Computer Law & Security Review最新文献_第10页

AI-driven alternative and online dispute resolution in the European Union: An analysis of the legal framework and a proposed categorization 欧盟人工智能驱动的替代和在线争议解决：法律框架分析和拟议分类

IF 3.3 3区社会学 Q1 LAW

Computer Law & Security Review

Pub Date : 2025-07-01 Epub Date: 2025-05-23 DOI: 10.1016/j.clsr.2025.106145

Aura Esther Vilalta Nicuesa, Marian Gili Saldaña

This paper focuses on the impact of the new EU AI Act in alternative and online dispute resolution. After briefly analysing the state of the art regarding international regulations on artificial intelligence (AI) and the strategy followed in the European Union (EU) in the field of dispute resolution, the research provides a critical discursive overview of the international existing legal guidelines and frameworks for the use of AI in dispute resolution, aiming to identify the different levels of risk addressed by the EU IA Act in this context. The paper also offers forward-looking reflections intended to contribute to the improvement of the current legal framework on AI applied to dispute resolution in the EU. To this end, it identifies various AI tools applicable to the justice sector, highlighting their main advantages and limitations. It then outlines the most relevant hard law and soft law instruments at both international and European levels, with a particular focus on the strategy implemented by the EU leading to the adoption of the current EU AI Act. The study also reviews initiatives carried out by organisations to promote the ethical use of AI in judicial systems and examines the legislative approach adopted by the EU to regulate AI in the field of justice. Finally, the paper proposes a new categorisation of AI-assisted alternative and online dispute resolution mechanisms based on their degree of risk and autonomy.

本文主要讨论欧盟新人工智能法案对替代性和在线争议解决的影响。在简要分析了有关人工智能（AI）的国际法规的最新状况以及欧盟（EU）在争议解决领域所遵循的战略之后，本研究对在争议解决中使用人工智能的国际现有法律指导方针和框架进行了批判性的论述概述，旨在确定欧盟《人工智能法》在此背景下所解决的不同级别的风险。本文还提供了前瞻性的思考，旨在为改善欧盟目前适用于争议解决的人工智能法律框架做出贡献。为此，它确定了适用于司法部门的各种人工智能工具，突出了它们的主要优势和局限性。然后，它概述了国际和欧洲层面最相关的硬法和软法文书，特别关注欧盟实施的战略，从而通过了当前的欧盟人工智能法案。该研究还审查了各组织为促进人工智能在司法系统中的道德使用而采取的举措，并审查了欧盟为规范司法领域的人工智能而采取的立法方法。最后，本文提出了一种基于风险程度和自主性的人工智能辅助替代和在线争议解决机制的新分类。

{"title":"AI-driven alternative and online dispute resolution in the European Union: An analysis of the legal framework and a proposed categorization","authors":"Aura Esther Vilalta Nicuesa, Marian Gili Saldaña","doi":"10.1016/j.clsr.2025.106145","DOIUrl":"10.1016/j.clsr.2025.106145","url":null,"abstract":"<div><div>This paper focuses on the impact of the new EU AI Act in alternative and online dispute resolution. After briefly analysing the state of the art regarding international regulations on artificial intelligence (AI) and the strategy followed in the European Union (EU) in the field of dispute resolution, the research provides a critical discursive overview of the international existing legal guidelines and frameworks for the use of AI in dispute resolution, aiming to identify the different levels of risk addressed by the EU IA Act in this context. The paper also offers forward-looking reflections intended to contribute to the improvement of the current legal framework on AI applied to dispute resolution in the EU. To this end, it identifies various AI tools applicable to the justice sector, highlighting their main advantages and limitations. It then outlines the most relevant hard law and soft law instruments at both international and European levels, with a particular focus on the strategy implemented by the EU leading to the adoption of the current EU AI Act. The study also reviews initiatives carried out by organisations to promote the ethical use of AI in judicial systems and examines the legislative approach adopted by the EU to regulate AI in the field of justice. Finally, the paper proposes a new categorisation of AI-assisted alternative and online dispute resolution mechanisms based on their degree of risk and autonomy.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"57 ","pages":"Article 106145"},"PeriodicalIF":3.3,"publicationDate":"2025-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144115771","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Editor's Foreword 编者前言

IF 3.3 3区社会学 Q1 LAW

Computer Law & Security Review

Pub Date : 2025-07-01 Epub Date: 2025-05-07 DOI: 10.1016/j.clsr.2025.106142

Henry Pearce

引用次数: 0

Access revisited: AI training at the intersection of copyright and cybercrime laws 重新访问：版权和网络犯罪法交叉的人工智能培训

