Predictions 2014: IT Law

January 7, 2014

Kit Burden, Partner and Head of Technology Sector, DLA Piper UK LLP  

Generation Y (or should that be Z?) begins to question the increasingly aggressive approach to data protection, at a time when social data is being shared on an ever freer basis. More questions are asked about the basis for Cloud Contracting and the balance of risk and reward contained therein. Outsourcing continues unabated but with more of a cloud based back-end, with resulting impacts on the kind of “typical” contract terms to be contained in the outsourcing agreements.

Mark Crichard, Partner, Technology & Outsourcing, RPC

Cloud computing take up will continue to increase, but will not really replace ‘conventional’ models, especially as data protection and cyber security regulation looks to be tightening.  In turn legislators might wake up to the fact that they are somewhat behind the curve, although Santa Claus being real is more likely (just kidding, of course he’s real).

At least one leading technology business will fail to spot the next trend and will fail or fall into terminal decline (not counting Blackberry). 

Investment in IT, not just cost-cutting, will rise as the UK economy slowly makes its way out of recession.

Surprising technology events over the last three years? 

  • LinkedIn took off as a commercial medium, and wasn’t just another fad.
  • Twitter has lasted more than a year.
  • There was a purpose behind tablets, we just never knew it. 

Beverley Flynn, Partner, Stevens & Bolton LLP 

Transferability and biometrics make for an interesting combination – I predict the increased use of biometrics and the use of data profiling will increase the need for more focus on data protection. This results from more day-to-day common usage; such as a thumb print for mobile phones; Google Glass or even an advertisement which changes as you wait in line at the check-out as the screen analyses age, profile and gender and allocates advertisements accordingly.

Last year I predicted we would have to consider if our avatars have separate data subject access rights but in practice this has already translated into practical issues such that  people now consider to whom to leave their ‘second life rights’,  such as virtual life characters or other items earned via gaming or similar sites, in a will. The issue of transferability of rights, both in this context and  arising from the recent EU UsedSoft case (where it was argued that second-hand software and the unexpired rights to a perpetual licence for software downloaded on the Internet can be transferable), may well mean that transferability of rights become more open to legal scrutiny.

Paul Gershlick, Partner, Commercial / IP / IT, Matthew Arnold & Baldwin LLP 

There will continue to be increased pressure on NHS budgets and this will provide opportunities for technological solutions (whether in databases, telehealth or IT that enables treatment away from hospitals and at a time and place of the patient’s choosing). There will also be continued convergence in the healthcare sector that involves IT converging with other solutions to provide more innovative and advanced treatments.  Meanwhile, the ICO will continue its data protection crusade against bodies within the NHS and issue further fines for misdemeanours, which will in turn throw doubt on whether to trust the technological solutions that can help the taxpayer save money. 

Dr Monica Horten, Visiting Fellow at the London, School of Economics & Political Science and author of ‘A Copyright Masquerade: How Corporate Lobbying Threatens Online Freedoms’, published by Zed Books. 

As we move into 2014, the big fight that is currently brewing in Brussels is net neutrality. This particular snake pit has been dug within the Telecoms Regulation (Connected Continent) which, according to some interpretations, would seem to legitimise the path for some very non-neutral service provision utilising bandwidth caps and prioritisation. The outcome could be a critical determinant of the future structure of the Internet – and not only in Europe, because European regulation is watched and copied elsewhere. Be prepared for lots of hissing and some poisonous politicking before this one is sorted.

In the EU, copyright enforcement policy continues to stagnate, as the e-commerce directive and the IPR Enforcement directive both remain stalled (as I predicted last year). It’s unlikely that the stagnation will shift until after the 2014 Euro-elections and the appointment of a new Commission as the current regime in Brussels remains nervous of more public protests as happened against ACTA in 2012. Hence, we are seeing rights-holders pushing out the envelope through litigation, noting the recent ruling in the case of Allostreaming in the Paris courts for not only blocking of websites but de-indexing from search engines.

