Conor Courtney, SCL Ambassador at UCL, is worried about an overlooked cyber security risk in the student world.
My prediction is that a major college society data breach is just around the corner and once it occurs there will be a total shift in how college students view data.
At the moment, none of the law societies in the Russel Group have any allocated members in charge of data protection. Among the vast degrees of ‘crucial’ roles, there exist non-law representatives; sports officers; and even the very important Law Ball coordinator. However, there is no position in place to deal with data breaches, and it is difficult to find any semblance of a privacy statement on law society pages. These groups deal with the emails of hundreds of students and guest speakers, as well as photographs of event attendees and potentially thousands of alumni records.
I have singled out law societies here, because they are likely to have the greatest cross-over with TechLaw, but the same could be said of any college societies, all of which fall under the ambit of GDPR. The classes of 2019/2020 mark the second year of students protected by GDPR but these societies have yet to adapt, likely because they feel that there is no need to. Although most societies believe that they are sufficiently shielded by their universities’ data policies, this will nevertheless prevent them from the possibility of being shut down, should they allow a major data breach to occur, which can only be around the corner.