Predictions 2010: IT Law & IT Trends

December 30, 2009

From Simon Briskman, Partner in the Technology Law Group at Field Fisher Waterhouse:

Imagine being at a clear desk with your mobile device, a keyboard, a screen and nothing more. Your separate computer, phone or mobile would be gone. Everywhere, you could access the same applications and information through this device.  This is the TMT infrastructure of the future. The components are there to see – the cloud, fixed-mobile convergence and completion of the voice-data convergence programme. Building this infrastructure will demand innovation and vision and its development is attracting serious investment. In 2010, the deals begin in earnest. 

From Kit Burden, Partner and Head of Technology, Sourcing and Commercial Group, IP and Technology Department, DLA Piper UK LLP 

In terms of technology, cloud computing will continue to grow in popularity, with the cost advantages gradually storming the barricades of even the more conservative financial institutions, once their security concerns are allayed. Open source will equally continue its inroads into the world of proprietary software, with giants such as Microsoft and Oracle increasingly forced to recognise it as a genuine force for change rather than a sideline/exception to the rule. 

On the outsourcing side, whilst VAT changes will place some level of braking on the flow of work offshore, there will continue to be pressure on price and accordingly the net outflow of work to India and elsewhere will likewise continue. If and when the market improves, we will likely see the commencement of a new wave of contract renegotiations, this time led by supplier rather than customer. 

From Andrew Dodd, Technology Disputes Partner, Field Fisher Waterhouse: 

Provided the judgment doesn’t come through in December, the big news in IT contract case law in 2010 will undoubtedly be the long awaited and possibly seminal judgment in the BSkyB and EDS litigation. This will be highly significant for IT suppliers. Those suppliers will be particularly interested in the judge’s view of EDS’ pre-contractual representations to BSkyB and their impact, if any, on EDS’ contractual exclusion and limitation of liability clauses.

From Lilian Edwards, Professor of Internet Law at the University of Sheffield 

1.         The Digital Economy Bill will be talked out of time and fall before the election next year, but the Tories will then bring it back again, but hopefully in slightly less controversial form, ie, at least without the Henry VIIIth clause and conceivably with a more realistic test for introducing the stage 2 of disconnection.

2.         Primary school children will find their curriculum so full of lessons about safe Internet use, not file-sharing, not giving away personal data on Facebook and not cyber-bullying that reading and arithmetic will have to be quietly phased out.

3.         Phishing will rise to the point where banks will (a) force home customers to use dongles for all online transactions but (b) quietly stop accepting liability for all losses unless the consumer can prove they were not at fault.

4.         The European Commission will begin the process of extending security breach notification to all-comers not just telcos, and succeed in preparing a first draft about the time Europe collectively settles into terminal breach disclosure ennui.

5.         The Electronic Commerce Directive safe harbours, and especially the question of whether one should exist for search engines, will finally come under review because any sense of a European code will completely disintegrate with the ECJ finding for Google in the Adwords cases but against eBay in the luxury counterfeit goods cases.

6.         Second Life will be wound up as a commercial concern and become a virtual worlds museum. 

From Beverley Flynn, Partner in the Commercial and IT Group at Stevens & Bolton LLP 

Following a year of yet more high profile data protection breaches and telephone tapping, the newly appointed Information Commissioner will be keen to set an agenda and demonstrate the ICO’s powers under the Data Protection Act 1998. The consultation ‘Introducing custodial sentences for ‘knowing or reckless misuse of personal data’ – issued by the Ministry of Justice – closes on 7 January 2010 and will hopefully bring with it news that custodial sentences can be be imposed.  Whilst the right to impose fines exists, the notably larger fines, eg £3 million for the HSBC data security breaches have been issued by the FSA and in the ‘ What Price Privacy?’ and the What Price Privacy Now?’ Reports’ of 2006 it was noted that of 22 cases brought only two produced fines amounting to more than £5,000.  The introduction of custodial sentences would help give the DPA the teeth and bite which it deserves and enable it to act as more of a deterrent than at present. The number of undertakings given to the ICO, largely by public bodies, as a result of data security breaches would certainly suggest that the legislation is well in need of  more sanctions. 

From Robin Fry, Partner at Beachcroft LLP 

International carriers such as DHL or UPS may find themselves unexpectedly on the receiving end of criminal prosecutions for storage, ready for onward disposal, of counterfeit software found in undelivered packages.  Legal arguments will revolve around whether warehousing  of such items, even if not exposed for sale, does breach the Trade Marks Act 1994.

