Predictions 2012: IT Law and More

January 3, 2012

From Lilian Edwards, Professor of E-governance at Strathclyde University, author of the Pangloss blog and a leading speaker and author on Internet law issues 

2012 will be the year 3d printing (or ‘fabricators’) starts to have real impact in homes and for individual artists (‘makers’) and SMEs bringing up new IP piracy crises.

Similarly protection of innovation in virtualisation – of everything from the ‘feel’ of arcade rides, to the smell of perfumes – will start to seriously challenge the conventional IP regimes.

The Digital Economy Act Initial Obligations stage will still not get started (going out on a limb there – but I got it right last year).

The Data Protection Directive reform package will still be ongoing by year end (by contrast, a dead cert).

The government’s wholesale release of ‘open data’ will lead to at least one major privacy scandal to rival HMRC as re-identification techniques improve every day.

02’s strategy of traffic slowing to deter crowd streaming of events at the London Olympics will be about as successful as Britain’s track record in the track and field. 

From Graham Smith, Partner at Bird & Bird, editor and co-author of Internet Law and Regulation and author of the Cyberleagle blog 

The Communications Green Paper will turn into a battleground for Internet freedom.

While the Hargreaves copyright reforms become bogged down in a welter of special interest pleading, the courts will become more accustomed to weighing copyright in the balance against other fundamental rights.

The Defamation Bill produces an internet-friendly approach to defamation liability (that’s not a prediction, just a fantasy).

From Stewart Room, Partner, Field Fisher Waterhouse

Cookies will continue to be a hot topic next year as we will see much high profile data protection enforcement activity in this area.

The backdrop to this is the EU Citizens Rights Directive 2009, which made the dropping of some kinds of cookies and similar tracking devices unlawful without the consent of the user of the relevant terminal equipment. The new law came into effect in May this year, but the Information Commissioner announced a 12-month moratorium on enforcement action, to give data controllers enough of a chance to get their houses in order.

So in six months we can expect to see the cookie debate explode, as privacy advocates and consumer groups press the Information Commissioner to take legal action. Big companies are bound to be the main focus of the pressure groups, but they’ve got the financial muscle to put up a good fight if the ICO comes calling, giving a recipe for a compelling legal story. 

From Callum Sinclair, Legal Director at DLA Piper Scotland LLP  

I believe 2012 will be the year where online business networks such as LinkedIn really begin to break through into the mainstream and start to deliver solid commissions/instructions and fee income. Up until now, we have largely seen members building networks of contacts and transferring contacts from address books/Outlook contacts, etc. Don’t get me wrong: some are doing this very effectively already, using the power of such online networks to full potential, having some fantastic enlightening discussions and winning work, but not across the board. I believe this will start to gather serious momentum in 2012 and will shortly thereafter become the norm. I also predict that we might start to see the first few attempts by individuals/group ‘owners’ in the UK to realise tangible value from commercialisation of networks and groups they have formed on LinkedIn and elsewhere online.  

From Laurie Kaye of Laurence Kaye Solicitors

The term ‘Transmedia’, the child of multimedia, will enter the lexicon of digital media. It’s a phrase I recently heard Jeff Gomez (Starlight Runner) use, to get people to think about stories and narratives rather than formats. It is the notion of stories or narratives being expressed across a range of platforms in ways suited to each platform, whether as an online game, book, interactive site, film, TV programme or otherwise. This new thinking applies to the entire process from creation through to business and contractual models.

Competition and anti-trust law will be at the top of Amazon, Google and Apple’s legal agenda.

The forthcoming EU review of the Data Protection Directive will spur industry into making data protection compliance more easy and effective. (A hope or an expectation?).

The biggest challenge – and opportunity – in the creative industries is creating new, innovative business models.

The real value of the Hargreaves’ big idea, the Digital Copyright Exchange, will be in driving all the media and technology industries to work collaboratively to develop standards so that all the different rights exchanges – film, music, publishing etc. – can speak to each other ‘machine to machine’. This is the key to solving problems of rights clearance and unleashing the potential of new digital content services.

I used to think about ABS as just being about my car’s braking system. No more.

From Duncan Ogilvy, Partner at Mills & Reeve LLP 

Economic imperatives and technological advances will make this the year when on-line collaboration between clients, their lawyers and others moves from the preserve of mega complex matters to the normal way to do business. 


From Kit Burden, Partner and Head of Technology, Sourcing and Commercial Group at DLA Piper UK LLP, the European Outsourcing Association Advisors of the Year, 2010  

Recognition will dawn that there is more ‘old’ than ‘new’ wine in the Cloud Computing bottles, and some conventional norms in associated contract provisions will be re-applied.

