{"title":"Right to learn in the digital age: Challenges and protection in China","authors":"Taixia Shen","doi":"10.1016/j.clsr.2024.105989","DOIUrl":"https://doi.org/10.1016/j.clsr.2024.105989","url":null,"abstract":"<div><p>The right to learn is a fundamental human right that can be summarized as a personal entitlement to acquire knowledge, increase one's wisdom, and fully develop inherent capacity through various learning approaches and activities. With the advent of the information age, the notion of <em>right to education</em> is unable to meet the needs of the development of human beings and society. Thus, introducing a concept with a rich connotation, namely, the <em>right to learn</em> is necessary. However, this right has not been stipulated and protected by constitutional law in most countries. The development of digital technology and artificial intelligence not only brings great opportunities for its realization, but also poses challenges to this right. In China, the economic and digital gap has led to the unequal and uneven development of the right to learn, while the rigid internet review system and expectations of digital copyright protection have hindered this right. To address these challenges in the information era, the government should address the right to learn as a fundamental right and establish a protection system in China's education law. Moreover, it should improve the fair use of the copyright system and strike a balance between the right to learn and copyright. In addition, emerging management rights and the equitable distribution of e-learning resources and digital infrastructure are essential to the right to learn.</p></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"53 ","pages":"Article 105989"},"PeriodicalIF":2.9,"publicationDate":"2024-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141067680","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"China's Interim Measures on generative AI: Origin, content and significance","authors":"Sara Migliorini","doi":"10.1016/j.clsr.2024.105985","DOIUrl":"https://doi.org/10.1016/j.clsr.2024.105985","url":null,"abstract":"<div><p>On 15 August 2023, China's new rules on generative artificial intelligence (AI) entered into force. This article explores the underlying reasons and context for this rapid regulatory development. It argues that China's swift adoption of the Interim Measures on generative AI has been enabled by its traditional approach to digital policy, together with its renewed system of governance and the extensive work that Chinese regulators had conducted on AI ethics and relevant principles. The article also analyses some of the substantial rules laid down by the Interim Measures, offering scholars and policymakers working on generative AI regulation in other jurisdictions the possibility to engage with the solutions chosen by the Chinese regulators. To this end, the article brielfy presents key provisions regarding training data and IP rights; labelling of synthetic content; algorithm registration; accountability for content; and the applicability of existing laws to generative AI. It compares these aspects of the Interim Measures with examples from the European Union and the United States.</p></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"53 ","pages":"Article 105985"},"PeriodicalIF":2.9,"publicationDate":"2024-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141067679","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"How to think about freedom of thought (and opinion) in the age of AI","authors":"Sue Anne Teo","doi":"10.1016/j.clsr.2024.105969","DOIUrl":"https://doi.org/10.1016/j.clsr.2024.105969","url":null,"abstract":"<div><p>The freedoms of thought (and opinion) are considered as absolute rights within the human rights law framework. Though found in separate provisions within the human rights instruments, the content and contours of these freedoms are largely interchangeable and overlap. The freedom of thought (and opinion) consists of three elements, namely, that thoughts and opinions can be kept private; thoughts cannot be manipulated with; and that one should not be punished for one's own thoughts. However, artificial intelligence (AI) driven systems increasingly deployed within online platforms facilitate the granular targeting and tailoring of choice architectures to the particularities of each individual, according to what is revealed or inferred by the AI system. This can enable platforms to shape the horizons of possibilities at scale for many individuals at once, enabling the power to modulate thoughts, expressions and actions. Drawing from literature on moral ethics and specifically the nascent field of the ethics of online manipulation, the aim of the article is to theorise the concept of manipulation and punishment in the context of the affordances of AI systems and examine when and how it impacts or breaches the freedoms of thought and opinion. The article argues that manipulation has to be conceived of as an objective concept, without hinging upon the eventuation of subjective effects on individuals, in order for the right to have practical meaning and import in the age of AI. Further, the term punishment has to be re-conceptualised to go beyond state sanctioned actions to include harms to autonomy conditions. This engages the fundamental concept of human dignity that lies as the normative foundation of the human rights framework. As novel material affordances increasingly structure and modulate the conditions for human interaction and communication, the focus of human rights protection has to shift from negative to positive obligations in order to ensure that conditions of possibilities for the freedoms of thought and opinion can take hold and be exercised in the first place. It concludes by proposing three steps that can be taken in order to afford autonomy conditions in line with the respect for these freedoms.</p></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"53 ","pages":"Article 105969"},"PeriodicalIF":2.9,"publicationDate":"2024-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141067685","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Oscar Borgogno , Cristina Poncibò , Giuseppe Colangelo
