the US CLOUD Act
What UK telecoms operators need to know about the UK/USA Data Access Agreement and the US CLOUD Act
decoded.legal's blog decoded.legalThe Home Office announced on 21 July 2022. that UK/USA Data Access Agreement, which sits under the USA’s CLOUD Act, will come into force on October 3rd 2022. A draft of the agreement has been available for coming up three years now (and I’ve been working on this topic since before that!), so the key part of the announcement is that it has (finally) been finalised, and that there is an effective date. There is also...
-
decoded.legal's blog The (limited) impact of the High Court's investigatory powers Liberty ruling on telecommunications operators
The (limited) impact of the High Court's investigatory powers Liberty ruling on telecommunications operators
decoded.legal's blog decoded.legalThe High Court ruled last week on the latest challenge against parts of the Investigatory Powers Act 2016. There’s relatively little to note, from a practical point of view, for telecommunications operators, if only because all bar one of Liberty’s challenges were dismissed. One challenge succeeded, and it is an important one, but, in practice, it is unlikely to have a material impact on telecommunications...
-
decoded.legal's blog Emergency video relay and the 999 BSL service: an update for Internet access providers and telcos
Emergency video relay and the 999 BSL service: an update for Internet access providers and telcos
decoded.legal's blog decoded.legalIn June 2021, Ofcom published a statement setting out its decision to require providers of fixed and mobile telephony services and providers of internet access services, to provide, or contract to provide, a free 24/7 video relay service for deaf BSL users to enable communication with the emergency services. This caused some consternation, especially among smaller Internet access providers: surely it made no sense...
-
decoded.legal's blog Router freedom: the (qualified) right for users to choose their own terminal equipment
Router freedom: the (qualified) right for users to choose their own terminal equipment
decoded.legal's blog decoded.legalThe Dutch Consumers and Markets Authority has announced that, if a Dutch entity of Vodafone, Vodafone Ziggo, does not act rapidly to ensure that users can select and use their own terminal equipment, it will issue a fine of €12,500 per day, up to a maximum of €500,000, until Ziggo resolves the situation. The full ruling of the ACM is available in Dutch. This blogpost sets out the basic principles of the (qualified)...
-
decoded.legal's blog Ofcom General Condition changes coming into effect 17 June 2022
Ofcom General Condition changes coming into effect 17 June 2022
decoded.legal's blog decoded.legalOn 17th June 2022, further changes to Ofcom’s General Conditions of Entitlement take effect. If you haven’t started already, now would be a good time to: check, and probably update, your terms, to make sure they conform to the new rules around contract modifications. implement the pre-contractual information and pre-contractual “contract summary” rules. re-train your staff, so that they are ready to deal with...
-
decoded.legal's blog ISPs, telcos, and responding to the ICO's third party information notices
ISPs, telcos, and responding to the ICO's third party information notices
decoded.legal's blog decoded.legalThis blogpost introduces communications providers to the concept of a “third party information notice”, a power afforded to the Information Commissioner’s Office in the UK. What is a third party information notice? Also known as “TPINs” or “3PINs”, a third party information notice is a legal mandate which the Information Commissioner’s Office can serve on a communications provider, requiring the provider to hand...
-
decoded.legal's blog Presentation: IP addresses and electronic evidence
Presentation: IP addresses and electronic evidence
decoded.legal's blog decoded.legalA friend asked if I could fill a slot at a conference for judges across Asia, on electronic evidence. Could I please speak for no more than 10 minutes, on something of interest. I was very limited in what I could cover in 10 minutes (and I’m the kind of person who takes timekeeping seriously!), especially since I had to assume zero technical knowledge, and this was my best shot: View it in a new window/tab.