IF 3.3 3区社会学 Q1 LAW

Computer Law & Security Review

Pub Date : 2025-07-01 Epub Date: 2025-05-14 DOI: 10.1016/j.clsr.2025.106149

Célia Filipa Ferreira Matias

The rise of generative AI (GenAI) poses urgent questions for copyright law, particularly regarding whether AI training infringes on reproduction rights. Some jurisdictions have tried to reduce these uncertainties through new or existing exceptions. Articles 3 and 4 of European Union Directive 2019/790 and sections 243 and 244 of Singapore’s Copyright Act of 2021 are examples. Both exceptions are subject to the condition of ‘lawful access’. The interpretation of this concept, which is vague and undefined by law, is crucial to these exceptions, as it may, ultimately, deprive them of all usefulness. This paper seeks to unpack the meaning of lawful access and its inverse by drawing on other uses of the concept, namely in cybercrime law, and its underlying values. This analysis points towards an understanding of unlawful access as the circumvention of technological restrictions to access, such as paywalls. However, adopting such measures may reduce the content that is freely available in the digital sphere, thereby impoverishing society and depriving creators of a powerful tool for publicising their works. Finally, the paper considers possible solutions to this problem and their drawbacks.

生成式人工智能（GenAI）的兴起对版权法提出了紧迫的问题，特别是关于人工智能训练是否侵犯了复制权。一些司法管辖区试图通过新的或现有的例外来减少这些不确定性。欧盟指令2019/790第3条和第4条以及新加坡《2021年版权法》第243条和第244条就是例子。这两种例外情况都受制于“合法访问”的条件。这一概念在法律上是模糊和未定义的，对这些例外的解释是至关重要的，因为它可能最终剥夺它们的所有用处。本文试图通过借鉴该概念的其他用途（即网络犯罪法）及其潜在价值，来揭示合法访问的含义及其反义。这一分析指向了对非法访问的理解，即绕过对访问的技术限制，如付费墙。然而，采取这些措施可能会减少数字领域中免费提供的内容，从而使社会变得贫穷，并剥夺了创作者宣传其作品的有力工具。最后，本文考虑了解决这一问题的可能方法及其不足。

{"title":"Access revisited: AI training at the intersection of copyright and cybercrime laws","authors":"Célia Filipa Ferreira Matias","doi":"10.1016/j.clsr.2025.106149","DOIUrl":"10.1016/j.clsr.2025.106149","url":null,"abstract":"<div><div>The rise of generative AI (GenAI) poses urgent questions for copyright law, particularly regarding whether AI training infringes on reproduction rights. Some jurisdictions have tried to reduce these uncertainties through new or existing exceptions. Articles 3 and 4 of European Union Directive 2019/790 and sections 243 and 244 of Singapore’s Copyright Act of 2021 are examples. Both exceptions are subject to the condition of ‘lawful access’. The interpretation of this concept, which is vague and undefined by law, is crucial to these exceptions, as it may, ultimately, deprive them of all usefulness. This paper seeks to unpack the meaning of lawful access and its inverse by drawing on other uses of the concept, namely in cybercrime law, and its underlying values. This analysis points towards an understanding of unlawful access as the circumvention of technological restrictions to access, such as paywalls. However, adopting such measures may reduce the content that is freely available in the digital sphere, thereby impoverishing society and depriving creators of a powerful tool for publicising their works. Finally, the paper considers possible solutions to this problem and their drawbacks.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"57 ","pages":"Article 106149"},"PeriodicalIF":3.3,"publicationDate":"2025-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143943002","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Comparative analysis of trademark protection in the metaverse and registration of virtual goods and NFTs 虚拟商品注册与nft注册中虚拟世界商标保护的比较分析

IF 3.3 3区社会学 Q1 LAW

Computer Law & Security Review

Pub Date : 2025-07-01 Epub Date: 2025-05-05 DOI: 10.1016/j.clsr.2025.106137

WooJung Jon, Sung-Pil Park

This study presents a comparative analysis of trademark protection in the metaverse and the registration of virtual goods and non‐fungible tokens (NFTs) across three distinct legal systems: those of the United States, the United Kingdom, and South Korea. Drawing on recent case law and evolving administrative guidelines, this study examines how traditional trademark doctrines—such as the likelihood‐of‐confusion standard in the U.S. under the Lanham Act, source-identifying function under the UK Trade Marks Act 1994, and proactive legislative reforms implemented by the Korean Intellectual Property Office—are being adapted to address the challenges posed by digital and virtual environments. Specifically, this study analyzes landmark cases such as Hermès International v. Rothschild and Yuga Labs, Inc. v. Ripps, which illustrate the extension of trademark protection to NFTs and other digital assets, as well as the interplay between trademark rights and freedom of expression. It also evaluates recent updates to international classification frameworks—including the 2024 Nice Classification and the Madrid Protocol—and discusses their implications for ensuring uniformity and effective enforcement of trademarks in a borderless digital market. The findings reveal that while each jurisdiction applies its own legal traditions to metaverse trademark disputes, all share a common policy objective: to prevent consumer confusion and safeguard brand integrity in an increasingly digital economy. Ultimately, the study advocates for proactive registration of trademarks as virtual goods and NFTs to streamline enforcement and enhance legal certainty, thereby fostering innovation and facilitating global trade in virtual environments.