What we never expected at all was a public debate on data protection, much less one on the even more esoteric subject of communications traffic data retention. But Edward Snowden’s revelations in 2013 have done in a few short months what no amount of NGO lobbying could have done in years. Snowden has made it abundantly clear to the mass population what both of these legal terms mean to them personally and why it’s important to worry about privacy. The Snowden relevations have served to shift the politics in the European Parliament, although not as far as many would have liked. Let’s face it, pre-Snowden was there any real political chance of strengthening privacy protection? Post-Snowden, yes, there is an industry fight-back, and the Council hates it, but there is some political will to take privacy seriously. However, the outcome will not be decided before the 2014 elections and we will have to hold our anticipation a little longer to get the final verdict. 

Ben Horton, Solicitor, Lexis®PSL IP & IT, Lexis®PSL 

2014 will be a ‘back-to-the future’ year as the IT cycle finishes its rotation to the 1960s – thin clients, remote processing and the service bureau. Off-site number crunching is back as organisations outsource to big data boffins and fearsome computing power.  Where once IT lawyers patiently explained that computer crime isn’t really what we do, we shall now explain that cybercrime is exactly what we do.  While not reversing the clock, the surprising and successful recent challenges to ICO monetary penalties will further slow the data protection juggernaut.  I shall buy a Bitcoin at exactly the wrong moment. 

Stewart James, Legal Consultant to the Cranfield University Cyber Security Physical Research Laboratory

It is good to see that there has been an increase in the volume and scale of public sector technology projects this year. Some of these are pilot projects for larger deals to follow, so my prediction for 2014 is that we will continue to see more of these projects and the preparation of other groundwork but that the bigger public sector deals will not start until after the election in 2015. However, the departure of some of the larger firms from the market has left it open for a new order to emerge and win some very profitable work.

Information security is also starting to get the recognition it deserves, though law firms are still concentrating on post-event support, like insurance and litigation, and not its potential for a wide range of multi-disciplinary commercial services. Information security is part of a growing body of information law that pervades all industries and all sectors.

I am surprised, however, that there hasn’t been a major data breach from a UK law firm yet; it’s happened in other jurisdictions. For example, seven law firms were hacked in Canada in September 2010, with a loss of information relating to major M&A transactions and high profile litigation. Law firms are seen as a soft target and have access to the highly sensitive information of their clients.  However, with the UK being home to so many financial organisations, the lack of a major episode may just be a reflection of the length of time required to conduct an APT-style hack, which can be measured in months and years. 

Marion Oswald, Head of the Centre for Information Rights, University of Winchester: @_UoWCIR

Last year I predicted that there would be pressure to re-think the way that personal data is shared in light of abuse scandals.  It’s sad that I have to repeat that prediction this December.

The Serious Case Reviews into the deaths of Keanu Williams and Daniel Pelka, CEOP’s assessment ‘The Foundations of Abuse’ and the Children’s Commissioner’s inquiry into child sexual exploitation in gangs all criticised the robustness of data sharing between public bodies. ‘Instances of concern tended to be viewed in isolation with a lack of attention to patterns developing’ (Williams SCR). So why, when hardly a day goes by without the trumpeting of the potential of Big Data, data intelligence, profiling and so on, do these issues persist?  A crisis of confidence around data protection?  Over-reliance on consent?  Privacy concerns around problem-profiling?  Little understanding about the value of intelligence?  Fears that anonymised data will be easily re-identified?  Incompatible IT systems?  Lack of trust between agencies?  Cautious lawyers?

I predict (and hope) that the outcome of the Law Commission’s consultation into data sharing between public bodies will challenge us all to get to grip with these issues once and for all. 

John Salmon, Partner, Sector Head, Financial Services, Pinsent Masons LLP 

Big data, the biggest and most surprising tech trend 

Four trends have defined B2B technology over the last few years – cloud computing, mobile, social and big data. Cloud we could see coming a mile away, with SaaS agreements and similar concepts becoming mainstream as far back as the arrival date of in 1999 and service bureaus already in operation even many decades before then. Social media pre-empted the social enterprise, so we could easily predict the emergence of collaborative technology before it took hold. It was only time and infrastructure that delayed mobile. No surprises there. 

The most surprising development then over the last three years or so must be big data. But the surprise has not necessarily been the development of big data technologies themselves or the computing power that has enabled processing of structured and unstructured data in timeframes that make it worthwhile. The surprise may not even be the sheer volume at which data is rapidly increasing. For me, the surprise is how surprised or caught off guard businesses and lawmakers have been by the development.