-
decoded.legal's blog Internet Service Sanctions: changes to the UK Sanctions List, and an open letter from Ofcom
Internet Service Sanctions: changes to the UK Sanctions List, and an open letter from Ofcom
decoded.legal's blog decoded.legalOn Friday, I wrote about the new sanction affecting Internet access providers in the UK, The Russia (Sanctions) (EU Exit) (Amendment) (No. 9) Regulations 2022. Read that blogpost for background, if you have not done so already. This one just contains some (important) updates. The UK Sanctions List contains a new type of “Sanction Imposed”: “Internet Services Sanctions” When I wrote the original blogpost on Friday, I...
-
decoded.legal's blog A new sanction affecting Internet access providers in the UK
A new sanction affecting Internet access providers in the UK
decoded.legal's blog decoded.legalUpdated 2022-04-30 with information on filtering the UK sanctions list Updated 2022-05-01 with a statement from DCMS There is a new sanction, which affects Internet access providers who provide connectivity to people in the UK. It is an amendment to The Russia (Sanctions) (EU Exit) Regulations 2019. There are other sanctions which apply to app store providers and social media providers. These are out of scope of...
-
decoded.legal's blog Selling to consumers online? Check your final order button text is compliant, or risk a voidable contract
Selling to consumers online? Check your final order button text is compliant, or risk a voidable contract
decoded.legal's blog decoded.legalIf you are selling online to consumers, you are required to ensure that the final “order” button, which the consumer presses to place an order, makes it sufficiently clear that the consumer is placing an order with an obligation to pay. Case law suggests that, while you can deviate from the statutory example, the threshold for demonstrating that your own choice of words is equivalent, and thus compliant, is a high...
-
decoded.legal's blog The UK's International Data Transfer Agreement: what it is and what it means for you
The UK's International Data Transfer Agreement: what it is and what it means for you
decoded.legal's blog decoded.legalOn 21 March 2022, the UK’s International Data Transfer Agreement came into force, along with an Addendum. I’ve written about the International Data Transfer Agreement before and, bluntly, I wasn’t particularly flattering about them: The UK’s International Data Transfer Agreement: is this the ICO’s worst document yet? Unfortunately but unsurprisingly, the version of the Agreement which has come into force is the...
-
decoded.legal's blog Neil's YouGotThis.io conference talk on Legal Tips To Build Your Business Safely
Neil's YouGotThis.io conference talk on Legal Tips To Build Your Business Safely
decoded.legal's blog decoded.legalIn January, I had the pleasure of talking at a conference for junior developers, or people new to running their own tech business, focused on core, non-technical skills: YouGotThis.io. Run by Kevin Lewis (Twitter link), YouGotThis.io is an unusual conference precisely because it focuses solely on what some might call “soft skills”. And, even if they are “soft”, they are vitally important. I was asked to talk for 30...
-
decoded.legal's blog Publishing your source code for others to use? Specify a licence, please!
Publishing your source code for others to use? Specify a licence, please!
decoded.legal's blog decoded.legalWarning: Copyright law is broadly harmonised around the world, but, when it comes to permitted uses and exceptions, and, in particular, to “fair use”, it is not. So this is the usual reminder that I am talking solely about English law. You’ve written some software, and you want to make the source code available online, so that others can make use of it. This blogpost will, hopefully, convince you to identify the...
-
decoded.legal's blog Third party requests to exercise data subject rights: quick notes for controllers
Third party requests to exercise data subject rights: quick notes for controllers
decoded.legal's blog decoded.legalAn increasing number of third parties are offering services - typically, by way of a web site or an app - to facilitate data subjects in exercising their rights under the GDPR. Controllers on the receiving end of communications from one or more of these providers might want to read this post in conjunction with our previous posts: How to handle data subject access requests under the UK GDPR Five points to note...
-
decoded.legal's blog The UK's International Data Transfer Agreement: is this the ICO's worst document yet?
The UK's International Data Transfer Agreement: is this the ICO's worst document yet?
decoded.legal's blog decoded.legalIf you’ve been involved in transfers of personal data to third countries under the GDPR, you’ll probably be familiar with the long-standing standard contract clauses. And you may be familiar with the European Commission’s new standard contract clauses (which are not recognised for use for transfers from the UK, although I’ve seen some commentary saying that you should use them anyway and argue about it later). Well,...
