Digital identity is a basic component of the knowledge economy and society. It is the key for accessing the digital world and for carrying out commercial, economic, or any kind of transactions and communications. Far from being a merely digital version of the physical identity, digital identity is a singular and complex construct which poses three main dilemmas that provide the framework for its analysis. The first arises from the context in which it is located, the digital ecosystem, that changes its scope and nature. The second, conceptual, is a consequence of the lack of agreement about its definition but also of the different legal framework derived from it. A third dilemma, functional, is due to the fact that digital identity can fulfil different, even contradictory, functionalities. An analysis of these dilemmas can contribute to a better understanding of this category leading to a proposal for its definition and legal framework.
{"title":"Digital identity: an approach to its nature, concept, and functionalities","authors":"Margarita Robles-Carrillo","doi":"10.1093/ijlit/eaae019","DOIUrl":"https://doi.org/10.1093/ijlit/eaae019","url":null,"abstract":"Digital identity is a basic component of the knowledge economy and society. It is the key for accessing the digital world and for carrying out commercial, economic, or any kind of transactions and communications. Far from being a merely digital version of the physical identity, digital identity is a singular and complex construct which poses three main dilemmas that provide the framework for its analysis. The first arises from the context in which it is located, the digital ecosystem, that changes its scope and nature. The second, conceptual, is a consequence of the lack of agreement about its definition but also of the different legal framework derived from it. A third dilemma, functional, is due to the fact that digital identity can fulfil different, even contradictory, functionalities. An analysis of these dilemmas can contribute to a better understanding of this category leading to a proposal for its definition and legal framework.","PeriodicalId":44278,"journal":{"name":"International Journal of Law and Information Technology","volume":"19 1","pages":""},"PeriodicalIF":1.0,"publicationDate":"2024-09-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142255797","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In Europe, the governance discourse surrounding artificial intelligence (AI) has been predominantly centred on the AI Act, with a proliferation of books, certification courses, and discussions emerging even before its adoption. This narrow focus has overshadowed other crucial regulatory interventions that promise to fundamentally shape AI. This article highlights the proposed EU AI liability directive (AILD), the first attempt to harmonize general tort law in response to AI-related threats, addressing critical issues such as evidence discovery and causal links. As AI risks proliferate, this article argues for the necessity of a responsive system to adequately address AI harms as they arise. AI safety and responsible AI, central themes in current regulatory discussions, must be prioritized, with ex-post liability in tort playing a crucial role in achieving these objectives. This is particularly pertinent as AI systems become more autonomous and unpredictable, rendering the ex-ante risk assessments mandated by the AI Act insufficient. The AILD’s focus on fault and its limited scope is also inadequate. The proposed easing of the burden of proof for victims of AI, through enhanced discovery rules and presumptions of causal links, is insufficient in a context where Large Language Models exhibit unpredictable behaviours and humans increasingly rely on autonomous agents for complex tasks. Moreover, the AILD’s reliance on the concept of risk, inherited from the AI Act, is misplaced, as tort liability intervenes after the risk has materialized. However, the inherent risks in AI systems could justify EU harmonization of AI torts in the direction of strict liability. Bridging the liability gap will enhance AI safety and responsibility, better protect individuals from AI harms, and ensure that tort law remains a vital regulatory tool.
