Computer Law & Security Review最新文献

{"title":"Procedural fairness in automated asylum procedures: Fundamental rights for fundamental challenges","authors":"","doi":"10.1016/j.clsr.2024.106065","DOIUrl":"10.1016/j.clsr.2024.106065","url":null,"abstract":"<div><div>In response to the increasing digitalization of asylum procedures, this paper examines the legal challenges surrounding the use of automated tools in refugee status determination (RSD). Focusing on the European Union (EU) context, where interoperable databases and advanced technologies are employed to streamline asylum processes, the paper asks how EU fundamental rights can address the challenges that automation raises. Through a comprehensive analysis of EU law and several real-life cases, the paper focuses on the relationship between procedural fairness and the use of automated tools to provide evidence in RSD. The paper illustrates what standards apply to automated systems based on a legal doctrinal analysis of EU primary and secondary law and emerging case law from national courts and the CJEU. The article contends that the rights to privacy and data protection enhance procedural fairness in asylum procedures and shows how they can be leveraged for increased protection of asylum seekers and refugees. Moreover, the paper also claims that asylum authorities carry a new pivotal responsibility as the medium between the technologies, asylum seekers and their rights.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":null,"pages":null},"PeriodicalIF":3.3,"publicationDate":"2024-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142444763","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Asia-Pacific developments","authors":"","doi":"10.1016/j.clsr.2024.106058","DOIUrl":"10.1016/j.clsr.2024.106058","url":null,"abstract":"<div><div>This column provides a country by country analysis of the latest legal developments, cases and issues relevant to the IT, media and telecommunications' industries in key jurisdictions across the Asia Pacific region. The articles appearing in this column are intended to serve as ‘alerts’ and are not submitted as detailed analyses of cases or legal developments.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":null,"pages":null},"PeriodicalIF":3.3,"publicationDate":"2024-10-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142442602","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An Infrastructural Brussels Effect: The translation of EU Law into the UK's digital borders","authors":"","doi":"10.1016/j.clsr.2024.106057","DOIUrl":"10.1016/j.clsr.2024.106057","url":null,"abstract":"<div><div>This article gives an account of the legal standards and safeguards that guide and constrain the current design of the UK's digital borders. Based on an empirical engagement with the development of <em>Cerberus</em> – an advanced risk-based analytics platform aimed at the detection of previously ‘unknown’ threats – the article presents a dual argument. On the one hand, it provides an account of the remaining salience and extraterritorial reach of EU law in setting standards for the collection, retention, processing and sharing of Passenger Name Records (PNR) data in the UK. This PNR data is a constitutive component of the digital border. Through the EU-UK Trade and Cooperation Agreement (TCA), the UK is now bound to comply with the rather stringent legal safeguards developed by the CJEU (in Opinion 1/15) on the retention and automated processing of PNR data. Our analysis shows the different channels through which EU law obtains this extraterritorial reach, how compliance can be monitored and enforced, and, crucially, how it has influenced and constrained the technical design of the UK's digital borders – a salient and unexplored phenomenon that we describe as an <em>Infrastructural Brussels Effect.</em> Yet, on the other hand, the article empirically shows that this is not merely a process of norm diffusion and extraterritoriality. Once legal standards become infrastructurally embedded in Cerberus, we witness normative translations and sociotechnical shifts with important legal and political consequences. Legal standards on ‘reasonable suspicion’ and the ‘objective evidence’ of ‘risk’, we argue, are given specific meaning through a logic of relational inference and algorithmic pattern detection (leading to forms of ‘concern by association’). By studying the entanglements between legal norms and material infrastructures – an approach we describe as infra-legalities – these normative effects become visible and contestable, providing a productive site for the sociolegal study of law and algorithmic governance.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":null,"pages":null},"PeriodicalIF":3.3,"publicationDate":"2024-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142420548","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Mapping interpretations of the law in online content moderation in Germany","authors":"","doi":"10.1016/j.clsr.2024.106054","DOIUrl":"10.1016/j.clsr.2024.106054","url":null,"abstract":"<div><div>Content moderation is a vital condition that online platforms must facilitate, according to the law, to create suitable online environments for their users. By the law, we mean national or European laws that require the removal of content by online platforms, such as EU Regulation 2021/784, which addresses the dissemination of terrorist content online. Content moderation required by these national or European laws, summarised here as ‘the law’, is different from the moderation of pieces of content that is not directly required by law but instead is conducted voluntarily by the platforms. New regulatory requests create an additional layer of complexity of legal grounds for the moderation of content and are relevant to platforms’ daily decisions. The decisions made are either grounded in reasons stemming from different sources of law, such as international or national provisions, or can be based on contractual grounds, such as the platform's Terms of Service and Community Standards. However, how to empirically measure these essential aspects of content moderation remains unclear. Therefore, we ask the following research question: How do online platforms interpret the law when they moderate online content?