-
decoded.legal's blog Events, exclusion lists, and the UK GDPR
Events, exclusion lists, and the UK GDPR
decoded.legal's blog decoded.legalIf you run an event, there is - sadly - a strong chance that you’ve had to deal with inappropriate behaviour. More and more events have adopted a code of conduct, to set out standards of acceptable (or unacceptable) behaviour. Breaches might lead to a warning, to ejection from an event, or to a ban on future attendance. Sufficiently egregious conduct outside an event may also lead to an exclusion, to protect the...
-
decoded.legal's blog Google Fonts, an IP address, and the GDPR: must I now self-host all my web page resources?
Google Fonts, an IP address, and the GDPR: must I now self-host all my web page resources?
decoded.legal's blog decoded.legalThe Register, and probably other places, are reporting about a Munich court’s decision that the use of Google Fonts, hosted on a server operated by Google, led to an infringement of German data protection law. This is an interesting decision, although, personally, I am not going to read too much into it. This is because: it is a decision of one junior court, in response to a small claim. it does not look as if the...
-
decoded.legal's blog Five points to note in the EDPB's draft guidelines on the right of access under the GDPR
Five points to note in the EDPB's draft guidelines on the right of access under the GDPR
decoded.legal's blog decoded.legalThe European Data Protection Board has published draft guidelines on the right of access, for consultation. These are draft guidelines, and so they may change before they are made official. To save you wading through the 60 page consultation draft, here are five bits I found interesting. (If you are not sure what the right of access is about, here is our primer.) If a data subject wants all their data, they can have...
-
decoded.legal's blog Ofcoms General Conditions of Entitlement: an update, with important changes
Ofcoms General Conditions of Entitlement: an update, with important changes
decoded.legal's blog decoded.legalIn December 2021, Ofcom published an updated (unofficial) consolidated version of the General Conditions of Entitlement. Ofcom describes the changes as: Changes to A2, A3, A4, B2, C1, C2, C3, C4, C5, C6, C7 and C8 and Definitions to implement the European Electronic Communications Code with effect from 17 December 2021. There are quite a number of changes, and bits which I have not written about before. If you...
-
decoded.legal's blog Telecommunications Security Act 2021: a quick update
Telecommunications Security Act 2021: a quick update
decoded.legal's blog decoded.legalI have written before about the Telecommunications Security Bill, as it was going through Parliament: What could the Telecommunications (Security) Bill mean for ISPs and telcos? Telecoms Security Bill: draft specific obligations for ISPs and telcos Well, now it is here: the Telecommunication Security Act 2021. It’s law, but only parts of it are currently in force The Act comes into force in stages. The...
-
decoded.legal's blog Don't let cold calling get you into hot water
Don't let cold calling get you into hot water
decoded.legal's blog decoded.legalThe ICO has fined a company £75,000 for unlawful marketing. Nothing particularly surprising there, as the ICO does it all the time, but this particular decision is an unusual one: it is a fine issued in respect of unlawful business-to-business telephone marketing. (In addition to the fine, the ICO has also imposed an enforcement notice, the gist of which is “comply with the law”.) The rules for telephone marketing...
-
decoded.legal's blog Internet, telecoms, and tech law predictions for 2022
Internet, telecoms, and tech law predictions for 2022
decoded.legal's blog decoded.legalThings I predict will happen in 2022: Telecoms companies, Internet service providers, and device manufacturers will start to get to grips with new government security requirements, in some cases needing to make significant architectural changes to their networks, and the way they operate their services. There will be a review of the Investigatory Powers Act 2016, but there will be few, if any, significant...