在欧洲,围绕人工智能(AI)的治理讨论主要集中在《人工智能法案》上,甚至在该法案通过之前就出现了大量的书籍、认证课程和讨论。这种狭隘的关注掩盖了有望从根本上塑造人工智能的其他重要监管干预措施。本文重点介绍了拟议中的欧盟人工智能责任指令(AILD),这是为应对人工智能相关威胁而协调一般侵权法的首次尝试,解决了证据发现和因果联系等关键问题。随着人工智能风险的激增,本文认为有必要建立一个反应迅速的系统,以充分应对人工智能损害的出现。人工智能安全和负责任的人工智能是当前监管讨论的核心主题,必须优先考虑,而事后侵权责任在实现这些目标方面发挥着至关重要的作用。随着人工智能系统变得更加自主和不可预测,《人工智能法》规定的事前风险评估就显得不够充分,因此这一点尤为重要。人工智能法》对过错的关注及其有限的范围也是不够的。在大型语言模型(Large Language Models)表现出不可预测的行为以及人类越来越依赖自主代理执行复杂任务的情况下,通过加强发现规则和因果联系推定来减轻人工智能受害者举证责任的建议是不够的。此外,《人工智能法》对风险概念的依赖是错误的,因为侵权责任是在风险发生后才介入的。然而,人工智能系统固有的风险可以证明欧盟协调人工智能侵权行为的严格责任方向是正确的。弥合责任差距将加强人工智能的安全和责任,更好地保护个人免受人工智能的伤害,并确保侵权法仍然是一个重要的监管工具。
{"title":"Can there be responsible AI without AI liability? Incentivizing generative AI safety through ex-post tort liability under the EU AI liability directive","authors":"Guido Noto La Diega, Leonardo C T Bezerra","doi":"10.1093/ijlit/eaae021","DOIUrl":"https://doi.org/10.1093/ijlit/eaae021","url":null,"abstract":"In Europe, the governance discourse surrounding artificial intelligence (AI) has been predominantly centred on the AI Act, with a proliferation of books, certification courses, and discussions emerging even before its adoption. This narrow focus has overshadowed other crucial regulatory interventions that promise to fundamentally shape AI. This article highlights the proposed EU AI liability directive (AILD), the first attempt to harmonize general tort law in response to AI-related threats, addressing critical issues such as evidence discovery and causal links. As AI risks proliferate, this article argues for the necessity of a responsive system to adequately address AI harms as they arise. AI safety and responsible AI, central themes in current regulatory discussions, must be prioritized, with ex-post liability in tort playing a crucial role in achieving these objectives. This is particularly pertinent as AI systems become more autonomous and unpredictable, rendering the ex-ante risk assessments mandated by the AI Act insufficient. The AILD’s focus on fault and its limited scope is also inadequate. The proposed easing of the burden of proof for victims of AI, through enhanced discovery rules and presumptions of causal links, is insufficient in a context where Large Language Models exhibit unpredictable behaviours and humans increasingly rely on autonomous agents for complex tasks. Moreover, the AILD’s reliance on the concept of risk, inherited from the AI Act, is misplaced, as tort liability intervenes after the risk has materialized. However, the inherent risks in AI systems could justify EU harmonization of AI torts in the direction of strict liability. Bridging the liability gap will enhance AI safety and responsibility, better protect individuals from AI harms, and ensure that tort law remains a vital regulatory tool.","PeriodicalId":44278,"journal":{"name":"International Journal of Law and Information Technology","volume":"106 1","pages":""},"PeriodicalIF":1.0,"publicationDate":"2024-09-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142269147","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Every day, individuals use the Internet to communicate, gather information, and engage in commercial transactions. Encryption renders such activities secure and possible in the first place. While interest in encryption policy has fluctuated among policymakers for the past three decades, this paper argues for the need to promote strong encryption at a global level. The paper sheds light on the risks posed by quantum computing to national security, wherein breached encryption could compromise classified information, military intelligence, sensitive devices, and critical infrastructures. The argument for a worldwide encryption policy is further substantiated by the looming spectre of profound global power asymmetries. As the evolution of quantum technology remains concentrated within a select cohort of nations, those in possession of functional quantum computers could gain unprecedented advantages and exploit such technological supremacy. To buttress this assertion, this paper employs the logic of the ‘least trusted country problem’ to underscore the fragility of global security in the face of such imbalances. In response, this paper introduces a three-fold strategy designed to pave the path towards a quantum-secure future. The strategy encompasses the pivotal elements of post-quantum cryptography, quantum key distribution, and quantum random number generators. While acknowledging the challenges inherent in implementing these measures, including the projected decade-long timeline for establishing standardized solutions, the paper underscores the urgency of confronting the imminent quantum computing menace in a proactive manner. By adhering to these strategic imperatives, the global community stands poised to reinforce encryption practices against the potent capabilities that quantum computing wields. In so doing, the security and integrity of information exchange can be preserved in an ever more interconnected world.
