Compliance - it's not just financial
Jinfo Blog

By Tim Buckley Owen

Abstract

Businesses are more burdened with regulation than ever before, according to a new report. The bulk of the current rules may be financial but, if we’re reading the runes correctly, it looks as if privacy regulation is catching up fast.

Item

Companies needed to keep track of about 60 new announcements every working day last year, according to Thomson Reuters’ State of Regulatory Reform report for 2012 (registration required). Over half of the new rules came from the United States, a little under a quarter from Europe and a sizeable chunk from Asia.

Much of the output up to now seems to have been financial, with more to come; the report’s authors estimate that up to 80% of the rule making under the US’s Dodd-Frank Act is still to be completed, for example. But it also warns companies that focus only on the major regulators that they risk falling foul of changes from other sources.

And it’s a fair bet that a good few of those “other sources” will be focusing on privacy. Writing on Westlaw’s Legal Insight service recently, Boston-based information privacy professional Cynthia Larose set out her top five commercial data security and privacy issues for 2012, pointing out that more countries were adopting privacy laws in line with the European Union model.

Now the Stanford Law Review has pitched in, with a symposium issue on “the privacy paradox”, wondering how the US legal system should adjust to evolving and often conflicting expectations of privacy. One contribution calls for a balancing of the business benefits of big data against individual privacy rights, while another agonises over how targeted political campaigns can enhance voter participation but at the cost of eroding political privacy and democratic debate.

But the talking in America is likely to be overtaken before long by action in Europe. Following the European Commission’s publication of proposals for data protection reform (LiveWire coverage here), the United Kingdom Ministry of Justice has issued a “call for evidence” asking businesses to tell it how they think the changes will impact upon them.

In particular, the Ministry wants to find out whether businesses think the proposals will build trust in the online environment and can contribute to economic growth – and it’s looking for practical day-to-day examples of their impact, with monetised costs and benefits. As Thomson Reuters’ financial services regulation head Scott McCleskey warns, more compliance means more cost, leaving less to lend and invest.

McCleskey’s remarks are true enough – although TR’s agenda is actually to sell solutions to the problem through its Governance, Risk & Compliance services. Meanwhile, though, astute information managers can also seize the opportunities presented by the global arrival of privacy on the corporate centre stage.

« Blog