There will be low levels of IT project activity but an increase in IT related case law, as more troubled projects hit the buffers and work their way through the courts’ processes, hopefully giving rise to clarity on some of the residual ‘grey’ areas.

IT law in private practice will continue to condense in favour of a more distinct number of large groups, supplemented by a number of individuals or smaller teams spread more widely.

e-enabled LPO takes a firm hold on commoditised and IT-enabled areas of the law and puts the squeeze on high street and smaller law firms. 

From Matthew Lavy, Barrister at 4 Pump Court 

The Cabinet Office publication of the Open Source Procurement Toolkit will spark a renewed interest in Open Source Software and increased adoption beyond the networking and back-office roles that have traditionally been Open Source’s main stomping ground. Suppliers and procurers alike will need to review their approach to SLAs and warranties to ensure that they are commercially and legally sensible in an Open Source context.

As the new Practice Direction beds in, litigants and the courts will become more willing to depart from Standard Disclosure in document-heavy tech cases, and to embrace more innovative and dynamic approaches that cut down the cost of disclosure and the amount of court time spent arguing about it.

Projects will continue to go wrong; data will continue to be lost; clouds will form and dissipate; history will repeat itself. 

Emma Brownlow-Smith, Solicitor, Field Fisher Waterhouse

For many people, their phone is their life: organising, connecting, even waking them. That’s just the tip of the iceberg. Apps and e-commerce sites already facilitate mobile web payments, but what about the physical world? By way of a small chip built into their phone, ‘Near Field Communication’ (NFC) enables users to pay for items in everyday surroundings by, for example, simply waving their phone over a reader at a paypoint. The possibilities don’t end with payment – a phone could become an ID card or a ticket; a location information service or a loyalty discount gateway. The technology is not new: it’s already being used in Oyster Cards but, with the release of NFC enabled phones, more emphasis is being placed on the need to establish an underlying infrastructure. As companies, including Google and Visa, start to embrace the possibilities of the contactless world many more will surely follow suit. 

From Paul Gershlick, Partner Commercial / IP / IT at Matthew Arnold & Baldwin LLP 

I predict that we will see more EU data protection muddle: a further deferring of the cookies opt-in law in the UK, further appeasement for those EU countries that have not yet implemented it, continued fudge over cloud computing data protection issues, further debate about what constitutes ‘consent’ and a new EU data protection law that gives people the mistaken belief that they will have a right for their data to be forgotten.

Oh, and Panama to be added by the European Commission as an approved third country for data transfers (tongue in cheek!).

So, this may be a boring prediction, but more of the same! 

From Chris Marsden, Director: EXCCEL (Essex Centre for Comparative and European Law, University of Essex and author of five books on Internet law, including the forthcoming “Regulating Code” (2013, MIT Press with Dr Ian Brown). 

2012 will be a year for longer term perspectives, driven by the desperate state of the Western economies in their fifth year of recession, and the resultant need for substantial belt-tightening by governments, not least in their IT budgets. This will have a radically unpleasant knock-on effect on IT suppliers. In practice, that means moving beyond buying new services that promise (but often fail to deliver) cost savings towards cancelling whole swathes of IT procurement. I would suggest that 2012 will be the year of ‘open data’ (which is free-ish for government to cough up), even more cloud computing (see above), free software finally securing a foothold on desktops in bigger organisations, and most of all for sweating assets such as telecoms contracts, security software, old Windows/Office licences and online databases. Expect Microsoft to react by claiming that Office 2013/14 will be full of Skype connectivity so saving us money.

But then 2011 was not notable for austerity so much as the year of the fondle-slab (iPad) and Jesus-phone (iPhone 4S). So we may march on oblivious! It is always worth checking our previous year to see how wrong we were: I claimed 2010 would be the ‘Year That Three Strikes Strikes Back’ (as I published ‘Network neutrality’), and 2011 ‘Year that the “Three Wise Monkeys” of ISP liability have their eyes well and truly opened by co-regulation’ (as I published ‘Internet Co-regulation’). Naturally I am now claiming a year ahead that 2013 will be about ‘Regulating code’…

From Mark Turner, Partner, Herbert Smith LLP


The cookie monster will come roaring out of the jar in 2012</pq>. Although the monster grumbled in 2011 when new laws stemming from the EU Citizens Rights Directive came into force in the UK, the subsequent decision of the Information Commissioner to grant a 12-month reprieve on enforcement satisfied the monster’s appetite temporarily.

However, this grace period expires in 2012 and organisations will need to decide what action, if any, they are going to take in order to try and achieve compliance without impacting the all-important customer experience. In monitoring the situation, the Information Commissioner may decide to make a sacrifice to appease the monster, or continue to wait for some form of technological solution to come out of the various working groups looking at the problem.