-
decoded.legal's blog Wishing you a merry Christmas and a happy new year
Wishing you a merry Christmas and a happy new year
decoded.legal's blog decoded.legalWishing you all a merry Christmas, and a happy new year. We are going to be taking some holiday (finally!), and we will be back in early 2022. (Photo of Father Christmas (Le père Noël, rue Saint-Agnan, à Cosne-Cours-sur-Loire, Nièvre, Bourgogne, France.) by Cjp24, CC BY SA 4.0)
-
decoded.legal's blog The limits of Norwich Pharmacal orders: when a cellular operator is a witness, not a facilitator of wrongdoing
The limits of Norwich Pharmacal orders: when a cellular operator is a witness, not a facilitator of wrongdoing
decoded.legal's blog decoded.legalThe Court of Appeal has ruled on an interesting point of law, to do with a UK mobile operator and Norwich Pharmacal orders. What is a Norwich Pharmacal order A Norwich Pharmacal order is a court order which is used to obtain information from a third party, to assist in litigation against someone else. For example, to bring a claim of copyright infringement against an ISP’s customer, the claimant rightsholder might...
-
decoded.legal's blog Running a law firm on Linux
Running a law firm on Linux
decoded.legal's blog decoded.legalWe are now three or so months into the world of running decoded.legal, and doing legal work, exclusively* on Linux1, so I thought I’d write about it. I’m a client. How does this affect me? Probably not at all. After all, we switched about three months ago so, if you haven’t noticed anything different by now, chances are you won’t. (And if you have, and you don’t like it / don’t understand why something has changed,...
-
decoded.legal's blog decoded.legal and the seven OSI layers for Internet, telecoms, and tech legal advice
decoded.legal and the seven OSI layers for Internet, telecoms, and tech legal advice
decoded.legal's blog decoded.legalBlake E Reid, an excellent US tech/telecoms law professor, tweeted: This is a good argument for Internet law folks to take telecom law, where the environmental impacts of Internet infrastructure become vastly more obvious. I’m often surprised how many “Internet lawyers” don’t get into the operation of Internet access services - they’re mostly “layer 7 lawyers”, not that there is anything wrong with that - and so I...
-
decoded.legal's blog Give them (GNU GP)ell: a new approach to claims for non-compliance with Free software licences?
Give them (GNU GP)ell: a new approach to claims for non-compliance with Free software licences?
decoded.legal's blog decoded.legalIt’s a strange world. I run a law firm which itself runs almost entirely on Free software, yet I don’t get to write about Free / open source software as much as I’d like. But, today, I’ve got a good reason: a new lawsuit (albeit one filed in the USA), attempting to enforce GNU GPL 2.0 and GNU LGPL 2.1 against a TV manufacturer. I stress that this is a claim in the USA, so it’s unlikely to be directly relevant to...
-
decoded.legal's blog Ring doorbells, audio and video monitoring equipment, data protection, and suspiciously long raincoats
Ring doorbells, audio and video monitoring equipment, data protection, and suspiciously long raincoats
decoded.legal's blog decoded.legalHave you put up, or are thinking of putting up, audio and video recording equipment around and outside your home? Then this post is for you. It’s about a decision of the Oxford County Court, for October 2021. If you want, you can read the judgment. Beware: it is quite long, and there is considerable discussion of the weight the judge attached to various people’s evidence. What was the case about? In essence, it was...
-
decoded.legal's blog How to handle data subject access requests under the UK GDPR
How to handle data subject access requests under the UK GDPR
decoded.legal's blog decoded.legalThis blog post is a short(ish) guide to the core issues in handling subject access requests under the UK GDPR. If you have received a request and you are not sure where to start, this will help you get going. What is a subject access request? Under the UK GDPR, data subjects - an individual about whom you process personal data - have a number of rights. One of those rights is the right to ask for a copy of the...
-
decoded.legal's blog Dealing with demands for communications data under the Investigatory Powers Act 2016
Dealing with demands for communications data under the Investigatory Powers Act 2016
decoded.legal's blog decoded.legalThis blog post looks at the obligations imposed on telecommunications operators under the Investigatory Powers Act 2016, to provide communications data in response to a notice from UK public authorities (including the police). This is a tricky area, with the potential for significant repercussions for both you and the subject of an investigation if you get it wrong. Are you a “telecommunications operator”? If you...