{"title":"Quantum-safe global encryption policy","authors":"Alessia Zornetta","doi":"10.1093/ijlit/eaae020","DOIUrl":"https://doi.org/10.1093/ijlit/eaae020","url":null,"abstract":"Every day, individuals use the Internet to communicate, gather information, and engage in commercial transactions. Encryption renders such activities secure and possible in the first place. While interest in encryption policy has fluctuated among policymakers for the past three decades, this paper argues for the need to promote strong encryption at a global level. The paper sheds light on the risks posed by quantum computing to national security, wherein breached encryption could compromise classified information, military intelligence, sensitive devices, and critical infrastructures. The argument for a worldwide encryption policy is further substantiated by the looming spectre of profound global power asymmetries. As the evolution of quantum technology remains concentrated within a select cohort of nations, those in possession of functional quantum computers could gain unprecedented advantages and exploit such technological supremacy. To buttress this assertion, this paper employs the logic of the ‘least trusted country problem’ to underscore the fragility of global security in the face of such imbalances. In response, this paper introduces a three-fold strategy designed to pave the path towards a quantum-secure future. The strategy encompasses the pivotal elements of post-quantum cryptography, quantum key distribution, and quantum random number generators. While acknowledging the challenges inherent in implementing these measures, including the projected decade-long timeline for establishing standardized solutions, the paper underscores the urgency of confronting the imminent quantum computing menace in a proactive manner. By adhering to these strategic imperatives, the global community stands poised to reinforce encryption practices against the potent capabilities that quantum computing wields. In so doing, the security and integrity of information exchange can be preserved in an ever more interconnected world.","PeriodicalId":44278,"journal":{"name":"International Journal of Law and Information Technology","volume":"72 1","pages":""},"PeriodicalIF":1.0,"publicationDate":"2024-09-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142220330","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This article examines international jurisdiction in the resolution of contractual disputes involving Video-Sharing Platforms (VSP). It situates VSPs within the broader context defined by the Audio-visual Media Services Directive and identifies areas of litigation. The article discusses specific cases where national courts have resolved conflicts related to VSPs and sheds light onto the application of contractual and consumer forums under Regulation 1215/2012.
{"title":"Video-sharing-platforms and Brussels Ia regulation: navigating contractual jurisdictional challenges","authors":"Josep Suquet","doi":"10.1093/ijlit/eaae017","DOIUrl":"https://doi.org/10.1093/ijlit/eaae017","url":null,"abstract":"This article examines international jurisdiction in the resolution of contractual disputes involving Video-Sharing Platforms (VSP). It situates VSPs within the broader context defined by the Audio-visual Media Services Directive and identifies areas of litigation. The article discusses specific cases where national courts have resolved conflicts related to VSPs and sheds light onto the application of contractual and consumer forums under Regulation 1215/2012.","PeriodicalId":44278,"journal":{"name":"International Journal of Law and Information Technology","volume":"5 1","pages":""},"PeriodicalIF":1.0,"publicationDate":"2024-09-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142220333","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This article examines artificial intelligence (AI) co-regulation in the EU AI Act and the critical role of standards under this regulatory strategy. It engages with the foundation of democratic legitimacy in EU standardization, emphasizing the need for reform to keep pace with the rapid evolution of AI capabilities, as recently suggested by the European Parliament. The article highlights the challenges posed by interdisciplinarity and the lack of civil society expertise in standard-setting. It critiques the inadequate representation of societal stakeholders in the development of AI standards, posing pressing questions about the potential risks this entails to the protection of fundamental rights, given the lack of democratic oversight and the global composition of standard-developing organizations. The article scrutinizes how under the AI Act technical standards will define AI risks and mitigation measures and questions whether technical experts are adequately equipped to standardize thresholds of acceptable residual risks in different high-risk contexts. More specifically, the article examines the complexities of regulating AI, drawing attention to the multi-dimensional nature of identifying risks in AI systems and the value-laden nature of the task. It questions the potential creation of a typology of AI risks and highlights the need for a nuanced, inclusive, and context-specific approach to risk identification and mitigation. Consequently, in the article we underscore the imperative for continuous stakeholder involvement in developing, monitoring, and refining the technical rules and standards for high-risk AI applications. We also emphasize the need for rigorous training, certification, and surveillance measures to ensure the enforcement of fundamental rights in the face of AI developments. Finally, we recommend greater transparency and inclusivity in risk identification methodologies, urging for approaches that involve stakeholders and require a diverse skill set for risk assessment. At the same time, we also draw attention to the diversity within the European Union and the consequent need for localized risk assessments that consider national contexts, languages, institutions, and culture. In conclusion, the article argues that co-regulation under the AI Act necessitates a thorough re-examination and reform of standard-setting processes, to ensure a democratically legitimate, interdisciplinary, stakeholder-inclusive, and responsive approach to AI regulation, which can safeguard fundamental rights and anticipate, identify, and mitigate a broad spectrum of AI risks.