本研究对三个不同的法律体系（美国、英国和韩国）的虚拟商品和不可替代代币（nft）的注册进行了比较分析。根据最近的判例法和不断发展的行政指导方针，本研究考察了传统的商标理论如何适应数字和虚拟环境带来的挑战，例如美国《兰哈姆法案》下的混淆可能性标准，英国《1994年商标法》下的来源识别功能，以及韩国知识产权局实施的积极立法改革。具体而言，本研究分析了herm国际诉罗斯柴尔德案和Yuga实验室诉Ripps案等具有里程碑意义的案例，这些案例说明了商标保护延伸到nft和其他数字资产，以及商标权与言论自由之间的相互作用。报告还评估了国际分类框架的最新更新，包括2024年尼斯分类和马德里议定书，并讨论了它们对在无国界数字市场中确保商标统一和有效执法的影响。调查结果显示，虽然每个司法管辖区都有自己的法律传统来处理跨界商标纠纷，但所有司法管辖区都有一个共同的政策目标：在日益数字化的经济中防止消费者混淆并保护品牌诚信。最后，该研究倡导主动将商标注册为虚拟商品和nft，以简化执法和提高法律确定性，从而促进创新和促进虚拟环境中的全球贸易。

{"title":"Comparative analysis of trademark protection in the metaverse and registration of virtual goods and NFTs","authors":"WooJung Jon, Sung-Pil Park","doi":"10.1016/j.clsr.2025.106137","DOIUrl":"10.1016/j.clsr.2025.106137","url":null,"abstract":"<div><div>This study presents a comparative analysis of trademark protection in the metaverse and the registration of virtual goods and non‐fungible tokens (NFTs) across three distinct legal systems: those of the United States, the United Kingdom, and South Korea. Drawing on recent case law and evolving administrative guidelines, this study examines how traditional trademark doctrines—such as the likelihood‐of‐confusion standard in the U.S. under the Lanham Act, source-identifying function under the UK Trade Marks Act 1994, and proactive legislative reforms implemented by the Korean Intellectual Property Office—are being adapted to address the challenges posed by digital and virtual environments. Specifically, this study analyzes landmark cases such as <em>Hermès International v. Rothschild</em> and <em>Yuga Labs, Inc. v. Ripps</em>, which illustrate the extension of trademark protection to NFTs and other digital assets, as well as the interplay between trademark rights and freedom of expression. It also evaluates recent updates to international classification frameworks—including the 2024 Nice Classification and the Madrid Protocol—and discusses their implications for ensuring uniformity and effective enforcement of trademarks in a borderless digital market. The findings reveal that while each jurisdiction applies its own legal traditions to metaverse trademark disputes, all share a common policy objective: to prevent consumer confusion and safeguard brand integrity in an increasingly digital economy. Ultimately, the study advocates for proactive registration of trademarks as virtual goods and NFTs to streamline enforcement and enhance legal certainty, thereby fostering innovation and facilitating global trade in virtual environments.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"57 ","pages":"Article 106137"},"PeriodicalIF":3.3,"publicationDate":"2025-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143903433","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Leveraging process mining and event log enrichment in European public procurement analysis: a case study 在欧洲公共采购分析中利用流程挖掘和事件日志丰富：一个案例研究

IF 3.3 3区社会学 Q1 LAW

Computer Law & Security Review

Pub Date : 2025-07-01 Epub Date: 2025-05-19 DOI: 10.1016/j.clsr.2025.106144

Roberto Nai , Emilio Sulis , Davide Audrito , Vittoria Margherita Sofia Trifiletti , Rosa Meo , Laura Genga

