This week Freshfields published an annual review of the top trends we expect to impact the data landscape in 2024 and beyond. They have been identified by international specialists from across our global network to help clients plan ahead.

A confluence of emerging capabilities, new regulations and other legal developments will pose fresh challenges for businesses seeking to make the most of the opportunities of data and allied technologies. This report helps businesses and their in-house advisors prepare for a rapidly changing environment.

The trends are:

Trend 1: Accelerating use of AI

The last year saw generative artificial intelligence (AI) take the world by storm, leaving governments and organisations grappling with complex questions about how to adapt to the challenges and opportunities of AI. Many companies have access to troves of data that they may wish to extract additional value or efficiencies from using AI. Our specialists have helped many organisations in aspects of their development and deployment of AI. We highlight steps that businesses developing or implementing AI in the future will need to consider. See: What to consider when adding data to the AI revolution.

Trend 2: Growing complexity and convergence of global privacy laws

2023 saw the continued march of privacy regulation around the world as ever more countries joined the ranks of those with comprehensive privacy laws. While every jurisdiction has continued to apply its own take on privacy regulation, there are many emerging common elements to privacy laws. In our report, we also explain significant regulatory trends that we are seeing across multiple jurisdictions. See: Global trends in privacy laws: different routes taken along the same regulatory pathway.

Trend 3: Companies confront an ever-evolving cyber risk landscape

Two major risks that businesses need to be increasingly aware of are ransomware and insider threats. We report on those emerging challenges and the actions companies can take that may make a huge difference to their ability to respond to future incidents. See: Preparing for the cyber risks of today, and tomorrow.

Trend 4: Data portability rights will become more potent

Data portability rights seek to make it easier to transfer data from one company to another. Planned legal reforms in this area could soon raise new challenges and opportunities for EU, UK and global businesses. See: New data portability rights: challenges and opportunity.

Trend 5: Changes in data and cyber enforcement impacting global businesses

We have observed an evolution in enforcement postures across the US, UK, and EU regarding privacy and cyber regulations. The US has extended its focus on non-monetary remedies, the UK has moved from headline grabbing fines to a more outcomes-based approach, and EU data protection authorities have embraced diverse corrective measures as well as record fines. There have also been indications of what areas the relevant authorities will focus enforcement on in the coming years. Understanding those trends will help maximise the prospects of avoiding enforcement. See: Changes in data privacy and cyber enforcement.

Trend 6: Growing risk of data litigation

Well-publicised and extensive data breaches have always carried the risk of costly and reputationally damaging mass litigation, and such claims continue apace. We explain why recent trends mean that data litigation should remain a primary area of concern for many organisations. See: Growing risk of data litigation.

Trend 7: Acquiring valuable datasets remains a top priority for businesses worldwide

Long-standing issues relating to data, such as data ownership and data protection, will continue to be important in mergers and acquisitions (M&A). We report on new challenges and recent developments impacting the acquisition of data in M&A deals. See: Data deal trends.

Trend 8: Evolving landscape of digital data regulation in the EU

The EU was at the forefront of establishing a legal framework to protect individuals’ personal data. Now the EU’s wide-ranging ‘Digital Strategy’ intends to supplement its existing data and digital framework with a new set of rules that are not limited to data, personal or otherwise. Those include new rules to foster data flow, data access and the data economy and enhanced obligations and user protections for online platform services, online hosting services, search engines, online marketplaces, and social networking services. AI will be another focus of new regulations coming out of Brussels. We explain what changes businesses can expect and how they should respond. See: GDPR reloaded: The EU’s comprehensive approach to regulating data-driven industries.