Topic
Digital tools, cyber security, and technology adoption
Comprehensive guide to the children's safety duties under the Online Safety Act 2023. Covers what triggers the duties, risk assessment by age group, the categories of harmful content affecting children, age assurance requirements, Ofcom's children's codes of practice, and how the OSA intersects with the ICO's Children's Code.
Read guideHow to comply with the Computer Misuse Act 1990 when conducting security testing, developing security tools, or running bug bounty programmes. Includes the four criminal offences, penalties up to life imprisonment for serious cases, and requirements for legitimate security research.
Read guideStep-by-step guide to assessing whether children are likely to access your online service under the Online Safety Act 2023. Covers the legal test, Ofcom's April 2025 guidance, factors to consider, and what additional duties are triggered if children can access your service.
Read guideStep-by-step guide to conducting the mandatory illegal content risk assessment under the Online Safety Act 2023. Covers how to identify risks from Schedule 7 priority offences, assess your service's features, document safety measures, and produce the required written record.
Read guidePractical, low-cost steps to protect your small business from cyber attacks. Covers the five Cyber Essentials controls, free security tools, staff awareness, and how to respond if something goes wrong.
Read guideHow to protect your business from cyber threats and comply with UK cyber security requirements. Includes Cyber Essentials certification, data breach notification rules, and sector-specific obligations for financial services and healthcare.
Read guideHow to achieve Cyber Essentials certification for your business. Covers the five technical controls, certification levels and costs, the assessment process, and requirements for government contracts.
Read guidePractical guide to implementing age assurance on your online platform. Covers choosing between age verification and estimation, evaluating providers, privacy-preserving approaches, the specific requirements for pornographic content, and ensuring compliance with both the Online Safety Act and UK GDPR.
Read guideHow to comply with the Product Security and Telecommunications Infrastructure Act 2022 if you manufacture, import, or distribute consumer connectable products in the UK. Covers the three mandatory security requirements, supply chain duties, products in scope, and OPSS enforcement powers.
Read guideHow to comply with the Network and Information Systems (NIS) Regulations 2018 as an operator of essential services. Covers OES designation, the NCSC Cyber Assessment Framework (CAF), incident notification requirements, and sector competent authorities.
Read guideQuick-check verification of your Online Safety Act compliance status. Covers scope assessment, risk assessments, content moderation, terms of service, complaints, age assurance, Ofcom registration, and record-keeping.
Read guideHow to comply with the Online Safety Act 2023 if you operate a user-to-user service or search service. Covers service categories, illegal content duties, children's safety duties, implementation dates, and Ofcom enforcement.
Read guideQuick reference to Ofcom's enforcement powers, penalty calculations, and senior manager criminal liability under the Online Safety Act 2023.
Read guideHow to register with Ofcom as a regulated online service and understand fee requirements under the Online Safety Act 2023. Covers scope, the registration portal, qualifying worldwide revenue thresholds, and annual fee obligations.
Read guideHow to build a content moderation system that meets Online Safety Act 2023 duties. Covers automated detection tools, human moderation teams, user reporting mechanisms, content review workflows, removal timelines, record-keeping, and moderator wellbeing.
Read guideComprehensive guide to regulatory compliance for technology businesses - UK GDPR, data protection, online safety, cybersecurity, and sector-specific requirements.
Read guideA strategic overview of the Online Safety Act 2023, explaining what it is, who it affects, how the regulatory framework operates, and where it sits within the broader UK digital regulation landscape. Essential reading for any business operating an online platform or service with user interaction.
Read guideHow to draft or update your platform's terms of service to comply with Online Safety Act 2023 duties. Covers required content, prohibited content policies, enforcement, accessibility, and Category 1 additional obligations.
Read guideHow the Digital Markets Act and CMA regulation affects large digital platforms and app store operators. Covers Strategic Market Status, conduct requirements, and developer rights.
Read guideSelling internationally through online marketplaces, understanding distance selling regulations, and VAT obligations.
Read guideLegal requirements for selling online - including consumer contracts, pre-contract information, cancellation rights, and digital content regulations.
Read guideRights and obligations for communications network operators to install and maintain electronic communications apparatus on public and private land.
Read guideAny provider of electronic communications services or networks in the UK operates under a general authorisation regime. No individual licence required, but providers must comply with general conditions.
Read guideThe UK takes a principles-based, sector-specific approach to AI regulation. There is no single AI law. Instead, existing regulators — including the ICO, FCA, MHRA, CMA, Ofcom, and EHRC — apply five cross-cutting principles within their own domains. The AI Security Institute (formerly AI Safety Institute) provides guidance on frontier models. A comprehensive government AI Bill is expected in the second half of 2026.
Read guideGovernment-backed scheme helping organisations guard against common cyber attacks. Required for many government contracts involving handling of sensitive information.
Read guideExport of goods, software, and technology with both civil and military applications requires licensing. Particularly relevant for encryption, advanced computing, AI, and surveillance technologies.
Read guideThe NIS Regulations 2018 (as amended in 2022) require operators of essential services and relevant digital service providers to implement appropriate security measures, report significant incidents within 72 hours, and cooperate with sector-specific competent authorities. The Cyber Security and Resilience Bill (introduced November 2025) will further expand scope to managed service providers, data centres, and critical suppliers.
Read guideUnderstand your legal obligations when using, developing, or distributing software - including open source licensing, commercial agreements, and intellectual property protection.
Read guideComprehensive guide to licences and regulatory authorisations required for technology businesses - telecommunications, financial services, intellectual property, export controls, and product safety.
Read guideHow to implement age verification to comply with the Online Safety Act and ICO Children's Code. Covers verification methods, pornography requirements, privacy considerations, and gaming/gambling rules.
Read guideYour legal obligations under the Consumer Rights Act 2015 and Consumer Contracts Regulations 2013 when selling software, apps, games, music, video, e-books, or other digital content to consumers.
Read guideRegulatory requirements for cryptoasset businesses in the UK - how token classification determines whether you need full FCA authorisation or Money Laundering Regulations registration only.
Read guidePECR sits alongside UK GDPR and gives specific privacy rights relating to electronic communications, including marketing calls, emails, texts, cookies, and traffic data.
Read guideComplete IP protection guide for software businesses - automatic copyright for source code, patent eligibility under the technical contribution test, UK and international patent fees, and trademark registration for software and services.
Read guideEquipment that intentionally transmits or receives radio waves for communication or radio determination must comply with Radio Equipment Regulations, including IoT devices, WiFi equipment, and Bluetooth products.
Read guide