This article explores the application of knowledge management and artificial intelligence techniques to refine the examination of administrative procedures, particularly within the realm of public procurement, to enhance the quality and efficiency of public administration. Key challenges in legal procedural studies include managing complexity, ensuring adherence to mandatory timelines, and maintaining regulatory compliance at every procedure stage. Automated process analysis provides a means to address these challenges by automatically extracting reliable of actual processes, offering valuable insights into how legal workflows are executed in practice—insights that are often difficult to obtain through conventional methods. Our re- search focuses on extracting pertinent information from extensive datasets, specifically legal event logs from public procurement procedures. We leverage process mining to analyze temporal events within administrative workflows and propose augmenting the corresponding logs using large language models for event and date extraction from legal texts. Legal experts oversee this methodology to ensure the successful integration of technology into the legal domain. We present a multinational case study applying this knowledge management framework to the Tender Electronic Daily dataset, spanning five European countries from 2016 to 2022. The findings demonstrate that techniques such as information extraction, the use of large language models, and process discovery significantly enhance legal knowledge management. Two domain experts evaluated the methodological approach and discussed the results, confirming its potential to improve compliance monitoring, control flow, and timeliness, thereby bolstering the efficiency of legal procedures.

本文探讨了知识管理和人工智能技术的应用，以改进行政程序的审查，特别是在公共采购领域，以提高公共行政的质量和效率。法律程序研究的主要挑战包括管理复杂性，确保遵守强制性时间表，并在每个程序阶段保持法规遵从性。自动化过程分析通过自动提取实际过程的可靠性，提供了一种解决这些挑战的方法，提供了关于合法工作流在实践中是如何执行的有价值的见解——这些见解通常很难通过传统方法获得。我们的研究侧重于从广泛的数据集中提取相关信息，特别是从公共采购程序的法律事件日志。我们利用流程挖掘来分析管理工作流中的时间事件，并建议使用大型语言模型来增加相应的日志，以便从法律文本中提取事件和日期。法律专家监督这种方法，以确保成功地将技术整合到法律领域。我们提出了一个跨国案例研究，将该知识管理框架应用于招标电子日报数据集，涵盖五个欧洲国家，从2016年到2022年。研究结果表明，信息提取、大型语言模型的使用和过程发现等技术显著增强了法律知识管理。两名领域专家评价了方法方法并讨论了结果，确认了其改善遵守情况监测、控制流程和及时性的潜力，从而提高了法律程序的效率。

{"title":"Leveraging process mining and event log enrichment in European public procurement analysis: a case study","authors":"Roberto Nai , Emilio Sulis , Davide Audrito , Vittoria Margherita Sofia Trifiletti , Rosa Meo , Laura Genga","doi":"10.1016/j.clsr.2025.106144","DOIUrl":"10.1016/j.clsr.2025.106144","url":null,"abstract":"<div><div>This article explores the application of knowledge management and artificial intelligence techniques to refine the examination of administrative procedures, particularly within the realm of public procurement, to enhance the quality and efficiency of public administration. Key challenges in legal procedural studies include managing complexity, ensuring adherence to mandatory timelines, and maintaining regulatory compliance at every procedure stage. Automated process analysis provides a means to address these challenges by automatically extracting reliable of actual processes, offering valuable insights into how legal workflows are executed in practice—insights that are often difficult to obtain through conventional methods. Our re- search focuses on extracting pertinent information from extensive datasets, specifically legal event logs from public procurement procedures. We leverage process mining to analyze temporal events within administrative workflows and propose augmenting the corresponding logs using large language models for event and date extraction from legal texts. Legal experts oversee this methodology to ensure the successful integration of technology into the legal domain. We present a multinational case study applying this knowledge management framework to the Tender Electronic Daily dataset, spanning five European countries from 2016 to 2022. The findings demonstrate that techniques such as information extraction, the use of large language models, and process discovery significantly enhance legal knowledge management. Two domain experts evaluated the methodological approach and discussed the results, confirming its potential to improve compliance monitoring, control flow, and timeliness, thereby bolstering the efficiency of legal procedures.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"57 ","pages":"Article 106144"},"PeriodicalIF":3.3,"publicationDate":"2025-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144084200","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

The decentralisation defence 分散化辩护

IF 3.3 3区社会学 Q1 LAW

Computer Law & Security Review

Pub Date : 2025-07-01 Epub Date: 2025-05-22 DOI: 10.1016/j.clsr.2025.106148

Ilya Kokorin

This article explores the phenomenon of the decentralisation defence, which refers to instances where ‘decentralisation’ is invoked either as a shield against liability or as insulation from the reach of the law. This defence is rooted in the technological features of distributed ledger technology and smart contracts built on the blockchain settlement layer, including pseudonymity, programmability, immutability and decentralisation. Together, these features enable transactions while reducing reliance on centralised intermediaries. Although major decentralised finance (DeFi) applications, such as decentralised crypto exchanges, are not harmful per se, their misuse by bad actors creates risks for market participants. The recent cases of Uniswap Labs and Tornado Cash illustrate that the decentralisation defence can result in unaddressed harms and produce other negative externalities. These outcomes have prompted efforts to identify regulatory hooks along the centralisation vectors. The search for a responsible party in blockchain-enabled decentralised arrangements resembles processes observed with two other key technological advancements in the digital space – the internet and artificial intelligence. Drawing inspiration from the modern EU regulation of these transformative technologies, this article focuses on the role of user interfaces as DeFi gatekeepers, and software developers engaged in the creation of smart contract code and blockchain protocols.