From Paul Gershlick, Principal, on behalf of the Corporate Commercial Group, Commercial/IP/IT Team, Matthew Arnold & Baldwin LLP 

Last year, I predicted that IT projects would take a battering unless they could be financially justified by reducing costs that pay for those projects.  With continued belt-tightening, I expect that to continue in 2010, with many non-essential IT projects being deferred.  

I also predict that, with organisations having fewer staff and each with more on their plates, there will be more incidents of software licences not being kept up-to-date.  As pressure mounts on software licensors to hit their revenue targets, bodies like the BSA will have rich pickings and there could be some high-profile revelations of copyright infringement. 

On data protection, I expect the next hot topic involving breaches of the seventh principle of the Data Protection Act to revolve around loss or misuse of data caused by dishonest staff.  With between one and two in every three British staff (depending on which research you believe) apparently willing to lie on their CVs and so many data breaches caused by acts of individual staff, how long before the next wave of press interest into data loss surrounds theft of databases containing sensitive data by staff who should never have got through basic background checks when applying for their jobs? 


From Brian Harley, who is admitted to the Rolls in Ireland and the UK and is currently pursuing studies at Columbia University in New York 

2009 saw the European Parliament pass a resolution declaring Internet filtering to be a ‘disguised barrier to trade’. When the Chinese Government announced that all PCs sold in China should come bundled with the Green Dam Youth Escort Internet filtering software, the outcry drew on the language of international trade as much as on free speech principles. With the advent of cloud computing, there is a growing realisation that strict EU data protection laws give rise to difficult problems regarding the geographic location of data, leading some commentators to speak of ‘data protectionism’. Even though more and more services are being delivered over the internet, the General Agreement on Trade in Services (GATS) provides only weak protections. In 2010 and the coming years, expect the delivery of services over the Internet to be increasingly recognized as an issue of international trade.

From Monica Horten, PhD researcher in Internet policy, University of Westminster: 

In the Internet space, we will see the curve of intermediary liability pressuring onward and upward, as not only copyright owners but other influential groups that have a grudge against the Internet are listened to by government. A global 3-strikes is on the agenda in the ACTA (Anti-counterfeiting Trade Agreement). The French will be in charge of copyright policy at the European Commission. And at home, counter-terrorism measures are in the Internet pipeline. Not to mention the Spanish, the Germans and the Koreans who all are proposing some form of ‘content regulation’ measures. Net neutrality will be added to the EU policy agenda, but work will be slow, and opposed by multiple vested interests. 

From Jaron Lewis, Partner, Reynolds Porter Chamberlain LLP 

2010 will be the year that our pre-internet libel laws are kicked into shape.  Legislation is expected to prevent publishers being sued over archived web content.  We will also see a consensus forming over the introduction of more streamlined – and cheaper – procedures for resolving libel disputes.  Finally, our libel judges will continue to make clear that those providing the web infrastructure – such as ISPs and search engines – should not be liable for defamatory content, even when they are on notice of a complaint.

From John MacKenzie, Partner at Pinsent Masons

2010 will see brand owners battling advances in context sensitive advertising, behavioural advertising and social network technologies as budding business owners realise the best way to attract customers is to entice them away from existing brands. 

The ECJ will find in favour of Louis Vuitton; and then in favour of Interflora. At this point, battle royal will commence as multi-million pound class actions are commenced against Google. Google will return to its policy of allowing trade mark owners to veto use of their brands. Brand owners will quickly realise that the Louis Vuitton and Interflora rulings apply to all advertising based on keywords and so parking pages, text messaging, link farms and ‘web beacons’ will all come under scrutiny. Brands will finally engage with Facebook and malicious falsehood will become a common cause of action. 

ICANN will abandon its .everything policy, when it realises that nobody is interested except spammers and cyberquatters…


From TJ McIntyre, Solicitor and Lecturer in Law, University College Dublin:


2010 will be the year when Irish lawyers begin to catch up with the rest of the world in their use of electronic discovery. Cases such as Dome Telecom v Eircom [2007] IESC 59 have shown a judicial willingness to push out the boundaries of electronic discovery and this has recently been reflected in specific rules of court (Ord 31, r 12, amended by Statutory Instrument No. 93 of 2009). Litigators are increasingly likely to take advantage of this judicial receptiveness.

2010 will also see continued government failure to reform Irish law in relation to cybercrime. Despite repeated promises, we have yet to see legislation to implement either the Cybercrime Convention or the Framework Decision on Attacks Against Information Systems, leaving Irish law lacking effective offences to deal with basic matters such as interception and denial of service attacks. It seems likely that no reform will take place until these deficiencies are highlighted by a high profile and therefore embarrassing case. 