{"title":"Artificial intelligence co-regulation? The role of standards in the EU AI Act","authors":"Marta Cantero Gamito, Christopher T Marsden","doi":"10.1093/ijlit/eaae011","DOIUrl":"https://doi.org/10.1093/ijlit/eaae011","url":null,"abstract":"This article examines artificial intelligence (AI) co-regulation in the EU AI Act and the critical role of standards under this regulatory strategy. It engages with the foundation of democratic legitimacy in EU standardization, emphasizing the need for reform to keep pace with the rapid evolution of AI capabilities, as recently suggested by the European Parliament. The article highlights the challenges posed by interdisciplinarity and the lack of civil society expertise in standard-setting. It critiques the inadequate representation of societal stakeholders in the development of AI standards, posing pressing questions about the potential risks this entails to the protection of fundamental rights, given the lack of democratic oversight and the global composition of standard-developing organizations. The article scrutinizes how under the AI Act technical standards will define AI risks and mitigation measures and questions whether technical experts are adequately equipped to standardize thresholds of acceptable residual risks in different high-risk contexts. More specifically, the article examines the complexities of regulating AI, drawing attention to the multi-dimensional nature of identifying risks in AI systems and the value-laden nature of the task. It questions the potential creation of a typology of AI risks and highlights the need for a nuanced, inclusive, and context-specific approach to risk identification and mitigation. Consequently, in the article we underscore the imperative for continuous stakeholder involvement in developing, monitoring, and refining the technical rules and standards for high-risk AI applications. We also emphasize the need for rigorous training, certification, and surveillance measures to ensure the enforcement of fundamental rights in the face of AI developments. Finally, we recommend greater transparency and inclusivity in risk identification methodologies, urging for approaches that involve stakeholders and require a diverse skill set for risk assessment. At the same time, we also draw attention to the diversity within the European Union and the consequent need for localized risk assessments that consider national contexts, languages, institutions, and culture. In conclusion, the article argues that co-regulation under the AI Act necessitates a thorough re-examination and reform of standard-setting processes, to ensure a democratically legitimate, interdisciplinary, stakeholder-inclusive, and responsive approach to AI regulation, which can safeguard fundamental rights and anticipate, identify, and mitigate a broad spectrum of AI risks.","PeriodicalId":44278,"journal":{"name":"International Journal of Law and Information Technology","volume":"14 1","pages":""},"PeriodicalIF":1.0,"publicationDate":"2024-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141568142","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper aims to evaluate the concept of data sovereignty as applied to data spaces, particularly the Common European Data Space (CEDS). The CEDS aims to develop a single European data market through nine domain-specific data spaces: health, industrial and manufacturing, agriculture, finance, mobility, Green Deal, energy, public administration, and skills. It aims to do this by providing a secure and trustworthy technical architecture, a robust data-sharing business model realized through effective governance, and ensuring data sovereignty. Ensuring data sovereignty, however, is challenging when different agents all claim authority over their data within a data space. This paper focuses on three data sovereign agents in the CEDS—individual, organization, and state—to examine how data sovereignty can be implemented in data spaces based on current European Union regulations and whether shortcomings still need to be addressed.
{"title":"Will the real data sovereign please stand up? An EU policy response to sovereignty in data spaces","authors":"Mark Ryan, Paula Gürtler, Artur Bogucki","doi":"10.1093/ijlit/eaae006","DOIUrl":"https://doi.org/10.1093/ijlit/eaae006","url":null,"abstract":"This paper aims to evaluate the concept of data sovereignty as applied to data spaces, particularly the Common European Data Space (CEDS). The CEDS aims to develop a single European data market through nine domain-specific data spaces: health, industrial and manufacturing, agriculture, finance, mobility, Green Deal, energy, public administration, and skills. It aims to do this by providing a secure and trustworthy technical architecture, a robust data-sharing business model realized through effective governance, and ensuring data sovereignty. Ensuring data sovereignty, however, is challenging when different agents all claim authority over their data within a data space. This paper focuses on three data sovereign agents in the CEDS—individual, organization, and state—to examine how data sovereignty can be implemented in data spaces based on current European Union regulations and whether shortcomings still need to be addressed.","PeriodicalId":44278,"journal":{"name":"International Journal of Law and Information Technology","volume":"1 1","pages":""},"PeriodicalIF":1.0,"publicationDate":"2024-07-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141568143","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This review evaluates the edited work ‘Artificial Intelligence & Intellectual Property’. The book’s aim and audience are defined and its contents summarized both generally and chapter by chapter. The review also considers how the book has fared with its challenging scope, the difficult subject matter it covers, and the delivery of a coherent story and conclusions. It is concluded in this review that it speaks for the quality of both the cooperation among contributors and the editors’ vision that the book was quite successful on all accounts despite the difficulty of its project. The review highlights a few of the book’s arguments in the patent and copyright context put forth in support of two of the main discernible conclusions, briefly commenting on their persuasiveness, strengths, and limits. Concluding with some general words of reflecting, the book is recommended as an enlightening read.