{"title":"Editorial to the special issue on financial technology and the law: A reality check","authors":"Oscar Borgogno , Cristina Poncibò , Giuseppe Colangelo","doi":"10.1016/j.clsr.2024.105983","DOIUrl":"https://doi.org/10.1016/j.clsr.2024.105983","url":null,"abstract":"","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"53 ","pages":"Article 105983"},"PeriodicalIF":2.9,"publicationDate":"2024-05-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140947494","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Cybersecurity of Internet of Things in the health sector: Understanding the applicable legal framework","authors":"Federica Casarosa","doi":"10.1016/j.clsr.2024.105982","DOIUrl":"https://doi.org/10.1016/j.clsr.2024.105982","url":null,"abstract":"<div><p>Although the digitalisation of healthcare is an ongoing process that dates back to more than two decades ago, it has gained more momentum with the COVID-19 pandemic. Recent developments in this sector include the adoption of wearable devices based on Internet of Things technology. The possibility of connecting devices that can work outside the physical boundaries of a hospital and follow patients at home, i.e. during their day-to-day life, has several obvious advantages. However, the digitalisation of the health sector through increased adoption of connected devices does not exclude vulnerabilities, particularly risks concerning the protection of patients’ data and the security of networks and information systems. Connected devices can gather, process, and store personal patient health data. Failure to safeguard the integrity and security of these data may affect the patients’ identity and finances and put their lives at risk. The presence of an IoT device in a healthcare setting may affect and reduce the level of network security of the overall system as it may provide an access point for an unlawful hacking attack. Although IoT technologies in the health sector are becoming increasingly pervasive, the European legal framework applicable to them is not clearly defined. This is extremely relevant in the case of cybersecurity, where the legal point of reference is the General Data Protection Regulation, addressing the measures and requirements applicable in case of data breaches, and the Medical Device Regulation, providing provisions focused on the security of data relevant to IoT defined as medical devices. The most recent interventions that address health data processing and cybersecurity are the proposed Cyber Resilience Act and the Health Data Space Regulation. The two acts provide measures and requirements applicable to IoT from two perspectives. Yet, they add complexities and some inconsistencies that may hamper the effectiveness of the overall cybersecurity framework.</p></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"53 ","pages":"Article 105982"},"PeriodicalIF":2.9,"publicationDate":"2024-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140901093","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Pre-installed cameras in vehicles—New technology from a data protection law perspective","authors":"Tanja Kammersgaard Christensen","doi":"10.1016/j.clsr.2024.105980","DOIUrl":"https://doi.org/10.1016/j.clsr.2024.105980","url":null,"abstract":"<div><p>This article assesses whether the rules of the General Data Protection Regulation (GDPR) apply to cameras installed in vehicles, as well as how their use can be GDPR compliant and who is ultimately responsible for this. With the adoption of the GDPR, citizens of the EU now benefit from increased protection of their privacy, as the purpose of the Regulation is to lay down rules on the protection of natural persons in connection with the processing of personal data. The Regulation sets out several conditions for when and how personal data may be processed. These are reviewed in the following with a focus on cameras in cars.</p></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"53 ","pages":"Article 105980"},"PeriodicalIF":2.9,"publicationDate":"2024-05-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0267364924000475/pdfft?md5=4c68c0f48d2658a58e821bb09706c5d5&pid=1-s2.0-S0267364924000475-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140822163","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Douglas W Arner , Dirk A Zetzsche , Ross P Buckley , Jamieson M Kirkwood
{"title":"The financialisation of Crypto: Designing an international regulatory consensus","authors":"Douglas W Arner , Dirk A Zetzsche , Ross P Buckley , Jamieson M Kirkwood","doi":"10.1016/j.clsr.2024.105970","DOIUrl":"https://doi.org/10.1016/j.clsr.2024.105970","url":null,"abstract":"<div><p>Bitcoin was presented in 2008 as a technology-driven alternative to the weaknesses of the traditional monetary, payment and financial systems dramatically highlighted by the Global Financial Crisis of 2008. The underlying technology – blockchain and distributed ledger technology – was posed as a technological solution to the problems of trust, confidence, transparency and behaviour traditionally addressed in finance through a framework of law, regulation and institutions (including markets and the state). Cryptocurrencies, blockchain, distributed ledger technology and decentralised finance were designed to address the weaknesses and risks in traditional finance. Yet fifteen years of evolution culminating in the Crypto Winter of 2022–23 have demonstrated that crypto is neither special nor immune and has come to feature all the classic problems of traditional finance. As the crypto ecosystem has evolved, the market failures and externalities of traditional finance have emerged – a process we term the ‘financialisation’ of crypto. These include conflicts of interests, information asymmetries, centralisation and interconnections, over-enthusiastic market participants, plus agency, operational and financial risks. We argue that (a) in order to develop successfully going forward, the crypto ecosystem needs to assimilate the centuries of experience of underpinning traditional finance with law and regulation, and (b) in the aftermath of the Crypto Winter, an international consensus is crystalising in respect of the regulation of the crypto ecosystem. We argue regulatory systems are now being instituted to ensure the proper functioning of crypto and its interconnections with traditional finance. The lessons of the financialisation of crypto also apply more broadly: appropriately designed regulatory systems are central to financial market functioning and development.