International Journal of Law and Information Technology最新文献

{"title":"Digital identity: an approach to its nature, concept, and functionalities","authors":"Margarita Robles-Carrillo","doi":"10.1093/ijlit/eaae019","DOIUrl":"https://doi.org/10.1093/ijlit/eaae019","url":null,"abstract":"Digital identity is a basic component of the knowledge economy and society. It is the key for accessing the digital world and for carrying out commercial, economic, or any kind of transactions and communications. Far from being a merely digital version of the physical identity, digital identity is a singular and complex construct which poses three main dilemmas that provide the framework for its analysis. The first arises from the context in which it is located, the digital ecosystem, that changes its scope and nature. The second, conceptual, is a consequence of the lack of agreement about its definition but also of the different legal framework derived from it. A third dilemma, functional, is due to the fact that digital identity can fulfil different, even contradictory, functionalities. An analysis of these dilemmas can contribute to a better understanding of this category leading to a proposal for its definition and legal framework.","PeriodicalId":44278,"journal":{"name":"International Journal of Law and Information Technology","volume":"19 1","pages":""},"PeriodicalIF":1.0,"publicationDate":"2024-09-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142255797","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Can there be responsible AI without AI liability? Incentivizing generative AI safety through ex-post tort liability under the EU AI liability directive","authors":"Guido Noto La Diega, Leonardo C T Bezerra","doi":"10.1093/ijlit/eaae021","DOIUrl":"https://doi.org/10.1093/ijlit/eaae021","url":null,"abstract":"In Europe, the governance discourse surrounding artificial intelligence (AI) has been predominantly centred on the AI Act, with a proliferation of books, certification courses, and discussions emerging even before its adoption. This narrow focus has overshadowed other crucial regulatory interventions that promise to fundamentally shape AI. This article highlights the proposed EU AI liability directive (AILD), the first attempt to harmonize general tort law in response to AI-related threats, addressing critical issues such as evidence discovery and causal links. As AI risks proliferate, this article argues for the necessity of a responsive system to adequately address AI harms as they arise. AI safety and responsible AI, central themes in current regulatory discussions, must be prioritized, with ex-post liability in tort playing a crucial role in achieving these objectives. This is particularly pertinent as AI systems become more autonomous and unpredictable, rendering the ex-ante risk assessments mandated by the AI Act insufficient. The AILD’s focus on fault and its limited scope is also inadequate. The proposed easing of the burden of proof for victims of AI, through enhanced discovery rules and presumptions of causal links, is insufficient in a context where Large Language Models exhibit unpredictable behaviours and humans increasingly rely on autonomous agents for complex tasks. Moreover, the AILD’s reliance on the concept of risk, inherited from the AI Act, is misplaced, as tort liability intervenes after the risk has materialized. However, the inherent risks in AI systems could justify EU harmonization of AI torts in the direction of strict liability. Bridging the liability gap will enhance AI safety and responsibility, better protect individuals from AI harms, and ensure that tort law remains a vital regulatory tool.","PeriodicalId":44278,"journal":{"name":"International Journal of Law and Information Technology","volume":"106 1","pages":""},"PeriodicalIF":1.0,"publicationDate":"2024-09-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142269147","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Quantum-safe global encryption policy","authors":"Alessia Zornetta","doi":"10.1093/ijlit/eaae020","DOIUrl":"https://doi.org/10.1093/ijlit/eaae020","url":null,"abstract":"Every day, individuals use the Internet to communicate, gather information, and engage in commercial transactions. Encryption renders such activities secure and possible in the first place. While interest in encryption policy has fluctuated among policymakers for the past three decades, this paper argues for the need to promote strong encryption at a global level. The paper sheds light on the risks posed by quantum computing to national security, wherein breached encryption could compromise classified information, military intelligence, sensitive devices, and critical infrastructures. The argument for a worldwide encryption policy is further substantiated by the looming spectre of profound global power asymmetries. As the evolution of quantum technology remains concentrated within a select cohort of nations, those in possession of functional quantum computers could gain unprecedented advantages and exploit such technological supremacy. To buttress this assertion, this paper employs the logic of the ‘least trusted country problem’ to underscore the fragility of global security in the face of such imbalances. In response, this paper introduces a three-fold strategy designed to pave the path towards a quantum-secure future. The strategy encompasses the pivotal elements of post-quantum cryptography, quantum key distribution, and quantum random number generators. While acknowledging the challenges inherent in implementing these measures, including the projected decade-long timeline for establishing standardized solutions, the paper underscores the urgency of confronting the imminent quantum computing menace in a proactive manner. By adhering to these strategic imperatives, the global community stands poised to reinforce encryption practices against the potent capabilities that quantum computing wields. In so doing, the security and integrity of information exchange can be preserved in an ever more interconnected world.","PeriodicalId":44278,"journal":{"name":"International Journal of Law and Information Technology","volume":"72 1","pages":""},"PeriodicalIF":1.0,"publicationDate":"2024-09-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142220330","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Video-sharing-platforms