</div><div>To understand this complex interplay and empirically test the quality of a platform's content moderation claims, this article develops a methodology that facilitates empirical evidence of the individual decisions taken per piece of content while highlighting the subjective element of content classification by human moderators. We then apply this methodology to a single empirical case, an anonymous medium-sized German platform that provided us access to their content moderation decisions. With more knowledge of how platforms interpret the law, we can better understand the complex nature of content moderation, its regulation and compliance practices, and to what degree legal moderation might differ from moderation due to contractual reasons in dimensions such as the need for context, information, and time.</div><div>Our results show considerable divergence between the platform's interpretation of the law and ours. We believe that a significant number of platform legal interpretations are incorrect due to divergent interpretations of the law and that platforms are removing legal content that they falsely believe to be illegal (‘overblocking’) while simultaneously not moderating illegal content (‘underblocking’). In conclusion, we provide recommendations for content moderation system design that takes (legal) human content moderation into account and creates new methodological ways to test its quality and effect on speech in online platforms.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":null,"pages":null},"PeriodicalIF":3.3,"publicationDate":"2024-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142420546","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A European right to end-to-end encryption?","authors":"","doi":"10.1016/j.clsr.2024.106063","DOIUrl":"10.1016/j.clsr.2024.106063","url":null,"abstract":"<div><div>In <em>Podchasov v Russia</em>, the European Court of Human Rights unanimously held that a Russian statutory obligation on ‘internet communications organisers’ to provide information to state authorities that allowed for the decryption of encrypted communications was a disproportionate interference with Article 8 because the available technical means of decryption risked weakening the security of communications for all users of the service. This is significant as authorities in the UK and EU may seek to implement similar statutory obligations on communications service providers.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":null,"pages":null},"PeriodicalIF":3.3,"publicationDate":"2024-10-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142420549","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A New Right to Procedural Accuracy: A Governance Model for Digital Evidence in Criminal Proceedings","authors":"","doi":"10.1016/j.clsr.2024.106040","DOIUrl":"10.1016/j.clsr.2024.106040","url":null,"abstract":"<div><div>This paper motivates and studies the feasibility of a new digital right to procedural accuracy (RPA) for digital evidence processing in criminal investigations. The need to guarantee a new principle of procedural accuracy under Art. 6 of the European Convention on Human Rights (ECHR) is based on the concern that digital forensic science and AI technology have a significant impact on individuals’ rights in criminal proceedings, which are neither coherently nor comprehensively addressed. The personal and material scope of RPA are examined and include: <em>(i)</em> protection against unreliable digital evidence processing; <em>(ii)</em> right to access the chain of evidence, explanation, and forensic assistance; and <em>(iii)</em> the right to participate in the determinative stages of the digital evidence processing. Limitations of the RPA are also discussed.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":null,"pages":null},"PeriodicalIF":3.3,"publicationDate":"2024-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142420621","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Who is vulnerable to deceptive design patterns? A transdisciplinary perspective on the multi-dimensional nature of digital vulnerability","authors":"","doi":"10.1016/j.clsr.2024.106031","DOIUrl":"10.1016/j.clsr.2024.106031","url":null,"abstract":"<div><div>In the last few years, there have been growing concerns about the far-reaching influence that digital architectures may exert on individuals and societies. A specific type of digital manipulation is often engineered into the interfaces of digital services through the use of so-called dark patterns, that cause manifold harms against which nobody seems to be immune. However, many areas of law rely on a traditional class-based view according to which certain groups are inherently more vulnerable than others, such as children. Although the undue influence exerted by dark patterns on online decisions can befall anybody, empirical studies show that there are actually certain factors that aggravate the vulnerability of some people by making them more likely to incur in certain manipulation risks engineered in digital services and less resilient to the related harms. But digital vulnerability does not overlap with traditionally protected groups and depends on multifaceted factors. This article contributes to the ongoing discussions on these topics by offering (i) a multidisciplinary mapping of the micro, meso, and macro factors of vulnerability to dark patterns; (ii) a subsequent critical reflection on the feasibility of the risk assessment proposed in three selected EU legal frameworks: the General Data Protection Regulation, the Digital Services Act, and the Artificial Intelligence Act; (iii) and multidisciplinary suggestions to increase resilience towards manipulative designs online.