Computer Law & Security Review最新文献

Personal data controllers and device producers: Mind the gap 个人数据控制者和设备生产商：注意差距

IF 3.3 3区社会学

Computer Law & Security Review Pub Date : 2025-07-25 DOI: 10.1016/j.clsr.2025.106172

Efstratios Koulierakis

{"title":"Personal data controllers and device producers: Mind the gap","authors":"Efstratios Koulierakis","doi":"10.1016/j.clsr.2025.106172","DOIUrl":"10.1016/j.clsr.2025.106172","url":null,"abstract":"<div><div>It seemed well established that producing a smart device could not, by itself, render someone a personal data controller in the absence of subsequent influence over the processing operations (the influence thesis). In contrast, legal scholars have introduced a new interpretation of European data protection law that seeks to apply the General Data Protection Regulation (GDPR) to the processing operations of smart devices even if no entity influences the processing remotely after the release of the product. This approach classifies producers as personal data controllers for device-based processing (producer-controller thesis). The proponents of the producer-controller thesis highlight the increasing importance of smart devices that store data locally and the need for protecting consumers’ rights in that context. However, as this paper claims, the GDPR is not the proper legal instrument for addressing the safety standards of smart products that process data locally. These considerations relate to legislative texts that prescribe product requirements, such as the AI Act and the Cyber Resilience Act. On those grounds, the present work criticises the producer-controller thesis. As this paper concludes, expanding the concept of ‘controller’ to encompass producers of smart devices does not enhance the protection of the data subjects and does not fit within the current data protection framework of the European Union.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"58 ","pages":"Article 106172"},"PeriodicalIF":3.3,"publicationDate":"2025-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144704092","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A Comparative review of Symbolism and Connectionism in AI&Law: Tracing evolution and exploring integration 《人工智能与法律》中的象征主义与联结主义比较：追溯演变，探索融合

IF 3.3 3区社会学

Computer Law & Security Review Pub Date : 2025-07-24 DOI: 10.1016/j.clsr.2025.106166

Bin Wei

{"title":"A Comparative review of Symbolism and Connectionism in AI&Law: Tracing evolution and exploring integration","authors":"Bin Wei","doi":"10.1016/j.clsr.2025.106166","DOIUrl":"10.1016/j.clsr.2025.106166","url":null,"abstract":"<div><div>AI&Law explores computational methods for automating legal reasoning and prediction, evolving in parallel with AI research and developing along two primary paths: symbolic and connectionist approaches. Symbolic AI&Law centers on the formal representation of legal concepts and performing reasoning based on statutes and case law. These methods have led to the development of rule-based and case-based reasoning systems, successfully implemented in legal expert systems. The primary advantage of symbolic approaches is their inherent explainability, although they face limitations due to the knowledge acquisition bottleneck. Connectionist AI&Law encourages legal professionals to adopt inductive inference and use “bottom-up” learning models to extract hidden features from large datasets. This paradigm incorporates machine learning and natural language processing (NLP) techniques to address legal information extraction, retrieval, text classification, summarization, and legal prediction tasks. The advent of large language models (LLMs) has further expanded the capabilities of connectionist models, enabling more sophisticated legal text analysis and predictive accuracy, though issues of model transparency and hallucination remain active areas of research. The interaction between symbolic and connectionist approaches can complement each other. Symbolic models can enhance the transparency and explainability of connectionist systems, while connectionist techniques can optimize the scalability and efficiency of symbolic reasoning processes. These two paradigms exhibit strong potential for collaboration, particularly in the domains of explainable dialogue systems, neuro-symbolic systems, legal knowledge embedding and legal argumentation mining, etc.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"58 ","pages":"Article 106166"},"PeriodicalIF":3.3,"publicationDate":"2025-07-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144704093","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

The algorithmic muse and the public domain: Why copyright’s legal philosophy precludes protection for generative AI outputs 算法缪斯和公共领域：为什么版权的法律哲学排除了对生成人工智能输出的保护

IF 3.3 3区社会学

Computer Law & Security Review Pub Date : 2025-07-22 DOI: 10.1016/j.clsr.2025.106170

Ezieddin Elmahjub

引用次数: 0

A systematic literature review on dark patterns for the legal community: definitional clarity-and a legal classification based on the Unfair Commercial Practices Directive 法律界对黑暗模式的系统文献回顾：定义的清晰度-以及基于不公平商业惯例指令的法律分类