and Brussels Ia regulation: navigating contractual jurisdictional challenges","authors":"Josep Suquet","doi":"10.1093/ijlit/eaae017","DOIUrl":"https://doi.org/10.1093/ijlit/eaae017","url":null,"abstract":"This article examines international jurisdiction in the resolution of contractual disputes involving Video-Sharing Platforms (VSP). It situates VSPs within the broader context defined by the Audio-visual Media Services Directive and identifies areas of litigation. The article discusses specific cases where national courts have resolved conflicts related to VSPs and sheds light onto the application of contractual and consumer forums under Regulation 1215/2012.","PeriodicalId":44278,"journal":{"name":"International Journal of Law and Information Technology","volume":"5 1","pages":""},"PeriodicalIF":1.0,"publicationDate":"2024-09-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142220333","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Artificial intelligence co-regulation? The role of standards in the EU AI Act","authors":"Marta Cantero Gamito, Christopher T Marsden","doi":"10.1093/ijlit/eaae011","DOIUrl":"https://doi.org/10.1093/ijlit/eaae011","url":null,"abstract":"This article examines artificial intelligence (AI) co-regulation in the EU AI Act and the critical role of standards under this regulatory strategy. It engages with the foundation of democratic legitimacy in EU standardization, emphasizing the need for reform to keep pace with the rapid evolution of AI capabilities, as recently suggested by the European Parliament. The article highlights the challenges posed by interdisciplinarity and the lack of civil society expertise in standard-setting. It critiques the inadequate representation of societal stakeholders in the development of AI standards, posing pressing questions about the potential risks this entails to the protection of fundamental rights, given the lack of democratic oversight and the global composition of standard-developing organizations. The article scrutinizes how under the AI Act technical standards will define AI risks and mitigation measures and questions whether technical experts are adequately equipped to standardize thresholds of acceptable residual risks in different high-risk contexts. More specifically, the article examines the complexities of regulating AI, drawing attention to the multi-dimensional nature of identifying risks in AI systems and the value-laden nature of the task. It questions the potential creation of a typology of AI risks and highlights the need for a nuanced, inclusive, and context-specific approach to risk identification and mitigation. Consequently, in the article we underscore the imperative for continuous stakeholder involvement in developing, monitoring, and refining the technical rules and standards for high-risk AI applications. We also emphasize the need for rigorous training, certification, and surveillance measures to ensure the enforcement of fundamental rights in the face of AI developments. Finally, we recommend greater transparency and inclusivity in risk identification methodologies, urging for approaches that involve stakeholders and require a diverse skill set for risk assessment. At the same time, we also draw attention to the diversity within the European Union and the consequent need for localized risk assessments that consider national contexts, languages, institutions, and culture. In conclusion, the article argues that co-regulation under the AI Act necessitates a thorough re-examination and reform of standard-setting processes, to ensure a democratically legitimate, interdisciplinary, stakeholder-inclusive, and responsive approach to AI regulation, which can safeguard fundamental rights and anticipate, identify, and mitigate a broad spectrum of AI risks.","PeriodicalId":44278,"journal":{"name":"International Journal of Law and Information Technology","volume":"14 1","pages":""},"PeriodicalIF":1.0,"publicationDate":"2024-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141568142","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Will the real data sovereign please stand up? An EU policy response to sovereignty in data spaces","authors":"Mark Ryan, Paula Gürtler, Artur Bogucki","doi":"10.1093/ijlit/eaae006","DOIUrl":"https://doi.org/10.1093/ijlit/eaae006","url":null,"abstract":"This paper aims to evaluate the concept of data sovereignty as applied to data spaces, particularly the Common European Data Space (CEDS). The CEDS aims to develop a single European data market through nine domain-specific data spaces: health, industrial and manufacturing, agriculture, finance, mobility, Green Deal, energy, public administration, and skills. It aims to do this by providing a secure and trustworthy technical architecture, a robust data-sharing business model realized through effective governance, and ensuring data sovereignty. Ensuring data sovereignty, however, is challenging when different agents all claim authority over their data within a data space. This paper focuses on three data sovereign agents in the CEDS—individual, organization, and state—to examine how data sovereignty can be implemented in data spaces based on current European Union regulations and whether shortcomings still need to be addressed.","PeriodicalId":44278,"journal":{"name":"International Journal of Law and Information Technology","volume":"1 1","pages":""},"PeriodicalIF":1.0,"publicationDate":"2024-07-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141568143","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Rethinking Exclusivity – A Review of Artificial Intelligence & Intellectual Property by Jyh-An Lee, Reto M Hilty and Kung-Chung Liu","authors":"Lisa van Dongen","doi":"10.1093/ijlit/eaae007","DOIUrl":"https://doi.org/10.1093/ijlit/eaae007","url":null,"abstract":"This review evaluates the edited work ‘Artificial Intelligence & Intellectual Property’. The book’s aim and audience are defined and its contents summarized both generally and chapter by chapter. The review also considers how the book has fared with its challenging scope, the difficult subject matter it covers, and the delivery of a coherent story and conclusions. It is concluded in this review that it