Predictions 2014: Batch 4

December 22, 2013

{b}Simon Deane-Johns, consultant solicitor with Keystone Law and Chair of the SCL Media Board (via twitter){/b}

I predict consumers will soon ignore ads and comparison sites and use personal apps to find the right products.

{b}Lilian Edwards, Professor of Internet Law at Strathclyde University{/b}

Without doing a detailed big data analysis (small data no longer exists in public parlance) I suspect my alleged quite good record on past predictions is mainly down to embedded pessimism – ie I have consistently predicted for umpteen years that neither the Digital Economy Act nor, more recently, the Data Protection Regulation, would, respectively, make it into force or through the EU legislative progress. Guess what, I’m going to predict the same again for 2014:-). Though in the case of the DPReg, I hope I’m wrong. More positively (perhaps), I did not quite imagine that my 2050 predictions of ubiquitous drone surveillance would almost come true in 2013 with Amazon’s infamous delivery drone announcement – best PR stunt of the year.

As almost everyone has commented, most unexpected event of the year was obviously Ed Snowden. Now we are living through the death of the death of privacy. The non-Guardian UK media have done their best to make it look like a storm in a teacup but Obama and the US know better. The fact that Snowden now seems to have permanently set up shop in Russia with many, many revelations to come makes one wonder about a new data Cold War.

Graham Smith has stolen my usual never-quite-happens prediction about the arrival of 3D printing litigation, but he’s dead right that the war on real world (non-Somali variety) piracy is probably about to launch – the IPO are already frantically commissioning research on this.

More interesting to me would be what becomes of the dawning awareness among ordinary folks of the privacy doom arriving fast as a speeding Edinburgh tram from ubiquitous computing/Internet of Things ; and particularly the fact that data collection is always-on in such a world. Smart metering is already well on the way – driverless cars, smart roads, wi fi-ed organ implants and mobiles as tokens for physical access in secured areas will soon be, ahem, ubiquitous. The next DP war starts here, as the DPREg does precisely nothing to deal with this.

Finally, the token silly one – the Interwebs have been awash with the news that {a telemarketing robot has been denying she is a telemarketing robot:}. (Look it up – it’s hysterical.) When will it become a transparency requirement of fair commercial practices that bots reveal their true nature? This could also apply to robot kittens, seals etc. Note {Edwards Fourth Law of Robotics:}!

{b}Paul Lambert, solicitor, adjunct lecturer, author of data protection and courtroom broadcasting books and Social Networking Law, Rights and Policy (Clarus Press, forthcoming).{/b}

Fans of 24 and Bourne cannot be surprised at the Snowden revelations during 2013. It really was a year for escalating the relevance and importance of privacy, data protection, data breach/loss, regulation/new regulation … and not to forget a new level of lobbying in the EU. Data protection even features in the Leveson/post Leveson discussion. Data protection is now clearly a front page issue.

As regards the future, if 2013 was about Snowden, 2014 will be about the Snowden fallout, effects and reactions – regulatory, political, policy and public. The Dark Side of the Internet has begun to be revealed in various instances of online abuse and, sometimes with tragic consequences, will continue to be an issue. Perhaps some of the nuances, policy choices, better practice and best practice comparator and commercial issues will come to the fore in considerations of online abuse.

2014 will see more data collection, more means of data collection, more uses of collected data, more contention as regards access, correction, deletion – not forgetting, data breach and data loss.

There will be increased Internet and electronic signals for organisations and agencies to collect personal data. ‘Just because one can’ debates will continue. Transparency, expectations, consent and data protection will be very live issues.

But these added signals are perhaps progressions to expect. What about less obvious means of data collection in the (not too distant) future? Consider neuron sensors and research directed at reading brain waves and (hence) thoughts. Can human thoughts be collected? Is this personal data? What can it be used for? Should it?

This distant future may be closer than we think. Already a monkey’s thoughts and instructions can be scanned with neuron sensors to direct a humanoid robot to walk thousands of miles away. Soon a store near you will have a wonderfully clever glasses device incorporating Internet, photos, voice commands, etc. and where sound is transmitted directly through the skull, not through the ear. What if someone develops glasses or other devices placed on the head which do A, B, C but can later also scan our neuron signals? It would not be first time that new purposes and scanning capabilities have been added, intentionally or otherwise. This is a whole new concept in personal data and data collection.

{b}Pearse Ryan, partner in the Technology & Life Sciences Group at Arthur Cox, Dublin{/b}

Predictions for 2014 from the perspective of an Irish technology/outsourcing lawyer:

Ø Domestically, the public sector will ramp up its outsourcing planning and engagement with the market. The suppliers will begin to seriously consider the scope of planned projects and the contract T&C demanded by public sector customers;

Ø Domestically, the public sector will also escalate the pace of its shared services planning and, in particular, planning will commence within the local authorities. Let us hope that planning will include consideration of legal structures. I can then retire my corporate structure power point presentation which has been flogged to death at this stage;

Ø Domestically, cyber-crime will come to the fore and the glaring deficiencies in domestic cyber-crime legislation will be attempted to be remedied with new legislation. A Bill has been in the offing for some time now, the main purpose of which is to ratify the Council of Europe Convention on Cybercrime and transpose the EU Framework Decision on attacks against Information Systems. Both are limited measures and domestic legislation attempting to deal with the most international of crimes can only have limited effect. Ireland must look to effective international co-operation for any real prospect of seriously tackling cyber-crime and 2014 is unlikely to achieve that goal;

Ø Domestically, processors and users of volume data will begin to seriously consider available cyber/data insurance products. There are some reasonable products available and if the topic escalates to board level as a corporate governance issue, then, we can expect to see an increase in private sector take up of products;

Ø Both domestically and internationally, the Snowden revelations will roll on. It is not outside the bounds of possibility that we may some Irish related revelations (I will not speculate further for fear of attracting unwanted attention!) and it will be interesting to see what effect they have on the body politic and body public, especially if they bring our limited data interception laws into focus. Internationally, it will only take one or two more revelations for an already hot topic to become lava like in its heat with reference to certain fellow EU members, if not the UK, where the public reaction seems muted. Generally, it will be interesting to see whether the public begins to take data privacy seriously in 2014 or whether they (we) have effectively either conceded defeat in this battle or were never seriously interested in defending individual privacy rights in the first place. It sometimes seems that data privacy is of more interest to lawyers and policy makers than it is to the public. We watch the rolling Snowden revelations with a morbid fascination; and

Ø Both domestically and internationally, the corporate sector will finally begin to realise that effective BYOD requires a degree of corporate policy making and policy enforcement at the outer edge of rigorous. We will see whether they have the stomach for effectively policing security in this area, when generally speaking security is not as high up the corporate risk management pecking order as one would think given the amount of commentary in the area.