Roll on ten years and we have Trump as President, the World Cup raising national hopes disproportionately, the financial markets are jittery ahead of Brexit and celebrity culture is pervasive. Ed Sheeran has taken up the musical mantle and there is much anticipation around the release of “Bohemian Rhapsody”. Progress in some areas, regression in others – I’ll leave you to debate which…

One area which has progressed beyond recognition (and for the better) is that of Data Protection. In 2008, the 2001 law was in force in Guernsey, the proliferation of digital data was a fraction of its current levels and businesses were predominantly focused on anti-money laundering (AML) requirements. Whilst data protection was the “poor cousin” of AML in 2008, one of the largest breaches in history (affecting some 130 million customers of Heartland Payment Systems in the USA) nevertheless took place that year. However, this was the exception, rather than the norm. We now see data breach headlines on a daily basis, with the number of those affected and the sophistication of the attacks constantly increasing.

The world is of course a very different place today – the EU’s General Data Protection Regulation (GDPR) became enforceable from May 2018. Guernsey’s equivalent legislation (The Data Protection (Bailiwick of Guernsey) Law, 2018) came into force on the same date. This legislation represents the biggest overhaul of data protection in a generation and lays the foundations for the protection of our most vital assets in the digital age.

Whilst the GDPR is a creature of the EU, it has already had a global impact. A number of countries outside the EU have overhauled (or created) their legislative regimes to seek parity, and businesses are scrutinising their supply chains, dispensing with those who cannot (or will not) meet the grade in terms of data protection. As individuals, our rights are given greater prominence and we are entitled to transparency and accountability as to what happens to our data. This recognition and the accompanying cultural change is vital, if our personal life is to remain just that in today’s digital market. Whilst the threat of large fines drives some level of change, reputational damage can often be more detrimental.

The Cambridge Analytica scandal has opened the public’s eyes to the abuses that can go unchecked and the potential impact data analytics and algorithms can have on our daily lives, usually without us actually knowing about it. That we have been subjected to a degree of manipulation through use of our data is unsurprising; we have been exposed to advertising, political messaging and the like for many years. However, the ability of companies to obtain our data from a variety of sources, combine it with other information and commercialise it to their advantage has never been as prevalent.

At the same time, a dazzling array of innovations has desensitised us to some of the issues which come with those developments. Making bookings for holidays online and arranging our affairs at the swipe of a screen is incredibly efficient, but if it results in us being exposed to identity theft, is it worth the risk?

The monetisation of our data has been a feature of e-commerce for some years. Data is crucial for every business; the more you know about customers, suppliers and competitors, the better you are able to innovate, be efficient, make targeted investments and remain profitable. Opportunities for us to maximise the value in data are still developing.

Guernsey has been safeguarding data for a long time; it is inherent in the nature of much of the financial services industry in the island. We have a good foundation upon which to build. The foresight of the States and industry in spotting the importance of GDPR is paying off; we are recognised within the EU as being ahead of the curve. We have a respected board at the Authority and a renowned Commissioner putting in place a future-proofed regime which will maintain our position in years to come.

It is true to say that GDPR and its local equivalent are still subject to questions of interpretation, but that is in many ways an opportunity for us. We can adapt where necessary, progress initiatives which can be the blueprint for other jurisdictions and yet retain the stable and consistent regulation which attracts business in times of turbulence.

With ePrivacy on the distant horizon, adequacy being reviewed and a host of opportunities in between, I’m hopeful that I’ll be looking back on this after the next decade to see Guernsey as a leading “trusted jurisdiction”, with a larger digital footprint and a skilled workforce which is embracing the digital future which is already upon us. Hopefully it won’t be accompanied by Mamma Mia 3…

Twitter LinkedIn Email Save as PDF
More Publications
30 Jul 2021 |

Fighting international fraud

First published in New Law Journal, July 2021. Appleby partners Anthony William and Jared Dann an...

Contributors: Jared Dann, Claire Corkish
20 May 2021 |

The Gender Pay Gap Debate – a response to comments on social media

As a lawyer the majority of articles we write are about a particular case or a legal issue – which...

4 May 2021 |

New Private Investment Funds in Guernsey

In December 2020, the Guernsey Financial Services Commission (Commission) published a consultation p...

Contributors: Oratile Jonas
16 Mar 2021 |

Guernsey Structures - The Cannabis Investment Conundrum

Jurisdictions around the world have adopted different positions in relation to the legality of the c...

12 Mar 2021 |

Material adverse change clauses in light of the Covid-19 pandemic

Experts from each of our key global offices provide jurisdiction specific advice and answer question...

8 Mar 2021 |

Appleby Celebrates International Women’s Day

International Women’s Day is celebrated annually in support of gender equality and equal participa...

23 Feb 2021 |

Fit and Proper in the Channel Islands – A Regulatory Enforcement Update

It is sometimes easy to forget with all that has happened over the last 12 months that there was a w...

27 Jan 2021 |

Levies, registration and all that jazz

Regulatory markets evolve at various speeds and the data protection regime is one example of a marke...

6 Jan 2021 |

Executors navigating the “perfect (company) storm”

Corporate governance has become one of the most hotly debated topics in recent years. Whether it be ...

Contributors: Paula Fry