Businesses under pressure to keep up with laws governing tech
Keeping up with emerging laws and regulation is the biggest legal challenge by companies in their use of technology in Ireland, according to a survey by business law firm Mason Hayes & Curran.
More than a third (37%) of respondents identified this as their greatest challenge, followed by governance/oversight for privacy risks (26%).
The survey of 300 professionals was carried out its Data Privacy & Emerging Technology Regulation Conference where in-house lawyers from both the public and private sectors, to focus on the evolving regulatory landscape.
Philip Nolan, partner & head of technology, Mason Hayes & Curran, said: “With enhanced expectations of regulatory oversight and the introduction of significant new EU tech and data laws, it is not surprising that emerging regulation is the biggest issue for the sector.
“In 2018 we were dealing with one key piece of data legislation, the GDPR. Now we’re dealing with an entire suite of overlapping tech legislation covering data practices with different focuses and policy objectives.
“The collective impact of these new rules is challenging, to say the least, and organisations should be aware that being compliant with one set of laws does not mean you are covered under other related legislation.
“One key takeaway from our event is the importance of staying informed as these changes evolve. You don’t need to be an expert on every piece of emerging tech legislation, but you need to know enough to spot the issues and get the right advice for you and your organisation.”
The survey also found that more than two-thirds of attendees (67%) were not certified under the EU-US Data Privacy Framework, which aims to safeguard the privacy of EU citizens’ data when processed by companies in the US, providing a mechanism for secure and legal cross-border data flows.
Julie Austin, Privacy & Data Security Partner at Mason Hayes & Curran, commented: “These results are not particularly surprising as the framework is still in its infancy, and many organisations are continuing to rely on alternative transfer mechanisms such as standard contractual clauses.
“So far, there are almost 3,000 certified participants. 70% of those are SMEs who would have paid in and around $300 to certify, so it’s being pushed as a cost-effective alternative to SCCs.
“We have been working with clients on their certification programme and have found the certification process to be relatively smooth, with the process taking up to two months.”
The survey also found that more than three-quarters of companies surveyed (77%) do not have a compliance plan in place for minors accessing their services.
“Keeping children safe online is top of the agenda for regulators and is a core theme across the new suite of tech regulation,” said Hannah Perry, privacy & data security partner at Mason Hayes & Curran. “We have been working extensively with clients on rolling out new protections for children on their platforms and services.
“Having a robust compliance plan is important for many organisations and we would advise companies to take the following practical steps to put one in place. Start by mapping out the nature of your services and whether you are handling minors’ data. Then consider which regulations are most applicable to you and how you are going to implement your obligations under each piece of relevant legislation. This could include excluding people who are under the age of 18 from accessing your services, or putting specific child safeguards in place.”
TechCentral Reporters
Subscribers 0
Fans 0
Followers 0
Followers