News

The Data Chronicles | U.K. data protection reform explained

04 May 2026

In this episode of The Data Chronicles, host Scott Loughlin is joined by Hogan Lovells partners Nicola Fulford and Katie McMullan to unpack the UK's Data (Use and Access) Act 2025 and what it signals about the future direction of UK data protection. Drawing on their day‑to‑day engagement with the Information Commissioner’s Office (ICO), they set out how the Act reflects a more pragmatic, growth‑oriented regulatory mindset—while reshaping expectations for organizations operating in and around the U.K.

Building on that foundation, Scott, Nicola, and Katie examine how the Data (Use and Access) Act 2025 is actively reshaping U.K. data protection through reforms to the ICO's structure and enforcement approach, alongside more flexible rules on cookies, automated decision‑making, international data transfers, and lawful bases for processing. The conversation highlights the trade‑offs this creates—where greater regulatory pragmatism in the U.K. sits alongside increased enforcement exposure—and why operating across U.K. and EU regimes is becoming more complex for global organizations, requiring closer coordination between legal, product, and operational teams.