Lawyers warned over GDPR advice

A legal compliance expert has warned that lawyers may need to take action over potential breaches of data protection rules.  

Brian Rogers, director of regulation and compliance services for Riliance, said those who advised businesses how to comply with new GDPR rules last May should revisit that advice – and even contact clients to admit they made a mistake. 

Rogers spoke to the Gazette after lawyers were publicly criticised last month by Chris Combemale, chief executive of the marketing network DMA Group. Combemale told a Westminster Legal Policy Forum conference that many of the 1,000 DMA members had been wrongly told to focus on consent as the basis for processing data. Many businesses had followed ‘extremely conservative’ advice from their lawyers, he said, and sought to gain consent – or even double consent – to retain customer details. 

Combemale added: ‘The legal profession had a considerable misunderstanding of how this legislation could and should apply to the marketing sector.’ He gave one example of a lower-league football club which had 100,000 supporters on its database before May 2018, but followed its lawyer’s advice to gain double opt-in. The club’s signups dropped over 97%. 

Rogers said SRA rules state that lawyers must inform clients if they discover any act or omission which could give rise to a negligence claim – and may also need to report any negligence to the regulator. 

He recommended that firms that provided advice to businesses on implementing GDPR review this in relation to consent, and if it related to seeking specific consent from data subjects rather than advising them they could rely on other forms of consent, firms should consider notifying clients. ..Read More..

Leave a Reply

Your email address will not be published.