*/
By Rosemary Jay
Published by Sweet & Maxwell (2020)
ISBN 978-0414070967
Reviewed by Anya Proops QC
There can be few practising lawyers today who are unaware of the importance of the law on data protection. What was once seen as a back-office concern of little relevance to most practitioners, has now revealed itself as legal regime that is red in tooth and claw, certainly when judged from the perspective of those who control or otherwise process personal data. Whether you are grappling with the potentially significant burdens of the subject access regime, trying to work out how your client can lawfully effect mass cross-border data transfers, seeking to manage vast data breach class actions, working out whether some ingenious new AI poses untenable data privacy risks or even just trying to work out what kind of information will amount to ‘personal data’, the laws on data protection can present enormous challenges, but also significant opportunities for practitioners.
How, then, to navigate the legal maze that presents itself in the shape of the current data protection regime, lorded over as it is by the behemoth that is the General Data Protection Regulation? For most practitioners in the know, there is in truth only one answer to that question, which is that one needs to turn to Rosemary Jay’s excellent Data Protection: Law and Practice, the fifth edition of which has just been published.
Running to an impressive 1,630 pages, this is a book which not only addresses detailed issues concerning the operation of this complex and often seemingly impenetrable regime but also importantly seeks to ensure that practitioners see ‘the big picture’, both in terms of the social policy aims that underpin the legislation and in terms of the interplay between the various different EU and domestic laws comprised within that regime. These are important considerations. The complexity and wide-ranging nature of the regime is such that it all to easy to lose sight of what it is actually looking to achieve, which in turn affects the quality of the advice given. Moreover, it is no good seeking to advise on the full range of data protection issues if you don’t have a grasp of the way in which the GDPR interacts with other relevant EU law regimes, such as the E-commerce regime or the privacy and electronic communications (PEC) regime.
Consistent with earlier editions, this book is well-researched, easy to read and highly informative. It covers all the important topics, including those that many who are new to the field may not have appreciated were an issue. As well as providing a detailed overview of the key principles, there are also discrete thematic sections that address some of the key issues confronting clients. Thus, for example, there are sections on: security obligations and breach notifications; overseas transfers; transparency obligations; subject access; freedom of expression; criminal offences; the PEC regime (particularly important when it comes to marketing activities); national security and criminal law enforcement exemptions; complaints, judicial remedies and compensation actions; administrative penalties; the role and powers of the Information Commissioner and international cooperation and the European Data Protection Board. These sections carefully guide readers through the key issues, frankly acknowledging those very many areas where the law remains unclear.
Of course, post-Brexit, the future of data protection, at least in this jurisdiction, remains shrouded in considerable uncertainty, a point reflected upon throughout the book. Indeed, if recent government policy statements are anything to go by, it is realistic to suppose that, at some point in the future, the regime in the UK may undergo a significant sea-change, with the result that we will all need to adjust our thinking. The notion that, in a post-COVID world, the government may seek to recalibrate the domestic data protection regime so as to make it less onerous for business, and more attractive in particular to the tech sector, is not beyond the realms of imagination. However, for now, Ms Jay’s book presents itself as one of the best, if not the best, guides to the current legal terrain.
Anya Proops KC is a barrister specialising in privacy, media and data protection at 11KBW.
There can be few practising lawyers today who are unaware of the importance of the law on data protection. What was once seen as a back-office concern of little relevance to most practitioners, has now revealed itself as legal regime that is red in tooth and claw, certainly when judged from the perspective of those who control or otherwise process personal data. Whether you are grappling with the potentially significant burdens of the subject access regime, trying to work out how your client can lawfully effect mass cross-border data transfers, seeking to manage vast data breach class actions, working out whether some ingenious new AI poses untenable data privacy risks or even just trying to work out what kind of information will amount to ‘personal data’, the laws on data protection can present enormous challenges, but also significant opportunities for practitioners.
How, then, to navigate the legal maze that presents itself in the shape of the current data protection regime, lorded over as it is by the behemoth that is the General Data Protection Regulation? For most practitioners in the know, there is in truth only one answer to that question, which is that one needs to turn to Rosemary Jay’s excellent Data Protection: Law and Practice, the fifth edition of which has just been published.
