The Council of Europe has modernized its Convention 108 for the protection of individuals with regard to automatic processing of personal data: in 2018 it adopted Convention 108+. The modernised version of Convention 108 seeks to respond to the challenges posed, in terms of human rights, by the use of new information and communication technologies. This article presents a detailed analysis of this

This paper attempts to outline how the General Data Protection Regulation might be positive not only for consumers and societal well-being but also for innovation in the digital age. Situated within the highly charged debate regarding the impact of regulations on innovation, this paper examines the General Data Protection Regulation in light of the theoretical facets underpinning the contexts in which

The assessment of tying and bundling practices under Art. 102 TFEU in the case of online platforms will require adjusting current practice to correspond to their technical complexity and multi sided nature. Although the current framework may appear suitable to deal with this kind of abuses, The recent cases against Google show that there is still much uncertainty in practice. Therefore this article

China established the world's first Internet court in Hangzhou in August 2017. Subsequently in 2018 Internet courts in Beijing and Guangzhou were established respectively. With the official establishment of these three Internet courts, China's electronic litigation advanced to a new stage.. Internet courts offer many advantages, and this innovative adjudication model has earned widespread approval

The Council of Europe Convention on Cybercrime,1 referred to as the Budapest Convention on Cybercrime, has been diffused globally, and is serving as a benchmark or a ‘model law’ for drafting national cybercrime legislation in many countries worldwide. This paper argues that, through the mechanism of ‘state socialization’ combined with incentives, e.g. assistance in building law enforcement capacity

Prior research found that the Chinese patent system is more pro-patentee than once believed. Patent owners performed much better in both infringement lawsuits and post-grant validity reviews in China than in many other countries, such as the United States and Germany. Also, after a finding of infringement, Chinese courts were quite lenient with regard to permanent injunctions. All these pro-patentee

Legal professionals increasingly rely on digital technologies when they provide legal services. The most advanced technologies such as artificial intelligence (AI) promise great advancements of legal services, but lawyers are traditionally not educated in the field of digital technology and thus cannot fully unlock the potential of such technologies in their practice. In this paper, we identify five

In this paper we study the disclosure of cybersecurity information in Dutch annual reports, such as cybersecurity measures and cyber incidents, from a financial law and economics perspective. We start our discussion with an analysis of the requirements in financial law to disclose cybersecurity information in annual reports. Hereafter, we discuss the incentives for the board regarding disclosing cybersecurity

The paper discusses the interpretation of the rule of prevalence of Article 1 (7) NIS Directive, which has not been the subject of any academic debate so far. Article 1 (7) NIS Directive organises the interface between the NIS Directive regime and other European Union sector-specific legislations imposing (cyber)security obligations, by laying down the conditions according to which such obligations

The deployment of pervasive information and communication technologies (ICTs) within smart city initiatives transforms cities into extraordinary apparatuses of data capture. ICTs such as smart cameras, sound sensors and lighting technology are trying to infer and affect persons’ interests, preferences, emotional states, and behaviour. It should be no surprise then that contemporary legal and policy

This article assesses some aspects of innovative developments in the deployment of electronic communications networks in the European Union: software defined networks (SDN) and network functional virtualization (NFV). The overall research for this article focuses on the re-regulation of the 2018 European Electronic Communications Code (EECC), and the 2018 Body of European Regulators for Electronic

This Article seeks to map the possible paths of the development of China's data protection law by examining the changing power relations among three major actors - the State, digital enterprises and the public in the context of China's booming data-driven economy. We argue that focusing on different core values, these three major actors are the key driving forces shaping China's data protection regime

On 19 November 2019 the Council of Europe hosted an international conference, immediately preceding the annual plenary meeting of its Committee of Convention 108, on “Convention 108+ and the future data protection global standard”. One of the authors made a presentation on “Comparing the EU and Council of Europe approach to Big Data”, and it is its contents and findings that are further elaborated

While GDPR has been described as the new gold standard for data protection, Convention 108 may represent the potential global standard in this field. The recent progressive expansion of the Council of Europe's model and the modernised version of the Convention have revitalised its role in the global context. In a multipolar world of different regulatory approaches where data protection legislation

In this comment, we address the apparent exclusivity and paternalism of goal and standard setting for explainable AI and its implications for the public governance of AI. We argue that the widening use of AI decision-making, including the development of autonomous systems, not only poses widely-discussed risks for human autonomy in itself, but is also the subject of a standard-setting process that

The financial assets that are subject to major EU financial legislation (i.e. (designated types of) financial instruments) have traditionally been defined in a largely exemplary and circular manner. The recent proliferation of ‘non-traditional’ financial assets, such as cryptocurrencies and stablecoins, is increasingly challenging the viability of these pragmatic financial asset definitions. Through

