• At Kemp Little, we are known for our ability to serve the very particular needs of a large but diverse technology client base. Our hands-on industry know-how makes us a good fit with many of the world's biggest technology and digital media businesses, yet means we are equally relevant to companies with a technology bias, in sectors such as professional services, financial services, retail, travel and healthcare.
  • Kemp Little specialises in the technology and digital media sectors and provides a range of legal services that are crucial to fast-moving, innovative businesses.Our blend of sector awareness, technical excellence and responsiveness, means we are regularly ranked as a leading firm by directories such as Legal 500, Chambers and PLC Which Lawyer. Our practice areas cover a wide range of legal issues and advice.
  • Our Commercial Technology team has established itself as one of the strongest in the UK. We are ranked in Legal 500, Chambers & Partners and PLC Which Lawyer, with four of our partners recommended.
  • Our team provides practical and commercial advice founded on years of experience and technical know-how to technology and digital media companies that need to be alert to the rules and regulations of competition law.
  • Our Corporate Practice has a reputation for delivering sound legal advice, backed up with extensive industry experience and credentials, to get the best results from technology and digital media transactions.
  • In the fast-changing world of employment law our clients need practical, commercial and cost-effective advice. They get this from our team of employment law professionals.
  • Our team of leading IP advisors deliver cost-effective, strategic and commercial advice to ensure that your IP assets are protected and leveraged to add real value to your business.
  • Our litigation practice advises on all aspects of dispute resolution, with a particular focus on ownership, exploitation and infringement of intellectual property rights and commercial disputes in the technology sector.
  • We have an industry-leading reputation for our outsourcing expertise. Our professionals deliver credible legal advice to providers and acquirers of IT and business process outsourcing (BPO) services.
  • We work alongside companies, many with disruptive technologies, that seek funding, as well as with the venture capital firms, institutional investors and corporate ventures that want to invest in exciting business opportunities.
  • Our regulatory specialists work alongside Kemp Little’s corporate and commercial professionals to help meet their compliance obligations.
  • With a service that is commercial and responsive to our clients’ needs, you will find our tax advice easy to understand, cost-effective and geared towards maximising your tax benefits.
  • At Kemp Little, we advise clients in diverse sectors where technology is fundamental to the ongoing success of their businesses.They include companies that provide technology as a service and businesses where the use of technology is key to their business model, enabling them to bring their product or service to market.
  • We bring our commercial understanding of digital business models, our legal expertise and our reputation for delivering high quality, cost-effective services to this dynamic sector.
  • Acting for market leaders and market changers within the media industry, we combine in-depth knowledge of the structural technology that underpins content delivery and the impact of digitisation on the rights of producers and consumers.
  • We understand the risks facing this sector and work with our clients to conquer those challenges. Testimony to our success is the continued growth in our team of professionals and the clients we serve.
  • We advise at the forefront of the technological intersection between life sciences and healthcare. We advise leading technology and data analytics providers, healthcare institutions as well as manufacturers of medical devices, pharmaceuticals and biotechnological products.
  • For clients operating in the online sector, our teams are structured to meet their commercial, financing, M&A, competition and regulatory, employment and intellectual property legal needs.
  • Our focus on technology makes us especially well positioned to give advice on the legal aspects of digital marketing. We advise on high-profile, multi-channel, cross-border cases and on highly complex campaigns.
  • The mobile and telecoms sector is fast changing and hugely dependent on technology advances. We help mobile and wireless and fixed telecoms clients to tackle the legal challenges that this evolving sector presents.
  • Whether ERP, Linux or Windows; software or infrastructure as a service in the cloud, in a virtualised environment, or as a mobile or service-oriented architecture, we have the experience to resolve legal issues across the spectrum of commercial computer platforms.
  • Our clients trust us to apply our solutions and know-how to help them make the best use of technology in structuring deals, mitigating key risks to their businesses and in achieving their commercial objectives.
  • We have extensive experience of advising customers and suppliers in the retail sector on technology development, licensing and supply projects, and in advising on all aspects of procurement and online operations.
  • Our legal professionals work alongside social media providers and users in relation to the commercial, privacy, data, advertising, intellectual property, employment and corporate issues that arise in this dynamic sector.
  • Our years of working alongside diverse software clients have given us an in-depth understanding of the dynamics of the software marketplace, market practice and alternative negotiating strategies.
  • Working with direct providers of travel services, including aggregators, facilitators and suppliers of transport and technology, our team has developed a unique specialist knowledge of the sector
  • Your life as an entrepreneur is full of daily challenges as you seek to grow your business. One of the key strengths of our firm is that we understand these challenges.
  • Kemp Little is trusted by some of the world’s leading luxury brands and some of the most innovative e-commerce retailers changing the face of the industry.
  • HR Bytes is an exclusive, comprehensive, online service that will provide you with a wide range of practical, insightful and current employment law information. HR Bytes members get priority booking for events, key insight and a range of employment materials for free.
  • FlightDeck is our portal designed especially with start-up and emerging technology businesses in mind to help you get your business up and running in the right way. We provide a free pack of all the things no-one tells you and things they don’t give away to get you started.

View All

Key legal issues for start-ups in their first 100 days

There are a tremendous number of legal issues for start-ups to consider in their first 100 days; from establishing a company and brand, to preparing to sell new products or services and employing staff to help the business succeed.  Navigating a tangled web of legal considerations with limited or no legal experience, increases the risk that problems crop up in the future.  It’s therefore crucial to get things right, or it may be costly.

At the beginning it’s advisable to limit your liability to protect your exposure to any personal financial risk.  It’s achieved by establishing a separate legal personality to the founders; the most commonly used vehicle for start-ups is a private limited company.  Head to Companies House and choose an available company name and register your company.  You’ll need to adopt articles of association, which is the company’s internal “rule book”.  Private limited companies need a least one person appointed as a director, and every director has certain duties imposed on them, which are owed to the company.

If there’s more than one founder, you should consider a shareholders’ agreement setting out the relationship between the shareholders and their respective rights and obligations.  It should cover key matters, including the board composition and what happens if someone leaves.

Once your company is established, you may seek to raise additional equity from investors or provide financial incentives to key individuals in the company.  One option is to issue shares, but before you do, you’ll need the approval of the board of directors.  The directors will need to convene a board meeting and decide to issue the shares by a board resolution.  Avoid falling foul of the law by filing forms relating to the share allotment, registering the new shareholders on the company’s register and issuing share certificates to them.  