本文探讨了去中心化辩护的现象，它指的是“去中心化”被援引为规避责任或作为法律范围之外的隔离的实例。这种防御植根于分布式账本技术和建立在区块链结算层上的智能合约的技术特征，包括假名性、可编程性、不变性和去中心化。总之，这些特性使交易成为可能，同时减少了对中心化中介的依赖。虽然主要的去中心化金融（DeFi）应用程序，如去中心化加密货币交易所，本身并没有害处，但不良行为者对它们的滥用会给市场参与者带来风险。最近Uniswap Labs和Tornado Cash的案例表明，去中心化防御可能导致无法解决的危害，并产生其他负面外部性。这些结果促使人们努力在集权化的载体上找出监管挂钩。在区块链支持的去中心化安排中寻找负责任的一方，类似于数字空间中另外两项关键技术进步——互联网和人工智能——所观察到的过程。从欧盟对这些变革性技术的现代监管中汲取灵感，本文重点关注用户界面作为DeFi看门人的角色，以及参与创建智能合约代码和区块链协议的软件开发人员。

{"title":"The decentralisation defence","authors":"Ilya Kokorin","doi":"10.1016/j.clsr.2025.106148","DOIUrl":"10.1016/j.clsr.2025.106148","url":null,"abstract":"<div><div>This article explores the phenomenon of the decentralisation defence, which refers to instances where ‘decentralisation’ is invoked either as a shield against liability or as insulation from the reach of the law. This defence is rooted in the technological features of distributed ledger technology and smart contracts built on the blockchain settlement layer, including pseudonymity, programmability, immutability and decentralisation. Together, these features enable transactions while reducing reliance on centralised intermediaries. Although major decentralised finance (DeFi) applications, such as decentralised crypto exchanges, are not harmful per se, their misuse by bad actors creates risks for market participants. The recent cases of <em>Uniswap Labs</em> and <em>Tornado Cash</em> illustrate that the decentralisation defence can result in unaddressed harms and produce other negative externalities. These outcomes have prompted efforts to identify regulatory hooks along the centralisation vectors. The search for a responsible party in blockchain-enabled decentralised arrangements resembles processes observed with two other key technological advancements in the digital space – the internet and artificial intelligence. Drawing inspiration from the modern EU regulation of these transformative technologies, this article focuses on the role of user interfaces as DeFi gatekeepers, and software developers engaged in the creation of smart contract code and blockchain protocols.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"57 ","pages":"Article 106148"},"PeriodicalIF":3.3,"publicationDate":"2025-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144105419","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Mapping South Korea’s digital asset regulatory landscape: From criminal code to the recently implemented virtual asset user protection act 绘制韩国数字资产监管格局：从刑法到最近实施的虚拟资产用户保护法

IF 3.3 3区社会学 Q1 LAW

Computer Law & Security Review

Pub Date : 2025-07-01 Epub Date: 2025-05-21 DOI: 10.1016/j.clsr.2025.106140

WooJung Jon, Wonsuk Yang

Historically, South Korea addressed digital assets only indirectly through the Criminal Code (fraud, unauthorized fundraising), anti-money laundering regulations, and the Capital Markets Act’s securities provisions, leaving gaps in investor protection and market integrity. In response, the Virtual Asset User Protection Act (VAUPA) was enacted in 2023 and implemented in July 2024, establishing a dedicated regulatory regime for crypto-assets not classified as securities. VAUPA defines virtual assets broadly, prohibits unfair trading practices, and imposes strict obligations on virtual asset service providers, filling regulatory gaps that prior statutes and the Capital Markets Act left unaddressed. This reform created a dual regulatory structure: tokenized assets deemed securities remain governed by the Capital Markets Act, while other virtual assets fall under VAUPA. This article examines the legal interpretation and regulatory coherence of South Korea’s evolving framework, evaluating whether VAUPA effectively enhances investor protection and regulatory clarity. By mapping this evolution, it contributes to the academic understanding of digital asset law and offers insights relevant to global regulatory debates.