IF 3.3 3区社会学

Computer Law & Security Review Pub Date : 2025-07-21 DOI: 10.1016/j.clsr.2025.106169

Cecilia Isola , Fabrizio Esposito

引用次数: 0

Exploring the use of LLMs in the Italian legal domain: A survey on recent applications 探索法学硕士在意大利法律领域的使用：对最近的应用调查

IF 3.3 3区社会学

Computer Law & Security Review Pub Date : 2025-07-10 DOI: 10.1016/j.clsr.2025.106164

Marco Siino

引用次数: 0

Unpacking copyright infringement issues in the GenAI development lifecycle and a peek into the future 解析GenAI开发生命周期中的版权侵权问题，并展望未来

IF 3.3 3区社会学

Computer Law & Security Review Pub Date : 2025-06-23 DOI: 10.1016/j.clsr.2025.106163

Cheng L. SAW, Bryan Zhi Yang TAN

{"title":"Unpacking copyright infringement issues in the GenAI development lifecycle and a peek into the future","authors":"Cheng L. SAW, Bryan Zhi Yang TAN","doi":"10.1016/j.clsr.2025.106163","DOIUrl":"10.1016/j.clsr.2025.106163","url":null,"abstract":"<div><div>Generative AI (“GAI”) refers to deep learning models that ingest input data and “learn” to produce output that mimics such data when duly prompted. This feature, however, has given rise to numerous claims of infringement by the owners of copyright in the training material. Relevantly, three questions have emerged for the law of copyright: (1) whether <em>prima facie</em> acts of infringement are disclosed at each stage of the GAI development lifecycle; (2) whether such acts fall within the scope of the text and data mining (“TDM”) exceptions; and (3) whether (and, if so, how successfully) the fair use exception may be invoked by GAI developers as a defence to infringement claims. This paper critically examines these questions in turn and considers, in particular, their interplay with the so-called “memorisation” phenomenon. It is argued that although infringing acts might occur in the process of downloading in-copyright training material and training the GAI model in question, TDM and fair use exceptions (where available) may yet exonerate developers from copyright liability under the right conditions.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"58 ","pages":"Article 106163"},"PeriodicalIF":3.3,"publicationDate":"2025-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144338751","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Deepfake detection in generative AI: A legal framework proposal to protect human rights 生成人工智能中的深度假检测：保护人权的法律框架建议

IF 3.3 3区社会学

Computer Law & Security Review Pub Date : 2025-06-23 DOI: 10.1016/j.clsr.2025.106162

Felipe Romero-Moreno

{"title":"Deepfake detection in generative AI: A legal framework proposal to protect human rights","authors":"Felipe Romero-Moreno","doi":"10.1016/j.clsr.2025.106162","DOIUrl":"10.1016/j.clsr.2025.106162","url":null,"abstract":"<div><div>Deepfakes, exploited for financial fraud, political misinformation, non-consensual imagery, and targeted harassment, represent a rapidly evolving threat to global information integrity, demanding immediate and coordinated intervention. This research undertakes technical and comparative legal analyses of deepfake detection methods. It examines key mitigation strategies—including AI-powered detection, provenance tracking, and watermarking—highlighting the pivotal role of the Coalition for Content Provenance and Authenticity (C2PA) in establishing media authentication standards. The study investigates deepfakes' complex intersections with the admissibility of legal evidence, non-discrimination, data protection, freedom of expression, and copyright, questioning whether existing legal frameworks adequately balance advances in detection technologies with the protection of individual rights. As national strategies become increasingly vital amid geopolitical realities and fragmented global governance, the research advocates for a unified international approach grounded in UN Resolution 78/265 on safe, secure, and trustworthy AI. It calls for a collaborative framework that prioritizes interoperable technical standards and harmonized regulations. The paper critiques legal frameworks in the EU, US, UK, and China—jurisdictions selected for their global digital influence and divergent regulatory philosophies—and recommends developing robust, accessible, adaptable, and internationally interoperable tools to address evidentiary reliability, privacy, freedom of expression, copyright, and algorithmic bias. Specifically, it proposes enhanced technical standards; regulatory frameworks that support the adoption of explainable AI (XAI) and C2PA; and strengthened cross-sector collaboration to foster a trustworthy deepfake ecosystem.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"58 ","pages":"Article 106162"},"PeriodicalIF":3.3,"publicationDate":"2025-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144338750","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Personal data propertisation in China: A difficult road under the 20 Key Measures on Data 中国个人数据产权化：20项数据重点措施下的艰难之路

