The Need for Personal Data Protection Law
Have you ever noticed the “tick box” before submitting your request while completing an online application? Have you ever tried to read the privacy policies of your service providers? What if any of those data collectors used your data without your clear and affirmative consent? The answer may lie with data protection under Jordanian Law.
Personally, I have never granted any of my personal information except the exact data required to complete a specific and necessary reason. I have also never ticked any privacy boxes or read any privacy policies, as I assume that ignoring these boxes will keep me and my personal data safe. Sometimes this happens unintentionally. Some websites or applications mislead you by treating unticked boxes as giving them the right to use your information (“Negative Consent”). What happens in practice is that these service providers (“Data Controllers”) spread your information (“Data Subject”) to many third parties (“Data Processors”), without your affirmative consent, thereby enabling your data to be used for commercial or improper purposes.
Our personal data is the most valuable intangible asset in our life, because of its sensitivity and confidentiality, providing deep insights into our habits and personality. Because personal data are used every day, in every single transaction, the issue of protection is becoming increasingly vital. The need for a Personal Data Protection Law has emerged from the pressure to balance the need for businesses’ and customers’ data information to flow freely and securely versus the urgent need to protect the rights of individuals as a target for many exploitative entities.
Have you asked yourself: why do I receive random advertisements via emails, SMS or social media channels? How do they reach you? How do they guess your favorite products?
In fact, it is quite likely that you provided this information to someone for a specific reason or task. For instance, perhaps you gave details to the Companies Registrar while you were applying for company registration, or perhaps you used an online delivery which required you to provide personal details like name, age, e-mail address, mobile number or home address. Companies might also have requested special categories of personal data, such as your ethnicity, religious beliefs or even political opinions.
Unfortunately, we do not have a Data Protection Law in Jordan at this time.
Certainly, the absence of a data protection law is an invitation for data controllers to violate your personal rights and to spread your personal data across the world as a commodity. Therefore, Jordan absolutely requires a modern data protection law that is not only a nominal law, but is applicable, up-to-date, easy to understand and enforceable. This is essential to meet the growing desire for Jordanian people to control how their personal data is being used, as well as to foster greater transparency around its processing.
Adding to the above-mentioned reasons, most international regulations are intended to ensure that data controllers around the world provide adequate protection to their citizens. This means that Jordan must satisfy its international counterparts that it operates under the rule of law and respects human rights if it wishes to encourage greater commercial cooperation and participation alongside the most powerful countries in the world. For example, the “EU General Data Protection Regulation” allows transfer of data to third countries under certain circumstances, as long as the European Commission is satisfied that the country offers an adequate level of data protection. This applies to the whole country, a territory or specific sectors within the third country. The transfer of data might not be allowable, due to other laws, treaties, or determinations.
For all of these reasons, the tabled “Jordanian Personal Data Protection Bill” is intended to cover the main rights for the natural person about how data can be transferred, as indicated in the GDPR, including the rights of access, rectification, erasure, restrict processing, data portability, object and the rights related to the automated processing and profiling.
The need for such a bill in Jordan is clear. It must be drafted and carefully revised to enable us to answer the above questions and to meet international standards, providing a cohesive law that streamlines dozens of different data protection laws around the world, including the EU General Data Protection Regulation.
Ma’in S. Nsair
Lexology GTDT: Data Protection & Privacy in Jordan 2022
Will Lawyers be affected by Artificial Intelligence
Imagine that you are stuck in a self-driving car, in unusual traffic. Let us imagine that there has been an accident. The car doesn’t know what to do, since there are no saved patterns in the program that account for this scenario – so what happens?
In this case, the system will be automatically directed to the help center to ask for immediate help, thereby enabling the vehicle to decide on an alternative route or remedy. In other words, an unexpected, complex and obscure decision cannot be decided without human input. This scenario is likely whenever AI systems encounter unique situations that deviate from preexisting patterns. As legal work is highly individualized, AI solutions will never be universally applicable and will require some degree of input from a lawyer.
As the adoption of AI is accelerated by global events like the coronavirus pandemic, it will inevitably bring about seismic changes to all sectors. The legal profession will be no exception.
From procedural, administrative and collaborative roles to consultation, contract drafting, litigation and arbitration, lawyers perform numerous tasks in the delivery of legal services. Some of these are already subject to partial or complete automation by AIs, with machine-based systems fulfilling simple tasks, like typing or photocopying, and even more sophisticated tasks, like flagging essential documents or drafting contracts. Without lawyers to make a final assessment, however, outcome-critical insights can be missed.
While able to simultaneously perform multiple complex tasks and achieve intelligent outcomes, AI are machine-learning systems that do not have and are unlikely to develop real cognitive abilities or human perception. This means that total reliance on AI would equate to a hollow understanding of the open-ended nuances of law, acting solely based on pre-existing legal cases, without the sensitivity to facts within each unique context. These rigid and rote-based systems cannot provide accurate legal opinions or react to new details that may arise during the lifetime of a legal case. However, despite this inability, one must concede that AI can perform ordinary duties accurately and effectively, meaning that junior lawyers or paralegals who are performing such tasks should carefully consider how to ensure that they stay relevant in the legal field.
This should serve as a warning to the next generation of the legal profession – the path ahead leads only to the further integration of intelligent systems, so young lawyers must prepare their skills and expectations accordingly. Equally, law firms will have to adapt their business models to acclimate to the changing requirements of technology and the market.
Ma’in Nsair
