Often referred to as "the oil" of the modern economy, data is strikingly vulnerable to abuse as more personal information goes online and can be cross-referenced. High net worth individuals are among those with the most to lose.
In this guest feature, Caroline Rao, senior associate at UK-based law firm Harbottle & Lewis, outlines how the wealthy can control their personal data and put proper safeguards in place. High net worth individuals are particularly at risk, Rao says, not simply in protecting their own personal data and interests often across multiple jurisdictions but in their accountability for others’ data in their roles as employers, landlords, heads of charitable organisations, trusts, and so forth. Those with a public profile and large social media following will also have a personal brand with economic value to protect from potential fraudsters. Before discussing best practices around data security, Rao suggests where general policy efforts are focused for the year ahead.
This item is being published in the WealthBriefing family of newswires - including those covering Asia and North America - because the data protection issues confronting HNW people are often cross-border. Crypto-attackers don't recognise national borders, and neither should those protecting clients.
The editors of this news service are pleased to share these views but do not necessarily endorse all the ideas of contributors and invite responses. Email firstname.lastname@example.org.
What is on the data protection horizon for 2019?
We may expect:
1. Expansion of data protection principles to cover technology advancements
The Information Commissioner’s Office (ICO), the UK body that reports to parliament on data security issues, has identified cyber security, AI, big data and machine learning, and web and cross-tracking devices as tech priorities for the year ahead. In fact, this year’s International Data Protection Day (January 28th) coincided with the publication of the Council of Europe’s guidelines on artificial intelligence and data protection, essentially with the aim of ensuring that AI applications do not inhibit or undermine established rights to data protection or the protection of human rights.
2. Extension in the territorial scope of "protected’" data transfer
The New Year has already seen a "mutual adequacy decision" between the EU and Japan, which permits the flow of data following certain assurances and agreements that adequate safeguards are in place. Similar talks are underway with South Korea and, of course, depending on what happens with Brexit, we hope 2019 will see a similar adequacy decision in respect of UK/EU data flow.
3. A continuing rise in data breach litigation
As data protection and rights awareness grows, so will the ability to enforce those rights and claim for loss when such rights are abused. Given the scope and rate of technology development, the trend in rising litigation in this area is unlikely to reverse any time soon.
4. Greater clarity as to when and how the data protection rules apply
Judgments, published guidance, and industry best practice will hopefully assist in ending confusion arising from scenarios that do not fit squarely within the GDPR/DPA framework, such as lay trustees’ and executors’ duties and obligations in respect of holding personal data.