Data, Intellectual Property & Technology Disputes
Trends and insights 2026
In 2025 we began to see the intersection of technology, data and intellectual property (IP) play out in the debates over AI.
The UK Government proposed a commercial opt-out text and data mining exception to copyright infringement as part of an AI-friendly policy stance. This would have meant that copyright material was free to use to train AI models unless IP rightsholders had objected in advance. However, the proposal hit the buffers due to concerted opposition from rightsholders.
Then the courts stepped into the debate with the ruling in Getty Images v Stability AI (which we discuss below). In the area of AI facial recognition, the courts also found in favour of the Information Commissioner in its appeal against Clearview AI. As we explain in this year's trends and insights, AI again looks set to dominate in 2026 with particular pressure to resolve the competing interests of AI developers/deployers and content rightsholders. We also expect to see disputes arising out of the fallibility of AI – who is responsible when AI gets it wrong?
of UK organisations now use AI in some form, but only
have fully embedded governance frameworks.
Trustmarque’s AI Governance Index 2025
The battle between IP rightsholders and AI developers/deployers will continue
AI developers/deployers declared victory over IP rightsholders following the decision in Getty Images v Stability AI. We analysed this decision here: Getty Images v Stability AI: partial victory for AI developers/deployers. However, there is much to play for in 2026. Permission to appeal to the Court of Appeal has been granted on the the central finding – that Stability's AI tool, called Stable Diffusion, did not contain copies of works and could not therefore be an 'infringing article'. Any appellate clarification will be closely watched by both AI developers and rightsholders, given its potential to reshape the contours of liability for AI deployment.
Equally significant is what the judgment did not decide, with claims abandoned at trial relating to whether training Stable Diffusion involved copyright infringement and whether Stability AI authorised infringements by users. The decision also increased calls by rightsholders for the UK government to introduce legislation to protect the UK content industry if current IP laws really are inadequate to offer effective protection.
We expect these issues to continue to play out in our courts if the UK Government does not take decisive action. We will also keep a careful eye on developments in other jurisdictions, with cases proceeding in the USA and the rest of Europe. Indeed, within a week of the Getty decision, the German courts in the GEMA case reached a diametrically opposed view on the question of whether AI tools contain copies of works and so infringe copyright.
70% of UK creators believe current copyright law does not adequately protect them from AI training practices
Disputes will test responsibility/liability in the AI supply chain
The dominant theme of AI continues in a different area: who will be responsible when AI goes wrong? AI is now widely deployed across consumer services, financial products, recruitment, performance management, law, procurement and healthcare. We are already seeing high-profile examples of AI users getting into difficulty – for example, lawyers presenting fake case law to the courts.
The AI supply chain is often complex, involving a model provider, a system designer or integrator, a consultant recommending a solution, the organisation deploying it, and the customer relying on its output. Failures rarely sit neatly with one party. Our recent article (Liability for AI in the supply chain: an overview) explored the question of responsibility when AI systems fail. In 2026 we expect to see disputes testing these issues of responsibility/liability.
Direct marketing to become more contentious
The ICO demonstrated in 2025 that it was prepared to levy hefty fines for breaches of UK data protection laws and regulation. Capita and Advanced Computer Software Group were fined £14m and just over £3m respectively for failings leading to data security breaches. At the same time, the ICO came under pressure for its approach on other breaches, for example in not doing more regarding data breaches at the Ministry of Defence.
The Data (Use and Access) Act 2025 (DUAA) has increased the maximum penalty for nuisance marketing from £500,000 to GDPR levels of £17.5m or 4% of global turnover. This elevates the Privacy and Electronic Communications Regulations (PECR) from a relatively low-risk regulatory regime to one with real financial consequence. PECR enforcement is an area where the ICO has never been reluctant to act. We therefore expect the ICO to use its enhanced PECR fining powers to go after some larger targets, partly to demonstrate that it is not soft on regulation.
With continuing pressure on the ICO to be more forceful – combined with what some see as its particular focus on nuisance marketing – we expect it to use these powers to make examples of organisations that fall short. In turn we expect those facing PECR investigations and increased fines to be likely to push back much more forcefully and challenge the ICO's approach through the courts if necessary.
"Over 60% of organisations identify PECR compliance as a 'high risk' enforcement area following DUAA.”
DLA Piper Data Protection Survey
Low value data compensation claims will increase
In 2025, the Court of Appeal’s judgment in Farley & Ors v Paymaster (1836) Ltd unexpectedly held that there is no minimum 'seriousness' threshold for compensation claims arising out of data protection breaches. Merely fearing what has happened to your data even if that fear is not realised can be compensable.
We therefore expect organisations to face more low-value claims that previously would not have reached the courts. However, claimant law firms may continue to struggle to sign up participants to opt-in group claims. Instead, we expect an increase in individual small claims that eat up time and resources as they progress through the County Court system. This comes against a backdrop of rising data breaches which we highlighted here: Escalating UK cyber-attacks and a shifting legislative landscape: what organisations need to know.
That position may yet change. Permission to appeal to the Supreme Court has been granted in Farley (Equiniti) on the question of whether there is a threshold of seriousness before a data protection claim can proceed, making this a key appeal to watch in 2026 for organisations facing large volumes of low-value claims.
Data, Intellectual Property & Technology Disputes
Much of the economy is underpinned and enhanced by data, content, technology and brands. The creation and use of these enabling assets creates opportunity but can also carry significant risks.
Our team of data, IP and technology disputes lawyers have a proven track record in guiding clients to a successful resolution when issues arise.