In this paper we introduce the concept of ‘reviewability' as an alternative approach to improving the accountability of automated decision-making that involves machine learning systems. In doing so, we draw on an understanding of automated decision-making as a socio-technical process, involving both human (organisational) and technical components, beginning before a decision is made and extending beyond

China is experiencing a phenomenal expansion of platform economy fuelled by the advancement of information and communication technologies. It has become a global frontrunner in many sectors, including commerce, finance, and entertainment. A comprehensive law and policy narrative, however, is largely absent from English academic literature. This paper seeks to fill this gap by analysing the dynamic

On 16 July 2020, the Grand Chamber of the European Court of Justice rendered its landmark judgment in Case C-311/18 Data Protection Commissioner v. Facebook Ireland Ltd and Maximillian Schrems (“Schrems II”). The Grand Chamber invalidated the Commission decision on the adequacy of the data protection provided by the EU-US Privacy Shield. It however considered that the decision of the Commission on

This article examines the human dignity defined in Convention 108+ and, from a Japanese perspective, explores the possibility of a universal philosophy of data protection. The recent human resources scandal (the Rikunabi case) in Japan has made stakeholders to realise the importance of the basic philosophy of data protection. Convention 108+ declared ‘human dignity’ to prohibit an instrumental treatment

This article considers various factors that will shape the potential effect of the Council of Europe's modernised Convention on data protection (Convention 108+) on non-European states’ regulatory policy. It does so by elucidating the logic and mechanics of this effect in light of the ‘Brussels Effect’ that is commonly attributed, in part, to EU data protection law. The central arguments advanced in

Considerations of the nature of explanation and the law are brought together to argue that computed accounts of AI systems’ outputs cannot function on their own as explanations of decisions informed by AI. The important context for this inquiry is set by Article 22(3) of GDPR. The paper looks at the question of what an explanation is from the point of view of the philosophy of science – i.e. it asks

The right to access the courts is a basic human right in civilised societies, but the current legal system is unfriendly and often unaffordable for the victims of e-commerce disputes and copyright infringements seeking access to justice. Therefore, how to design a judicial system that is more accessible for the aforementioned victims has become a critical legal point of contention in the digital economy

The ongoing substitution of human decision makers by automated decision-making (ADM) systems in a whole range of areas raises the question of whether and, if so, under which conditions ADM is acceptable and fair. So far, this debate has been primarily led by academics, civil society, technology developers and members of the expert groups tasked to develop ethical guidelines for ADM. Ultimately, however

The US and China are two typical models that present legal tech trends that are common world over. In China, robust regional models of intelligent judicial systems have emerged alongside some common applications that include the same-type case referencing, automated sentencing decision, uniform standards of evidence, and judges’ data profiling systems. In the US, legal tech refers to artificial intelligence

Upon receipt of a right to be forgotten request, private actors like Google are responsible for implementing the balancing test between competing rights of privacy and data protection and free expression and access to information. This amounts to private jurisprudence that data subjects, lawyers, and interested parties could, theoretically, game to their advantage. This paper critiques this process

Recent advancements in human-computer interaction, machine learning and in artificial intelligence hold the potential to influence both the curriculum and the pedagogy of school children. While the impacts of new technologies remain uncertain, ongoing research and innovation projects are already developing and testing such technologies in schools. This article builds on the experience of the authors

Inconsistency between the way in which the law is structured, and the way in which technologies actually operate is always an interesting and useful topic to explore. When a law conflicts with a business model, the solution will often be changing the business model. However, when the law comes into conflict with the architecture of hardware and software, it is less clear how the problem will be managed

The EU lawmaker has introduced several certification models in the GDPR. A first model entitles accredited private certification bodies to design and manage certification schemes under the close monitoring of the supervisory authorities. Another model gives to the supervisory authorities the opportunity to design and manage their own schemes. The EU lawmaker has also left the door open to the establishment

This paper aims to shed light into the operation of SafeLine, the only Greek Hotline for illegal online content, and its seventeen years of successful operation as a member of INHOPE, the International Association of Internet Hotlines. The operation of SafeLine is introduced and an analysis of the received reports during its operation is attempted, in order to reveal hidden trends over the seventeen

The article examines a number of ways in which the use of artificial intelligence technologies to predict the performance of individuals and to reach decisions concerning the entitlement of individuals to positive decisions impacts individuals and society. It analyses the effects using a social justice lens. Particular attention is paid to the experiences of individuals who have historically experienced

Purpose States have adopted a number of international instrument dedicated in full or in part to privacy and data protection, at multilateral or regional levels, in binding or non-binding form. This article discusses the potential and context of the emergence of a possible global standard on data protection focusing on the 1981 Council of Europe Convention for the Protection of Individuals with Regard

