German and European developments in privacy law (GDPR), data ownership and legal technology
Dr Boersch presenting to the Centre for Media Transition, 6 March 2018
The intricacies of Europe’s sweeping new privacy protections; dramatic developments in legal technology and practice; and a rewriting of the way law is taught. These were among the topics covered by Dr Boris Boersch, a Berlin-based lawyer and entrepreneur, on March 6 at the University of Technology Sydney, during a seminar organised by the Centre for Media Transition.
n May 2018, the GDPR comes into effect, with expansive, unprecedented privacy protections. Its supporters call it a boon for human rights; its detractors describe it as a crippling nightmare for innovation and business. As Dr Boersch explained, the GDPR mandates a series of general principles, without specifying how they ought to be put into effect. The maximum fines for data breaches are very high: up to €20 million or 4 per cent of a company’s worldwide annual turnover, whichever is greater. Senior executives also face jail terms. All companies (apart from very small companies) must now appoint a Data Protection Officer (DPO) and map data flows. “To have a picture of where all the data flows is a really big task,” Dr Boersch said. The DPO cannot be the CEO, COO or head of IT, and has significant power. “Nobody really knows how to interpret the GDPR yet. You don’t have any court decisions.” What’s more, the effects extend beyond Europe. “If an Australian company sells goods to the E.U., then they’re subject to the GDPR.”
Ownership of data/Access to data
One principle protected under the GDPR is “data portability”. If a German citizen wants to transfer her music account from iTunes to Spotify, then the GDPR prescribes that she must be able to take her data with her. Precisely what that means is unclear. On the handling of data, Dr Boersch raised the prospect of a new approach. “Why should Google or Amazon be able to use my data without paying me? I think there will be a change here.” To this effect, Dr Boersch is developing a platform called iState so that users don’t sell their data, but sell access to their data, for a particular time or purpose.
Legal technology
In Europe, airline companies are legally required to compensate passengers if their flights are delayed. In practice, airlines rarely pay. “Sue us,” is their response, knowing that few are prepared to take the time and effort. Technology has changed that. The Flightright platform automates the process. Users submit their flight number and basic details and software generates the paperwork on behalf of law firms. Flightright then keeps 20 per cent of any damages, and lawyers are paid either by Flightright, or the airline. Similarly, MyRight is seeking redress for victims of the VW emissions scandal. Technology is changing the way law is being practised. That also includes ESCRIBA, a platform co-developed by Dr Boersch which uses blockchain technology to assist with the drafting and updating of contracts.
Legal education
Technology is changing the way law is being practised; it is also beginning to change the way it’s being taught and studied. Above all, law students will increasingly need to know how to code. As AI becomes more sophisticated, and as the change-averse legal profession belatedly adapts, lawyers will need to acquire IT skills. For Dr Boersch, this will spawn the new field of “legal engineering”. The role of lawyers will change, but won’t disappear entirely. “I myself am really looking forward to that future,” Dr Boersch said. “I don’t have the fear that we will make ourselves redundant.”