- with Inhouse Counsel
- in United States
- with readers working within the Consumer Industries industries
Data has become the defining asset of the digital economy, shaping how services are delivered and how innovation is achieved across sectors such as finance, healthcare, telecommunications, energy, and transportation. This central role of data has also heightened concerns around misuse, security breaches, and the erosion of consumer trust. While general data protection laws provide a foundational framework, they often fall short of addressing the sector-specific realities and risks that arise in practice. Different industries interface with data in different ways, and as such, a one-size-fits-all approach is no longer sufficient.
The United Kingdom has sought to bridge this gap through the enactment of the Data (Use and Access) Act, 2025 (the"DUAA"), a landmark law that refines UK General Data Protection Regulation (GDPR), enables "Smart Data" schemes, promotes digital verification services, and modernises rules on research, cookies, and international transfers. By going beyond broad principles and introducing tailored obligations for specific sectors, the DUAA not only strengthens the protection of data subjects but also supports innovation and efficiency within regulated industries.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