If enforcement action commences, we can expect to see a plethora of consent mechanisms appearing on web sites all over the UK and Europe. They will not follow the precedent set by the Information Commissioners Office ( or by Delia Online (

Article 29 Working Party

As legal practitioners, privacy advocates and information officers across Europe continue to hold their breath and wait for the all-singing, all-dancing Data Protection Directive 2012 proposal to emerge from the European Commission, some eyes may start to focus on the continued role of the Article 29 Working Party.

Opining in 2011 on everything from RFID applications to geo-location services and the level of data protection in New Zealand, the Working Party has a unique role in shaping data protection policy and law in the European Member States. A role that is usually exercised in deliberations behind closed doors, without public or industry consultation and without any way of challenging its interpretations of the law, short of litigation in the European Court. Is 2012 the year when the Working Party will be required to become accountable to its stakeholders and the public?

From Jane Seager, Counsel, Hogan Lovells: 

Much ink was spilt in 2011 in the domain name world over the proposed launch of new generic Top Level Domains (gTLDs). This has been on the cards for a number of years now and will result in a fundamental change to the Internet as we know it, with .generic, .brand or .city proliferating instead of the popular .com. Despite the continuing furore, ICANN has announced that the first round application window will open on 12 January 2012 and close on 12 April 2012, although I predict that the closing date may well be extended as many companies wake up to the full implications of not applying only at the last minute, despite the significant costs that running a TLD will involve. The list of applied for strings will be published shortly after the closing date, and predictions as to how many will be received vary wildly. I would expect that over 1,000 applications will be made initially, and that the most straightforward will be approved and in use by early 2013, thus changing the face of the Internet forever. 

Also on the theme of Internet infrastructure, in 2012 the growing scarcity of IPv4 addresses means that we will see a burgeoning trading market in them as companies who need large numbers of IP addresses at short notice seek to buy them from those with a surplus. As a result IPv4 addresses will become increasingly valuable assets, although of course such value will last only until the widespread adoption of IPv6 at some unforeseen point in the future. 

From Richard Graham, Partner at Edwards Wildman (

Over the course of the last few years, we’ve witnessed a radical shift in the way that organisations collect, store and process their business data – this has been helped by seismic improvements in high performance computing and software interoperability, and the cloud can be seen as the jewel in the crown of this technological revolution. The sheer volume of data has also exponentially increased, and for some organisations, such as Google, Facebook and Twitter, their underlying business model is built around the analysis and exploitation of that business data. This analysis will help transform business processes and achieve the ultimate goal of understanding the customer, with the added consequence of encouraging job creation, innovation and growth. This will also keep us all grappling with the legal issues at the core of data ownership and licensing, ranging from confidentiality, intellectual property, cyber security and privacy to more complex issues surrounding competition law and insurable risk.  

The term ‘big data’ refers to mass repositories of data, the size of which is beyond the ability of standard database software to structure and analyse. This can be data collected as part of a social network, including location data, ‘life-logging’ data, video, photos, blogs, articles, documentaries, and browsing and purchasing behaviour data. This can be collected across multiple platforms, in multiple jurisdictions and in multiple languages. The cloud has now allowed us to store and manage this data in a way that would have seemed unachievable this time five years ago. However, the real value for business is not simply from the collection and storage of this data in the cloud, it is from the sophisticated analysis and exploitation of the data itself. We may associate the company SAS Institute with a legal case of 2011 relating to the copyright protection in computer programs – yet we should note that SAS Institute are the ones pioneering ‘big data’ with their business intelligence and analytics software, and my view is that the technological pioneers like these are the ones for us to watch in 2012. 

From Stephen Mason, barrister and author of Electronic Signatures in Law. Stephen is also an Associate Research Fellow at the Institute of Advanced Legal Studies and general editor of Electronic Evidence and International Electronic Evidence. 

I predict that the eCODEX project ( will lead to the compulsory introduction of ‘identity’ cards for all lawyers (and eventually all citizens). If you think that the issue is not within the remit of the EU and subsidiarity governs the introduction of ‘identity’ cards, beware that the word ‘subsidiarity’ has two meanings. If a matter comes within the meaning of ‘subsidiarity’ then the meaning in English is that the Member State makes the decision. However, in Eurospeak, ‘subsidiarity’ means the matter is for the unelected bureaucrats at the European Union. Incidentally, one of the premises that eCODEX is predicated upon is the false statement that ‘there are already about 10 million people currently involved in cross-border civil proceedings’ (FAQs: This is explained in footnote 4 in the editorial to volume 8 of the Digital Evidence and Electronic Signature Law Review. 

