Ten things to read about today’s data retention decision

I am a fair-weather blogger, and so I cannot remember the last time I had so many visits or retweets in a day.  Piggybacking on the unexpected traffic boost, here are ten things worth reading (from various sources) about the reason for that traffic – the finding by the Court of Justice of the EU that the Data Retention Directive is, on human rights grounds, invalid.  (My own post, Data retention parrot, is here).

I had plenty to choose from in putting this list together – fortunate that the decision was published when many of us legal academics are not teaching?

  1. The decision of the Court.  The early pages are taken up with reproducing the provisions of the legislation, so if you are familiar with the Directive, those pages are most skippable.
  2. Fiona de Londras, professor at Durham Law School, writing at Human Rights in Ireland. Special mention: discussion on whether “a more tailored, narrower approach” might survive scrutiny if the Directive is to be replaced (see also her lessons for the US, posted at The Conversation).
  3. “Cybermatron”, an expert in this field, writing on her blog. Special mention: highlighting weaknesses in the decision, including where the Court may have underappreciated the significance of the legislation and of this challenge.
  4. Steve Peers, professor at the University of Essex Law School, writing on his blog EU Law Analysis. Special mention: analysis of the current status of the (invalid) Directive, and options for states and the EU from this point on.
  5. Paul Bernal, lecturer at the UEA Law School, writing on his blog. Special mention: how the decision sits within the wider debate on and advocacy for privacy.
  6. Karlin Lillington, journalist, writing in the Irish Times. Special mention: the consequences for Ireland and the EU, by someone who has been instrumental in highlighting data retention practices for over a decade.
  7. Luke Scanlon, solicitor, Pinsent Masons, writing on Out-law. Special mention: impact on other legislation, including data protection present and future.
  8. Glyn Moody, author and journalist, writing for ComputerWorld UK. Special mention: explanation, point by point, of how the court’s decision relates to specific data retention practices.
  9. Gabriele Steinhauser, journalist, writing in the Wall Street Journal. Special mention: how the decision is being reported to an international audience, including the political dimension.
  10. Press release and FAQ on the decision from the European Commission (the ‘losing’ side, not that you would know that from the statement). Special mention: reading it with a straight face.

Apologies to those omitted – additional links welcome, through the comments sections below.

When Irish eyes are watching

Last year, I was invited to give a ‘response’ to two very interesting papers at a seminar of the British Association for Comparative Law. The papers, by Paula Giliker and Elspeth Christie Reid, were on the evolution of breach of confidence and privacy, primarily in relation to England and Scotland. (Eric Clive wrote up his notes from the day here).

The papers, including a developed version of my comparative comments, are now being published in Juridical Review. A slightly earlier version of my contribution is available on SSRN through the University of Edinburgh School of Law Working Paper Series (here’s the series, and while there why not also download my colleague Judith’s latest paper on big data and small government…).

My article is a short one, and the main thing I hope it does is remind some UK-based readers of the interesting things that have happened in Ireland in relation to the privacy cause of action. I do spent a good deal of space talking about Sullivan v Boylan [2013] IEHC 104, which is a particularly useful contribution to the English and Scottish debates on how to handle the evolving questions of privacy and confidence. I also talk a bit about New Zealand.

Beyond breach of confidence: an Irish eye on English and Scottish privacy law

This article is based on comparative comments (with special attention paid to Irish law) presented at a seminar on breach of confidence and privacy. It is first argued that a continuing uncertainty regarding the role of statute in relation to privacy is common to the development of doctrines in both England and Scotland, with similar anxieties present in other jurisdictions. In the absence of statutory clarity, the questions arising out of debate on the nature of the cause of action, and the consequences of variation in definitions of “privacy”, are considered – with special attention to developments in Ireland and New Zealand. The relationship between the evolution of breach of confidence and the human rights framework is also noted. Finally, the prospects for law reform and/or convergence across jurisdictions in the United Kingdom are assessed.

(Sorry if you expected this post would be about this; words fail me on that subject, I’m afraid).

PSA: Hibernian Law Journal 2013

With permission, here is a recent email I received from the editors of the Hibernian Law Journal.  You can contact the journal via email.

Established in 1999, the Hibernian Law Journal is a legal journal co-ordinated by trainee and qualified solicitors. Its multidisciplinary focus facilitates detailed argument and discussion on a wide range of topics such as e-commerce, environmental law, the European Convention on Human Rights, intellectual property, public private partnerships, criminal law, child law and financial services law. All legal topics of domestic, European and international law are considered provided that they are relevant in an Irish context.

The Editorial Committee is now accepting submissions for the 2013 edition. The Hibernian Law Journal offers an excellent opportunity for legal scholars to have their work published in an academic forum.

The following guidelines apply to submissions:

  • Length should be between approximately 5,000 and 15,000 words.
  • The article must not have been published elsewhere, although the article may be a thesis which is bound and catalogued in a university library.
  • The topic should be thoroughly researched and footnoted.
  • Articles may be on any legal topic of interest to the author.
  • Articles are due by 31 October 2012 (although exceptions may be made in individual circumstances).

 

Cyberlaw at the Society of Legal Scholars

I’m at the annual conference of the Society of Legal Scholars, where I’ll be convening the Media & Communications section later in the week.  Yesterday, though, I had the pleasant opportunity to sit back (or lean forward) and listen to the papers in this year’s ‘cyberlaw‘ section.  Here are some comments on the papers (not all I’m afraid due to coming and going from the room).