speaks for the quality of both the cooperation among contributors and the editors’ vision that the book was quite successful on all accounts despite the difficulty of its project. The review highlights a few of the book’s arguments in the patent and copyright context put forth in support of two of the main discernible conclusions, briefly commenting on their persuasiveness, strengths, and limits. Concluding with some general words of reflecting, the book is recommended as an enlightening read.","PeriodicalId":44278,"journal":{"name":"International Journal of Law and Information Technology","volume":"1 1","pages":""},"PeriodicalIF":1.0,"publicationDate":"2024-06-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141509905","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Risks, innovation, and adaptability in the UK’s incrementalism versus the European Union’s comprehensive artificial intelligence regulation","authors":"Asress Adimi Gikay","doi":"10.1093/ijlit/eaae013","DOIUrl":"https://doi.org/10.1093/ijlit/eaae013","url":null,"abstract":"The regulation of artificial intelligence (AI) should strike a balance between addressing the risks of the technology and its benefits through enabling useful innovation whilst remaining adaptable to evolving risks. The European Union’s (EU) overarching risk-based regulation subjects AI systems across industries to a set of regulatory standards depending on where they fall in the risk bucket, whilst the UK’s sectoral approach advocates for an incremental regulation. By demonstrating the EU AI Act’s inability to adapt to evolving risks and regulate the technology proportionately, this article argues that the UK should avoid the EU AI Act’s compartmentalized high-risk classification system. The UK should refine its incremental regulation by adopting a generic principle for risk classification that allows for contextual risk assessment whilst adapting to evolving risks. The article contends that if refined appropriately, the UK’s incremental approach that relies on coordinate sectionalism encourages innovation without undermining the UK technology sector’s competitiveness in the global market of compliant AI, while also mitigating the potential risks presented by the technology.","PeriodicalId":44278,"journal":{"name":"International Journal of Law and Information Technology","volume":"136 1","pages":""},"PeriodicalIF":1.0,"publicationDate":"2024-06-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141509906","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Confronting the metadata dilemma in India: a turn to context and proportionality","authors":"Rudraksh Lakra, Abhijeet Shrivastava","doi":"10.1093/ijlit/eaae012","DOIUrl":"https://doi.org/10.1093/ijlit/eaae012","url":null,"abstract":"This paper problematizes the increasing trend of metadata collection by law enforcement, in light of the ‘going dark’ debate, which was spurred by the widespread adoption of secure encryption standards. Focusing on Indian privacy law, which remains nascent as of writing, we examine and propose potential constitutional limitations on metadata collection, and provide substantive guidance on their application. These limitations are bifurcated into two stages: first, whether metadata collection infringes upon the right to privacy, and second, whether the infringement is justified. In determining whether the collection of metadata in a specific case infringes privacy, we conceive of a ‘contextual approach’, challenging the usual ontological subordination of ‘metadata’ in relation to ‘content data’. At the second stage, we centre the standard of proportionality. We offer substantive guidance for Indian courts at each step of the test, including the development of a ‘risk profile’ of metadata collection practices. Such guidance is crucial, given the technically intricate nature of cases involving metadata processing.","PeriodicalId":44278,"journal":{"name":"International Journal of Law and Information Technology","volume":"2017 1","pages":""},"PeriodicalIF":1.0,"publicationDate":"2024-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141509907","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"The transatlantic divide: intermediary liability, free expression, and the limits of trade harmonization","authors":"Han-Wei Liu","doi":"10.1093/ijlit/eaae004","DOIUrl":"https://doi.org/10.1093/ijlit/eaae004","url":null,"abstract":"Amid escalating apprehensions surrounding content regulation, the USA has discreetly integrated provisions reminiscent of its Communications Decency Act Section 230 (CDA 230) into trade agreements, offering broad immunity. This scholarly analysis critically assesses this manoeuvre by juxtaposing such CDA 230-like provisions against the UK’s established legal framework governing online content and freedom of expression. Utilizing a comparative legal methodology, the paper underscores the pronounced differences between the USA and UK stances on intermediary liability for third-party content, moulded by their unique constitutional foundations and jurisprudential interpretations of free speech rights. The insertion of CDA 230-aligned clauses into trade agreements poses a potential threat to the UK’s nuanced equilibrium between safeguarding free speech and upholding other paramount interests, such as privacy and reputation. An scrutiny of UK defamation statutes and content regulation protocols reveals inherent challenges in transplanting CDA 230 provisions into trade contexts. In summation, the paper ardently supports a diversified approach to online content governance and cautions against standardizing intermediary liability laws via trade agreements, especially between nations with divergent foundational beliefs. It fervently endorses a cross-disciplinary discourse involving both trade and legal specialists to ensure the preservation of free expression while concurrently recognizing the intricacies of crafting universally applicable standards for online platforms and content regulation.","PeriodicalId":44278,"journal":{"name":"International Journal of Law and Information Technology","volume":"7 1","pages":""},"PeriodicalIF":1.0,"publicationDate":"2024-03-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140105967","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}