Computer Law & Security Review最新文献

{"title":"Agile and iterative governance: China’s regulatory response to AI","authors":"Baiyang Xiao","doi":"10.1016/j.clsr.2025.106183","DOIUrl":"10.1016/j.clsr.2025.106183","url":null,"abstract":"<div><div>Generative AI has been a buzzword in various sectors, advancing at an exponential rate and profoundly transforming the way we communicate and innovate. However, its potential benefits come with compelling ethical and legal risks, necessitating proper guardrails steering AI in beneficial directions. Amid the global race to AI regulation, China has exhibited strong and open ambition in shaping the emerging global AI order. In response to challenges posed by AI, China has not only implemented agile administrative intervention in policy support, central coordination, and investment, but also adopted an AI governance framework that characterized by ‘complexity,’ ‘agility,’ ‘stability,’ and ‘flexibility.’ Nevertheless, while an agile, sector-specific approach to AI governance may yield short-term benefits, it raises long-term concerns, including opaque decision-making, weak enforcement, fragmented oversight, and inadequate protection of fundamental rights. In particular, governance fragmentation marked by overlapping regulatory bodies and layered rulemaking risks producing piecemeal and outdated regulations that struggle to keep pace with rapid technological change. Current interventions often prioritize systemic stability over ethical clarity and robust supervision, while strategic ambiguity further complicates the implementation of AI ethics and hinders effective oversight, whether internal or administrative.</div><div>Instead of calling for an omnibus AI law that applies a uniform package of rules, Chinese regulators chose to adapt horizontal elements into vertical regulations through a set of bureaucratic know-how and iterative regulatory tools. Through a comparative legal analysis, this paper finds that comprehending the intricacies of China’s AI regulatory approach is vital not only for projecting its future technological progression but also for understanding its impact on international tech competition. Differences in diverse AI governance may offer valuable insights while commonalities in AI governance values and principles hold promises for global cooperation in responsible AI governance. Moreover, it is plausible to expect that China will reconcile existing horizontal regulatory tools in a horizontal legislative package, while the EU AI Act provides valuable practical implications for the transition from vertical AI-related regulations to a horizontal Chinese AI Law, and the decentralized regulatory approach adopted by the U.S. serves as a useful reference for multi-stakeholder and multi-level cooperation. In addition, EU’s rights-driven framework and US’s market-driven model may serve as critical benchmarks, influencing China’s state-driven approach to harmonizing its legislative strategies for a responsive AI regulation.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"58 ","pages":"Article 106183"},"PeriodicalIF":3.2,"publicationDate":"2025-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144893383","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"The role of the Regulation on the transparency and targeting of political advertising and European Media Freedom Act in the EU’s anti-disinformation strategy","authors":"Sarah Eskens","doi":"10.1016/j.clsr.2025.106185","DOIUrl":"10.1016/j.clsr.2025.106185","url":null,"abstract":"<div><div>The EU takes many different actions against disinformation. With the adoption of the Digital Services Act (‘DSA’), the EU took legal measures against disinformation for the first time. The DSA has been supplemented by new legislation which has received considerably less attention for its anti-disinformation goals: the Regulation on the transparency and targeting of political advertising (‘TTPA Regulation’) and European Media Freedom Act (‘EMFA’). The goal of this paper is to bring the TTPA Regulation and EMFA into the debate about the EU’s actions against disinformation. This paper shows how the TTPA Regulation and EMFA are meant to help with curbing disinformation and how they complement the DSA and Code of Conduct on Disinformation. The paper also shows how the TTPA Regulation and EMFA should be understood against three developments in the line of actions that the EU took against disinformation over the past decade, leading to new research questions about the EU’s legal measures against disinformation.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"58 ","pages":"Article 106185"},"PeriodicalIF":3.2,"publicationDate":"2025-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144885852","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Asia–Pacific developments","authors":"Gabriela Kennedy","doi":"10.1016/j.clsr.2025.106179","DOIUrl":"10.1016/j.clsr.2025.106179","url":null,"abstract":"<div><div>This column provides a country by country analysis of the latest legal developments, cases and issues relevant to the IT, media and telecommunications' industries in key jurisdictions across the Asia Pacific region. The articles appearing in this column are intended to serve as ‘alerts’ and are not submitted as detailed analysis of cases or legal developments.