Every year, we gather a series of predictions from our consultants across regions and practice areas. It's a way of reflecting on how our clients' challenges and needs evolve from year to year and capturing the key areas we expect to support our clients during the year ahead. In Part 1 of this series, Jon Chan shared outlooks from across our EMEA e-discovery practice. This post provides a roundup of predictions for the region across antitrust, information governance and data privacy.
Antitrust and Merger Clearance
- “All signs point to increased scrutiny from antitrust enforcement agencies in cartel and abuse of dominance investigations in the coming year. A number of new investigations will arise as a direct result of COVID-19 business interruptions, while others that have been delayed during the pandemic will pick back up. While over the last two years, agencies have focused primarily on stabilising markets through the dispensation of special waivers/exemptions in critical industries, they are beginning to pivot back to their core focus of enforcement and with renewed energy. Organisations will need to be prepared for an influx of behavioural-based investigations, and the impact emerging data sources, including cloud-based systems, pricing algorithms, social media sites and chat messaging systems will have on their traditional processes.” – Ashley Brickles, Senior Managing Director
- “We continue to see regulators struggling to come to grips with the data landscape in large corporations and the complexity and impact of the data requests they are making. In most cases, they ask organisations to respond in weeks for discovery exercises that typically require months. We're increasingly being brought into the negotiations to highlight the technical reality of what can actually be achieved. Thus, the more work that can be done before a deal is scrutinised, the less burdensome the overall investigative process will become. Increasingly in 2022, during the preparatory phases and in the throes of working through the varied data challenges associated with the deal, corporations will need to partner with counsel and experts who have experience with high-stakes merger clearance investigations and compliance obligations arising under various data privacy regimes.” – Craig Earnshaw, Senior Managing Director
Information Governance and Privacy
- “Throughout 2021, organisations continued to emphasise their focus on information governance. This was largely driven due to the explosion in the use of collaboration and productivity platforms like Slack, Zoom and Microsoft Teams, as well as an increase in the incidence and severity of data breaches. In 2022, many corporations will begin to implement document retention policies, defensible data disposal, data breach responses and legal hold policies and practices that have been revisited over the last year. Moreover, while many organisations will continue to look for targeted ways to control legal spend, the need and want for proactive, fully integrated solutions that address privacy, compliance, forensics, breach management and e-discovery will grow significantly in the year ahead.” – Gráinne Bryan, Senior Managing Director
- "In 2022, we're going to see more regulatory complexity and an increasingly urgent need for organisations to enable an agile approach to compliance. New data protection laws are coming into force worldwide, and existing privacy and data protection laws are also changing. Privacy regulation is increasing—such as the European Commission's proposal for a regulation on AI in the 'Artificial Intelligence Act,' and the French authority CNIL starting a public consultation, issuing a whitepaper on privacy and payments and considering laws relating to cryptocurrency and other digital payments. Particularly for organisations operating in multiple jurisdictions, an agile approach that implements local compliance policies and practices, guided by a global strategy and sophisticated technology, will become a critical factor in reducing the risk of non-compliance and penalties." – Wajdi Kharrat, Managing Director
- "Beyond the passage of the United Arab Emirates Data Protection Law, we expect to see additional data privacy legislation activity across the Middle East. For example, Dubai International Financial Centre (DIFC) is strengthening its data privacy position, including making impending changes to its 2020 Data Protection Law to remedy shortcomings revealed since it was enacted. An adequacy decision from the Department for Digital, Culture, Media & Sport in the U.K. for DIFC is also expected next year, which would significantly improve the business environment for companies operating under that jurisdiction. Additionally, Abu Dhabi Global Market (AGDM), DIFC and the Qatar Financial Centre (QFC) (which is expected to approve a new data protection law building on the existing QFC regulations and aligning closer to the DIFC and ADGM legislations) will begin negotiating a tri-partite data adequacy agreement between the three financial centres, as well as joining DIFC in pursuing adequacy approval from the U.K." – Ben Crew, Senior Director
The views expressed herein are those of the author(s) and not necessarily the views of FTI Consulting, its management, its subsidiaries, its affiliates, or its other professionals.