Businesses are now telling us that they have insufficient skills within their organisations to deal with big data and many remain unclear as to how to maximise value from it.

Law makers and regulators have also failed to deal effectively with the big questions that big data raises and the disturbing implications that it creates, not just for business, but in the wider socio-economic context – data security, privacy, profiling, government access and manipulation of data, cross-organisational sharing arrangements and the implications of data accuracy and inaccuracy on decision making are all issues that concern every individual. 2014 must be the year to start answering these questions. 


Jane Seager, Counsel, Hogan Lovells: 

In 2010 I predicted that more and more internet content providers would start erecting paywalls and that 2011 would perhaps be the year when paying for content became the norm rather than the exception, as it was perhaps only a matter of time before more of the traditional media struggled to compete in the online world and started to charge users for access, albeit a modest sum.  Fortunately I have been proved wrong on this one, but perhaps not for long.    

Last year I predicted that at least 500 new generic Top Level Domains (gTLDs) would in fact be in use by the end of 2013, further to the opening of applications by ICANN in 2012.  This proved rather optimistic, although over 30 new gTLDs have already been delegated and have launched their Sunrise Periods for prior rights holders.  From .TODAY to .TIPS to .TECHNOLOGY, it will soon be possible to register domain names under a whole range of new extensions and I predict that around 1,000 will have been launched by the end of 2014.  The focus will shift from pre-delegation issues at the top-level, such as objections, to post-delegation issues at the second-level, in particular rights protection mechanisms for brand owners to deal with the predicted increase in cybersquatting. 

I predict that in 2014 the so-called quantified-self will move into the mainstream, and ‘body-hacking’ devices enabling people to record and measure lifestyle data will become far more commonplace.  This technology is only in its infancy and we have yet to appreciate the full implications, particularly in relation to the collection and storage of vast quantities of personal data. 

Callum Sinclair, Partner, DLA Piper 

Ok I think I did fine with last year’s predictions (feeling particularly bullish about my 2023/2053 foretellings…).  Though I did at one stage predict that gesture-based computing would have us all flapping our hands about in front of our tech by now – maybe I just wish I was Tom Cruise. 

Here goes for 2014: 

·        Large customer organisations will keep loving the idea of agile software development but will keep executing it badly.

·        BT will quietly continue to roll out superfast broadband across the UK amid a panning from press and politicians for not rolling out to areas where in most cases it wouldn’t be sustainable.

·        The first few “smart watches” will start to hit UK shelves but they’ll be over-priced and look a bit naff (another Apple-Samsung slugfest anyone?).

·        Xbox One and PS4 will gobble up the console market and this time there’ll be no Wii magic bullet for Nintendo.

·        LinkedIn will make a more aggressive play to monetise its offering, to the chagrin of its established users.

·        The insurance market will finally begin to understand cyber-security and offer insurance products companies want to buy.·         

Graham Smith, Partner, Bird & Bird 

Most surprising development

In my predictions for 2012 I said: ‘The Defamation Bill will produce an internet-friendly approach to defamation liability (that’s not a prediction, just a fantasy)’.  Well even fantasies can come true. The Defamation Act 2013 contains a lot to cheer: complete defamation immunity of website operators for identifiable third party posts, a single publication rule for limitation purposes, restrictions on actions against secondary publishers and the introduction of a forum bar for non-European defendants.  The provisions about anonymous third party posts are a mess, but since they are voluntary may have little impact.  So all-in-all a pleasant surprise. 

Prediction for 2014

Home 3D printing will be stigmatised as piracy. 

Michael Taylor, Barrister at 4 Pump Court:

Courts, and possibly Parliament, will be called upon to decide questions of ownership of electronic information.  One can own electronic carbon credits (Armstrong DWL GmbH v Winnington Networks Ltd [2012] EWHC 10 (Ch)).  Presumably one can own Bitcoins.  Ownership of e-mails and other electronic information remains an important but unresolved question (Fairstar Heavy Transport N.V. v Adkins [2012] EWHC 2952 (TCC) and [2013] EWCA Civ 886).