However, rather than give away precious equity (shares can be difficult to get back if things go sour), you may decide to incentivise promising employees with share options. Employees receive a share of the growth in value of the company and have the choice to acquire shares in the future at an agreed price and subject to specified conditions.

Having established a company, founders should think about their intellectual property rights protection.  Your first priority is to conduct online searches to find out what is already ‘taken’ by others in your chosen industry and key territories.  Being mindful of what’s already out there will hopefully avoid disputes or the need to undertake an expensive re-brand further down the line.  Bear in mind it’s not just identical marks you need to steer clear of; someone with a confusingly similar mark and operating in the same field, might be able to prevent you using your chosen brand. 

Trade mark registrations are valuable monopolies and give the right to use a name or logo for specific products or services to the exclusion of others.  This helps build brand identity, reputation and value.  You should consider applying for a registration in your focus countries (e.g. the UK, or an EU-wide right).  Simply registering a domain name for your chosen name is unlikely to give you rights that you can rely upon in contrast to a third party with a trade mark registration: the domain name being available is unfortunately not a reliable green light.

In addition to brands, certain new inventions can be protected by filing for patents.  Like trade marks, patents are jurisdictional and enforceable in only those countries where you obtain a patent.  They give you a 20-year-right to stop third parties carrying out the invention you describe.  Unfortunately, patents are expensive to obtain (unlike trade marks) and difficult to get for software inventions (especially in Europe).  Filing for a patent requires you to disclose your idea to the world, but it may be preferable to rely on keeping your invention secret. 

Feeling ready to take your idea to market?  Pause and don’t rush into opportunities.  Before discussing opportunities with suppliers or customers, it’s advisable to consider a confidentiality agreement.  It obligates both parties to keep discussions confidential; facilitating open dialog in a safe environment to get the best outcome for both parties. 

It’s important to draft terms and conditions to govern the sale of your product or the supply of your service.  Terms and conditions should at the very least:

  1. set clear rights and obligations for both parties, including how you will deliver the products or provide the services, and any payment obligations on the customer;
  2. allocate liability for when things go wrong, and how and where the parties will resolve disputes (ideally in the English courts); and
  3. cover provisions such as how the parties can terminate the contract (if perhaps the interests of the parties change), and what law will apply to your agreement (English law is a safe bet).

An important consideration and rising concern for companies is the requirement to keep customers’ personal data secure; if you are controlling or processing any personal data, you’ll need to comply with data protection legislation.  Put simply, personal data is information that can identify a living individual (either on its own, or in combination with other information under, or likely to come under, your control), and ‘processing’ is defined very widely.  An awareness of cyber security risks is important, especially if you’re developing a new product that might be exposed to a cyber-attack.

Need support to grow your business?  Is a contractor providing discrete services, or an employee, right for you?  A contractor (or freelancer) isn’t afforded the same employment rights as employees and can be attractive to businesses limiting their exposure to employment costs.  Be mindful that HMRC will scrutinise the reality of these arrangements.  If HMRC thinks your freelancer is actually your employee, you may be liable for certain employment costs (e.g. any unpaid income tax).  Don’t forget that freelancers own the IP they create unless your contract provides otherwise.

Employers have greater control over employees, but must comply with a raft of obligations; from statutory leave and minimum rest breaks, to minimum pension contributions, wages and sick pay.  Employees are entitled to a basic written “section 1 statement” of their employment terms.  While this may be appropriate for junior employees, it doesn’t provide more sophisticated protection around confidentiality, IP or post-termination competition.  An employment contract is your opportunity to set more comprehensive boundaries and protections.

Employers must register as an employer with HMRC to deduct income tax and national insurance contributions through payroll.  As an employer, you’re legally obliged to have in place employer’s liability insurance cover (for at least £5 million) and if you employ more than 5 people, a written health and safety policy.  As you grow you will want to put in place policies dealing with other aspects of the employment relationship, e.g. equal opportunities, IT/communications use and family leave.

Finally, if you have identified a non-EEA national as being key to your business in the UK, then you should think carefully about how to employ them here legally.  At all stages of the employment lifecycle, be mindful of your anti-discrimination obligations.  

It’s clear that start-ups face a significant legal burden, which can seem overwhelming for first-time entrepreneurs.  Founders often have limited resources to manage all that it takes to start a company, establish a brand and take their concept to market.  Therefore, it’s no surprise that legal issues sometimes fall to the bottom of the list.  If you are unsure where you stand, you should seek independent legal advice quickly.

This article was previously published in Small Business.co.uk

High Court Rules Government Cannot Trigger Article 50 without Consulting Parliament

On 3 November 2016 the High Court handed down its keenly awaited judgment in the case on whether the Government can trigger Article 50 of the Treaty of the European Union (Lisbon Treaty) without consulting Parliament, concluding that the Government cannot do so and that the decision can only be made by Parliament.[1]

The sole question for the High Court to decide was whether, as a matter of constitutional law, the Crown – acting through the executive Government of the day – is entitled to use its prerogative power to give notice under Article 50 for the UK to cease to be a member of the EU.  The court emphasised that it was only addressing a pure question of law and was not expressing any views on the merits of leaving or not leaving the EU.  

According to the court, “the most fundamental rule of UK constitutional law” is that Parliament is sovereign and that legislation enacted by Parliament is supreme. The court noted that “Parliament can, by enactment of primary legislation, change the law of the land in any way it chooses” and that there is no superior form of law than primary legislation unless Parliament has itself allowed that to happen.  The only example of this was the enactment of the European Communities Act 1972 (ECA 1972) when the UK joined the European Communities (which became the EU); the ECA 1972 confers primacy on EU law. [2]

The court explained that although as a general rule international relations, including the making and unmaking of treaties, is a matter for the Crown in exercise of its prerogative powers, the Government cannot through prerogative powers override legislation enacted by Parliament. In this case, if notice is given under Article 50, it will inevitably change domestic law, namely all of the elements of EU law which Parliament has made part of domestic law via the enactment of the ECA 1972. As a piece of primary legislation only Parliament has the power to repeal the ECA 1972.

Accordingly, the court did not accept the Government’s argument, calling it “flawed at [a] basic level” because it was contrary to the language of the ECA 1972 and the constitutional principle that the Government cannot alter the law of the land using prerogative powers.[3] Therefore the court held that the Government “has no prerogative power to effect a withdrawal from the Community Treaties on whose continued existence the EU law rights introduced into domestic law depend” and as a result those powers also cannot be used to effect withdrawal from those Treaties by giving notice under Article 50 to withdraw from the EU.[4]

The Government now has the right to appeal to the Supreme Court in December. It is expected that the Government will appeal. 

