Data Sharing: A New Code and Necessary Clarity

1st September 2021 Media Law

Over the course of the last decade, technology has developed rapidly.

Since 2011, tablets such as the iPad have become almost ubiquitous, our televisions and even our fridges have become part of the so-called 'Internet of Things' (IoT), while our homes and our cars now have their own digital assistants.

In addition to making our lives much easier, all of those innovations have involved the generation of immense amounts of data.

Effective operation of many parts of the world's technological infrastructure rely on that data being shared between different operators.

Yet as the hardware has evolved, the efforts of data regulators to address the increasing volume of data in daily circulation have moved at a rather slower pace.

The Information Commissioners' Office (ICO), for instance, issued its first Data Sharing Code in 2011.

Since then, of course, we have seen the introduction of the General Data Protection Regulation (GDPR), alongside the Data Protection Act 2018, which replaced data laws which had been in place since the mid-1990s.

The ICO, of course, is keen to ensure that legislation governing how data is processed is rigorously adhered to.

It is also well aware of both the social and economic potential which the correct use of data holds.

A new Data Sharing Code was laid before parliament in May and is due to be issued by the Commissioner very soon before taking effect 21 days thereafter.

It is designed to provide the public and private sector with advice about how data can be shared "in a fair, safe and transparent way".

It builds on the core principles of GDPR but guides data controllers through the various necessary steps in complying with the law.

As the ICO acknowledges, that is important because some confusion persists about how - and, in fact, whether - data can or should be shared.

The issue about data controllers being fully aware of their responsibilities is something of a recurrent theme in cases handled by myself and my colleagues at JMW.

For example, in recent months, we have found ourselves dealing with a number of matters relating to data transfers involving companies in a variety of business sectors which are about to be sold.

The management of data should be regarded as important an element of corporate sales or acquisitions as any other part of due diligence.

It is a point reinforced when one considers the fines issued by the ICO over the course of the last 12 months alone.

In all, 34 organisations were fined just under £43 million.

However, the failure to manage data properly has implications not just for big business but for us all.

One parliamentary review of the official response to the Covid pandemic found that problems with the sharing of data affected assessment of the NHS's efforts to tackle the outbreak.

As the new Data Sharing Code makes clear, just because there is a paramount need to process data efficiently should not necessarily mean it is something to be avoided.

On the contrary, those in any doubt about how to be compliant should shout out and take the advice of experts rather than be caught out and face the consequences.

We're Social

Laura Wilkinson is an Associate Solicitor located in Manchesterin our Commercial LitigationMedia Law departments

View other posts by Laura Wilkinson

Let us contact you

View our Privacy Policy

Areas of Interest