*/
By Rosemary Jay
Published by Sweet & Maxwell (2020)
ISBN 978-0414070967
Reviewed by Anya Proops QC
There can be few practising lawyers today who are unaware of the importance of the law on data protection. What was once seen as a back-office concern of little relevance to most practitioners, has now revealed itself as legal regime that is red in tooth and claw, certainly when judged from the perspective of those who control or otherwise process personal data. Whether you are grappling with the potentially significant burdens of the subject access regime, trying to work out how your client can lawfully effect mass cross-border data transfers, seeking to manage vast data breach class actions, working out whether some ingenious new AI poses untenable data privacy risks or even just trying to work out what kind of information will amount to ‘personal data’, the laws on data protection can present enormous challenges, but also significant opportunities for practitioners.
How, then, to navigate the legal maze that presents itself in the shape of the current data protection regime, lorded over as it is by the behemoth that is the General Data Protection Regulation? For most practitioners in the know, there is in truth only one answer to that question, which is that one needs to turn to Rosemary Jay’s excellent Data Protection: Law and Practice, the fifth edition of which has just been published.
Running to an impressive 1,630 pages, this is a book which not only addresses detailed issues concerning the operation of this complex and often seemingly impenetrable regime but also importantly seeks to ensure that practitioners see ‘the big picture’, both in terms of the social policy aims that underpin the legislation and in terms of the interplay between the various different EU and domestic laws comprised within that regime. These are important considerations. The complexity and wide-ranging nature of the regime is such that it all to easy to lose sight of what it is actually looking to achieve, which in turn affects the quality of the advice given. Moreover, it is no good seeking to advise on the full range of data protection issues if you don’t have a grasp of the way in which the GDPR interacts with other relevant EU law regimes, such as the E-commerce regime or the privacy and electronic communications (PEC) regime.
Consistent with earlier editions, this book is well-researched, easy to read and highly informative. It covers all the important topics, including those that many who are new to the field may not have appreciated were an issue. As well as providing a detailed overview of the key principles, there are also discrete thematic sections that address some of the key issues confronting clients. Thus, for example, there are sections on: security obligations and breach notifications; overseas transfers; transparency obligations; subject access; freedom of expression; criminal offences; the PEC regime (particularly important when it comes to marketing activities); national security and criminal law enforcement exemptions; complaints, judicial remedies and compensation actions; administrative penalties; the role and powers of the Information Commissioner and international cooperation and the European Data Protection Board. These sections carefully guide readers through the key issues, frankly acknowledging those very many areas where the law remains unclear.
Of course, post-Brexit, the future of data protection, at least in this jurisdiction, remains shrouded in considerable uncertainty, a point reflected upon throughout the book. Indeed, if recent government policy statements are anything to go by, it is realistic to suppose that, at some point in the future, the regime in the UK may undergo a significant sea-change, with the result that we will all need to adjust our thinking. The notion that, in a post-COVID world, the government may seek to recalibrate the domestic data protection regime so as to make it less onerous for business, and more attractive in particular to the tech sector, is not beyond the realms of imagination. However, for now, Ms Jay’s book presents itself as one of the best, if not the best, guides to the current legal terrain.
Anya Proops KC is a barrister specialising in privacy, media and data protection at 11KBW.
There can be few practising lawyers today who are unaware of the importance of the law on data protection. What was once seen as a back-office concern of little relevance to most practitioners, has now revealed itself as legal regime that is red in tooth and claw, certainly when judged from the perspective of those who control or otherwise process personal data. Whether you are grappling with the potentially significant burdens of the subject access regime, trying to work out how your client can lawfully effect mass cross-border data transfers, seeking to manage vast data breach class actions, working out whether some ingenious new AI poses untenable data privacy risks or even just trying to work out what kind of information will amount to ‘personal data’, the laws on data protection can present enormous challenges, but also significant opportunities for practitioners.