It remains to be seen how this judgment and the likely appeal to the Supreme Court will impact the timing announced previously by the Prime Minister that Article 50 would be triggered prior to the end of March 2017.

[1] The Queen on the application of Gina Miller & Deir Tozetti Dos Santos v The Secretary of State for Exiting the European Union Grahame Pigney & Others, https://www.judiciary.gov.uk/wp-content/uploads/2016/11/judgment-r-miller-v-secretary-of-state-for-exiting-the-eu-20161103.pdf

[2] The Queen on the application of Gina Miller & Deir Tozetti Dos Santos v The Secretary of State for Exiting the European Union Grahame Pigney & Others, Para 20 https://www.judiciary.gov.uk/wp-content/uploads/2016/11/judgment-r-miller-v-secretary-of-state-for-exiting-the-eu-20161103.pdf

[3] The Queen on the application of Gina Miller & Deir Tozetti Dos Santos v The Secretary of State for Exiting the European Union Grahame Pigney & Others, Para 85 https://www.judiciary.gov.uk/wp-content/uploads/2016/11/judgment-r-miller-v-secretary-of-state-for-exiting-the-eu-20161103.pdf

[4] The Queen on the application of Gina Miller & Deir Tozetti Dos Santos v The Secretary of State for Exiting the European Union Grahame Pigney & Others, Paras 92  https://www.judiciary.gov.uk/wp-content/uploads/2016/11/judgment-r-miller-v-secretary-of-state-for-exiting-the-eu-20161103.pdf

Legacy IT: the challenges faced by banks

With banks increasingly under pressure from regulation and new entrants to the market, their IT systems may not at first glance appear to be a primary concern. However, the problems posed by aging legacy IT estates can have a big impact on a bank’s ability to meet its regulatory requirements and continue to provide a high standard of service.

The Bank of Ireland (which currently spends €400 million a year on IT) and Harrods Bank are among the latest institutions to have announced further plans to replace their legacy IT systems.[1] Such programmes are expensive and can carry significant risks, often being likened to attempts to rebuild an aeroplane mid-flight.

In this short article, we consider the challenges posed by banks’ legacy IT systems and some of the options for addressing them.

The challenges

As new systems and applications are bolted on to an aging system, the complexity of operating and maintaining those systems increases. The following are some of the risks that follow from this increased complexity and outdated technology:

  • Downtime: With greater complexity comes an increased risk of downtime which not only causes issues for existing customers, but can lead to regulatory fines and reputational damage. In recent years, there have been a number of high profile incidents where regulators have fined UK retail banks as a result of IT failures that prevented customers from accessing funds or caused payments to be missed.
  • Staff: As legacy systems age, so do the staff who understand how they operate. As these staff retire, it is increasingly difficult for banks to train new staff in how to operate the outdated technology.
  • Customer risk: Disparate legacy systems make it more difficult for banks to assess and price risk. Challenger banks with new IT systems can track customer profiles more easily and are better able to assess risk and identify sales opportunities.
  • Systemic risk: The regulatory requirements on banks have dramatically changed over the lifetime of banking legacy IT. Banks must now assess risks in many different forms both locally and bank-wide. Legacy systems were not designed to meet the current regulatory requirements, and so this analysis must be done manually.
  • Cost: The above all leads to increased costs, both for maintaining the existing hardware and pool of staff on the one hand, and integration and development costs on the other hand for any new technology that the bank requires.
  • Innovation and business change: Increased costs and complexity make innovation all the more difficult. This means banks are slow to market with innovations and may be missing growth opportunities thrown up by recent fintech developments. Even the CMA has begun imposing technological remedies, with the requirement for retail banks to introduce open APIs by early 2018 (see our article here for more information on the CMA’s report).

“Bank in a box”

Building a new core banking platform from scratch can be incredibly expensive, and of course there is the risk of downtime from teething troubles as systems are switched over. The “bank in a box” approach may, therefore be an appealing alternative, where providers can offer a tried and tested platform (often hosted in the cloud).

For challenger banks, a core banking platform provided as a “bank in a box” over the cloud is a logical first step, but equally established banks like the Bank of Ireland are looking to replace legacy systems with cloud services.

The key benefit of outsourcing systems to a third party cloud provider is typically seen to be the cost. However, for a bank struggling with legacy IT systems, the operational benefits of moving to a cloud arrangement may be equally attractive as the provider is responsible for maintenance and may also offer further releases building on fixes and enhanced developed from working with its other customers.

However, banks will need to be comfortable that if they are purchasing a package from a single vendor, that the vendor in question has sufficient expertise and quality in all areas. If not, then an alternative multi-vendor model may reintroduce complexity as the customer bank will need to carefully consider how it wishes to manage roles and responsibilities across the different vendors.

In addition, the customer banks must be confident in the strength of the box’s walls, and be able to demonstrate to the regulator that systems, data and personnel are sufficiently segregated and secure.

The regulators’ view

The FCA has traditionally been sceptical of the suitability of third party cloud services for core functions (see our article here for more information on the FCA’s latest guidance), but as the market develops banks may increasingly look to move certain elements of their IT systems to a cloud provider.

Of course, any outsourcing involving core systems will be subject to regulatory scrutiny. Indeed, the FCA has recently given Aviva an £8.2 million fine, in the first Client Assets Sourcebook (CASS) case in relation to oversight failures of outsourcing arrangements.

Bank as venture capitalist

In the meantime, the larger banks are in some cases acting as quasi-venture capitalists by purchasing fledgling fintech companies and operating start-up accelerators. This approach has the advantage of preserving the manoeuvrability and rapid development of start-ups without necessarily having to worry from the start about integrating their product with the bank’s existing platform whilst at the same time giving the bank access to innovation and a pool of talent.  

This approach is starting to bear fruit for blockchain technologies, where UBS is leading a consortium of banks to develop a system for making payments and settling transactions quickly, reliably and with a clear audit trail.[2] This follows on from UBS’s work with London fintechs as part of its “innovation lab”.[3]

Leaving a legacy

New technologies such as blockchain promise a bright future for the fintech sector, but they are unlikely to remove the need for banks to address the issues posed by their legacy IT. Banks will need to carefully balance risk mitigation with innovation and customer service, and there will be a point for each institution at which the benefits of moving to a new core banking platform outweigh the risks of adding incrementally to their existing IT estate.