从历史上看，韩国只是通过《刑法》（欺诈、未经授权的融资）、反洗钱法规和《资本市场法》的证券条款间接解决数字资产问题，在投资者保护和市场诚信方面留下了空白。作为回应，《虚拟资产用户保护法》（VAUPA）于2023年颁布，并于2024年7月实施，为未归类为证券的加密资产建立了专门的监管制度。VAUPA广泛地定义了虚拟资产，禁止不公平的交易行为，并对虚拟资产服务提供商施加了严格的义务，填补了之前法规和资本市场法未解决的监管空白。这一改革创造了双重监管结构：被视为证券的代币化资产仍受《资本市场法》（Capital Markets Act）的管辖，而其他虚拟资产则受《资本市场法》（VAUPA）的管辖。本文考察了韩国不断发展的框架的法律解释和监管一致性，评估了VAUPA是否有效地增强了投资者保护和监管清晰度。通过映射这一演变，它有助于对数字资产法律的学术理解，并提供与全球监管辩论相关的见解。

{"title":"Mapping South Korea’s digital asset regulatory landscape: From criminal code to the recently implemented virtual asset user protection act","authors":"WooJung Jon, Wonsuk Yang","doi":"10.1016/j.clsr.2025.106140","DOIUrl":"10.1016/j.clsr.2025.106140","url":null,"abstract":"<div><div>Historically, South Korea addressed digital assets only indirectly through the Criminal Code (fraud, unauthorized fundraising), anti-money laundering regulations, and the Capital Markets Act’s securities provisions, leaving gaps in investor protection and market integrity. In response, the Virtual Asset User Protection Act (VAUPA) was enacted in 2023 and implemented in July 2024, establishing a dedicated regulatory regime for crypto-assets not classified as securities. VAUPA defines virtual assets broadly, prohibits unfair trading practices, and imposes strict obligations on virtual asset service providers, filling regulatory gaps that prior statutes and the Capital Markets Act left unaddressed. This reform created a dual regulatory structure: tokenized assets deemed securities remain governed by the Capital Markets Act, while other virtual assets fall under VAUPA. This article examines the legal interpretation and regulatory coherence of South Korea’s evolving framework, evaluating whether VAUPA effectively enhances investor protection and regulatory clarity. By mapping this evolution, it contributes to the academic understanding of digital asset law and offers insights relevant to global regulatory debates.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"57 ","pages":"Article 106140"},"PeriodicalIF":3.3,"publicationDate":"2025-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144105418","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Privacy in the public: Analysing the EU framework to outline approaches for regulating AI personal data scraping 公众隐私：分析欧盟框架，概述监管人工智能个人数据收集的方法

IF 3.3 3区社会学 Q1 LAW

Computer Law & Security Review

Pub Date : 2025-07-01 Epub Date: 2025-05-24 DOI: 10.1016/j.clsr.2025.106150

Akshita Rohatgi , Tae Jung Park

AI models developed using scraped personal data pose an inherent risk of en-masse shadow profiling to the subjects, harming their privacy, autonomy, and dignity. This paper argues that the protection of public personal data is essential to mitigate AI-scraping risks, noting that the EU is among the few to confer such protection. The GDPR regulates both public and non-public personal data similarly but contains exemptions from notice provisions in the case of legitimate interest-based processing. This exemption contributes to the information asymmetry between stakeholders who enforce anti-scraping covenants i.e., data subjects and platforms, versus scrapers. Limited supervisory powers and the lack of other mechanisms to address the problems of enforcing privacy laws in public data contribute to the GDPR’s inefficiency in controlling AI harms. The AI Act strives to plug in GDPR loopholes via reporting obligations on general-purpose AI providers to disclose the sources of their training data. Other jurisdictions could consider the principles and mechanisms of the EU regime as a guide to regulate public data scraping.

使用抓取的个人数据开发的人工智能模型对受试者构成了大规模影子分析的固有风险，损害了他们的隐私、自主权和尊严。本文认为，保护公共个人数据对于减轻人工智能抓取风险至关重要，并指出欧盟是少数几个授予此类保护的国家之一。GDPR对公共和非公共个人数据进行了类似的监管，但在基于合法利益的处理情况下，豁免了通知条款。这种豁免导致了执行反抓取契约的利益相关者（即数据主体和平台）与抓取者之间的信息不对称。有限的监督权力和缺乏其他机制来解决在公共数据中执行隐私法的问题，导致GDPR在控制人工智能危害方面效率低下。《人工智能法案》通过报告通用人工智能提供商披露其培训数据来源的义务，努力填补GDPR漏洞。其他司法管辖区可以考虑将欧盟制度的原则和机制作为规范公共数据收集的指南。

