General Data Protection Regulation

The Sea-Change of the Concept of Privacy and its Consequences

"Privacy". It's all the rage nowadays. More and more laws are being drafted for purposes of protecting personally identifiable data, not least the massive upcoming EU General Data Protection Regulation.

But while Privacy may be becoming increasingly valued in the era of "big data" - where giant multi-national corporations devour information to fuel in-house machine learning and other forms of normative Artificial Intelligence - that certainly wasn't always the case. Not until quite recently in fact.

"Privacy" as a concept didn't even exist in formative English common law (beyond very limited torts). In fact, apart from the embryonic 4th Amendment to the U.S Constitution, the weren't any decently strong protections for privacy in the Western world until the passage of the European Convention on Human Rights. Article 8 of the ECHR may in theory ordain a right to privacy but it has so many qualifiers:

"except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others."

Before the information age, privacy really wasn't seen as a big deal, especially compared to the unqualified rights portrayed in the ECHR such as freedom from torture, right to a fair trial etc that were deemed a far higher priority to protect. But that's all changing now.

The EU GDPR is a regulation; which means that the exact same EU law has to apply with across all EU member states. That's an organisation encompassing over 300 million people all governed by the same strict data protection rules. Not only that, the law also strongly corrals organisations that transfer personal data outside the EU to countries which are deemed not to have adequate protections (such as binding corporate rules) in place. So effectively, this is a global privacy law due to the sheer size and influence of the EU Single Market.

That's such a sea change and it really does underline the seismic challenges that ordinary businesses and individuals have to grapple with that simply were not a major issue a generation ago. Privacy is turning from a warning sign to a vital lifestyle obligation.

For extensive advice and tailor-made preparation for GDPR and/or cyber-security, drop me a message at This email address is being protected from spambots. You need JavaScript enabled to view it.


Get in Touch

  • Phone
    0207 458 4088
  • Email
    This email address is being protected from spambots. You need JavaScript enabled to view it.
  • Address
    40 Bank Street, Canary Wharf
    London, E14 5NR