One voice to rule them all: Smart home devices, AI children and the law

Nicola Fulford, Data Protection partner, and paralegal Tom Sutherland, offer an introduction to smart home concepts, with an analysis of key data protection implications, and a particular focus on compliance obstacles in relation to children’s use of these devices within the home. To read the full article which was originally published in Digital Business lawyer please click here.

Can the blockchain make our contracts smarter?

Smart contracts are said to bring together some of the main advantages of blockchain and automation to provide speedy, peer-to-peer validated, contract formation.  So what are the key features of smart contracts, their limitations, and what challenges do they present to lawyers?

Blockchain – a refresher

Blockchain harnesses “distributed ledger technology” (DLT), which is an aggregation of replicated, shared, and synchronised data accessible across multiple sites, countries, and/or institutions.  Blockchain is a type of distributed ledger, comprised of unchangeable, digitally-recorded datasets called “blocks”.

The blockchain is used (for example, and most famously, in Bitcoin) as a public record of peer-validated transactions on a particular network.  The blockchain is maintained by users of the network (called “miners”) and requires no centralised or intermediary involvement and so the blockchain is said to be “decentralised”.  A key feature of decentralisation is that, by removing the need for the traditional, cumbersome, paper-heavy processes typically associated with complex transactions, contract formation is made more efficient (but which can bring with it certain disadvantages, as we shall explore later).

In the case of Bitcoin, transactions are recorded on time-stamped blocks.  Miners are then able to verify the accuracy of these blocks using an algorithm and, upon verification, add the block to the chain, and this activity is incentivised as miners earn Bitcoins for doing this.  Blocks added to the chain comprise an immutable, publicly accessible, chronological record of all verified Bitcoin transactions.

Smart contracts

Smart contracts are expected to bring together the advantages of the blockchain and of automated or autonomous processes, to provide peer-to-peer, validated, contract formation without the need for independent verification. 

A smart contract is coded so that it contains the terms of the agreement together with an automated function to form a binding contract upon certain conditions being met.  The conditions could include the performance of an activity by a party to the contract or the occurrence of certain specified events, such that once the conditions are met the contract becomes self-executing and the transaction is recorded on the blockchain.

The efficiencies associated with blockchain have encouraged businesses to explore its use in relation to smart contracts. Although smart contracts have been spoken about for decades, the emergence of DLT and blockchain has brought the potential cost-savings into sharper focus.  For businesses entering into a high volume of contracts, or where rapid contract formation is important, the efficiencies presented by moving away from traditional, hard copy, contract formation are obvious.

Smart contracts are of particular interest to financial institutions given the high number, and frequency, of contracts they enter into. 

In August 2016 Bank of America Merrill Lynch, HSBC and the Infocomm Development Authority of Singapore successfully demonstrated, as a proof of concept, the application of distributed ledger technology in a transaction for a (traditionally paper-heavy) letter of credit (LoC).  The platform works by sharing information between the relevant parties to the LoC and their banks, on a private distributed ledger.  The distributed ledger protocol applies a multi-step process to authenticate data and, ultimately, execute the contract.  Use of the distributed ledger replaces the time-consuming bureaucracy necessitated by the issuance and review of paper documents.[1]

In October 2016, Capgemini reported its belief that smart contracts will transform the financial industry by providing significant savings for both financial institutions and their customers, by reducing the need for manual processing and independent verification traditionally associated with contract formation, particularly for products such as mortgages and insurance.[2]  

What are the key benefits of a smart contract?

  • Trust and transparency: the key feature of blockchain-based applications is transparency.  Transactions are typically validated by a number of users and, at least in the Bitcoin model, the blocks on the chain are publicly viewable and cannot be modified.  This means there is a very high level of confidence in the authenticity of transactions on the blockchain.  This is clearly an advantage for parties requiring certainty that a contract is valid and binding on the contracting parties, however it is likely to be a problem if the subject matter of a contract (including the mere fact a contract has been entered into at all) is commercially sensitive.  This has led to the use of private blockchains, serviced by authorised individuals, private organisations or at an industry level, but this approach could lose one of key advantages of blockchain if only the contracting parties are able to view transactions, without third party verification – without that external verification, it is arguably a form of internal database rather than a true blockchain.
  • Efficiency: the automated nature of smart contracts removes the need for the manual processing of documentation and human review, reducing the bureaucracy associated with traditional contract formation.  Automated processes are expected to bring other efficiencies by improving security, eliminating human error, and increasing convenience for all parties through the use of an electronic platform.
  • Certainty: upon the condition(s) being met, the smart contract automatically executes without any further need for formalities.  This is advantageous to parties seeking comfort that once certain conditions are met, a binding contract is formed, without the need for further negotiation with the counterparty.  Of course, this could present a problem for parties if automation is found to be too inflexible.


The smart contract cannot outright replace contracts in common use today.  The smart contract refers to the automated process by which the contract is formed, and the need for contract terms (whether they are standard terms or negotiated) remains.  Furthermore, at least initially, the implementation of a smart contract structure will require more resources as the smart contract will need to be carefully coded to ensure it performs properly without error. 

Such is the nature of smart contracts that they are more likely to be adopted for commoditised products and services, where the underlying terms are not negotiated, or the execution of the contract is dependent on a condition being met (as is the case in certain financial transactions).  The rationale for using a smart contract in connection with an outsourcing agreement, for example, is much less clear.  Even in the case of commoditised, high-volume, contracts, such as customer-facing website terms, it is difficult to perceive the advantages of a smart contract above those of a simple click-through contract.

The need for confidentiality may require the use of a private distributed ledger which would remove some of the key benefits of a blockchain platform, by preventing public scrutiny of transactions and shutting out a larger user base which would otherwise be able to validate blocks on the chain more quickly.

