The New Oil: Protecting Your Most Valuable Asset – Data

Navigating the Data Frontier: Strategies to Safeguard Your Most Valuable Asset

In 2006, British mathematician Clive Humby made a statement that has since become a rallying cry for the digital age: “Data is the new oil.” Humby’s analogy draws a compelling parallel between data and oil. Just as oil is valuable but needs refinement to unlock its full potential, data, too, is a valuable asset, but it must be processed and protected to drive profitable activities. In the years since Humby’s proclamation, data has indeed risen to prominence as one of the most valuable assets in the modern business landscape.

The Value of Data

Data is no longer just a buzzword; it’s the lifeblood of many industries. It encompasses a wide range of information, including personal data, financial statistics, and business knowledge. This diverse pool of data has the potential to transform various sectors, from healthcare to finance, and enable more accurate forecasting while streamlining business processes.

However, the journey from raw, unrefined data to a valuable asset is not straightforward. Data’s legal status is complex and varies depending on how it’s created and used. This complexity necessitates the application of Intellectual Property (IP) rights and procedures to safeguard data and the interests of both businesses and individuals.

The GDPR and Meta’s €1.2 Billion Fine

To underscore the importance of data protection, consider the recent case of Meta (formerly Facebook), which faced a hefty €1.2 billion fine from the European Data Protection Board. This fine was issued due to Meta’s failure to comply with the General Data Protection Regulation (GDPR), marking the largest GDPR fine to date.

The case centered around Meta’s transfer of user information from the European Union to the United States, where it was stored and processed. Concerns were raised that this data transfer could potentially allow access to user information by U.S. intelligence agencies, raising privacy issues.

Meta argued that it used standard contractual clauses (SCCs), a common practice among international companies and that these clauses were in line with GDPR regulations. Furthermore, the company highlighted ongoing efforts by policymakers in both the EU and the United States to implement the Data Privacy Framework (DPF), a sign of their commitment to data protection.

Data Protection Strategies

The Meta case underscores the need for businesses, regardless of their size, to implement robust data protection strategies. Here are some key security considerations and best practices:

  1. Ownership and Licensing: Clearly define data ownership and licensing agreements in contracts with employees, customers, and business partners. Ensure these agreements are flexible to accommodate future developments and innovations.


  1. Data Mining: When using non-proprietary copyrighted data, obtain the necessary permissions from rights holders. Note that the legal requirements for this may vary between jurisdictions.
  2. Personal Data: Special rules govern the storage and processing of personal information, including the right of users to access their data. Identify what constitutes personal data and establish processes to manage user requests promptly and thoroughly.
  3. Trade Secrets and Confidential Information: Safeguard valuable corporate assets by protecting files from competitors. Develop enforceable termination procedures and limit access to sensitive files to prevent departing employees from taking confidential information.
  4. Data Transfer Across Borders: Understand the specific liabilities associated with moving data between jurisdictions with different regulatory systems. Compliance with international regulations, such as GDPR, is crucial for seamless data flow.

The Price of Failure and the Taste of Success

Failure to implement robust data protection measures can lead to severe consequences, including regulatory fines, loss of trade secrets, cyberattacks, and a loss of consumer trust. In contrast, businesses that prioritize data protection can not only avoid these pitfalls but also inspire confidence among clients and investors. This trust positively impacts revenue streams and opens doors to additional income-generation opportunities.


As Clive Humby aptly noted in 2006, data is indeed the new oil of the digital age. Its value is undeniable, but its protection is equally essential. In today’s global economy, businesses must navigate the complex landscape of data protection, adhering to IP rights and regulations like GDPR. By doing so, they not only safeguard their most valuable asset but also secure the trust and confidence of clients and investors in an increasingly data-driven world.

Just as Global Legal Law Firm comprehends the intricate landscape of electronic payment processing and its associated regulations, we’ve also delved deep into the complexities of data protection and the potential risks involved, especially in the context of payment processing. Our mission parallels our approach to electronic payment processing litigation: to provide valuable insights and expert guidance. In a financial industry that must navigate the uncharted waters of Payment Processors while simultaneously safeguarding data, our seasoned experts are here to support you. Instead of venturing into this evolving landscape unassisted, trust in our expertise to be your guiding light. Our commitment is to ensure that you remain compliant and successful in this dynamic environment, securing your interests at every turn.

Recommended Posts