An Infrastructural Brussels Effect: The translation of EU Law into the UK's digital borders

IF 3.3 3区社会学 Q1 LAW

Computer Law & Security Review Pub Date : 2024-10-10 DOI:10.1016/j.clsr.2024.106057

{"title":"An Infrastructural Brussels Effect: The translation of EU Law into the UK's digital borders","authors":"","doi":"10.1016/j.clsr.2024.106057","DOIUrl":null,"url":null,"abstract":"<div><div>This article gives an account of the legal standards and safeguards that guide and constrain the current design of the UK's digital borders. Based on an empirical engagement with the development of <em>Cerberus</em> – an advanced risk-based analytics platform aimed at the detection of previously ‘unknown’ threats – the article presents a dual argument. On the one hand, it provides an account of the remaining salience and extraterritorial reach of EU law in setting standards for the collection, retention, processing and sharing of Passenger Name Records (PNR) data in the UK. This PNR data is a constitutive component of the digital border. Through the EU-UK Trade and Cooperation Agreement (TCA), the UK is now bound to comply with the rather stringent legal safeguards developed by the CJEU (in Opinion 1/15) on the retention and automated processing of PNR data. Our analysis shows the different channels through which EU law obtains this extraterritorial reach, how compliance can be monitored and enforced, and, crucially, how it has influenced and constrained the technical design of the UK's digital borders – a salient and unexplored phenomenon that we describe as an <em>Infrastructural Brussels Effect.</em> Yet, on the other hand, the article empirically shows that this is not merely a process of norm diffusion and extraterritoriality. Once legal standards become infrastructurally embedded in Cerberus, we witness normative translations and sociotechnical shifts with important legal and political consequences. Legal standards on ‘reasonable suspicion’ and the ‘objective evidence’ of ‘risk’, we argue, are given specific meaning through a logic of relational inference and algorithmic pattern detection (leading to forms of ‘concern by association’). By studying the entanglements between legal norms and material infrastructures – an approach we describe as infra-legalities – these normative effects become visible and contestable, providing a productive site for the sociolegal study of law and algorithmic governance.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":null,"pages":null},"PeriodicalIF":3.3000,"publicationDate":"2024-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Law & Security Review","FirstCategoryId":"90","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0267364924001237","RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"LAW","Score":null,"Total":0}

引用次数: 0

Abstract

This article gives an account of the legal standards and safeguards that guide and constrain the current design of the UK's digital borders. Based on an empirical engagement with the development of Cerberus – an advanced risk-based analytics platform aimed at the detection of previously ‘unknown’ threats – the article presents a dual argument. On the one hand, it provides an account of the remaining salience and extraterritorial reach of EU law in setting standards for the collection, retention, processing and sharing of Passenger Name Records (PNR) data in the UK. This PNR data is a constitutive component of the digital border. Through the EU-UK Trade and Cooperation Agreement (TCA), the UK is now bound to comply with the rather stringent legal safeguards developed by the CJEU (in Opinion 1/15) on the retention and automated processing of PNR data. Our analysis shows the different channels through which EU law obtains this extraterritorial reach, how compliance can be monitored and enforced, and, crucially, how it has influenced and constrained the technical design of the UK's digital borders – a salient and unexplored phenomenon that we describe as an Infrastructural Brussels Effect. Yet, on the other hand, the article empirically shows that this is not merely a process of norm diffusion and extraterritoriality. Once legal standards become infrastructurally embedded in Cerberus, we witness normative translations and sociotechnical shifts with important legal and political consequences. Legal standards on ‘reasonable suspicion’ and the ‘objective evidence’ of ‘risk’, we argue, are given specific meaning through a logic of relational inference and algorithmic pattern detection (leading to forms of ‘concern by association’). By studying the entanglements between legal norms and material infrastructures – an approach we describe as infra-legalities – these normative effects become visible and contestable, providing a productive site for the sociolegal study of law and algorithmic governance.

查看原文本刊更多论文

基础设施的布鲁塞尔效应：将欧盟法律转化为英国的数字边界

本文阐述了指导和制约英国当前数字边界设计的法律标准和保障措施。Cerberus 是一个先进的基于风险的分析平台，旨在检测以前 "未知 "的威胁。一方面，文章阐述了欧盟法律在为英国旅客姓名记录（PNR）数据的收集、保留、处理和共享制定标准方面仍然具有的显著性和域外影响力。旅客姓名记录数据是数字边界的重要组成部分。通过《欧盟-英国贸易与合作协议》（TCA），英国现在必须遵守欧盟法院（在第 1/15 号意见书中）就旅客姓名记录数据的保留和自动处理制定的相当严格的法律保障措施。我们的分析表明了欧盟法律获得这种治外法权的不同渠道，如何监督和强制欧盟法律的遵守情况，以及最重要的一点，欧盟法律如何影响和制约英国数字边界的技术设计--我们将这一突出且未被探索的现象称为 "基础设施的布鲁塞尔效应"（Infrastructural Brussels Effect）。然而，另一方面，文章通过经验表明，这不仅仅是一个规范传播和治外法权的过程。一旦法律标准在基础架构上嵌入 Cerberus，我们就会看到规范的转换和社会技术的转变，从而产生重要的法律和政治后果。我们认为，关于 "合理怀疑 "和 "风险 "的 "客观证据 "的法律标准，通过关系推理和算法模式检测的逻辑（导致 "连带关注 "的形式）被赋予了特定的含义。通过研究法律规范与物质基础设施之间的纠葛--我们将这种方法称为 "下层法律"（infra-legalities）--这些规范效应变得可见且可争辩，为法律和算法治理的社会法律研究提供了一个富有成效的场所。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computer Law & Security Review LAW-

CiteScore

5.60

自引率

10.30%

发文量

审稿时长

67 days

期刊介绍： CLSR publishes refereed academic and practitioner papers on topics such as Web 2.0, IT security, Identity management, ID cards, RFID, interference with privacy, Internet law, telecoms regulation, online broadcasting, intellectual property, software law, e-commerce, outsourcing, data protection, EU policy, freedom of information, computer security and many other topics. In addition it provides a regular update on European Union developments, national news from more than 20 jurisdictions in both Europe and the Pacific Rim. It is looking for papers within the subject area that display good quality legal analysis and new lines of legal thought or policy development that go beyond mere description of the subject area, however accurate that may be.