Security law in the UK – how much has changed in four years?
I’m deep in the process of writing my new book at the moment. It will be the second edition of my last book, ‘Butterworth’s Data… Read More
I’m deep in the process of writing my new book at the moment. It will be the second edition of my last book, ‘Butterworth’s Data Security Law and Practice’, which was published in late 2009, but it will be renamed ‘Butterworths Cyber and Data Security law and Practice’, reflecting the crashing way that the topic of cyber security has risen to prominence here in the UK and internationally. I did refer to the topic of cyber security in the first edition, of course, but the discussion did not fill even one page! In contrast, the second edition will be dominated by cyber security.
Shortly after publication of the first edition I put together a short movie, to get across some of the key ideas within my argument that there is a new legal framework for data security. Watching the movie this morning, I was struck by just how far the law has progressed in four short years. The key ideas within my argument still hold good and its clear that the trajectory of law making remains the same as it was back then, but what has happened is that the law has moved forward in a substantive sense. For instance, transparency through breach disclosure is now the norm and will soon be compulsory for the entire economy, if the General Data Protection Regulation completes its journey into law. Security breach fines are now routine events. The government’s policy framework continues to extend its tentacles further and further into the ordinary business of security. Disputes and litigation are becoming more common by the week.
I’m putting together an updated version of the movie right now, but here’s the original.