{"title":"Privacy in the public: Analysing the EU framework to outline approaches for regulating AI personal data scraping","authors":"Akshita Rohatgi , Tae Jung Park","doi":"10.1016/j.clsr.2025.106150","DOIUrl":"10.1016/j.clsr.2025.106150","url":null,"abstract":"<div><div>AI models developed using scraped personal data pose an inherent risk of <em>en-masse</em> shadow profiling to the subjects, harming their privacy, autonomy, and dignity. This paper argues that the protection of public personal data is essential to mitigate AI-scraping risks, noting that the EU is among the few to confer such protection. The GDPR regulates both public and non-public personal data similarly but contains exemptions from notice provisions in the case of legitimate interest-based processing. This exemption contributes to the information asymmetry between stakeholders who enforce anti-scraping covenants i.e., data subjects and platforms, versus scrapers. Limited supervisory powers and the lack of other mechanisms to address the problems of enforcing privacy laws in public data contribute to the GDPR’s inefficiency in controlling AI harms. The AI Act strives to plug in GDPR loopholes via reporting obligations on general-purpose AI providers to disclose the sources of their training data. Other jurisdictions could consider the principles and mechanisms of the EU regime as a guide to regulate public data scraping.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"57 ","pages":"Article 106150"},"PeriodicalIF":3.3,"publicationDate":"2025-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144123562","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Principles for the responsible application of Generative AI 生成式人工智能负责任应用的原则

IF 3.3 3区社会学 Q1 LAW

Computer Law & Security Review

Pub Date : 2025-07-01 Epub Date: 2025-05-06 DOI: 10.1016/j.clsr.2025.106131

Roger Clarke

The quest for Artificial Intelligence (AI) has comprised successive waves of excessive enthusiasm followed by long, dispirited lulls. Most recently, during the first 3–4 years of public access to Generative Artificial Intelligence (GenAI), many authors have bought into the bullish atmosphere, replaying consultancies' predictions about gold mines of process efficiency and innovation. A more balanced approach to the technology is needed. Instances of apparently positive results need calm analysis, firstly to distinguish mirages from genuine contributions; secondly, to identify ways to effectively exploit the new capabilities; and thirdly, to formulate guidance for the avoidance and mitigation of negative consequences.

This article's first contribution is to ground the evaluation of GenAI's pathway, applications, impacts, implications and risks in a sufficiently deep appreciation of the technology's nature and key features. A wide range of sources is drawn on, in order to present descriptions of the processes involved in text-based GenAI. From those processes, 20 key characteristics are abstracted that together give rise to the promise and the threats GenAI embodies.

The effects of GenAI derive not from the technological features alone, but also from the patterns within which it is put to use. By mapping usage patterns across to domains of application, the phenomenon's impacts and implications can be more reliably delineated. The analysis provides a platform whereby the article's final contribution can be made. Previously-formulated principles for the responsible application of AI of all kinds are applied in the particular context of GenAI.

对人工智能（AI）的追求经历了一波又一波的过度热情，随后是漫长而沮丧的平静。最近，在公众接触到生成人工智能（GenAI）的头3-4年里，许多作者都加入了乐观的气氛，重复咨询公司对流程效率和创新金矿的预测。我们需要一种更加平衡的技术方法。对明显积极结果的实例需要冷静的分析，首先是为了区分海市蜃楼和真正的贡献；其次，找出有效利用新能力的方法；第三，制定避免和减轻负面后果的指导方针。本文的第一个贡献是对GenAI的途径、应用、影响、影响和风险进行评估，充分深入地了解该技术的性质和关键特征。为了呈现基于文本的GenAI所涉及的过程的描述，绘制了广泛的来源。从这些过程中，抽象出20个关键特征，这些特征共同产生了GenAI所体现的希望和威胁。GenAI的影响不仅来自技术特性，还来自使用它的模式。通过将使用模式映射到应用程序领域，可以更可靠地描述这种现象的影响和含义。分析提供了一个平台，使文章的最终贡献得以实现。以前制定的负责任地应用各种人工智能的原则适用于GenAI的特定背景。