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"58 ","pages":"Article 106179"},"PeriodicalIF":3.2,"publicationDate":"2025-08-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144885851","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Identification and visual representation of explicit legal definitions, their relations and implicit actors in regulatory documents","authors":"Catherine Sai ,&nbsp;Lukas Rossi ,&nbsp;Anastasiya Damaratskaya ,&nbsp;Karolin Winter ,&nbsp;Stefanie Rinderle-Ma","doi":"10.1016/j.clsr.2025.106174","DOIUrl":"10.1016/j.clsr.2025.106174","url":null,"abstract":"<div><div>The complexity and constantly rising volume of regulatory documents leads to tedious and error-prone manual analysis tasks. At the same time, Artificial Intelligence (AI) techniques offer new opportunities in handling legal information by, e.g., supporting legal stakeholder through automated knowledge acquisition. An example is the extraction of legal terms accompanied by their explanations in order to build a legal vocabulary or an ontology. A challenge aggravating this task is legal knowledge being implicitly stated. Thus, the occurrence of implicit actors, due to the usage of passive constructs in regulatory documents, is observed frequently. Consider the phrase “the provider keeps the data up to date” vs. “the data is kept up to date”. In the former phrase, the actor (provider) is explicit, while the latter requires additional context in order to determine who is keeping the data up to date. Hence, we provide an approach grounded in Natural Language Processing (NLP) to support the identification and clarification of explicit legal definitions and their relations. We then use this information to also identify implicit actors and make them explicit through insertion into the sentence. In addition, we provide a set of visual representations, including annotated documents, knowledge graphs, and statistics on how many legal definitions and implicit actors are present in an article. The evaluation is based on European regulations and demonstrates that explicit legal information can be used to clarify implicit information, enhancing the transparency and interpretability of complex legal documents.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"58 ","pages":"Article 106174"},"PeriodicalIF":3.2,"publicationDate":"2025-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144867213","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"The race to punish Terra-Luna of the United States and South Korea: Lessons toward avoiding another digital asset catastrophe","authors":"WooJung Jon ,&nbsp;Kyoung-sun Min","doi":"10.1016/j.clsr.2025.106177","DOIUrl":"10.1016/j.clsr.2025.106177","url":null,"abstract":"<div><div>This comparative study analyzes the legal categorization and regulatory approaches adopted by the United States and South Korea in response to the collapse of Terra and Luna, two major digital assets issued by Terraform Labs (TFL) that lost nearly all their value in May 2022. The case highlights key challenges in regulating digital assets. This study examines the critical issue of defining digital assets within existing securities law frameworks, and the implications for policy formulation and investor protection. The Korean Capital Markets Act categorizes securities into six types, with Terra and Luna’s classification hinging on their potential categorization as “investment contract securities.” In contrast, the U.S. Securities Act of 1933 (hereinafter, the Securities Act) provides a broader definition, also including “investment contracts.” This study examines key enforcement challenges in prosecuting Do Hyeong Kwon, TFL’s CEO, under Korean criminal law if Terra and Luna are not classified as “investment contract securities,” requiring demonstration of intent to deceive under the Korean Criminal Code, which proves more challenging in secondary markets than primary markets. The U.S. wire fraud statute has a considerably broader scope. South Korea's Prosecutors' Office has criminally indicted Kwon, and Korean victims have filed civil actions against Kwon, whereas the U.S. has pursued both criminal indictment and civil enforcement actions by the Securities and Exchange Commission (SEC). If the SEC is successful, the funds recovered are distributed through the Fair Fund, which is unavailable in South Korea. This study contributes to the ongoing discourse on legal classification and regulation of digital assets, emphasizing the need for comprehensive frameworks that balance innovation and investor protection.