-
decoded.legal's blog How the draft Online Safety Bill would affect the development of Free / open source software
How the draft Online Safety Bill would affect the development of Free / open source software
decoded.legal's blog decoded.legalAs readers of my personal blog, or people who know me, will probably be aware, I’m a proponent, and user, of Free and open source software. And this got me thinking: how would the draft Online Safety Bill affect the development of Free / open source software, if it were passed in its current form? Edit 20211023: in case it were insufficiently clear, the document is not yet a law, nor even a bill. It is at pre-bill...
-
decoded.legal's blog Personal data breach reporting for service outages (such as when your CDN is down)
Personal data breach reporting for service outages (such as when your CDN is down)
decoded.legal's blog decoded.legal(CDN: content delivery network. Such as Akamai.) Even though it is not obviously within the scope of the definition of “personal data breach”, guidance from both the UK’s regulator and the European Data Protection Board suggests that “loss of availability” can be a personal data breach, requiring you to go through the risk assessment exercise to decide if it needs to be either notified to the regulator, or...
-
decoded.legal's blog Online ID / age verification: the death of online search, and non-browser web access?
Online ID / age verification: the death of online search, and non-browser web access?
decoded.legal's blog decoded.legalNeil note: I’ve published this with the hope that others familiar with what this could entail will give feedback. As such, what you read now might not be the final version. If I make material changes, I’ll indicate them. Regular readers will not have missed [the UK government’s ongoing something-must-be-done attempt to put ID or age verification barriers on the web and other online services. In the Full government...
-
decoded.legal's blog No, the European Commission is not compelling online service providers to monitor communications. Well, not yet.
No, the European Commission is not compelling online service providers to monitor communications. Well, not yet.
decoded.legal's blog decoded.legalI’ve seen a few comments saying words to the effect of “an amendment to the European directive on ePrivacy will require online service providers to monitor their users’ communications”. This is wrong. It is a derogation, not a mandate The text in question is a derogation from the ePrivacy directive, which, in limited and specific circumstances permits providers of some online services to use: specific technologies...
-
decoded.legal's blog All reasonable endeavours v best endeavours: a 2021 case update
All reasonable endeavours v best endeavours: a 2021 case update
decoded.legal's blog decoded.legalIf you’ve worked with contracts for any length of time, you’ll have had a discussion / argument with someone as to whether a party’s obligation to do something should be: absolute limited to them using them to using their “best endeavours” limited to them using “all reasonable endeavours” limited to them using “reasonable endeavours” (note the lack of all) and sometimes with the word “commercial” thrown in for...
-
decoded.legal's blog Github Copilot: initial thoughts from an English law perspective
Github Copilot: initial thoughts from an English law perspective
decoded.legal's blog decoded.legal(I have more questions than answers, but I thought it was worth writing something, even if just as a straw man for others to rip apart.) #Introducing Github Copilot Github has launched a beta tool, available only to some users, of something it calls “Copilot”. It describes it as: Your AI pair programmer In a little more detail: Trained on billions of lines of public code, GitHub Copilot puts the knowledge you...
-
decoded.legal's blog The UK is adequate (for data protection purposes)
The UK is adequate (for data protection purposes)
decoded.legal's blog decoded.legalThe long-running saga as to whether the United Kingdom will be considered “adequate” from a data protection point of view has reached an important, and probably welcome to many, point: today, the European Commission has decided that, mostly, the UK offers a sufficient level of protection for European data subjects’ personal data to be considered “adequate”. For now, anyway. #What does this mean The GDPR imposes...
