and is different in scope and approach to the EU’s forthcoming Digital Services Act. Although the Online Safety Act is of course a massive and wide-ranging piece of legislation, there is a clear area of focus: Online harms to children, especially where the role of social media and messaging platforms is concerned. There are also movements in the area of Inter- national Data Transfers, where after some years of ambiguity and no doubt a lot of unintention- al non-compliance, the EU and the USA finally have an agreement that allows EU Citizens’ data to be processed in the USA. The UK has a separate data sharing agreement with the US – meaning that some possibility exists of variance in approach, and complications where a UK organisation handles the data of EU citizens and passes them to the USA for processing. This is worth examining especially where sensitive personal data is concerned, and bearing in mind that sensitive personal data can be introduced into the landscape quite innocently; an example would be using a US-based Human Resources platform in the Cloud that may contain details of health conditions or other sensitive employee data. This would need to be reflected very clearly in terms of employment, a proper legal basis assigned both for the sensitive and normal personal data, purpose of processing, retention periods, etc.
ensuring that organizations remain compliant and secure in an era of heightened technological integration.
Trust Matters
As we reflect on the technological landscape of 2023 and anticipate the developments of 2024, it is evident that the legal and organisational implications of these advancements are multifaceted and complex. But one thing is clear: Trust is the most important commodity and brand value going forward, and that trustworthiness is something that needs to be demonstrable. From the intricacies of hybrid work environments to the mainstream adoption of AI and the ever-growing importance of cybersecurity, legal tech professionals find themselves at the forefront of shaping policies that safeguard the interests of i/ ndividuals, organizations, and society at large. By understanding and addressing the legal nuances associated with technological innovations, a strategy for tech, data and governance can add significant practical, strategic value to any enterprise.
Governance in the Tech and Data Space
The rapid adoption of technology during the COVID-19 pandemic has underscored the need for heightened focus on governance in the IT space. Organizations must now grapple with vendor due diligence, conduct meticulous risk and impact assessments, especially in the context of AI integration, and fortify risk management protocols. The expeditious response to the pandemic sometimes led to actions taken without a full understanding of associated risks, introducing unknown varia- bles into the equation. Legal frameworks must evolve to accommodate these changes,
rafi@salvatore-consult.me
Connect with Rafael
HAROLDBENJAMIN.COM
25
Made with FlippingBook interactive PDF creator