</p></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"53 ","pages":"Article 105970"},"PeriodicalIF":2.9,"publicationDate":"2024-05-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140822162","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Evaluation of trust service and software product regimes for zero-knowledge proof development under eIDAS 2.0","authors":"Raül Ramos Fernández","doi":"10.1016/j.clsr.2024.105968","DOIUrl":"https://doi.org/10.1016/j.clsr.2024.105968","url":null,"abstract":"<div><p>This paper delves into two legal models for zero-knowledge proof protocols in the context of the eIDAS 2.0 Regulation: a trust service or a software product. The ARIES: reliAble euRopean Identity EcoSystem EU project highlighted the need for a legal framework for stakeholders to accept proof of the existence of user data with legal certainty, while Hyperledger Indy shows that ZKP solutions are currently commercialized, stressing deficiencies in the eIDAS 2.0. An overview of ZKP applied to identity, its relationship to the European Digital Identity Wallet and the electronic attestations of attributes, both introduced by the eIDAS 2.0, and Self-Sovereign Identity systems, leads to the central question of proof of the existence of user-held data as a trust service or as a software product and its data privacy implications for each approach. Finally, we outline a possible solution based on the product approach for future work. Our findings reveal that ZKP technology must have legal value and a presumption system to be effective. However, the path we take could lead us either to develop a system of surveillance and control in electronic environments or to build an environment where we share not the data itself but proof of its existence.</p></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"53 ","pages":"Article 105968"},"PeriodicalIF":2.9,"publicationDate":"2024-04-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0267364924000359/pdfft?md5=857f41921a67e735151c4db9f816925c&pid=1-s2.0-S0267364924000359-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140816044","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"In the name of protection—A critical analysis of China's legal framework of children's personal information protection in the digital era","authors":"Guan Zheng, Jinchun Shu","doi":"10.1016/j.clsr.2024.105979","DOIUrl":"https://doi.org/10.1016/j.clsr.2024.105979","url":null,"abstract":"<div><p>This article provides a critical analysis of the China's legal framework of children's personal information protection in the digital era. It demonstrates that Chinese lawmakers adopt a dual-protection paradigm consisting of data privacy law and family law to protect children's personal information. In the field of data privacy law, China's Personal Information Protection Law regards children's personal information as sensitive information, and provides all contexts-based protection through the parental consent system, resulting in severe restrictions on children's freedom of access to information and their evolving capacities. In the field of family law, the Minors Protection Law fragments the right to informational self-determination of children while applying hard legal paternalism with respect to the online live-broadcast for children, limiting children's fundamental right to freedom of expression and depriving parents of the right to the custody of their children. Based on research in developmental psychology, this article argues that different legal frameworks should be adopted according to different age groups of children to protect the best interest of the child. In this way, the balance between the protection and informational self-determination of children in the digital era can be achieved.</p></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"53 ","pages":"Article 105979"},"PeriodicalIF":2.9,"publicationDate":"2024-04-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140807549","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"The authenticity crisis","authors":"Bart Jacobs","doi":"10.1016/j.clsr.2024.105962","DOIUrl":"https://doi.org/10.1016/j.clsr.2024.105962","url":null,"abstract":"<div><p>Authenticity of information is a term with a clear meaning, not in law, but in the area of information security. There, it involves two aspects, called source-authenticity and message-authenticity; they guarantee certainty about the origin of information, and about its integrity. Authenticity differs from veracity: whether information is true (holds) or not is independent of its authenticity. The authenticity crisis described in the title of this paper refers to the destabilising impact of the lack of authenticity of online information, for instance in fake news. The paper proposes systematic use of digital signatures to guarantee authenticity. A crucial point is that authenticity may be organised via technical means (namely via digital signatures), whereas veracity can not. Authenticity-guarantees make institutions recognisable online and provide people with useful tools for making their own credibility judgements.</p></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"53 ","pages":"Article 105962"},"PeriodicalIF":2.9,"publicationDate":"2024-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0267364924000293/pdfft?md5=9bddb65dffd44ebce7817dc2b1276590&pid=1-s2.0-S0267364924000293-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140552200","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}