Weaponised SARs: A Growing Challenge for Organisations

Subject Access Requests are a fundamental right under the UK GDPR, designed to give individuals transparency over their personal data. However, across every sector we work with, we are seeing a clear shift in how these rights are being used.

In this episode, we explore the rise of weaponised SARs. These are requests submitted not just to access data, but to apply pressure, support disputes, or disrupt organisations.

Hosted by Catarina Santos and Caine Glancy, this session will break down what is happening in practice, why this trend is accelerating, and how organisations can respond with confidence.

What This Episode Will Cover

We will start by grounding the discussion in what a SAR is and how it is intended to be used. From there, we will explore how and why SARs have evolved into something far more complex for many organisations.

A key focus of the session will be the rise of weaponised SARs. We will talk through what makes a SAR “weaponised”, where these requests typically originate from, and how they are increasingly being used in disputes, complaints, and legal positioning.

We will also look at the wider trends we are seeing across our clients. This includes the growing volume of requests, the increasing complexity of the data involved, and the operational strain this is placing on internal teams.

Another important part of the discussion will centre on the role of AI. We will explore how AI is making it easier for individuals to generate detailed and strategic requests, and how this is accelerating the trend across all sectors.

Finally, we will focus on practical support. This includes how organisations should respond to these requests, what good looks like in practice, and how specialist SAR support can reduce risk, improve efficiency, and protect internal resource.

Why This Matters

For many organisations, SARs are no longer an occasional compliance task. They are becoming a regular operational challenge that requires time, expertise, and careful judgement.

When SARs are used strategically, the impact can be significant. They can place pressure on teams, expose weaknesses in processes, and increase the risk of non-compliance if not handled correctly.

Understanding how and why this is happening is the first step. Knowing how to respond effectively is what makes the difference.

How We Support Our Clients

At Data Protection People, we have seen this shift first-hand.

What started as a consultancy focused on governance and compliance has evolved to meet growing demand for SAR handling support. Today, a significant part of our work is dedicated to helping organisations manage complex and high-volume requests.

We support clients through the full SAR lifecycle, from scoping and data collection through to review, redaction, and response. Our specialist team of 25 redactors review thousands of documents daily, enabling organisations to respond efficiently while maintaining accuracy and compliance.

This session will bring that experience to life, sharing practical insight into what works, what doesn’t, and how organisations can stay in control.

Join the Session

If you are seeing an increase in SARs, or you want to better understand how to handle complex and strategic requests, this session will give you the clarity and confidence you need.

Join Catarina Santos and Caine Glancy as they explore one of the fastest-growing challenges in data protection today.