Technology has enabled businesses to collect vast amounts of information about their customers, employees and their operations. More data has been collected in the past two years than during the rest of the existence of the human race. To give this a sense of perspective, it is reported that 40,000 search queries are performed using Google every second, and more than one billion people use Facebook in just one day.
However, big data is not particularly useful until it has been analysed to solve a problem. Therefore, businesses are investing in analytics tools to extract 'big answers' from big data. The intrinsic value that can then be realised from big data is becoming recognised as a new asset class.
As with any type of valuable asset, businesses should plan to protect their data, and in doing so identify where the best location is to store their data. It is easy to think that this issue solely concerns cyber security. However, the risks to data extend beyond hackers and IT failures, and you can only start to appreciate this once you consider data in the same way as you would any other asset. For business planners to create a safe environment in which to protect their data assets, here are my top five reasons why they should store their data in Guernsey.
As an offshore finance centre, Guernsey is in an enviable and unique position as being an integral part of the trans-Europe and Atlantic fibre-optic network, which is one of the backbones of the global internet. Guernsey's network regularly carries US to EU data traffic. The island's state-of-the-art international connections have enabled Guernsey to become a leader in e-Gaming, transmitting more e-Gaming data than any other jurisdiction. Therefore, Guernsey already has the infrastructure needed to receive and transmit very large amounts of data.
- SECURE AND COMPLIANT
Guernsey is an internationally recognised jurisdiction with thorough and pragmatic regulation. In particular, Guernsey is one of only 11 countries whose data protection regimes benefit from an adequacy decision of the EU Commission. Therefore, it is much easier to transfer personal data to and from EU member states and Guernsey than most other countries. Further, Guernsey is committed to introducing legislation that implements the EU's updated General Data Protection Regulation (GDPR) to maintain its adequacy status.
- DATABASE RIGHTS
Database rights create a property right to protect against unauthorised use of the contents of a database. Few countries outside the EU have database rights (in particular, the US does not have database rights). Guernsey has introduced database rights legislation based on the EU model, but with one small, yet very significant, distinction. EU database rights can only be established if the data used to compile the database is pre-existing. However, in Guernsey a database right can also be established if the data is created by the author of the database. This difference is important for protecting databases of valuable results produced from analysing big data, since those results are likely to constitute newly created data, which might otherwise not be protected by database rights outside of Guernsey.
- CORRECT BALANCE OF DATA
PROTECTION AND DATA DISCLOSURE RULES
A so-called 'splinternet' is occurring as countries introduce conflicting requirements for protecting and disclosing data. For example, some countries already have wide reaching powers to access or order disclosure of data. A prominent example is the US PRISM surveillance program, which caused controversy following the Edward Snowden leaks. Such powers are conflicting with other nation-states' domestic laws, including rights to privacy. These problems are exposed in the recent case of United States v. Microsoft Corp, which involved a warrant issued by the New York District Court for Microsoft to produce all emails and private information associated with an account hosted by Microsoft in the US and Ireland.
The warrant conflicted with principles of Irish law, and so Microsoft successfully appealed the decision. However, Microsoft was still required to disclose all data it held in the US, even if it related to a non- US person. This case underscores the importance of the location of data. In this respect, Guernsey as a location has the correct balance of internationally accepted anti-money laundering and countering terrorist financing laws as well as adequate data protection obligations. Therefore, for businesses operating across countries that have conflicting disclosure of data and data protection requirements, Guernsey can provide solutions in the same way that Guernsey provides solutions as a neutral intermediary jurisdiction in financial services.
- GEOGRAPHIC AND POLITICAL
Data hosting requires a secure and reliable location to avoid environmental and political risks. Consisting mainly of granite rock and well away from the edge of any tectonic plates, Guernsey has a stable geography. Further, whilst Guernsey is close to the United Kingdom and Europe, it is outside the EU and it has enjoyed stable independent self-governance since 1204 (so a very long time!). Accordingly, Guernsey has a very well established track record of providing the level of stability required for securely storing big data.
This article first appeared in EnVoyage Magazine.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.