{"title":"Rethinking Exclusivity – A Review of Artificial Intelligence & Intellectual Property by Jyh-An Lee, Reto M Hilty and Kung-Chung Liu","authors":"Lisa van Dongen","doi":"10.1093/ijlit/eaae007","DOIUrl":"https://doi.org/10.1093/ijlit/eaae007","url":null,"abstract":"This review evaluates the edited work ‘Artificial Intelligence & Intellectual Property’. The book’s aim and audience are defined and its contents summarized both generally and chapter by chapter. The review also considers how the book has fared with its challenging scope, the difficult subject matter it covers, and the delivery of a coherent story and conclusions. It is concluded in this review that it speaks for the quality of both the cooperation among contributors and the editors’ vision that the book was quite successful on all accounts despite the difficulty of its project. The review highlights a few of the book’s arguments in the patent and copyright context put forth in support of two of the main discernible conclusions, briefly commenting on their persuasiveness, strengths, and limits. Concluding with some general words of reflecting, the book is recommended as an enlightening read.","PeriodicalId":44278,"journal":{"name":"International Journal of Law and Information Technology","volume":"1 1","pages":""},"PeriodicalIF":1.0,"publicationDate":"2024-06-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141509905","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The regulation of artificial intelligence (AI) should strike a balance between addressing the risks of the technology and its benefits through enabling useful innovation whilst remaining adaptable to evolving risks. The European Union’s (EU) overarching risk-based regulation subjects AI systems across industries to a set of regulatory standards depending on where they fall in the risk bucket, whilst the UK’s sectoral approach advocates for an incremental regulation. By demonstrating the EU AI Act’s inability to adapt to evolving risks and regulate the technology proportionately, this article argues that the UK should avoid the EU AI Act’s compartmentalized high-risk classification system. The UK should refine its incremental regulation by adopting a generic principle for risk classification that allows for contextual risk assessment whilst adapting to evolving risks. The article contends that if refined appropriately, the UK’s incremental approach that relies on coordinate sectionalism encourages innovation without undermining the UK technology sector’s competitiveness in the global market of compliant AI, while also mitigating the potential risks presented by the technology.
{"title":"Risks, innovation, and adaptability in the UK’s incrementalism versus the European Union’s comprehensive artificial intelligence regulation","authors":"Asress Adimi Gikay","doi":"10.1093/ijlit/eaae013","DOIUrl":"https://doi.org/10.1093/ijlit/eaae013","url":null,"abstract":"The regulation of artificial intelligence (AI) should strike a balance between addressing the risks of the technology and its benefits through enabling useful innovation whilst remaining adaptable to evolving risks. The European Union’s (EU) overarching risk-based regulation subjects AI systems across industries to a set of regulatory standards depending on where they fall in the risk bucket, whilst the UK’s sectoral approach advocates for an incremental regulation. By demonstrating the EU AI Act’s inability to adapt to evolving risks and regulate the technology proportionately, this article argues that the UK should avoid the EU AI Act’s compartmentalized high-risk classification system. The UK should refine its incremental regulation by adopting a generic principle for risk classification that allows for contextual risk assessment whilst adapting to evolving risks. The article contends that if refined appropriately, the UK’s incremental approach that relies on coordinate sectionalism encourages innovation without undermining the UK technology sector’s competitiveness in the global market of compliant AI, while also mitigating the potential risks presented by the technology.","PeriodicalId":44278,"journal":{"name":"International Journal of Law and Information Technology","volume":"136 1","pages":""},"PeriodicalIF":1.0,"publicationDate":"2024-06-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141509906","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper problematizes the increasing trend of metadata collection by law enforcement, in light of the ‘going dark’ debate, which was spurred by the widespread adoption of secure encryption standards. Focusing on Indian privacy law, which remains nascent as of writing, we examine and propose potential constitutional limitations on metadata collection, and provide substantive guidance on their application. These limitations are bifurcated into two stages: first, whether metadata collection infringes upon the right to privacy, and second, whether the infringement is justified. In determining whether the collection of metadata in a specific case infringes privacy, we conceive of a ‘contextual approach’, challenging the usual ontological subordination of ‘metadata’ in relation to ‘content data’. At the second stage, we centre the standard of proportionality. We offer substantive guidance for Indian courts at each step of the test, including the development of a ‘risk profile’ of metadata collection practices. Such guidance is crucial, given the technically intricate nature of cases involving metadata processing.