Legal issues

  • Execution of contracts: there are likely to be issues around the validity of smart contract execution.  If the smart contract self-executes at the end of a series of inputs or events, the basic contract law requirements for an offer to be made, which is clearly and unambiguously accepted, remains.  Lawyers shall need to ensure that these fundamental principles are addressed such that it is clear at what point (and on what terms) a party is committing to entering into a smart contract.
  • Rectifying errors: given that smart contracts self-execute, it could make rectifying errors in the contract much more difficult.  Lawyers would quickly find themselves in uncharted territory if errors in contract drafting or contract execution occur due to poor coding. 
  • Contract management: self-executing contracts are likely to require active monitoring by contracting parties, as well as monitoring potential contractual exposure, so that parties are aware of contracts which are likely to become binding if certain events take place. In financial services, it is possible that many contracts could become binding if, for example, triggered by specified currency fluctuations, stock market changes, or exposures under hedged positions.  Without adequate monitoring a party could find itself entering into contracts quite unexpectedly.  Lawyers may need to address then possibility of “contract in error” along the same lines as rectifying a “manifest error” at present.
  • Privacy: blockchain orthodoxy requires that the blockchain itself is publicly-viewable.  Although transacting parties on the blockchain are typically anonymous, the details of a particular transaction under a smart contract could allow someone to guess a contracting party’s identity, depending on the subject matter and date of the transaction.  Data protection lawyers have not yet begun to address the problems this would present under existing data protection laws, nor the forthcoming GDPR, and are not likely to be able to do so until the ledgers used for smart contracts are developed.
  • Confidentiality: as stated above, the blockchain may display commercially sensitive information which could deter businesses from using the platform altogether, unless a private blockchain is used, with strict controls over user access.  If a private blockchain is used, lawyers will need to consider confidentiality provisions covering the operator of the private blockchain and ensure controls are passed through to the individual users verifying the blocks, in tandem with the use of access keys.
  • Decentralisation/regulation: if the blockchain is used to support smart contracts used for common investment vehicles and financial products marketed to the public, jurisdictional and regulatory issues may arise.  Although the construction of a blockchain itself may be highly secure, there remains a real possibility that errors in the coding of the smart contract may cause a loss to third parties. This in turn could cause regulators to scrutinise smart contracts and the blockchains upon which they are documented.
  • Liability: blockchain platforms have so far utilised open source software (including in the case of the Bitcoin code), which encourages trust in the system as anyone can scrutinise the code and check for coding errors and security weaknesses.  However, there remains the possibility that flaws in the code may give rise to smart contracts which contain errors or are triggered by mistake.  In a traditional contract, the drafting and entry into the contract is the responsibility of the parties and their lawyers. Mistakes are likely to be the result of incorrect commercial instructions, the mistranslation of those instructions by the lawyers, or simply poor contract drafting.  In such situations it is possible to discern the origin of such mistakes and apportion blame (and impose liability).  In smart contracts, where coding gives rise to a mistake, it is not clear how these liability issues could be addressed such that the contracting parties have recourse.  It is likely that the developers of the code underpinning the smart contract would be brought within the scope of liability clauses.  However, imposing some liability on coders would be made more problematic if the smart contract is a collaborative effort between lawyers and the coders, unless lawyers use their own coders and assume all responsibility for coding mistakes. Mistakes in the coding of the blockchain itself would be even more difficult to address given that there in the world of open source software there is no commercial software provider to pursue in the event of failure. 

Although certain businesses are beginning to champion the use of smart contracts it is likely that their use shall remain limited to high-volume and commoditised, or low value, agreements.  However, as such businesses seek to harness the efficiencies presented by smart contracts, particularly in more complex situations, both lawyers and regulators will need to move quickly to find the limits of established contract law principles and, where necessary, regulators will need to publish new guidelines, or implement new regulations, to provide legal certainty for the use of an emerging and largely untested technology.

For more information from Kemp Little on digital currencies, please see our article Digital Currency: A primer for in-house lawyers, or refer to our cryptocurrency portal.

AR, VR and online customer engagement - opportunities for the gaming and gambling sectors

The September 2016 KPMG eGaming Summit in the Isle of Man featured presentations from three companies providing online solutions relevant to the gaming and gambling sectors.

These presentations were well received by conference attendees in an industry keen to explore opportunities offered by new technology to build customer engagement and improve the online user experience.

Derivco, a software development company focused on online gaming, spoke about the huge potential for the gaming and gambling sectors to use augmented reality (AR) and virtual reality (VR) to offer exciting new products and services to their customers. The explosion of Pokémon Go has been a game changer for AR, with over 100 million downloads to date, 20 million daily active users and an average of 26 minutes’ gameplay per day, bringing AR to a mass market audience. Smartphone technology now provides an easy way for users to combine real-life and virtual experiences including when the user is out and about. Example uses of AR in a gambling context include real-life playing cards containing a code which can be scanned by a smartphone to download virtual characters, and watching a real-life football match both in person and through the screen of a smartphone displaying match and player data superimposed on the action enabling the user to place bets while watching the game. On the VR side, Derivco has also developed a VR version of roulette. Using Oculus Rift hardware and motion sensor capability, users can see their hands as they place their bets on the roulette table. Looking to future growth, Derivco referred to projections by consultants Digi-Capital for growth of both the VR and AR sectors.

Digi-Capital‘s latest forecast is that businesses will derive $120 billion in revenue from AR and VR by 2020, split $90 billion for AR and $30 billion for VR. VR’s adoption is expected to be more limited given the higher specification (and cost) of the hardware required and a different user environment more suited to a living room, office or seated experience given the constraints of a closed headset but offering an immersive user experience. According to Digi-Capital’s projections, the VR market would focus on core games and 3D films plus niche enterprise users and could have tens of millions of users, with hardware prices similar to console gaming machines. AR’s market would be similar to the smartphone/tablet market, with hundreds of millions of users and hardware prices similar to smartphones and tablets. This large AR user base would be a major revenue source for TV/film, enterprise, advertising and consumer apps and result in significantly increased demand for mobile networks’ voice and data capacity to support AR.

Creative Web 3D spoke about their new product 3D Vegas, where the user creates and personalises an avatar to explore a virtual world, parts of which can be personalised from a choice of dozens of different environments. The user can invite his/her real-world friends to join him/her as avatars in his/her private space within that the virtual world, and would encounter other users’ avatars in the public areas of the virtual world where each avatar can choose whether to interact with or ignore another avatar. The virtual world will include the opportunity to visit virtual stores and casinos of sponsor companies, where users could buy products and engage in gambling through the retailer’s or gambling operator’s real-world site. The 3D Vegas product is expected to offer site sponsors a tremendous opportunity to generate leads and build user engagement with their products.

Kout, a shopping website combined with a gaming activity, gave an overview of its business model. The site offers a wide range of consumer products from well known retailers but with the extra feature that at the check-out stage users are invited to play a game designed by experts in psychology, behavioural science and gamification. Based on the result of the game, users can win a discount on the product being purchased ranging from 1% to 99% of the product value. The user does not pay to participate in the game as Kout has allocated a certain percentage of its share of the retailers’ revenues to fund the discounts. Kout also develops bespoke games to increase user engagement and conversion for brands including Unilever, Philips and the UK National Lottery.

We look forward to watching the development of these companies’ businesses.

ICO releases new privacy code to improve transparency and control

The Information Commissioner’s Office (the “ICO”) released a new code of practice (the “Code”) on the 7 October, stemming in part from the results of a survey that they conducted.

These results highlight that consumers have lost confidence in how their data is protected; only one in four adults trust businesses with their personal data. Individuals are taking enhanced measures to verify the use, and increase the protection, of their data. This comes as no surprise following the constant stream of high profile cyber-attacks on individuals’ personal data, which has been regularly reported in the news.[2]

Click here for a quick 5 point summary of key areas of emphasis emerging from the Code, otherwise we set out below a comprehensive explanation of what the Code will mean for organisations operating in the UK.

Who should take note of the Code?

  • Any organisation that collects personal data whether directly or indirectly, and the Code highlights specifically that it applies to situations where data is collected via smart devices or by an individual’s online behaviour.
  • Organisations collecting purely anonymised or statistical data do not need to be so concerned, however the ICO encourages notifying individuals when personal data is collected even for the purposes of using it in an anonymised form afterwards.

Notifying individuals when collecting personal data: what should be in your privacy policy?

An ‘off-the-shelf’/‘one-size fits all’ privacy policy is not endorsed, and the ICO advocates that organisations should map out information flows within the organisation to indicate what should be included within the privacy policy. 

Ideally, organisations should draft bespoke privacy policy notices that communicate clearly to individuals:

  • who the organisation is that will be collecting and processing the data;
  • how the individual’s personal data will be used (including if it is for a range of uses) and also how it will not be used;
  • who it will be shared with (other data controllers and processors);
  • how users can agree to the different types of processing, by providing users with a choice to positively opt-in (see ‘what does the Code say about consents?’ and ‘developing trust with individuals’ below);
  • the impact such collection and processing will have on the individual (or alternatively the consequences of not providing such information); and
  • the rights of access to the individual’s data.

There’s additional guidance that the notices should be written for the intended audience, specifically that notices governing the collection of data from children should be appropriate to their level of understanding.

What does the Code say about consents?

The Code makes it clear that consents should be obtained on an opt-in basis to comply with best practice (aligning with best practice when obtaining direct marketing consents) and, where organisations are using personal data for a range of purposes, there should be a clear and simple way for individuals to agree to each different type of processing.  This combined with the need to provide individuals with sufficient information to enable them to make a choice (note that the Code states that if organisations use solely an “I agree” box without further details, the consent obtained cannot be considered valid) is likely to be a challenge for organisations with complex processing operations to implement in a user-friendly way, particularly on mobile devices/smaller screens.  Appropriate use of just-in-time notices to provide relevant information to individuals at a suitable time may be a solution to this challenge.  We have used a number of different mechanisms and formats to build privacy notices into data collection/customer interaction points so that relevant information is communicated in a user-friendly way and in line with best practice.

Businesses also need to comply with the Privacy and Electronic Communications Regulations (PECR) when asking people for consent to receive direct marketing (in addition to the data protection requirements), which the Code says should involve a separate, prominently displayed, unticked opt-in box.  The Code contains standard wording that businesses can use when seeking consent for direct marketing to ensure that direct marketing consents are being sought in line with good practice.  This may not be the right language for every business, but it is helpful as a reference point.

How should you communicate privacy policies to individuals?

Organisations are encouraged to use the same method by which the data will be collected, for example, just-in-time notices next to the cells in forms filled in online.  Where notices are provided on mobile phones, the guidance is that these should be clear and readable.  In all mediums of communication, the Code recommends a layered approach to draw individuals’ attention to the key parts of the policy with links to where they can find further information/details.

When to actively communicate your privacy policy

There are instances when collecting personal data may require organisations to take a more pro-active approach to notifying individuals that their data is being collected.  The Code points to situations when:

  • collecting sensitive information;
  • the individual may object to the intended use of the information, or may not expect the intended use;
  • failing to provide personal information may have a significant effect on the individual; and
  • sharing the individual’s data with another organisation that would not be expected by the individual.

Developing trust with individuals

The Code encourages companies to develop the trust of their customers by including them in the management of their personal data and how it will be used, perhaps via a privacy dashboard.  This goes towards satisfying the legal requirement to ensure informed consent and will assist organisations to demonstrate fair collection of data. 

The Code highlights that individuals can struggle with privacy policies, therefore it’s vital to choose the right method and tone when communicating privacy policies to individuals.

The ICO recommends testing the policy on individuals and adapting the policy based on the feedback received to ensure the effectiveness of the privacy policy.  The advice is to test: (i) whether individuals understand the policy; (ii) if it is clear and appropriate to the audience; and (iii) whether it contains any errors.

Complying with the General Data Protection Regulations and the impact of Brexit

Compliance with the approach and good practice recommendations in the Code will help organisations to meet the enhanced privacy notice requirements set out in the General Data Protection Regulation (the “GDPR”).  Although organisations will still need to include further information in their privacy notices (listed in the GDPR section of the code/Articles 13 and 14 of the GDPR) to fully comply. 

The Information Commissioner has said it is extremely likely that the GDPR will start to apply before Britain leaves the European Union and, in any event, businesses will need to comply with the GDPR to do business in the EU.

What you should be doing

  • Review your privacy policies/notices to check whether they comply with the best practice recommendations set out in the Code and identify any gaps/improvements.  Note, the Code includes a helpful privacy notice checklist covering key points, which will be a useful tool to use when carrying out a review.
  • Agree updates/changes to fill the gaps or make improvements to your privacy policy (as appropriate), test such improvements on users, and set a timeframe for implementation (any updates required to comply with the GDPR will need to be implemented with time for communication before 25 May 2018).
  • Establish your legal basis for processing each category of personal data you collect and identify where you are relying on consent from individuals.  Review the consent mechanisms that you have in place against the guidance on consents in the Code and the standard of consent required by the GDPR and make any necessary changes to ensure consents are valid (again these updates need to be implemented with time for confirming any consents before 25 May 2018).
  • Consider the other contractual documents (such as terms and conditions) that users/customers agree to and ensure that the privacy policy and those documents work together (e.g. are they consistent? Are you asking individuals to “consent” to your privacy policy when you are not relying on consent as a basis for processing?  Are these appropriate for your audience?) 
  • Ensure that you have the technical functionality to keep: (i) records of the privacy policy individuals have been provided with; and (ii) the consents obtained, and start keeping those records to help you to meet the accountability principle under the GDPR.
  • Consider the changes you have made to your privacy policy and how you should communicate the updated privacy policy (the more significant the changes, the more you should be doing to bring the updated policy to people’s attention and, where appropriate, obtain consent or acknowledgement of the changes from individuals).

