Topic
Digital & Technology
Digital tools, cyber security, and technology adoption
Cyber Security
Children's safety duties under the Online Safety Act
Comprehensive guide to the children's safety duties under the Online Safety Act 2023. Covers what triggers the duties, risk assessment by age group, the categories of harmful content affecting children, age assurance requirements, Ofcom's children's codes of practice, and how the OSA intersects with the ICO's Children's Code.
Read guideComputer Misuse Act Compliance
How to comply with the Computer Misuse Act 1990 when conducting security testing, developing security tools, or running bug bounty programmes. Includes the four criminal offences, penalties up to life imprisonment for serious cases, and requirements for legitimate security research.
Read guideConduct a children's access assessment
Step-by-step guide to assessing whether children are likely to access your online service under the Online Safety Act 2023. Covers the legal test, Ofcom's April 2025 guidance, factors to consider, and what additional duties are triggered if children can access your service.
Read guideConduct an illegal content risk assessment
Step-by-step guide to conducting the mandatory illegal content risk assessment under the Online Safety Act 2023. Covers how to identify risks from Schedule 7 priority offences, assess your service's features, document safety measures, and produce the required written record.
Read guideCyber security basics for small businesses
Practical, low-cost steps to protect your small business from cyber attacks. Covers the five Cyber Essentials controls, free security tools, staff awareness, and how to respond if something goes wrong.
Read guideCyber security requirements for UK businesses
How to protect your business from cyber threats and comply with UK cyber security requirements. Includes Cyber Essentials certification, data breach notification rules, and sector-specific obligations for financial services and healthcare.
Read guideGet Cyber Essentials certified
How to achieve Cyber Essentials certification for your business. Covers the five technical controls, certification levels and costs, the assessment process, and requirements for government contracts.
Read guideImplement age assurance on your platform
Practical guide to implementing age assurance on your online platform. Covers choosing between age verification and estimation, evaluating providers, privacy-preserving approaches, the specific requirements for pornographic content, and ensuring compliance with both the Online Safety Act and UK GDPR.
Read guideIoT product security compliance (PSTI Act)
How to comply with the Product Security and Telecommunications Infrastructure Act 2022 if you manufacture, import, or distribute consumer connectable products in the UK. Covers the three mandatory security requirements, supply chain duties, products in scope, and OPSS enforcement powers.
Read guideNIS Regulations: compliance for operators of essential services
How to comply with the Network and Information Systems (NIS) Regulations 2018 as an operator of essential services. Covers OES designation, the NCSC Cyber Assessment Framework (CAF), incident notification requirements, and sector competent authorities.
Read guideOnline Safety Act compliance checklist
Quick-check verification of your Online Safety Act compliance status. Covers scope assessment, risk assessments, content moderation, terms of service, complaints, age assurance, Ofcom registration, and record-keeping.
Read guideOnline Safety Act: duties for online services
How to comply with the Online Safety Act 2023 if you operate a user-to-user service or search service. Covers service categories, illegal content duties, children's safety duties, implementation dates, and Ofcom enforcement.
Read guideOnline Safety Act penalties and enforcement powers
Quick reference to Ofcom's enforcement powers, penalty calculations, and senior manager criminal liability under the Online Safety Act 2023.
Read guideRegister with Ofcom for Online Safety Act compliance
How to register with Ofcom as a regulated online service and understand fee requirements under the Online Safety Act 2023. Covers scope, the registration portal, qualifying worldwide revenue thresholds, and annual fee obligations.
Read guideSet up content moderation to meet Online Safety Act requirements
How to build a content moderation system that meets Online Safety Act 2023 duties. Covers automated detection tools, human moderation teams, user reporting mechanisms, content review workflows, removal timelines, record-keeping, and moderator wellbeing.
Read guideTech Sector Compliance Overview
Comprehensive guide to regulatory compliance for technology businesses - UK GDPR, data protection, online safety, cybersecurity, and sector-specific requirements.