Uta Kohl (Aberystwyth): on intermediaries.  Currently working on a ‘trilogy’ of articles on connectivity, navigation and hosting Intermediaries. There are two theoretical influences here: Spar’s work on phases regulation (e.g. from Ruling the waves 2004) and Foucault’s use of Bentham’s panopticon work.  Intermediaries are key to the system, ie you cannot have regulated online environment without the regulation of intermediaries. They are key players in these debates. Connectivity, navigation (a key facilitator) and hosts. Judges taking a different approach to what they can ‘make’ intermediaries do. Attractive because there are so few of them. Also in transnational context.

There has lately been a change of regulatory mood; specifically mentioned the 9th Circuit decision re roommates.com and the comments on unfair advantage over offline equivalents. In general, immunities are hardly ever used, preference for general law of the land.  Use general law to favour intermediaries instead of the special provisions, or don’t find them applicable at all. Integration into economy supports Spar hypothesis.  Noted that full paper reviews different topics e.g. defamation, copyright, competition.  In the case of copyright, liability and blocking obligations are being separated (Newzbin and EU law) and there are other developments (Australian cases).  Existence of Cleanfeed influences copyright changes.

Paul Bernal (UEA): on the right to be forgotten in the US, EU and UK.  There has been a tension between EU and US in this field for a long time (with the UK quite confused).  In the EU this is a key aspect of proposed reform of data protection, protecting individuals in the face of (US) corporate power. From US perspective this is a threat to free speech and the end of the Internet as we know it, e.g. Rosen in Stanford Law Review. UK is resisting the right given its existing doubts about both privacy or free speech.  So who is right? Paul talked through the actual text and argues more like a right to delete than to be forgotten.  Important is the obligations it places on others, but also be aware of all reasonable steps clause re links etc. Is this ‘seek and destroy’? What about search engines? US free speech arguments relevant here, but more broadly (i)is data speech? (ii) Held vs published (iii) Links vs data (iv) significance of ‘journalism/art/literature’ defence.

Notes that if data protected by copyright, there is already a takedown option. Data as an IP right? Objections and constitutional issues both present. Ultimately it is more about free enterprise than free speech.  Those targeting products at EU are within scope.  And although the UK does not focus on privacy and expression there is an interst in bring a good place to do business! For example, MoJ consultation focused on businesses and the burden that it would create. Would require work eg privacy by design but also challenges the business model based on keeping data.

Damien McCallig (Galway), on his ‘digital remains’ project, specifically the deceased and data protection today.  In some jurisdictions the protections of data protection law are transformed upon death. Data subject defined as natural person? The A29 Working Party opinion on concept of personal data as personality, i.e. birth to death.  He reviewed the history of data protection law with a particular focus on the Council of Europe convention 1981; it is only in 1992 that natural person is used but that was so as to exclude legal persons. Conclusion is that there is no bar to inclusion.

Within the EU: 12 include, 4 express exclude, 10 say natural persons (presumed exclusion), 1 x 30-year limit.  But even within those that do recognise, there is a lack of consistency.  Ireland and UK  start with the common law proposition that the dead have no rights. Strong criticism of inclusion in Parl Ctee work implementation of directive in the UK. In Ireland it did not arise in parliamentary debates until 2003 revision. Government said no demand at first consultation but this clearly not true.

Proposed EU regulation followed same language although latest draft would mention living persons at the urging of Sweden (which currently excludes). Pressure to finalise soon (perhaps even during Irish presidency).

Michaela MacDonald (Queen Mary) discussed virtual assets, within environments ranging from Facebook to Second Life to World of Warcraft.  Key problems associated with virtual currency purchased with real-world currency and then used as means of exchange.  However the regulatory dimension includes EULAs (contracts of adhesion).  The focus of the talk was theft-related incidents and decisions (Chengwai situation in China, R v Mitchell in UK, Dutch supreme court consideration of Runescape).

Kim Barker and Olga Jurasz (Aberystwyth) – misogyny in gaming. While there is some awareness and discussion of explicit content there is also a need to consider predation, violence, etc.  This is in public eye again for various reasons (including Habbo Hotel investigation on C4), and also targeting of women (e.g. Anita Saarkesian, had Tropes vs Women Kickstarter project, drew extreme reaction including abuse on wiki page and even game to ‘beat up’ her image. While there is some work on cybercrime (Brenner, Kerr etc) that assists in understanding, and old situations from Internet studies (LambdaMoo), new situations emerge (ageplay in Second Life).  A key problem is that cybercrime (including academic work) focuses on different issues ie property, pornography.  The problems they have found are rooted in virtual real world framework but same problems re enforcement, public attitudes, etc.

So we must be aware of selectiveness in regulation; some issues (children) receive attention in the Cybercrime convention so why not violence against women, do we pick and choose?  Then, some comments on virtual harms and the dispute over violent acts in virtual worlds, with responses ranging from catharsis to online/offline mirroring (specific mention of Ryan Chinnery’s conviction).  What would the impact be of a human rights framework or even language?  Discussion too of Jessie Daniels’ Cyber Racism.

Copyright Reform at IP Osgoode

I’ve written about the (Irish) Copyright Review Committee for the excellent IP Osgoode blog.  You can read the full post here.  Remember, the deadline for submissions has been extended to the end of May, so please consider answering some or all of the Committee’s questions.  Learn more about how to participate here.