Happy G-Day! GDPR + Legal Design + Legal Tech

Today is G-Day, the moment when the EU’s GDPR rules finally come into force.

But, the recent mass of emails driving us all nuts and to inadvertently unsubscribe out of frustration from dozens of sites that we actually wanted to stay subscribed to is probably not what the gurus of data privacy in Brussels had in mind. It’s also worth mentioning that at a recent panel on blockchain at an ACEDS event that I chaired in London, several eminent speakers pointed out that current GDPR rules didn’t take into account how blockchains can store information and would, to paraphrase, therefore need ‘to be totally rewritten’. And it’s only one day old….

So, is GDPR turning out to be a bit of a mess? On balance it’s not all bad. Aside from earning several law firms and LPOs – and indirectly some legal AI companies – fat stacks of cash by doing GDPR doc review, the main bonus as far I can see is that it has indirectly  boosted the importance of clear legal design. 

Last night I was lucky enough to hear Emily Allbon, an expert in legal design, better known as Law Bore, but also Senior Lecturer and Director of Mooting at the City Law School (City, University of London), give a talk at the LawTech Meetup organised by Ruby Datum and case law company, Justis. Allbon’s talk was inspiring and made me see just how much opportunity there is for legal tech and legal design experts to work more closely together for a greater good. 

It seems that legal design, legal tech and strangely….GDPR, all come together here in a very positive way. How? Like this: GDPR is one of those pieces of policy that (it is hoped) drives normal people (i.e. not lawyers) to stop for a moment and consider that they have made a contract of sorts with another party. In this case, about data use.

The problem then is that these contracts are awful, badly designed and too complex in most cases. (Although, check out Twitter’s new policy page which is very clear and has easy to use Yes/No sliders – law firms take note.) So, many people don’t read them or know what rights they have or how they are impacted. I.e. the law, which is meant to be there for everyone, ends up as usual as something a tiny percentage of the population (i.e. lawyers) have any real access or connection to, and that’s bad for society and democracy.

Knowing the law and your rights and how a contract impacts you is central to a lot of A2J legal tech also, for example, RightsNOW, the voice and text-based expert system/chat bot, which provides people with key information about their civil rights. It seems that legal design is also core to this type of service delivery as the easier it is and more clear it is, the legal information – provided by a legal tech platform – will have more value and greater use.

GDPR, further amplifies the importance of clear design and also the delivery of that contractual/legal information to people, as suddenly here is a legal issue that impacts literally hundreds of millions of people (EU population is just over 511 million).

But, how many people will not engage with the process because the legal information they need to connect with is too complex, or confusing and badly designed in terms of its ability to communicate? Probably hundreds of millions will not do as GDPR’s designers hoped and better understand their rights. So, if there was ever a more pressing example of the need for better communication of legal issues……

Which leads us to the final bit here. One legal tech company that has really focused on clarity of legal design and usability in its new privacy policy is contract management startup, Juro, which Artificial Lawyer recently featured. So, to round off this piece here are some thoughts from Richard Mabey, CEO of that company.

Overview of Juro’s data policy.

‘Why GDPR May Not Be So Bad After All’

by Richard Mabey, CEO, Juro.

One of the reasons GDPR exists is to promote transparency in the way businesses deal with personal data. With all the backbreaking work being put into opt-in emails, contract amendments and DPAs, however, it’s easy to forget this admirable regulatory aim.

As part of our preparation at Juro, one of the things we doubled down on was designing a privacy notice that you wouldn’t need a law degree to read. Not just because we’re fans of great legal design, but because Article 12 mandates that privacy notices be “concise, transparent, intelligible and easily accessible”.

(More on this here in a piece in Artificial Lawyer from 2 May). A few things have surprised us about the reaction to our new privacy notice. Just on the numbers alone it’s quite surprising. In the last 7 days we have seen 2,305 unique views of our privacy notice. If this pace continues, we would expect 119,860 unique views of the notice in the next 12 months. The social take up of the new privacy policy has been pretty startling too, with hundreds of retweets, likes and messages. We’ve even had some memes created, which for a legal document that no one ever reads is rather strange.

We set out to make a positive contribution to the debate by building a privacy asset that places transparency and data security over and beyond simple box ticking. By thinking about the end user and working backwards. Hopefully, we have inspired others to do similar things for privacy. Let’s try to make some good out of GDPR and ensure all that hard work over the last few months was not wasted. Happy G-Day.

Thanks! And as Richard at Juro says: Happy G-Day. Perhaps some good will come from all of this and that good we can call the benefits of the merger between legal design and legal technology.