Skip to main content

Data Trends

Welcome to our annual review of the top trends that are expected to impact the data law landscape in coming years.

This report explores eight key themes that we predict will influence the data landscape. The themes have been identified by international specialists from across our global network to help clients plan ahead.

A confluence of emerging capabilities, new regulations and other trends will pose fresh challenges for businesses seeking to make the most of the opportunities of data and allied technologies. We hope this report is a useful guide in helping prepare businesses and their in-house advisors for a rapidly changing environment.

This forward-looking report is based on our experience of advising on high-profile and business-critical data mandates and the work of our dedicated experts across the US, Europe and Asia advising many of the world’s top tech companies. We hope that the learnings from our global network and market-leading expertise are helpful to all businesses seeking to harness the opportunities of data, AI and related technologies—and look forward to navigating the challenges and opportunities for our clients in the year ahead.

Christine Lyon, Giles Pratt and Christoph Werkmeister
Global Co-heads of the Freshfields data privacy and security practice

Top data trends 2024

The last year saw generative artificial intelligence (AI) take the world by storm, leaving governments and organisations grappling with complex questions about how to adapt to the challenges and opportunities of AI. Many companies have access to troves of data that they may wish to extract additional value or efficiencies from using AI. Our specialists have helped many organisations in aspects of their development and deployment of AI. We highlight steps that businesses developing or implementing AI in the future will need to consider.

What to consider when adding data to the AI revolution

2023 saw the continued march of privacy regulation around the world as ever more countries joined the ranks of those with comprehensive privacy laws. While every jurisdiction has continued to apply its own take on privacy regulation, there are many emerging common elements to privacy laws. In our report, we also explain significant regulatory trends that we are seeing across multiple jurisdictions.

Global trends in privacy laws: different routes taken along the same regulatory pathway

Two major risks that businesses need to be increasingly aware of are ransomware and insider threats. We report on those emerging challenges and the actions companies can take that may make a huge difference to their ability to respond to future incidents.

Preparing for the cyber risks of today, and tomorrow

Data portability rights seek to make it easier to transfer data from one company to another. Planned legal reforms in this area could soon raise new challenges and opportunities for EU, UK and global businesses.

New data portability rights: challenges and opportunity

We have observed an evolution in enforcement postures across the US, UK, and EU regarding privacy and cyber regulations. The US has extended its focus on non-monetary remedies, the UK has moved from headline grabbing fines to a more outcomes-based approach, and EU data protection authorities have embraced diverse corrective measures as well as record fines. There have also been indications of what areas the relevant authorities will focus enforcement on in the coming years. Understanding those trends will help maximise the prospects of avoiding enforcement.

Changes in data privacy and cyber enforcement

Well-publicised and extensive data breaches have always carried the risk of costly and reputationally damaging mass litigation, and such claims continue apace. We explain why recent trends mean that data litigation should remain a primary area of concern for many organisations.

Growing risk of data litigation 

Long-standing issues relating to data, such as data ownership and data protection, will continue to be important in mergers and acquisitions (M&A). We report on new challenges and recent developments impacting the acquisition of data in M&A deals.

Data deal trends

The EU was at the forefront of establishing a legal framework to protect individuals’ personal data. Now the EU’s wide-ranging ‘Digital Strategy’ intends to supplement its existing data and digital framework with a new set of rules that are not limited to data, personal or otherwise. Those include new rules to foster data flow, data access and the data economy and enhanced obligations and user protections for online platform services, online hosting services, search engines, online marketplaces, and social networking services. AI will be another focus of new regulations coming out of Brussels. We explain what changes businesses can expect and how they should respond.

GDPR reloaded: The EU’s comprehensive approach to regulating data-driven industries

Data protection and privacy laws, which we collectively call ‘privacy laws’ in this report for convenience, vary around the world—along with their associated terminology and definitions. Given the global influence of EU privacy laws, this report generally utilises EU privacy law terminology to refer to similar concepts (eg, ‘personal data’, ‘data protection impact assessments’, ‘data protection officers’ and ‘data subjects’) since readers will often be most familiar with those terms.

If you would like to discuss any of the topics covered in the report, please reach out to one of the authors or your usual Freshfields contact.

Published: November 2023

Back to top.