-
decoded.legal's blog The new standard contract clauses: what you need to know right now
The new standard contract clauses: what you need to know right now
decoded.legal's blog decoded.legalThe European Commission has published a new set of standard contract clauses. They’re also in the Official Journal, as of 7 June 2021. If you are subject to the GDPR and you are involved — whether as the person receiving/accessing personal data, or the personal sending/giving access to personal data — in international transfers of personal data, you need to be on top of this. Quick background If you are subject to...
-
decoded.legal's blog Must all UK Internet access providers keep records of which websites I visit?
Must all UK Internet access providers keep records of which websites I visit?
decoded.legal's blog decoded.legalThis blogpost addresses a common claim, that all UK Internet access providers are required to retain everything about their subscribers’ or users’ activities. Every packet they shift, every web page they visit, every message they send. tl;dr There is no evidence to support the claim, and the legislative framework and accompanying code of practice strongly suggests otherwise. ISPs are not subject to an automatic...
-
decoded.legal's blog The EU's terrorist content regulation and what it means for UK hosting providers
The EU's terrorist content regulation and what it means for UK hosting providers
decoded.legal's blog decoded.legalThe European Parliament has adopted (deemed approved) a regulation addressing the dissemination of terrorist content online. The stated aim of the Regulation is to “address the misuse of hosting services for terrorist purposes and contribute to public security in European societies”. If you provide hosting services (which is defined broadly, and includes social media services, sites with public comments sections,...
-
decoded.legal's blog Understanding the Data Protection Acts national security and defence exemption
Understanding the Data Protection Acts national security and defence exemption
decoded.legal's blog decoded.legal1 This post covers the Data Protection Act 2018’s national security and defence exemption. Most controllers will never need to rely on this but, if you do, it’s a useful provision, and one which you need to apply carefully. The national security and defence exemption s26 Data Protection Act 2018 provides an exemption from some of the provisions of the UK GDPR, and some parts of the DPA 2018 itself, where exemption...
-
decoded.legal's blog Five things to take from the European Parliaments response to the Commission on the GDPR
Five things to take from the European Parliaments response to the Commission on the GDPR
decoded.legal's blog decoded.legalThe European Parliament has published its report on the European Commission’s report on the implementation of the GDPR, which the Commission published two years after its application. Yes, it’s a report about a report. And this is a blogpost about a report about a report. Here are five things which stood out to me. 1. The Parliament “is concerned that controllers often mention all the legal grounds of the GDPR in...
-
decoded.legal's blog Drafting clearer contracts, and why you should care
Drafting clearer contracts, and why you should care
decoded.legal's blog decoded.legalLast week, I completed the eighth and final week of Ken Adams’s “Drafting Clearer Contracts: Masterclass”. The course is described as “Sophisticated online training in drafting clearer contracts”, and that’s an entirely fair description. It’s based around Ken’s “A Manual of Style for Contract Drafting”. (I wished, throughout the course, that I had an eBook version of the Manual, and I’ve only just noticed that there...
-
decoded.legal's blog Unpicking the making children as safe as they are offline fallacy
Unpicking the making children as safe as they are offline fallacy
decoded.legal's blog decoded.legalWhen discussing Internet regulation, one often hears the trope that the Internet must be made “as safe as the offline world”. Indeed, the outgoing Information Commissioner, Elizabeth Denham, gave a speech to the Oxford Internet Institute last week, in which she said: The internet was not designed for children, but we know the benefits of children going online. We have protections and rules for kids in the offline...
-
decoded.legal's blog Online harms and the role of intermediaries as enforcers
Online harms and the role of intermediaries as enforcers
decoded.legal's blog decoded.legal1 In my last blog post, I commented on the UK government’s current proposals to impose obligations on a hugely broad range of online actors, thanks to the proposals’ extra-territorial scope. This blogpost looks at one of the proposed backstop enforcement mechanisms, to deal with sites and services which do not meet the obligations imposed on them under the online harms framework, with a particular focus on ISP...
-
decoded.legal's blog Online harms: an extra-territorial over-reach?