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":null,"pages":null},"PeriodicalIF":3.3,"publicationDate":"2024-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142420547","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Conversion of cryptoassets","authors":"","doi":"10.1016/j.clsr.2024.106060","DOIUrl":"10.1016/j.clsr.2024.106060","url":null,"abstract":"<div><div>It is common for cryptoassets to be stolen, which raises the legal issue of whether cryptoassets can be converted. Under the current law, the tort of conversion applies only to tangibles. Cryptoassets cannot be converted because they are intangible. However, this article argues that it is arbitrary to determine whether cryptoassets are amenable to conversion based on the tangible/intangible distinction. Refusing to extend the tort of conversion to cryptoassets will lead to unfair treatment between cryptoassets and other assets. It will also provide inadequate protection for cryptoassets, which can be interfered with in ways similar to tangibles. This article argues that the tort of conversion should be extended to cryptoassets because they are property capable of possession. A tort for conversion of cryptoassets is established when a defendant has deliberately and exclusively interfered with a claimant's cryptoassets, and the defendant does not have a defence. Since conversion is a tort of strict liability, extending the tort to cryptoassets may create uncertain legal risks to third parties. To protect innocent third parties robustly, five defences should be established: innocent purchaser defence, abandonment, consent, self-help and safe harbour.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":null,"pages":null},"PeriodicalIF":3.3,"publicationDate":"2024-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142420545","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Copyright protection during the training stage of generative AI: Industry-oriented U.S. law, rights-oriented EU law, and fair remuneration rights for generative AI training under the UN's international governance regime for AI","authors":"","doi":"10.1016/j.clsr.2024.106056","DOIUrl":"10.1016/j.clsr.2024.106056","url":null,"abstract":"<div><div>Generative AI relies on simulating and learning from complex data distributions to automatically generate new, meaningful content from large datasets. Training generative AI models carries the risk of copyright infringement. How can we balance the development of generative AI technology with copyright protection during the training stage of these models? In contrast to existing legal scholarship, this article conducts a comparative study of industry-oriented U.S. copyright law and rights-oriented EU copyright law. It draws insights from the concepts of the tragedy of the commons and the tragedy of the anti-commons, proposing the creation of fair remuneration rights for Generative AI training under the UN's international governance regime for AI. This article offers a typological analysis of potential operational models for fair remuneration rights in Generative AI training, drawing analogies to existing remuneration rights in international copyright treaties. The goal is to provide an open framework for further discussion within the international academic community.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":null,"pages":null},"PeriodicalIF":3.3,"publicationDate":"2024-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142420544","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Decentralized social networks and the future of free speech online","authors":"","doi":"10.1016/j.clsr.2024.106059","DOIUrl":"10.1016/j.clsr.2024.106059","url":null,"abstract":"<div><div>Decentralized social networks like Mastodon and BlueSky are trending topics that have drawn much attention and discussion in recent years. By devolving powers from the central node to the end users, decentralized social networks aim to cure existing pathologies on the centralized platforms and have been viewed by many as the future of the Internet. This article critically and systematically assesses the decentralization project's prospect for communications online. It uses normative theories of free speech to examine whether and how the decentralization design could facilitate users’ freedom of expression online. The analysis shows that both promises and pitfalls exist, highlighting the importance of value-based design in this area. Two most salient issues for the design of the decentralized networks are: how to balance the decentralization ideal with constant needs of centralization on the network, and how to empower users to make them truly capable of exercising their control. The article then uses some design examples, such as the shared blocklist and the opt-in search function, to illustrate the value considerations underlying the design choices. Some tentative proposals for law and policy interventions are offered to better facilitate the design of the new network. Rather than providing clear answers, the article seeks to map the value implications of the design choices, highlight the stakes, and point directions for future research.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":null,"pages":null},"PeriodicalIF":3.3,"publicationDate":"2024-09-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142359551","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}