Running to an impressive 1,630 pages, this is a book which not only addresses detailed issues concerning the operation of this complex and often seemingly impenetrable regime but also importantly seeks to ensure that practitioners see ‘the big picture’, both in terms of the social policy aims that underpin the legislation and in terms of the interplay between the various different EU and domestic laws comprised within that regime. These are important considerations. The complexity and wide-ranging nature of the regime is such that it all to easy to lose sight of what it is actually looking to achieve, which in turn affects the quality of the advice given. Moreover, it is no good seeking to advise on the full range of data protection issues if you don’t have a grasp of the way in which the GDPR interacts with other relevant EU law regimes, such as the E-commerce regime or the privacy and electronic communications (PEC) regime.
Consistent with earlier editions, this book is well-researched, easy to read and highly informative. It covers all the important topics, including those that many who are new to the field may not have appreciated were an issue. As well as providing a detailed overview of the key principles, there are also discrete thematic sections that address some of the key issues confronting clients. Thus, for example, there are sections on: security obligations and breach notifications; overseas transfers; transparency obligations; subject access; freedom of expression; criminal offences; the PEC regime (particularly important when it comes to marketing activities); national security and criminal law enforcement exemptions; complaints, judicial remedies and compensation actions; administrative penalties; the role and powers of the Information Commissioner and international cooperation and the European Data Protection Board. These sections carefully guide readers through the key issues, frankly acknowledging those very many areas where the law remains unclear.
Of course, post-Brexit, the future of data protection, at least in this jurisdiction, remains shrouded in considerable uncertainty, a point reflected upon throughout the book. Indeed, if recent government policy statements are anything to go by, it is realistic to suppose that, at some point in the future, the regime in the UK may undergo a significant sea-change, with the result that we will all need to adjust our thinking. The notion that, in a post-COVID world, the government may seek to recalibrate the domestic data protection regime so as to make it less onerous for business, and more attractive in particular to the tech sector, is not beyond the realms of imagination. However, for now, Ms Jay’s book presents itself as one of the best, if not the best, guides to the current legal terrain.
By Rosemary Jay
Published by Sweet & Maxwell (2020)
ISBN 978-0414070967
Reviewed by Anya Proops QC
Countering the gatekeeper agenda, troubling news on earnings disparities, spreading best practice in chambers, Pro Bono Week 2023, and the Rules of War
By David Cosway (with the help of ChatGPT)
Due to advances in research, technology and techniques, AlphaBiolabs can now offer alcohol testing for head hair samples that are just 1cm in length
With the explosion of interest in governance and the growing need to be multi-skilled to keep career options open, adding an extra string to your bow is not without its merits. The Chartered Governance Institute UK & Ireland (CGIUKI) Fast Track for the Chartered Governance Qualifying Programme could be ideal for experienced professionals to reach chartered governance status
The 2023-24 COMBAR mentoring scheme for underrepresented groups is now open for applications - deadline extended to 12 October 2023
The Hodge Professional Mortgage proves more popular with women
The North Eastern Circuit Leader on his trailblazing career, turbulent early years of practice and his mission to equip all barristers, regardless of their characteristics, with the opportunity to thrive. Interview by Glenn Parsons
From a CPS pupillage to Director of Legal Services at one of the largest prosecutors in England and Wales Michael Jennings describes the interesting and varied life an employed barrister in public service can lead
In 2022 Behind the Gown asked the Bar Standards Board to acknowledge online misogyny and sexism. One year on, the regulator’s revised Social Media Guidance doesn’t go far enough in confronting this issue, say Stephanie Hayward and Charlotte Proudman
Growing your junior practice via international conference and how to fund the trip: Daria Gleyze, Emile Simpson and Sajid Suleman share what they gained from the ChBA BVI Conference
Countering the gatekeeper agenda, troubling news on earnings disparities, spreading best practice in chambers, Pro Bono Week 2023, and the Rules of War