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"58 ","pages":"Article 106177"},"PeriodicalIF":3.2,"publicationDate":"2025-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144867211","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"The liabilities of robots.txt","authors":"Chien-Yi Chang ,&nbsp;Xin He","doi":"10.1016/j.clsr.2025.106176","DOIUrl":"10.1016/j.clsr.2025.106176","url":null,"abstract":"<div><div>This paper explores the legal implications of violating robots.txt, a technical standard widely used by webmasters to communicate restrictions on automated access to website content. Although historically regarded as a voluntary guideline, the rise of generative AI and large-scale web scraping has amplified the consequences of disregarding robots.txt directives. While previous legal discourse has largely focused on criminal or copyright-based remedies, we argue that civil doctrines, particularly in contract and tort law, offer a more balanced and sustainable framework for regulating web robot behavior in common law jurisdictions. Under certain conditions, robots.txt can give rise to a unilateral contract or serve as a form of notice sufficient to establish tortious liability, including trespass to chattels and negligence. Ultimately, we argue that clarifying liability for robots.txt violations is essential to addressing the growing fragmentation of the internet. By restoring balance and accountability in the digital ecosystem, our proposed framework helps preserve the internet’s open and cooperative foundations. Through this lens, robots.txt can remain an equitable and effective tool for digital governance in the age of AI.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"58 ","pages":"Article 106176"},"PeriodicalIF":3.2,"publicationDate":"2025-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144867212","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Digital borders and beyond: Establishing normative grounds for cybersecurity and sovereignty in international law","authors":"Kasim Balarabe","doi":"10.1016/j.clsr.2025.106180","DOIUrl":"10.1016/j.clsr.2025.106180","url":null,"abstract":"<div><div>In the rapidly evolving digital age, the confluence of cybersecurity threats and the assertion of digital sovereignty by states has created a complex, multi-dimensional challenge for international law. The existing legal regimes governing state behavior in cyberspace are fragmented, outdated, and ill-equipped to address the novel, intangible, and interconnected nature of the digital domain. This article examines the gaps and limitations in the current international legal frameworks and proposes a dynamic, adaptable approach to establishing a normative foundation for cybersecurity and digital sovereignty. The article highlights the urgent need for clear definitions and categories of cybercrimes and cyberwarfare under international law, as well as the development of appropriate legal responses and enforcement mechanisms. It also explores the tensions between state sovereignty and global Internet governance, proposing a balanced framework that upholds both the legitimate security interests of states and the fundamental principles of human rights, transparency, and multistakeholder collaboration. Central to the article's argument is the call for a flexible, evolutionary architecture of international cybersecurity law, capable of keeping pace with rapid technological advancements and the ever-changing threat landscape. This framework should incorporate mechanisms for continuous improvement, effective attribution and accountability, and the active engagement of international organizations and multistakeholder initiatives. The article further emphasizes the critical role of geopolitical challenges in shaping the development of international cybersecurity norms. It advocates for a nuanced, pragmatic approach that acknowledges the competing interests and values of different state actors while striving to find common ground and build trust through dialogue and cooperation. In an era of increasing digital interconnectedness and the erosion of traditional borders, this article presents a compelling case for the adaptation of international law to address the complex realities of the digital age. It offers valuable insights and recommendations for policymakers, legal experts, and scholars seeking to navigate the uncharted territories of cybersecurity and digital sovereignty in the 21st century.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"58 ","pages":"Article 106180"},"PeriodicalIF":3.2,"publicationDate":"2025-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144826844","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Towards semi-automating European legislative harmonisation analysis: A harmonised glossary for LLM-based legal concept detection","authors":"Davide Audrito ,&nbsp;Ivan Spada ,&nbsp;Rachele Mignone,&nbsp;Emilio Sulis,&nbsp;Luigi Di Caro","doi":"10.1016/j.clsr.2025.106171","DOIUrl":"10.1016/j.clsr.2025.106171","url":null,"abstract":"<div><div>Achieving legislative harmonisation within the European Union (EU) is a multifaceted challenge, hampered by various political, economic, and legal complexities. This article addresses the significant issue of non-compliance by EU member states in transposing EU laws into national frameworks, underscored by numerous infringement procedures. This work introduces a novel methodological framework that combines semantic knowledge modelling and transformer-based