As your Editor, much of my time is spent scanning techlaw news that never translates into something solid to publish on the site or in Computers & Law. Snippets from a report or speech might be interesting at the instant they are read but may also be no more than the ever-increasing volume of noise that our sector generates. Techlaw is now front-page news as it has become so central to the future of our personal lives, the industries we work in and even the governance of the nations we live in so the sector now attracts a good deal of febrile, hasty and hype-filled reporting. It can be difficult to tell what’s important until you have read it.
Yet sometimes such reading does yield worthwhile intelligence or insight. Now that I have begun to grasp the vast scope of what we could cover I aim to use this monthly column to unearth one or two of these snippets both to bring them to your notice and to use a springboard for some wider thoughts on questions to which I don’t necessarily know the answer but think are important.
One such snippet I noticed last week assumed even greater importance in the light of the European elections results. It comes from the text of a speech presented by the ICO Deputy Commissioner (Policy), Steve Wood, at the 9th European Data Protection Days conference in Berlin on 20 May 2019. The speech ranged over many topics but inevitably turned for a while to Brexit about which he said
“At some point our relationship with Europe and the way that we interact with our DP partners will change. We know that. What we don’t know yet is what precisely these changes will be.”
Now think about that. This is a senior officer at our very own Data Protection Authority reminding his peers (and us) that we still do not know what sort of data protection relationship we will have with our existing EU partners six months from now. More worryingly, there is still uncertainty over data transfers between the UK and EEA territories if we leave without a deal, a prospect that, perhaps more than ever, cannot be discounted. Of course, some will have hedged against that possibility by using standard contractual clauses but many others, particularly smaller organisations, will be either unaware of that option or be reluctant to waste time and money on a possibly pointless exercise. And while the UK has unilaterally accepted that data transferred from an EEA territory will be good enough for us, as yet there has been no reciprocal move from the EU.
In today’s world, data transfer is as just as important as all the other trade issues that get aired as part of the endless Brexit debate but I see worryingly few mentions of the possible consequences from politicians or in mainstream news coverage. We hear a lot about Germans needing to sell us BMWs but very little about the use of data created in their ConnectedDriver apps. I know the ICO is offering plenty of plain English advice on this issue, even if some of it necessarily vague for the reasons set out above. I just hope that the politicians leading the charge are reading it as well.
David Chaplin, Editor, Computers & Law