How, then, to navigate the legal maze that presents itself in the shape of the current data protection regime, lorded over as it is by the behemoth that is the General Data Protection Regulation? For most practitioners in the know, there is in truth only one answer to that question, which is that one needs to turn to Rosemary Jay’s excellent Data Protection: Law and Practice, the fifth edition of which has just been published.
Running to an impressive 1,630 pages, this is a book which not only addresses detailed issues concerning the operation of this complex and often seemingly impenetrable regime but also importantly seeks to ensure that practitioners see ‘the big picture’, both in terms of the social policy aims that underpin the legislation and in terms of the interplay between the various different EU and domestic laws comprised within that regime. These are important considerations. The complexity and wide-ranging nature of the regime is such that it all to easy to lose sight of what it is actually looking to achieve, which in turn affects the quality of the advice given. Moreover, it is no good seeking to advise on the full range of data protection issues if you don’t have a grasp of the way in which the GDPR interacts with other relevant EU law regimes, such as the E-commerce regime or the privacy and electronic communications (PEC) regime.
Consistent with earlier editions, this book is well-researched, easy to read and highly informative. It covers all the important topics, including those that many who are new to the field may not have appreciated were an issue. As well as providing a detailed overview of the key principles, there are also discrete thematic sections that address some of the key issues confronting clients. Thus, for example, there are sections on: security obligations and breach notifications; overseas transfers; transparency obligations; subject access; freedom of expression; criminal offences; the PEC regime (particularly important when it comes to marketing activities); national security and criminal law enforcement exemptions; complaints, judicial remedies and compensation actions; administrative penalties; the role and powers of the Information Commissioner and international cooperation and the European Data Protection Board. These sections carefully guide readers through the key issues, frankly acknowledging those very many areas where the law remains unclear.
Of course, post-Brexit, the future of data protection, at least in this jurisdiction, remains shrouded in considerable uncertainty, a point reflected upon throughout the book. Indeed, if recent government policy statements are anything to go by, it is realistic to suppose that, at some point in the future, the regime in the UK may undergo a significant sea-change, with the result that we will all need to adjust our thinking. The notion that, in a post-COVID world, the government may seek to recalibrate the domestic data protection regime so as to make it less onerous for business, and more attractive in particular to the tech sector, is not beyond the realms of imagination. However, for now, Ms Jay’s book presents itself as one of the best, if not the best, guides to the current legal terrain.
By Rosemary Jay
Published by Sweet & Maxwell (2020)
ISBN 978-0414070967
Reviewed by Anya Proops QC
The Chair of the Bar sets out how the new government can restore the justice system
In the first of a new series, Louise Crush of Westgate Wealth considers the fundamental need for financial protection
Unlocking your aged debt to fund your tax in one easy step. By Philip N Bristow
Possibly, but many barristers are glad he did…
Mental health charity Mind BWW has received a £500 donation from drug, alcohol and DNA testing laboratory, AlphaBiolabs as part of its Giving Back campaign
The Institute of Neurotechnology & Law is thrilled to announce its inaugural essay competition
How to navigate open source evidence in an era of deepfakes. By Professor Yvonne McDermott Rees and Professor Alexa Koenig
Brie Stevens-Hoare KC and Lyndsey de Mestre KC take a look at the difficulties women encounter during the menopause, and offer some practical tips for individuals and chambers to make things easier
Sir Geoffrey Vos, Master of the Rolls and Head of Civil Justice since January 2021, is well known for his passion for access to justice and all things digital. Perhaps less widely known is the driven personality and wanderlust that lies behind this, as Anthony Inglese CB discovers
The Chair of the Bar sets out how the new government can restore the justice system
No-one should have to live in sub-standard accommodation, says Antony Hodari Solicitors. We are tackling the problem of bad housing with a two-pronged approach and act on behalf of tenants in both the civil and criminal courts
-(1)-(002).tmb-carlisting79eb.png){kind=logo}
