G A Walker


Financial markets have most recently been disrupted by the sudden explosion and growth in new Information Technology (InfoTech),6 Data Technology (DataTech),7 Financial Technology (FinTech),8 and Regulatory Technology (RegTech) markets and devices.9 Reference may also be made to the use of technology in the provision of government services (GovTech) and in legal services (LawTech). A number of separate rights and interests can also be created which arise in the context of protecting information.20 All of this becomes of specific importance in the banking and financial area due to the fact that banks and other financial institutions manage accounts on behalf of customers in which information and data is held.21 A significant amount of personal data is collected to support these accounts either for general record, credit assessment, or more specific money laundering purposes.22 Banking and financial services have increasingly become customer information- and data-based.23 Modern financial services can, to a significant extent, be considered to constitute a data processing or managing industry at its core.24 Information is of fundamental importance although it has received less relative attention in terms of law and regulation. Fact and law are distinct in so far as law creates legal rights in accordance with the judicial or legislative framework applicable to any particular society.29 Information is distinct from data, which is defined to refer to information collected or processed within specific limits, guidelines, parameters, constraints, or conditions.30 Data is structured or controlled information.31 Knowledge can then be understood to refer to understanding, appreciation, or awareness.32 This is essentially processed information or data which can be used to secure some identifiable policy objective or purpose.33 Ideas can be considered to constitute mental representations of facts, opinions, or other intellectual abstractions.34 This may include information, data, and knowledge. Information may be subject to some form of statutory control such as in the form of the European Union's General Data Protection Regulation40 and the U.K. Data Protection Act 2018, intellectual property laws, or other computer protection measures.