{"title":"Confronting the metadata dilemma in India: a turn to context and proportionality","authors":"Rudraksh Lakra, Abhijeet Shrivastava","doi":"10.1093/ijlit/eaae012","DOIUrl":"https://doi.org/10.1093/ijlit/eaae012","url":null,"abstract":"This paper problematizes the increasing trend of metadata collection by law enforcement, in light of the ‘going dark’ debate, which was spurred by the widespread adoption of secure encryption standards. Focusing on Indian privacy law, which remains nascent as of writing, we examine and propose potential constitutional limitations on metadata collection, and provide substantive guidance on their application. These limitations are bifurcated into two stages: first, whether metadata collection infringes upon the right to privacy, and second, whether the infringement is justified. In determining whether the collection of metadata in a specific case infringes privacy, we conceive of a ‘contextual approach’, challenging the usual ontological subordination of ‘metadata’ in relation to ‘content data’. At the second stage, we centre the standard of proportionality. We offer substantive guidance for Indian courts at each step of the test, including the development of a ‘risk profile’ of metadata collection practices. Such guidance is crucial, given the technically intricate nature of cases involving metadata processing.","PeriodicalId":44278,"journal":{"name":"International Journal of Law and Information Technology","volume":"2017 1","pages":""},"PeriodicalIF":1.0,"publicationDate":"2024-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141509907","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Amid escalating apprehensions surrounding content regulation, the USA has discreetly integrated provisions reminiscent of its Communications Decency Act Section 230 (CDA 230) into trade agreements, offering broad immunity. This scholarly analysis critically assesses this manoeuvre by juxtaposing such CDA 230-like provisions against the UK’s established legal framework governing online content and freedom of expression. Utilizing a comparative legal methodology, the paper underscores the pronounced differences between the USA and UK stances on intermediary liability for third-party content, moulded by their unique constitutional foundations and jurisprudential interpretations of free speech rights. The insertion of CDA 230-aligned clauses into trade agreements poses a potential threat to the UK’s nuanced equilibrium between safeguarding free speech and upholding other paramount interests, such as privacy and reputation. An scrutiny of UK defamation statutes and content regulation protocols reveals inherent challenges in transplanting CDA 230 provisions into trade contexts. In summation, the paper ardently supports a diversified approach to online content governance and cautions against standardizing intermediary liability laws via trade agreements, especially between nations with divergent foundational beliefs. It fervently endorses a cross-disciplinary discourse involving both trade and legal specialists to ensure the preservation of free expression while concurrently recognizing the intricacies of crafting universally applicable standards for online platforms and content regulation.
{"title":"The transatlantic divide: intermediary liability, free expression, and the limits of trade harmonization","authors":"Han-Wei Liu","doi":"10.1093/ijlit/eaae004","DOIUrl":"https://doi.org/10.1093/ijlit/eaae004","url":null,"abstract":"Amid escalating apprehensions surrounding content regulation, the USA has discreetly integrated provisions reminiscent of its Communications Decency Act Section 230 (CDA 230) into trade agreements, offering broad immunity. This scholarly analysis critically assesses this manoeuvre by juxtaposing such CDA 230-like provisions against the UK’s established legal framework governing online content and freedom of expression. Utilizing a comparative legal methodology, the paper underscores the pronounced differences between the USA and UK stances on intermediary liability for third-party content, moulded by their unique constitutional foundations and jurisprudential interpretations of free speech rights. The insertion of CDA 230-aligned clauses into trade agreements poses a potential threat to the UK’s nuanced equilibrium between safeguarding free speech and upholding other paramount interests, such as privacy and reputation. An scrutiny of UK defamation statutes and content regulation protocols reveals inherent challenges in transplanting CDA 230 provisions into trade contexts. In summation, the paper ardently supports a diversified approach to online content governance and cautions against standardizing intermediary liability laws via trade agreements, especially between nations with divergent foundational beliefs. It fervently endorses a cross-disciplinary discourse involving both trade and legal specialists to ensure the preservation of free expression while concurrently recognizing the intricacies of crafting universally applicable standards for online platforms and content regulation.","PeriodicalId":44278,"journal":{"name":"International Journal of Law and Information Technology","volume":"7 1","pages":""},"PeriodicalIF":1.0,"publicationDate":"2024-03-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140105967","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: