*/
By Rosemary Jay
Published by Sweet & Maxwell (2020)
ISBN 978-0414070967
Reviewed by Anya Proops QC
There can be few practising lawyers today who are unaware of the importance of the law on data protection. What was once seen as a back-office concern of little relevance to most practitioners, has now revealed itself as legal regime that is red in tooth and claw, certainly when judged from the perspective of those who control or otherwise process personal data. Whether you are grappling with the potentially significant burdens of the subject access regime, trying to work out how your client can lawfully effect mass cross-border data transfers, seeking to manage vast data breach class actions, working out whether some ingenious new AI poses untenable data privacy risks or even just trying to work out what kind of information will amount to ‘personal data’, the laws on data protection can present enormous challenges, but also significant opportunities for practitioners.
How, then, to navigate the legal maze that presents itself in the shape of the current data protection regime, lorded over as it is by the behemoth that is the General Data Protection Regulation? For most practitioners in the know, there is in truth only one answer to that question, which is that one needs to turn to Rosemary Jay’s excellent Data Protection: Law and Practice, the fifth edition of which has just been published.
Running to an impressive 1,630 pages, this is a book which not only addresses detailed issues concerning the operation of this complex and often seemingly impenetrable regime but also importantly seeks to ensure that practitioners see ‘the big picture’, both in terms of the social policy aims that underpin the legislation and in terms of the interplay between the various different EU and domestic laws comprised within that regime. These are important considerations. The complexity and wide-ranging nature of the regime is such that it all to easy to lose sight of what it is actually looking to achieve, which in turn affects the quality of the advice given. Moreover, it is no good seeking to advise on the full range of data protection issues if you don’t have a grasp of the way in which the GDPR interacts with other relevant EU law regimes, such as the E-commerce regime or the privacy and electronic communications (PEC) regime.
Consistent with earlier editions, this book is well-researched, easy to read and highly informative. It covers all the important topics, including those that many who are new to the field may not have appreciated were an issue. As well as providing a detailed overview of the key principles, there are also discrete thematic sections that address some of the key issues confronting clients. Thus, for example, there are sections on: security obligations and breach notifications; overseas transfers; transparency obligations; subject access; freedom of expression; criminal offences; the PEC regime (particularly important when it comes to marketing activities); national security and criminal law enforcement exemptions; complaints, judicial remedies and compensation actions; administrative penalties; the role and powers of the Information Commissioner and international cooperation and the European Data Protection Board. These sections carefully guide readers through the key issues, frankly acknowledging those very many areas where the law remains unclear.
Of course, post-Brexit, the future of data protection, at least in this jurisdiction, remains shrouded in considerable uncertainty, a point reflected upon throughout the book. Indeed, if recent government policy statements are anything to go by, it is realistic to suppose that, at some point in the future, the regime in the UK may undergo a significant sea-change, with the result that we will all need to adjust our thinking. The notion that, in a post-COVID world, the government may seek to recalibrate the domestic data protection regime so as to make it less onerous for business, and more attractive in particular to the tech sector, is not beyond the realms of imagination. However, for now, Ms Jay’s book presents itself as one of the best, if not the best, guides to the current legal terrain.
Anya Proops QC is a barrister specialising in privacy, media and data protection at 11KBW.
There can be few practising lawyers today who are unaware of the importance of the law on data protection. What was once seen as a back-office concern of little relevance to most practitioners, has now revealed itself as legal regime that is red in tooth and claw, certainly when judged from the perspective of those who control or otherwise process personal data. Whether you are grappling with the potentially significant burdens of the subject access regime, trying to work out how your client can lawfully effect mass cross-border data transfers, seeking to manage vast data breach class actions, working out whether some ingenious new AI poses untenable data privacy risks or even just trying to work out what kind of information will amount to ‘personal data’, the laws on data protection can present enormous challenges, but also significant opportunities for practitioners.
How, then, to navigate the legal maze that presents itself in the shape of the current data protection regime, lorded over as it is by the behemoth that is the General Data Protection Regulation? For most practitioners in the know, there is in truth only one answer to that question, which is that one needs to turn to Rosemary Jay’s excellent Data Protection: Law and Practice, the fifth edition of which has just been published.