Final thoughts

The new Code provides businesses with more clarity on the practical steps they should be taking to comply with best practice and will help organisations to start their journey to compliance with the enhanced privacy notice requirements set out in the GDPR.    

It underlines the importance of transparency and trust and that things have moved on from the generic privacy policy for all.

If you need any further guidance on this or you would like us to help you review and update your privacy notices, please contact Nicola Fulford.

Hyperlinking: the role of intention and knowledge

In its recent decision in GS Media v Sanoma Media and Ors[1], the Court of Justice of the European Union (“CJEU”) has arguably brought the law up to date with modern online practices. Website operators are largely free to link to and frame on their websites content which is already available online elsewhere, without fear of repercussions. That activity will not, in a vast number of cases, constitute a communication to the public for the purposes of Article 3(1) of the InfoSoc Directive [2], which is an exclusive right of the copyright holder. However, there are still instances where linking or framing will not be lawful. When that is, is now a question of intention and knowledge of the hyperlinking party.

The law

The basic position, as set out in Article 3 (1) of the InfoSoc Directive, is that the author of a copyright work has the exclusive right to authorise or prohibit any communication to the public of their works by wire or wireless means. In other words, it is solely up to the author of a work to decide how and when to communicate that work to the public, and the author, as owner of the copyright in the work, may prevent third parties from communicating that work to the public without their consent. 

With a post-Brexit focus on the English law implementation of this Article, section 20 of the Copyright Designs and Patents Act 1988, reads:

The communication to the public of the work is an act restricted by copyright in (a) a literary, dramatic, musical or artistic work, (b) a sound recording or film, or (c) a broadcast.  References in this Part to communication to the public are to communication to the public by electronic transmission, and in relation to a work include (a) the broadcasting of the work; (b) the making available to the public of the work by electronic transmission in such a way that members of the public may access it from a place and a time individually chosen by them.

The position before GS Media

In the modern context of online sharing and interconnectivity, a restrictive reading of these provisions, and a wide-reaching interpretation of the exclusive right bestowed upon the copyright owner, is close to unworkable. Internet users share content, via hyperlinking and framing, on a regular basis. To say that every instance of re-posting or sharing content is an infringement of the author’s copyright, would be to make nearly every internet user an infringer, and to effectively paralyse the internet.  

It is therefore no surprise that the GS Media case comes against a background of other linking and framing cases, most notably, Svensson [3] and BestWater [4], wherein European national courts sought guidance on when hyperlinking would be acceptable. 

In those cases, the CJEU concluded that providing a hyperlink to a copyright work that was ‘freely available’ online already, would not be a ‘communication to the public’ for the purposes of Article 3(1) of the InfoSoc Directive.  In doing so, a new understanding of Article 3(1) was presented: in order for there to be infringement by way of a communication to the public, there needs to be a communication, which is without the right-holder’s consent, but which is also to a new public.  The public to which the hyperlinking party communicates the work cannot be the same public as already enjoys access to the work elsewhere and which the rights-holder anticipated would access the work, when authority was given to publish.  In Svensson, in particular, the works in question (journalists’ articles) were already live and accessible to all internet users, without restriction, on a free newspaper website.  When the defendant in that case provided hyperlinks on his website to the works, there was therefore no new public being given access to the articles. 

GS Media

The matters and considerations arising from the GS Media case were not, however, easily dispensed with; notwithstanding the guidance of Svensson.  Here, for the reasons set out below, the hyperlinking party and the decision to hyperlink to copyright works, albeit works already available elsewhere on the internet, seemed somehow altogether more unacceptable and underhand than the hyperlinking in Svensson.  But the line had already been drawn by Svensson.  How could the CJEU make one kind of hyperlinking unlawful, whilst allowing ordinary internet users to link and frame without repercussion?

The facts

In GS Media, the defendant (GS Media), was the operator of a popular Dutch gossip blog-style website called GeenStijl.  It was notified that certain photographs of Dutch TV personality Britt Dekker shot for Playboy magazine – but which had not yet been published by Playboy – could be found and viewed on an Australian-hosted data hosting site called Filefactory.com.  It was also notified, at around the same time, by the publisher of Playboy, that the photos were not supposed to be accessible on Filefactory.com.  Playboy asked that the photos not be published on GeenStijl

Notwithstanding that the photos shouldn’t have been there, and that GS Media knew that, GS Media proceeded to publish a story on its GeenStijl website inviting its users to click on a link which would take them to the photos on the Filefactory.com website.  When the Filefactory.com photos were removed, GS Media posted an alternative link, to another website where they could be accessed by its users.  This was all before Playboy actually published the photos itself.

Unlike in Svensson, therefore:

  1. the works to which the hyperlinks led the user were published without consent online, and there were no authorised publications anywhere at all, yet;
  2. the hyperlinking party knew that the works to which they were providing links were online unlawfully; and
  3. the works hyperlinked to – whilst already online somewhere – were not exactly readily available online, and were difficult to find and access, by reason of certain restrictions on Filefactory.com.

In those circumstances, the CJEU was effectively asked whether the Svensson rule still applied, or whether GS Media’s hyperlinking fell into a different, and unlawful, category – i.e. amounted to a communication to the public.

The outcome

On the face of it, and against the backdrop of previous decisions dealing with the interpretation of ‘communication to the public’, GS Media might have thought it would get away with its actions.  It did not use a new technical means (the internet had already been used to publish the photos), and the works were already available online (no paywall was in place on Filefactory.com). 

However, the CJEU’s focus here was different.  It re-emphasised that the role played by the hyperlinking party is key.  It asked whether the hyperlinking party, by way of its intervention, has deliberately provided access to works that otherwise would not or should not have been readily accessible. In so doing, the hyperlinking party may have given access to those works to a new public.

