Technology is constantly evolving as more and more innovation is introduced into the market. Over the last 50 years, we have seen massive technological advances, from the widespread use of colour TV to the invention of the internet and cryptoassets. This fast-paced, innovative and unpredictable space means that the law is usually playing catchup. This means businesses must look to key trends to see where legislative change may be seen.

So, what are the top legal issues we see in tech now?

Data Protection

Data protection is king for tech businesses. If you are not on top of this, your reputation may suffer, and you risk losing business. Robust and transparent policies, such as privacy and cookie policies, are a must.

Almost all tech businesses will use and process personal data (including the data of their staff). Innovative new technologies, such as cameras on drones, facial recognition and machine learning, often overlook the fact that they are processing personal data.

Therefore, it is imperative that technology products are built in line with privacy laws, to protect and limit risks of disputes and large penalties. The risk of a data breach is inevitable. Therefore, it is key to ensure that you have workable policies and procedures to deal with any breach effectively.

The governing body for data-related offences is the Information Commissioner’s Office. It publishes useful material on its website.


The majority of tech businesses will require funding to scale and develop their offering. Founders must take legal advice at an early stage to protect themselves and their business during investor involvement.

Confidentiality agreements are very important for tech businesses when sharing valuable information about products. Early involvement of lawyers is proven to reduce costs in the long run. They can offer sound commercial advice, as they will have seen many issues before.

It is worth noting that if investment documents are not in line with your best interest, you may relinquish a large degree of control of your business without realising it. Therefore, the earlier you involve lawyers, the better.

Cloud Computing

Cloud computing poses a serious legal risk from a data protection and privacy standpoint. When using cloud computing, all tech businesses should consider the entire data lifecycle, from generation to transfer and storage.

Other key factors include ensuring that robust contracts, internal policies and insurance are in place when relying on cloud computing, to help address litigation risks and regulatory scrutiny. Several major companies that offer cloud solutions have international servers. This must be factored into data policies, and the relevant laws on international data transfers must be adhered to.

Environmental Social and Governance (ESG)

There is a growing reliance on digital offerings, and stakeholder expectations are constantly increasing. Due to this increase in expectations, we are also seeing governments become more and more involved in ethics and accountability. It is therefore important that tech businesses consider how they can improve their ESG accountability. It will ensure stakeholders (including investors) remain happy and will reduce the impact any legislative change will have on them.

As a general rule, when considering ESG, businesses should try to:

  • Conduct an assessment of their business to highlight and prioritise appropriate ESG areas;
  • Ensure that ESG is discussed at board level and that the board is kept up-to-date with requirements and information on ESG issues so that changes can be made;
  • Address technology, regulatory and monitoring of specific ESG requirements;
  • Build on corporate reputation by clearly showing ESG compliance. This can be done in many ways, but having a clearly displayed outward-facing ESG policy is recommended; and
  • Properly negotiating contracts with suppliers and other partners, looking at their ESG compliance and ensuring that, by dealing with them, a business’s reputation would not be tarnished.

Intellectual Property (IP)

IP protection should be a top priority for tech businesses. You should have clear documents to establish IP ownership, especially if you are using external developers. Fundamentally, IP rights can only be transferred in writing. If you outsource any development, you should expressly state, in a document, that you will own all IP created by the developer.

We also suggest conducting extensive due diligence checks on the third-party providers and having any contracts reviewed before signing, as tech businesses are built around their IP.

You should also carefully consider how your IP can be protected from users in the real world and the Metaverse. Any claim should be brought without delay if you notice an IP breach.


A City Law Firm grew up next door to Google Campus and Old Street Roundabout. Now in its 14th year, our lawyers have represented countless tech start-ups and founders embarking on their exciting journeys. We support tech businesses with commercial document creation and assist them from initial funding rounds to scale-up and eventual exit. We are innovative, award-winning, and fundamentally, we have our client’s interests at heart.

If you need assistance, please reach out to our Tech Team here at ACLF.