Running to an impressive 1,630 pages, this is a book which not only addresses detailed issues concerning the operation of this complex and often seemingly impenetrable regime but also importantly seeks to ensure that practitioners see ‘the big picture’, both in terms of the social policy aims that underpin the legislation and in terms of the interplay between the various different EU and domestic laws comprised within that regime. These are important considerations. The complexity and wide-ranging nature of the regime is such that it all to easy to lose sight of what it is actually looking to achieve, which in turn affects the quality of the advice given. Moreover, it is no good seeking to advise on the full range of data protection issues if you don’t have a grasp of the way in which the GDPR interacts with other relevant EU law regimes, such as the E-commerce regime or the privacy and electronic communications (PEC) regime.
Consistent with earlier editions, this book is well-researched, easy to read and highly informative. It covers all the important topics, including those that many who are new to the field may not have appreciated were an issue. As well as providing a detailed overview of the key principles, there are also discrete thematic sections that address some of the key issues confronting clients. Thus, for example, there are sections on: security obligations and breach notifications; overseas transfers; transparency obligations; subject access; freedom of expression; criminal offences; the PEC regime (particularly important when it comes to marketing activities); national security and criminal law enforcement exemptions; complaints, judicial remedies and compensation actions; administrative penalties; the role and powers of the Information Commissioner and international cooperation and the European Data Protection Board. These sections carefully guide readers through the key issues, frankly acknowledging those very many areas where the law remains unclear.
Of course, post-Brexit, the future of data protection, at least in this jurisdiction, remains shrouded in considerable uncertainty, a point reflected upon throughout the book. Indeed, if recent government policy statements are anything to go by, it is realistic to suppose that, at some point in the future, the regime in the UK may undergo a significant sea-change, with the result that we will all need to adjust our thinking. The notion that, in a post-COVID world, the government may seek to recalibrate the domestic data protection regime so as to make it less onerous for business, and more attractive in particular to the tech sector, is not beyond the realms of imagination. However, for now, Ms Jay’s book presents itself as one of the best, if not the best, guides to the current legal terrain.
By Rosemary Jay
Published by Sweet & Maxwell (2020)
ISBN 978-0414070967
Reviewed by Anya Proops QC
On both fronts – representing the Bar’s interests and protecting the rule of law
Ashley Hodgkinson looks at drug testing methods and some of the most common ways people try to cheat a drug test
Clerksroom Chambers has recruited Matthew Wildish from 3 Paper Buildings (3PB) to a newly created position of Director of Clerking. Matthew joined the team at Clerksroom on 1 June
... have you seen through yours? asks Julian Morgan
Opportunity for female sopranos/contraltos in secondary education, or who have recently finished secondary education but have not yet begun tertiary education. Eligibility includes children of members of the Bar
Fear of the collection and test process is a common factor among clients, especially among vulnerable adults in complex family law cases. Cansford Laboratories shares some tips to help the testing process run as smoothly as possible
Clerksroom Chambers has recruited Matthew Wildish from 3 Paper Buildings (3PB) to a newly created position of Director of Clerking. Matthew joined the team at Clerksroom on 1 June
In this tale of hope, success really has been the best revenge! A difficult journey teaches Rehana Azib QC invaluable lessons along the way
This article is not designed to offend the Judiciary but the quiet word has only taken us so far it is time concerns were recorded formally, says the first set to introduce an external bullying policy By Eleanor Laws QC, Oliver Mosley and Kyan Pucks
Having represented many Davids against many Goliaths over a 30+year career at the publicly funded Bar, renowned silk Professor Leslie Thomas QC critically assesses what the Human Rights Act currently under challenge has done for coronial law and equality of arms
The Chief Inspector of the CPS knows first-hand the difficulties prosecutors face but is no pushover. He talks to Anthony Inglese CB about Operation Soteria, putting victims and cooperation at the heart of criminal justice reform, and his unique and life-changing career prosecuting the crime of all crimes, genocide