The CJEU concluded that, as part of the analysis of whether Article 3(1) is triggered (which must be on the facts of each case), it is a key consideration whether the hyperlinking party knew or ought to know that the works in question were only already available due to unlawful activity.  Did the hyperlinking party know, or should it have known, that the right-holder had not given consent?  In that regard, the CJEU directed that there should be a presumption that a hyperlinking party ought to know the status of consent, where the hyperlinking party is profiting, or is seeking to profit, financially from providing the hyperlinks.  In other words, it should be part of the due diligence, where the hyperlinking forms part of a commercial exercise, to check that the works to which hyperlinks are provided, are already online with the consent of the rights-holder.  Even if the goal is not financial gain, then the hyperlinking party might still be culpable, where it is on actual notice, or should otherwise have known that the works hyperlinked to are online unlawfully.


Accordingly, whilst a party does nothing wrong if it provides hyperlinks to a work that is already, lawfully, online – whose public is the internet audience at large – a party may well do something wrong if it provides hyperlinks to a work that should not have been published online at all.  Where the right-holder’s consent wasn’t obtained (or impliedly given by the right-holder’s actions) in the first place, the Svensson rule no longer applies. 

Having said this, the CJEU recognises that it is often going to be impossible or impracticable to find out whether a work is online with or without permission.  Whether or not that party is actually infringing (i.e. whether the hyperlink is a communication to the public for the purposes of Article 3(1)) will therefore depend on the state of their knowledge when it comes to the right-holder’s consent, or lack thereof.  And it will be assumed that they know or should know about the existence or otherwise of that consent, if, in providing the hyperlink, they are pursuing a profit.  That presumption can be rebutted, but it will be the starting point for an assessment of whether the linking party is committing an infringing act.    

In this way, the CJEU has ensured that the freedom to hyperlink is necessarily curbed.  Where a hyperlink gives access to a work that should not already be online, and the hyperlinking party knows (or ought to know) that, or where that party seeks to profit from providing the link and therefore should have known that the original work is unlawfully online, this can be deemed to be a communication to a (new) public.  The public that is seeing the work online is not that contemplated by the rights-holder.  On that basis, intentional, deliberate proliferation of unlawful copyright infringement is caught; but everyday sharing of content is not. 


[1] (Case C-160/15)

[2] Directive 2001/29/EC on the harmonisation of certain aspects of copyright and related rights in the information society

[3] Svensson and Ors v Retriever Sverige AB (Case C-466/12)

[4] BestWater International GmbH v Michael Mebes and Stefan Potsch (Case C-348/13)

Timing for Triggering Article 50 and Great Repeal Bill

On 2 October 2016 the Prime Minister Theresa May announced that Article 50 of the Treaty on European Union will be triggered before the end of March 2017.  The Prime Minister also announced that the next Queen's Speech will include a Great Repeal Bill (GRB) which will repeal the European Communities Act 1972 (ECA).

The ECA legislated for the UK’s accession to what is today the EU. The impact of the ECA being repealed will be to terminate the current primacy of EU law over domestic law. Technically, the UK will have already implemented EU directives through national laws, but EU regulations have direct effect in EU member states without any additional implementation requirements.  Such EU regulations would need to be expressly preserved by UK statute if they are to be retained once the ECA is repealed.

The announcement regarding the GRB suggests that EU laws will remain enshrined in UK law after repeal of the ECA until the laws are reviewed and decisions are made as to which laws are to be maintained as part of domestic law, which are to be amended and which are to be repealed entirely. This analysis will clearly be a long and complicated process for parliament and the government, as arguably the majority of EU legislation is not appropriate for a simple “lift and shift” without some form of amendment. For example, the role of EU governing bodies which are responsible for overseeing certain EU legislation (and even some UK legislation) would need to be assessed to find a practical alternative. EU reciprocal laws (such as the Recast Brussels Regulation which regulates jurisdiction and the recognition and enforcement of judgments between EU member states) will simply not apply as intended without amendment due to the fact that they only apply to EU member states. And in all respects, EU legislation will need to be reviewed in light of a changing UK government policy and focus, which, whilst separate from a process point of view, will be very much dependent on the Article 50 exit package that the UK is able to negotiate.

Whilst the Prime Minister’s announcement does not yet shed much light on what the impact will be on specific EU legislation that currently forms part of UK law, the one exception was in respect of workers’ rights. The Prime Minister stated that “Existing workers' legal rights will continue to be guaranteed in law - and they will be guaranteed as long as I am prime minister.”[1]

On the basis of the Prime Minister’s speech, the Brexit timeline appears to be that March 2017 will mark the beginning of the two-year negotiations, in April or May 2017 at the Queen's Speech the GBR will be introduced, and in early 2019 the UK will leave the EU and the GBR will take effect.

[1] http://www.bbc.co.uk/news/uk-politics-37535527.

Government forced to publish defence in Article 50 Brexit Litigation

September 27 2016 marked a preliminary victory for People’s Challenge, a crowdfunded group challenging Theresa May’s legal right to invoke Article 50 without parliament’s approval.

Earlier in the litigation, the government made an urgent application, requesting that every word of its defence detailing why the government should be entitled to use royal prerogative powers to trigger Brexit, as opposed to seeking permission from parliament, be kept confidential. The government’s rationale for such an application was that it would protect the claimants from online abuse.

The claimants challenged this and Mr Justice Cranston’s Order fell in their favour. He informed both parties that “against the background of the principle of open justice, it is difficult to see a justification for restricting publication of documents which are generally available under [Court] rules.” 

The previously confidential documentation reveals arguments from the government including:

  • the Scottish, Northern Ireland and Welsh devolved governments having nothing to do with Brexit from a constitutional point;
  • by passing the EU Referendum Act, parliament understood that it surrendered its role in Brexit and its control in making and withdrawing from treaties; and
  • if the government withdraws from treaties that grant individuals rights, those rights will too disappear.

A common mantra since the vote took place on June 23 2016 was that ‘Brexit means Brexit’ and there must be no attempts to remain, re-join through the back door or have a second referendum. However, Mr Justice Cranston’s Order allows the public to debate the legality of the Prime Minister’s intention to invoke Article 50 in the lead up to it being debated in the High Court on the 13 and 17 October 2016.  Victory for the claimants in the trial would mean parliament would have to debate triggering Brexit, vote on Article 50 and then pass legislation dealing with the same, a process which would be likely to delay an EU exit.

  • Page 9 of 25