Online harms: an extra-territorial over-reach?
decoded.legal's blog decoded.legal1 tl;dr Without changing the very essence of the services they provide, it would be close to impossible for any service provider, anywhere in the world, which permits the posting of user-generated content, or interaction between users, to escape the clutches of a UK law, if the current UK government proposals become law. Purportedly inflicting UK law on a huge number of people who have no reason to even be aware of...
-
decoded.legal's blog The law firm and the Streisand Effect
The law firm and the Streisand Effect
decoded.legal's blog decoded.legal1 tl;dr A former client left one negative review of a law firm. The law firm sued. The court held the review was defamatory, and ordered it to be removed. The court’s judgment was published, and the BBC reported about it. Now the law firm has lots of negative reviews. Disputes, reputation, and planning We don’t do litigation, but we are often asked to — and are happy to help — give advice on the best way of...
-
decoded.legal's blog EncroChat, targeted equipment interference, and the Court of Appeal
EncroChat, targeted equipment interference, and the Court of Appeal
decoded.legal's blog decoded.legalThis is a quick comment on the Court of Appeal’s judgment in the case of A and Ors, R v, relating to EncroChat. It is a comment on the judgment, and the way in which the Court applied the rules under the Investigatory Powers Act 2016. I am aware of online discussions around the evidence put to the court of first instance, and the resulting findings of fact. I make no comment on those. If you are reading this because...
-
decoded.legal's blog Telecoms Security Bill: draft specific obligations for ISPs and telcos
Telecoms Security Bill: draft specific obligations for ISPs and telcos
decoded.legal's blog decoded.legalI wrote last year about the Telecoms Security Bill. The bill, if passed, would be a significant change to the security obligations imposed on provides of electronic communications networks and services. As I noted in that post, the bill has two parts: Changes to the existing security obligations under the Communications Act 2003 “Designated vendor directions” Under the changes to the Communications Act, there is a...
-
decoded.legal's blog The territorial scope of the GDPR, as applied by the High Court
The territorial scope of the GDPR, as applied by the High Court
decoded.legal's blog decoded.legal1 This week saw what is, I believe, the first English judgment dealing with the territorial scope of the GDPR. This blogpost is a reminder of the rules on “territorial scope”, and weaves in the High Court’s ruling in Soriano v Forensic News and others ([2021] EWHC 56 (QB)). tl;dr For those who don’t want the detail, the gist is that the court decided that the claimant could not demonstrate that the GDPR’s tests for...
-
decoded.legal's blog Alternatives to using genuine phone numbers, IP addresses, domain names and email addresses in your training and documentation
Alternatives to using genuine phone numbers, IP addresses, domain names and email addresses in your training and documentation
decoded.legal's blog decoded.legalIf you are preparing training or guidance, showcasing your product or service, or giving code samples, you’ll often want example data, such as a phone number, email address, or National Insurance. (I know I do when I do training on data protection and telecoms law.) You could use something allocated to you, and that’s fine as long as you remember to change it when you give it up, and you don’t mind someone trying to...
-
decoded.legal's blog Four legal tips to keep your business running smoothly in 2021
Four legal tips to keep your business running smoothly in 2021
decoded.legal's blog decoded.legal1 The pandemic is getting worse, democracy in the USA seems to have collapsed, and if you have to say “you’re still on mute” one more time, you’ll explode. And it’s only the 11th of January. Here are four legal tips to help keep your business running smoothly in 2021, despite — perhaps even because of — all the madness. Update your GDPR record of processing, and check your transparency information Most organisations...
-
decoded.legal's blog decoded.legal is five years old today!
decoded.legal is five years old today!
decoded.legal's blog decoded.legal1 Can you believe it? I can’t. decoded.legal first opened its (virtual) doors to clients five years ago today! Doing what we do, well … We set out with simple objective: to run a tech-savvy virtual English law firm, helping Internet, telecoms, and technology businesses achieve their commercial goals, and navigate often complex regulatory environments, at a reasonable, predictable price. Five years in, I’m...