This article argues that Google's essentially blanket and unsafeguarded dissemination to webmasters of URLs delisted under the Google Spain judgment disclosures claimants’ personal data, cannot be justified either on the purported basis of their consent or a legal requirement but instead seriously infringes European data protection standards. Such disclosure would only be compatible with the initially

In this paper, we analyze taxpayers’ rights to have access to artificial intelligence algorithms and formulas that have been used by tax administrations in Latin America. We consider two applications of artificial intelligence: in the characterization of taxpayers’ risk and the robotization of tax audit actions. Very little has been described in the literature on how these technologies coexist with

For many years, transatlantic cooperation between the EU and the US in the area of personal data exchange has been a subject of special interest on the part of lawmakers, courts – including supranational ones – NGOs and the public. When implementing recent reform of data protection law, the European Union decided to further strengthen guarantees of the protection of privacy in cyberspace. At the same

This paper aims to critically assess the information duties set out in the General Data Protection Regulation (GDPR) and national adaptations when the purpose of processing is scientific research. Due to the peculiarities of the legal regime applicable to the research context information about the processing plays a crucial role for data subjects. However, the analysis points out that the information

The use of artificial intelligence (AI) in law has again become of great interest to lawyers and government. Legal Information Institutes (LIIs) have played a significant role in the provision of legal information via the web. The concept of ‘free access to law’ is not static, and the evolution of its principles now requires a response from providers of free access to legal information (‘a LII response’)

Online search engines, social media platforms, and targeted advertising services often employ a “data-driven” business model based on the large-scale collection, analysis, and monetization of personal data. When providing such services significant information asymmetries arise: data-driven companies collect much more personal data than the consumer knows or can reasonably oversee, and data-driven companies

The pervasive nature of social media suggests it would increasingly appear as evidence in the courtroom as it has increasingly documented daily life. This research examines the use of such evidence through the review of appellate judgments. It has identified 5,189 appeal cases in federal and state jurisdictions for the period from 1 October 2000 to 30 September 2017. California was used for the state

30 years after the United Nations Convention on the Right of the Child (CRC) and two years after the new EU data protection regime, the social value of forgiveness is not part of these legal instruments. The lack of this value within these legal instruments and the lack of research on the subject of forgiveness in relation to improving the legal position of children require urgent addressing especially

Search engines like Google have made it incredibly easy to access vast amounts of information with little effort. Many lawyers now prefer to go online for their legal research. Lawyers are citing online sources to establish legal and factual positions in their submission briefs to court and, in turn, judges are citing them in their opinions. Judges are also conducting online research to better understand

Where a court makes an order, for example, requiring an Internet platform to block or remove content, it has several options. The order can be limited to content displayed locally, it can apply to that content globally, or something in-between. This – the matter of ‘scope of jurisdiction’ – is gaining increasing attention and was the central issue in two recent decisions by the Court of Justice of

The architecture of the Internet is changing. A novel expansive construction of communication and making available to the public has been shaking the Internet ecosystem. It reaches into basic online activities, such as linking. Departing from well-established international approaches, the Court of Justice of the European Union (CJEU) has recently decided a multitude of cases that redesigned the notion

Discussion about vulnerable individuals and communities spread from research ethics to consumer law and human rights. According to many theoreticians and practitioners, the framework of vulnerability allows formulating an alternative language to articulate problems of inequality, power imbalances and social injustice. Building on this conceptualisation, we try to understand the role and potentiality

Relevant DLA Piper articles published since the previous submission in February

Research subject consent plays a significant role in the legitimation of genomic research in Europe – both ethically and legally. One key criterion for any consent to be legitimate is that the research subject is ‘informed’. This criterion implies that the research subject is given all relevant information to allow them to decide whether engaging with a genomic research infrastructure or project would

The ‘globalisation’ of Council of Europe data protection Convention 108 through non-European accessions has continued steadily, with eight such accessions since the first in 2013. The ‘modernisation’ of the Convention was completed on 10 October 2018 when the amending protocol for the new ‘Convention 108+’ became open for signature. Any new countries from outside Europe wishing to accede will have

Policymakers in the European Union and Israel are searching for regulatory strategies on how to best protect their citizens informational privacy. More recently, the focus has shifted towards Privacy and Security by Design as a mean to address current privacy concerns. While Privacy and Security by Design in itself is not a new idea, its implementation has taken new forms within the General Data Protection

The paper illustrates obligations emerging under articles 9 and 89 of the EU Reg. 2016/679 (General Data Protection Regulation, hereinafter “GDPR”) within the health-related data processing for research purposes. Furthermore, through a comparative analysis of the national implementations of the GDPR on the topic, the paper highlights few practical issues that the researcher might deal with while accomplishing