Data protection  

Why GDPR will impact trust disputes

  • Consider why the trust is an important legal concept and the reasons for setting up a trust.
  • Understand what GDPR is and how Subject Access Requests can be used in trust disputes.
  • Learn what action can be taken in light of enhanced data protection.
Why GDPR will impact trust disputes

Trustees are no strangers to balancing acts. 

For generations, they have had to use their discretion and powers, conferred upon them by the settlor and by law, to manage a trust fund for the benefit of beneficiaries in accordance with the wishes of the settlor.

However, the trustees of today are having to navigate uncharted waters to find the correct balance between confidentiality, which has been a fundamental principle of trust law for centuries, and transparency afforded by recent global initiatives, including the General Data Protection Regulation (GDPR), the Common Reporting Standard, or CRS, the Foreign Account Tax Compliance Act (FATCA), and the UK Trusts Registration and Beneficial Ownership of Companies Registration.

Article continues after advert

Trustees can therefore find themselves in an unenviable, even absurd, position.

Trusts: confidentiality versus transparency

In some circles, the mere mention of the word 'trust' elicits a negative response.

However, it should be remembered that the trust is an important legal concept in common law and widely used for owning property - any UK property owned by two or more people is technically held in trust - pensions, life assurance proceeds and, of course, succession planning (wills and lifetime trusts).

It is clear that the use of trusts for tax evasion or any other criminal purposes should not be permitted and the sharing of information between responsible authorities - for example, tax collection and law enforcement agencies - in order to prevent or punish such abuse should be applauded.

However, and while continuing to respect the aforementioned sentiment, there continue to be legitimate and compelling reasons for setting up a trust. In particular: 

  • To avoid the practical difficulties of administering multiple wills (and in some cases variation in succession laws) for the internationally mobile individual;
  • Protecting younger or vulnerable family members from knowing or gaining unfettered access to the full extent of a family’s wealth until appropriate, either from the threat of disaffection or from the influence of unscrupulous characters;
  • Protection of younger generations from divorcing spouses;
  • Business management and/or succession;
  • Preventing different family members, or branches, from knowing each other's entitlement to distributions;
  • Disinheriting individuals; 
  • Secretly providing benefits to individuals, such as illegitimate children; and
  • Protection from fraud, and in extreme cases, extortion, blackmail or kidnap.

Obviously, restricting access to information, other than for the purposes of tax collection or law enforcement, to the general public and to certain non-beneficiaries or potentially vulnerable persons is key to achieving these legitimate aims. 

Over the years trust laws have evolved to underpin the notion that disinterested third parties have no right to trust information, and even discretionary beneficiaries have limited information access. 

Trustees have therefore been confident in robustly denying inappropriate information requests.


However, since the introduction of the EU’s GDPR and other related legal developments, disinterested third parties such as the hostile or inquisitive family member, divorcing spouse or creditor, may have some potential new weapons in their armoury. 

These provide significant challenges to settlors' and trustees' ability to keep information out of the hands of others and, in some cases, will necessitate a substantial review of how particular trusts operate.

GDPR is EU legislation relating to the handling and processing of data. It is automatically applicable in EU member states, and the government has committed that it will continue to apply in the UK post-Brexit.

It is primarily designed to protect consumers but has a far wider significance.