The 2012 CLSR-LSPI seminar on privacy, data protection & cyber-security – Presented at the 7th international conference on Legal, Security and Privacy Issues in IT law (LSPI) October 2–4, 2012, Athens

This has been a big year for privacy with so much going on within the EU regarding reform of data protection. What are the implications of reform here and what are the issues that concern us about the proposed new data protection regime contained in the proposed Regulation? We hear a lot about the ‘right to be forgotten’. How is that possible in the digital age within the online world? And what can be done about the big players who stand charged with the erosion of privacy viz Facebook, Google, Skype & YouTube etc? How can the law keep up with technological change when the latter is moving so fast e.g. with RFID, Cloud and social networking? To what extent can data breach notification, net neutrality and privacy impact assessment help and how should the law approach issues of liability and criminality in relation to privacy? What is the state of play too in the relationship between privacy policy and state surveillance and, given its implications for privacy, what obligations should governments adopt in response to cybersecurity regulation and data management? Is there a place for privacy self-regulation and if so in what respects and how effective are the Information Commissioners who often complain of being under resourced? In reviewing the way privacy law has emerged do we now need a completely new approach to the whole issue? Has the law crept into its present form simply by default? Do we need some new thinking now that reflects the fact that law is only one dimension in the battle for privacy? If so what are the other factors we need to recognise?