ICO and FCA announce new Memorandum of Understanding

On 18 February 2019, the Information Commissioner’s Office (the “ICO“) and the Financial Conduct Authority (the “FCA“) published a new Memorandum of Understanding (“MoU“) between them. This will no doubt be of interest to any business regulated by the FCA and while it is good news that regulators will be co-operating in the exercise of their functions, the MoU does not remove the risk for such businesses that they could, in the event of any data protection breach, face parallel investigation and enforcement action from more than one regulator, both with very significant sanctioning powers.

We have set out below a high-level overview of the MoU, the conduct of investigation and enforcement and the legal basis on which information can flow between the two regulators – paving the way for further joined-up regulatory thinking in the wake of the GDPR. Continue reading

Big Data Regulation: Coming soon to a business like yours?

The Financial Times recently referred to Big Data as “a vague term for a massive phenomenon that has rapidly become an obsession with entrepreneurs, scientists, governments and the media“. And it does seem to appear from the headlines that there isn’t a real world situation that Big Data cannot be applied to – for example, in the aftermath of the recent US General Election, questions have been asked to whether there was a failure of Big Data to accurately predict the result.

The reference to a “vague term” also seems to be in keeping with the various different definitions of Big Data quoted in the market. The data protection regulator in the UK refers to Big Data as “a way of analysing data that typically uses massive datasets, brings together data from different sources and can analyse the data in real time. It often uses personal data, be that looking at broad trends in aggregated sets of data or creating detailed profiles in relation to individuals, for example lending or insurance decisions“.

But however it is defined, it seems that there is a Big Data opportunity for business not just in how much data an organisation has, but in how it can use that data to save time and money, develop new products, manage risk and make smarter strategic decisions. This opportunity is only likely to increase as more activity is conducted online, and technology solutions such as the internet of things further increases the amount of data being collected.

The meteoric rise of Big Data has not however only presented opportunities for business. Perhaps unsurprisingly, it has also caught the attention of various sectoral and cross-sector regulators, looking to ensure that the use of Big Data technology does not negatively impact consumers or otherwise circumnavigate existing legal protections and regulations. In this article, we will look at a few of the different regulators examining the Big Data phenomenon to investigate the theory that Big Data technology has created a perfect storm of regulatory activity for business. Continue reading