Read guideUnderstanding the Online Safety Act
A strategic overview of the Online Safety Act 2023, explaining what it is, who it affects, how the regulatory framework operates, and where it sits within the broader UK digital regulation landscape. Essential reading for any business operating an online platform or service with user interaction.
Read guideWrite terms of service that meet Online Safety Act requirements
How to draft or update your platform's terms of service to comply with Online Safety Act 2023 duties. Covers required content, prohibited content policies, enforcement, accessibility, and Category 1 additional obligations.
Read guideDigital Tools
App store and digital platform regulation
How the Digital Markets Act and CMA regulation affects large digital platforms and app store operators. Covers Strategic Market Status, conduct requirements, and developer rights.
Read guideE-commerce and digital exporting
Selling internationally through online marketplaces, understanding distance selling regulations, and VAT obligations.
Read guideE-commerce regulations for online selling
Legal requirements for selling online - including consumer contracts, pre-contract information, cancellation rights, and digital content regulations.
Read guideMaking Tax Digital for businesses
How to comply with Making Tax Digital requirements.
Read guideTelecommunications
Electronic Communications Code
Rights and obligations for communications network operators to install and maintain electronic communications apparatus on public and private land.
Read guideGeneral Authorisation for Electronic Communications Services
Any provider of electronic communications services or networks in the UK operates under a general authorisation regime. No individual licence required, but providers must comply with general conditions.
Read guideSoftware & AI
AI Regulation Framework
The UK takes a principles-based, sector-specific approach to AI regulation. There is no single AI law. Instead, existing regulators — including the ICO, FCA, MHRA, CMA, Ofcom, and EHRC — apply five cross-cutting principles within their own domains. The AI Security Institute (formerly AI Safety Institute) provides guidance on frontier models. A comprehensive government AI Bill is expected in the second half of 2026.
Read guideCyber Essentials Certification
Government-backed scheme helping organisations guard against common cyber attacks. Required for many government contracts involving handling of sensitive information.
Read guideExport Control (Dual-Use Technology)
Export of goods, software, and technology with both civil and military applications requires licensing. Particularly relevant for encryption, advanced computing, AI, and surveillance technologies.
Read guideNetwork and Information Systems (NIS) Regulations
The NIS Regulations 2018 (as amended in 2022) require operators of essential services and relevant digital service providers to implement appropriate security measures, report significant incidents within 72 hours, and cooperate with sector-specific competent authorities. The Cyber Security and Resilience Bill (introduced November 2025) will further expand scope to managed service providers, data centres, and critical suppliers.
Read guideSoftware licensing compliance
Understand your legal obligations when using, developing, or distributing software - including open source licensing, commercial agreements, and intellectual property protection.
Read guideTech Sector Licensing and Authorisations
Comprehensive guide to licences and regulatory authorisations required for technology businesses - telecommunications, financial services, intellectual property, export controls, and product safety.
Read guideGuides
Age verification for online services
How to implement age verification to comply with the Online Safety Act and ICO Children's Code. Covers verification methods, pornography requirements, privacy considerations, and gaming/gambling rules.
Read guideConsumer rights compliance for digital content sellers
Your legal obligations under the Consumer Rights Act 2015 and Consumer Contracts Regulations 2013 when selling software, apps, games, music, video, e-books, or other digital content to consumers.
Read guideCryptoasset Business Regulation
Regulatory requirements for cryptoasset businesses in the UK - how token classification determines whether you need full FCA authorisation or Money Laundering Regulations registration only.
Read guidePrivacy and Electronic Communications Regulations
PECR sits alongside UK GDPR and gives specific privacy rights relating to electronic communications, including marketing calls, emails, texts, cookies, and traffic data.
Read guideProtecting Your Software Intellectual Property
Complete IP protection guide for software businesses - automatic copyright for source code, patent eligibility under the technical contribution test, UK and international patent fees, and trademark registration for software and services.
Read guideRadio Equipment Regulations
Equipment that intentionally transmits or receives radio waves for communication or radio determination must comply with Radio Equipment Regulations, including IoT devices, WiFi equipment, and Bluetooth products.
Read guide