language models to address discrepancies in legislative harmonisation. Central to the proposed methodology is the creation of a comprehensive glossary designed to establish correspondences between European legislative concepts and their national counterparts, thus facilitating greater accuracy in legal harmonisation. By deploying Large Language Models (LLMs) for semi-automating concept detection, complemented by legal harmonisation expert’s oversight, this research provides an exhaustive, explainable assessment of legislative approximation within the EU. The findings enrich the academic debate on legal harmonisation offering actionable tools designed to decrease the frequency and gravity of infringement procedures, while promoting a more unified and efficient legal framework across the Union. The complete dataset and resources are available at the following link: <span><span>GitHub repository</span><svg><path></path></svg></span>.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"58 ","pages":"Article 106171"},"PeriodicalIF":3.2,"publicationDate":"2025-08-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144758095","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A game changer or jurisdictional arbitrage? De-risking global capital markets amid cross-border data governance resilience","authors":"Dr Qingxiu Bu (Fellow)","doi":"10.1016/j.clsr.2025.106175","DOIUrl":"10.1016/j.clsr.2025.106175","url":null,"abstract":"<div><div>The rivalry between the U.S. and China remains intense, driven by their competition for technological dominance and geopolitical influence. Both powers are escalating efforts to secure data, aiming to strengthen domestic control and expand international reach. This creates significant challenges for companies like DiDi and TikTok, which must navigate an increasingly polarised and complex environment. DiDi's delisting from the U.S. underscores how big data has become a critical battleground in this rivalry, with far-reaching implications for the global economy. The ongoing TikTok controversy goes beyond security concerns, framing China’s technological advancement as a direct challenge to U.S. dominance in shaping global discourse and public opinion. This confrontation raises crucial questions: Is the focus on accounting oversight, or do deeper conflicts over sovereignty and ideology drive the tension? Does controlling data flow represent a game changer or merely a tool for regulatory arbitrage? From a game theory perspective, addressing this challenge requires a delicate balance—regulating tech giants, safeguarding data security, and sustaining economic growth.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"58 ","pages":"Article 106175"},"PeriodicalIF":3.2,"publicationDate":"2025-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144750304","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"LLMs for legal reasoning: A unified framework and future perspectives","authors":"Ha Thanh Nguyen ,&nbsp;Wachara Fungwacharakorn ,&nbsp;May Myo Zin ,&nbsp;Randy Goebel ,&nbsp;Francesca Toni ,&nbsp;Kostas Stathis ,&nbsp;Ken Satoh","doi":"10.1016/j.clsr.2025.106165","DOIUrl":"10.1016/j.clsr.2025.106165","url":null,"abstract":"<div><div>Large Language Models (LLMs) have recently demonstrated remarkable ease of application to numerous natural language processing tasks, however the question of how well they perform is in serious question. In the case of their use in application domains where precision and accuracy are paramount (e.g., law, medicine), the assessment of their performance is erratic. In particular, the application of these models to legal reasoning presents both unique challenges and substantial opportunities because of the inherently complex and multi-faceted nature of legal decision-making. To begin to harness the potential of LLMs in legal reasoning, we propose a framework for unified legal reasoning that combines rule-based, abductive, and case-based approaches, and then investigate possible methods for their integration with LLMs. The ultimate goal, which we take steps toward, is to provide comprehensive, accurate, and adaptable legal decision analysis.</div><div>We critically examine this combination of reasoning methods, their formalizations, and their relevance to the legal domain, including the consideration of calibration methods to assess their performance. Moreover, we discuss current research and challenges in applying LLMs to legal reasoning tasks, highlight the importance of reconciling different reasoning paradigms, analyze cultural notions of justice, and address issues of uncertainty, vagueness, and ambiguity. Our study offers insights into the benefits and complexities of integrating LLMs within a proposed unified reasoning framework, with the hope of addressing some of the diverse legal challenges, and to advance the capabilities of AI-driven legal analysis.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"58 ","pages":"Article 106165"},"PeriodicalIF":3.2,"publicationDate":"2025-07-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144724670","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}