From Chris Marsden, Senior Lecturer, University of Essex: 

2010 will be the ‘Year That Three Strikes Strikes Back’ – not that it  will be properly implemented anywhere in Europe except France, but the  copyright lobby and their captured governments will make serious efforts  to force it onto domestic legislative agendas across Europe. That will lead to a consumer backlash led by the surging Pirate Party in the European Parliament and domestically, who will no doubt rouse the European Commission to try to explain exactly what the last-minute Telecoms Package compromise on Three Strikes means, particularly in the context of the newly incorporated Charter of Fundamental Rights. Expect the British government to obfuscate on its response, especially as it must pass the Digital Economy Bill before the May 2010 election. That will lead to a proper debate in 2010 about net neutrality, in Brussels, Washington and eventually even the UK (hopefully reading my new book ‘Net Neutrality’ available free online now!). 

The new Tory Government will then have to prove that it has some principles by cancelling ID cards and talking tough on personal liberty, ISP liability, state surveillance and digital privacy – how soon it does so will be a key test of their currently half-baked IT policy. Will its pre-election promises result in them reaching for the Sky? 2010 will see further international developments on social network and search co-regulation and net neutrality, led by the resurgent consumer champion Commissioner Reding and the quite radical Obama administration (as I predicted last year). Expect several inevitable changes at the top of Ofcom and the BBC, and growing business as well as consumer pressure on Ofcom to ‘do something’ about our failing broadband competitiveness. Every corporate wage-slave will hate both our grindingly slow recovery from recession (slowest in the G20) and being dragged kicking and screaming to migrate from XP to ‘NOT my idea’ Windows 7. 

From Jeremy Phillips, IP Consultant, Olswang LLP 

* ‘Three strikes’ proposals, even if enacted, will be shown to be feeble, cosmetic inconveniences. What’s more, downloaders will assert they have a right to two free infringements.

* The Ministry responsible for IP/IT will change its name, its role and its Minister.

* The aggregated figure for victims of Data Protection Act data leak will exceed the population of the UK.

* The government will proclaim that innovation is ‘key’ to the country’s well-being while further restricting its exploitation and taxing it to death.

* Some people will continue to believe in Santa Claus, a flat Earth and the Manchester Manifesto. 

From Judith Rauhofer, Editor, Practical Law Company 

1.  After similar provisions were withdrawn from the Coroners and Justice Bill, I expect a new attempt to introduce data sharing legislation within the next two years. The prevailing attitude that cross-access to data stored by other (public and private) bodies will be useful to improve public security and the efficiency of public services will inevitably result in someone taking a second bite at the cherry. Hopefully, this time a few more safeguards will be included.

2.  The debate over the new ‘cookie’ opt-in requirement under the revised E-Privacy Directive will calm down. Online providers will take a business-as-usual approach by changing their privacy policies so that users’ browser settings imply their consent. 

3.  Some court in some EU member state will finally refer the question of whether the blanket data retention requirements included in the Data Retention Directive (and implementing domestic laws of the member states) violate the right to privacy under Article 8 ECHR to the ECJ for a preliminary ruling. 

4.  The government’s position vis-à-vis the responses it received to its second RIPA consultation suggests that it will still want to go ahead with exploring the ways in which existing technology could be employed and new technology could be developed to implement the Interception Modernisation Programme (IMP). Although budget restraints and technical problems are bound to delay new legislation, it is unlikely that these plans will go away even under a new government. 

5.  The review of the Data Protection Directive may finally gather steam after the publication of the Rand Study commissioned by the ICO and the online consultation initiated by the European Commission. I predict a focus on the harmonisation of member states’ definition of ‘personal data’, the simplification of the regime for cross-border data transfers and (possibly) the extension of a data security breach notification system to all data controllers. 

6.  Consumer protection aspects of the collection and use of personal data by online service providers will come to the fore. The ICO is already discussing a new Code of Practice for the online collection of personal data and the European Commission is taking first tentative steps in this area. As consumer consent to the collection and processing of their personal data online is largely done via EULA-style privacy policies, the question may be raised whether these should be subject to existing unfair contract terms legislation or whether new legislation is required.

From Graham Smith, Partner at Bird & Bird LLP:

Fundamental human rights will play an ever greater part in online-related policy debates (three strikes, anyone?) and litigation.  In the UK, ECHR Article 10 considerations recently had significant influence on search engine liability in Metropolitan International Schools v Designtechnica.  There will be more where that came from. 

There will be a continuing domestic and international bloodbath over ISP and online intermediary liability.  Unlike in the 1990s, when the policy debate was slugged out between rights holders and ISPs alone, this time the digital user community will be a significant force. 

With litigation creaking under the expense of processing electronic documents, standard disclosure will be abolished for cases valued under £1 million.