From Martin Sloan, Associate in the Technology, Information and Outsourcing Group at Brodies LLP 

Reform of the data protection directive will be a big issue. We know that the European Commission will publish its proposals in January, and Commissioner Reding has already trailed a few proposed initiatives. The Article 29 Working Party has also put its marker in the sand by releasing opinions earlier this year on the use of geolocation services on smart devices and the general issue of consent. Both Commissioner Reding’s speech and the Article 29 Working Party’s approach to the core issue of consent is at odds with the more permissive approach taken to date by the UK Information Commissioner where, for example, the Information Commissioner considers that data controllers need not give explicit notification where the proposed use of data is obvious. How the UK ICO will respond to the move towards ‘explicit informed consent’ remains to be seen, particularly given the ongoing confusion in relation to the new rules on the use of cookies. We also know from previous grumblings that parts of the EU do not like the UK’s approach to transfers outside the EEA – in particular, the ability of data controllers to vary (or ignore altogether) the EU model clauses and make a finding of adequacy in respect of a proposed data processor, without needing to involve the national regulator. A change to the law here could add to the administrative burden when offshoring, particularly when dealing with multiple group data controllers.

Will safe harbor survive? Facebook’s recent settlement with the FTC shows some of its failings.

The ‘right to be forgotten’ will turn into as big a shambles as the change in rules over cookies.

The UK ICO will continue to exercise its powers to fine, and a blue-chip company will get the biggest fine to date. Human error is still the key cause of data breaches, so woe betide any organisation that fails to put in place training and systems to cut out administrative mistakes.

Siri will spark a number of copycat systems on other platforms.

This time next year I will have become addicted to a new iPad/iPhone app that doesn’t even exist yet. How did I ever live without it? 

From Shelley Thomas, Partner, Hill Dickinson LLP

I think 2012 will see the imposition of much higher monetary penalties on those breaching the Data Protection Act by the Information Commissioner, with a focus on both the public and private sector; given the dominance of the public sector in the monetary penalty notices issued to date, one cannot help but suspect that a significant private sector monetary penalty may be on the horizon. There will be flurries of press activity in January (assuming that the long awaited release from the Commission on the future of data protection law arrives as promised) and in May, to mark the 1st anniversary of the revised Privacy and Electronic Communications Regulations (and the date that the ICO will start to fully enforce the requirements). Whether the latter leads to a greater clarity and understanding of the requirements of the PECR (and consequently greater compliance) remains to be seen.

Turning to the use of IT by the profession, one would not bet against the increasing proliferation of mobile devices of all shapes and forms (with the associated risks of loss!), but there will be a shift towards tablets and devices whose focus is on more than merely picking up e-mails. With the advent of the Legal Services Act, the ban on the payment of referral fees, and the continuing economic uncertainty, the profession will be looking at increasingly creative ways to use the technology available to it (and specifically the Internet) to drive business and maximise profits. The days of law firms only having brochure web sites may be over. 

From Toby Headdon, Senior Associate at Berwin Leighton Paisner 

In 2012, the ongoing tussle between intermediaries and rights owners about responsibility for policing unlawful online activity is certain to continue. The blocking injunction granted against BT in Newzbin2 was a relatively easy decision, as was the decision that the filtering injunction granted against an ISP in Scarlet v SABAM was contrary to EU law. What both camps need to work out is (1) where the balance lies between these two extremes, which is likely to result in more litigation, and (2) who has to foot the bill for implementing these injunctions, a door which was wisely left ajar in Newzbin2. Such developments may also give rise to something of a ‘technological arms race’ between developers of blocking and filtering technology – which is seldom, if ever, bulletproof – and those who wish to work around it. If they are to have any efficacy, blocking and filtering technologies will need to evolve and adapt rapidly. ISPs will also need to keep one eye on the much maligned Digital Economy Act which is due to be reviewed by the Court of Appeal – if it ever limps over the finishing line, it may yet also have a say on some of these issues.  

David Lewis, Associate, Field Fisher Waterhouse

Cloud services in the consumer space will become even more commonplace in 2012, as the quest to simplify user experience and reduce local storage continues. This will push data security further into the limelight, as more users entrust not just their personal information, but also their music, film, documents and other data to distantly located servers.

Google Music will seek to conclude its record label negotiations and attack iTunes’ market share, with an ex-US launch.

And whilst Steve Jobs will not be physically amongst us in 2012, his legacy of driving a focus on sleeker UX and selective content curation will be ubiquitous: Windows 8 will see Microsoft embracing touch computing in an unprecedented way, doing away with the iconic ‘Start’ menu and championing an online store for Metro-based apps.

And in the UK, YouView will bring the Internet and apps into the living rooms of even the staunchest luddites.