{"title":"Principles for the responsible application of Generative AI","authors":"Roger Clarke","doi":"10.1016/j.clsr.2025.106131","DOIUrl":"10.1016/j.clsr.2025.106131","url":null,"abstract":"<div><div>The quest for Artificial Intelligence (AI) has comprised successive waves of excessive enthusiasm followed by long, dispirited lulls. Most recently, during the first 3–4 years of public access to Generative Artificial Intelligence (GenAI), many authors have bought into the bullish atmosphere, replaying consultancies' predictions about gold mines of process efficiency and innovation. A more balanced approach to the technology is needed. Instances of apparently positive results need calm analysis, firstly to distinguish mirages from genuine contributions; secondly, to identify ways to effectively exploit the new capabilities; and thirdly, to formulate guidance for the avoidance and mitigation of negative consequences.</div><div>This article's first contribution is to ground the evaluation of GenAI's pathway, applications, impacts, implications and risks in a sufficiently deep appreciation of the technology's nature and key features. A wide range of sources is drawn on, in order to present descriptions of the processes involved in text-based GenAI. From those processes, 20 key characteristics are abstracted that together give rise to the promise and the threats GenAI embodies.</div><div>The effects of GenAI derive not from the technological features alone, but also from the patterns within which it is put to use. By mapping usage patterns across to domains of application, the phenomenon's impacts and implications can be more reliably delineated. The analysis provides a platform whereby the article's final contribution can be made. Previously-formulated principles for the responsible application of AI of all kinds are applied in the particular context of GenAI.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"57 ","pages":"Article 106131"},"PeriodicalIF":3.3,"publicationDate":"2025-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143906660","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Public data authorized operation and the rise of data finance in China: origins, risks, and prospects 公共数据授权运营与数据金融在中国的兴起：起源、风险与前景

IF 3.3 3区社会学 Q1 LAW

Computer Law & Security Review

Pub Date : 2025-07-01 Epub Date: 2025-04-10 DOI: 10.1016/j.clsr.2025.106132

Jingxian Chen (Lecturer)

This article explores the introduction of public data authorized operation (PDAO) in China and its role in the emergence of data finance, a new revenue model for local governments facing fiscal pressure due to declining land finance. It argues that the shift toward data finance is driven by the local government’s need for alternative fiscal resources, enabled by policies promoting the conditional and paid use of public data. The article examines the risks associated with the revenue-oriented approach to PDAO, such as the erosion of free public data openness, the formation of administrative monopolies, increased costs for data utilization, and the fragmentation of data regulations across regions. The article offers insights into the future of data finance and PDAO in China. It suggests that data finance should not be driven solely by short-term revenue goals but rather should be considered a strategic tool aimed at enhancing the country’s digital infrastructure and fostering long-term innovation. A comprehensive fiscal framework—including clear pricing standards, balanced revenue allocation mechanisms, and robust fiscal oversight—should be established to ensure that funds generated from PDAO are managed legally, transparently, and efficiently.

本文探讨了公共数据授权运营（PDAO）在中国的引入及其在数据金融兴起过程中的作用，数据金融是地方政府因土地财政下降而面临财政压力的一种新的收入模式。文章认为，地方政府需要替代性财政资源，而促进有条件和有偿使用公共数据的政策则推动了向数据财政的转变。文章探讨了以收入为导向的 PDAO 方法所带来的风险，如公共数据免费开放的削弱、行政垄断的形成、数据利用成本的增加以及各地区数据监管的分散。文章对中国数据金融和 PDAO 的未来提出了见解。文章认为，数据财政不应仅由短期收入目标驱动，而应被视为旨在加强国家数字基础设施和促进长期创新的战略工具。应建立一个全面的财政框架，包括明确的定价标准、平衡的收入分配机制和强有力的财政监督，以确保合法、透明和高效地管理 PDAO 产生的资金。

{"title":"Public data authorized operation and the rise of data finance in China: origins, risks, and prospects","authors":"Jingxian Chen (Lecturer)","doi":"10.1016/j.clsr.2025.106132","DOIUrl":"10.1016/j.clsr.2025.106132","url":null,"abstract":"<div><div>This article explores the introduction of public data authorized operation (PDAO) in China and its role in the emergence of data finance, a new revenue model for local governments facing fiscal pressure due to declining land finance. It argues that the shift toward data finance is driven by the local government’s need for alternative fiscal resources, enabled by policies promoting the conditional and paid use of public data. The article examines the risks associated with the revenue-oriented approach to PDAO, such as the erosion of free public data openness, the formation of administrative monopolies, increased costs for data utilization, and the fragmentation of data regulations across regions. The article offers insights into the future of data finance and PDAO in China. It suggests that data finance should not be driven solely by short-term revenue goals but rather should be considered a strategic tool aimed at enhancing the country’s digital infrastructure and fostering long-term innovation. A comprehensive fiscal framework—including clear pricing standards, balanced revenue allocation mechanisms, and robust fiscal oversight—should be established to ensure that funds generated from PDAO are managed legally, transparently, and efficiently.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"57 ","pages":"Article 106132"},"PeriodicalIF":3.3,"publicationDate":"2025-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143816762","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0