IF 3.3 3区社会学

Computer Law & Security Review Pub Date : 2025-06-20 DOI: 10.1016/j.clsr.2025.106153

Qifan Yang

{"title":"Personal data propertisation in China: A difficult road under the 20 Key Measures on Data","authors":"Qifan Yang","doi":"10.1016/j.clsr.2025.106153","DOIUrl":"10.1016/j.clsr.2025.106153","url":null,"abstract":"<div><div>The Opinions on Building Basic Systems for Data to Better Exploit the Value of Data Factors (the 20 Key Measures on Data) in China has significantly influenced the discourse around propertising personal data, leading to a distinct approach to personal data protection from the EU and the US. The ownership-usufruct system and conditional personal data property system are raised as two representative property systems in China. In the ownership-usufruct system, the ownership of personal data belongs to the original subject, and the data processors (the data controllers in the GDPR) obtain their usufructuary right through “obtaining consent + consideration”. In the conditional personal data property system, the data processors originally acquired the data property right based on legitimate data collection behaviour. The data property right is limited by pre-existing rights, the proportionality principle, and the fair use principle. Rather than idealising the propertisation of personal data, this paper offers a nuanced critique of its limitations, including conceptual ambiguities, the failure of the consent mechanism, and unbalanced digital market structures. These challenges reveal that the propertisation of personal data is a socio-technical issue that requires legal frameworks and technical infrastructures.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"58 ","pages":"Article 106153"},"PeriodicalIF":3.3,"publicationDate":"2025-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144322509","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Joint and several liability between Europol and a Member State for damages from unlawful disclosure of personal data (comment on European Court of Justice, 5 March 2024, C‑755/21 P) 欧洲刑警组织与成员国就非法披露个人数据造成的损害承担的连带责任（对欧洲法院的评论，2024年3月5日，C - 755/ 21p）

IF 3.3 3区社会学

Computer Law & Security Review Pub Date : 2025-06-07 DOI: 10.1016/j.clsr.2025.106161

Andrea Parziale

{"title":"Joint and several liability between Europol and a Member State for damages from unlawful disclosure of personal data (comment on European Court of Justice, 5 March 2024, C‑755/21 P)","authors":"Andrea Parziale","doi":"10.1016/j.clsr.2025.106161","DOIUrl":"10.1016/j.clsr.2025.106161","url":null,"abstract":"<div><div>This case note examines a judgment by the Court of Justice on Europol's civil liability for unlawful disclosure of personal data during cross-border cooperation with Member State authorities. The Court overturned the General Court's decision, establishing that joint and several liability between Europol and Member States can arise under Article 50 of Regulation 2016/794 (Europol Regulation), informed by Recital 57. While this ruling facilitates compensation for injured parties when the exact source of data disclosure cannot be identified, the Court awarded only €2000 in damages to the appellant, a modest sum that may undermine Article 50′s effectiveness as a data protection mechanism. The case note analyzes both the joint liability determination and the damages quantification, arguing that while the recognition of joint liability strengthens data subject protection in principle, the symbolic damages awarded significantly limit its practical impact as an accountability tool for ensuring responsible data handling in cross-border criminal investigations.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"58 ","pages":"Article 106161"},"PeriodicalIF":3.3,"publicationDate":"2025-06-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144240726","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Asia–Pacific developments 亚太地区的发展

IF 3.3 3区社会学

Computer Law & Security Review Pub Date : 2025-06-02 DOI: 10.1016/j.clsr.2025.106151

Gabriela Kennedy (Partner) , Joanna Wong (Associate) , Arun Babu (Partner) , Gayathri Poti (Associate) , Avindra Yuliansyah Taher (Partner) , Kiyoko Nakaoka (Attorney-at-Law) , Jillian Chia (Partner) , Beatrice Yew (Senior Associate) , Karen Ngan (Partner) , Lam Chung Nian (Partner) , Huey Lee (Associate) , Quang Minh Vu (Associate)

引用次数: 0