This book examines central aspects of the new technologies and the legal questions raised by them from both an international and an inter-disciplinary perspective. The technology revolution and the global networking of IT systems pose enormous challenges for the law. Current areas of discussion relate to autonomous systems, big data and issues surrounding legal tech. Ensuring data protection and IT security as well as the creation of a legal framework for the new technology as a whole can only be achieved through international and inter-disciplinary co-operation. The team of authors is made up of experienced, internationally renowned experts as well as young researchers and professionals who give valuable insights from numerous different jurisdictions. This book is written for jurists and those responsible for technology in public authorities and companies as well as practising lawyers and researchers.
Author(s): Georg Borges, Christoph Sorge
Edition: 1
Publisher: Springer
Year: 2022
Language: English
Commentary: TruePDF
Pages: 371
Tags: IT Law; Media Law; Intellectual Property; Legal Aspects Of Computing; Big Data; IT In Business
Preface
Contents
Part I: Artificial Intelligence
A Legal Framework for Autonomous Systems
1 Legal Questions Raised by Autonomous Systems
1.1 Current Discussion Regarding the Law of Automated Systems
1.2 Artificial Intelligence and Autonomous Systems
2 Autonomy of Machines as a Challenge for the Law
2.1 Creative Efforts of Machines
2.2 Declaration of Intent and Contracts
2.3 Liability for Autonomous Systems
2.4 New Legal Instruments
2.5 Law Enforcement
3 Conclusion
References
``Moralizing Technology´´ and Criminal Law Theory
1 Introduction
2 Humanism and Criminal Law Theory
2.1 The Humanism and Its Problems
2.2 Humanism and Criminal Law Theory
2.3 Problems Caused by Humanism in Criminal Law Context
3 The Post-Phenomenology and Its Potential
3.1 Ethical Theory Based on the Analytical Framework of Composite Intentionality
3.2 ``Composite Intentionality´´ and the Later Foucault´s Ethics
3.3 Morality of Designing
3.4 Possibility of Application to Criminal Law Theory
4 ``The Moralizing Technology´´ and Criminal Law
4.1 Purpose and Strategy
4.2 Risks Should Be Allowed
4.3 The Alternative Regime of Criminal Law
5 Conclusion
References
Liability for Autonomous Systems
1 Introduction
2 Damage Caused by Autonomous Systems as a Challenge for Tort Law
2.1 Gaps in the Current Liability System
2.2 Roles and Participants
2.3 Fault-Based Liability, Strict Liability and Objective Liability
3 Liability for Autonomous Cars
4 Liability for Autonomous Systems in General
4.1 Liability of the Operator of Autonomous Systems
4.1.1 Liability for Animals as a Traditional Form of ``Operator Liability for Autonomous Systems´´
4.1.2 Liability for Animals as a Model for Liability for Autonomous Systems?
4.1.3 What Can Be Learned from Traditional Rules on Operators´ Liability?
4.1.4 New Liability Rules for Operators of High-Risk AI Systems?
4.2 Liability of the Manufacturer of Autonomous Systems
4.2.1 General Tort Law
4.2.2 Product Liability
4.2.3 Strict Liability of Manufacturers of Autonomous Systems?
5 Conclusion: The Necessity for a Differentiated Liability Regime
References
Machine Learning Decision-Making: When Algorithms Can Make Decisions According to the GDPR
1 Introduction
2 ADM in General
2.1 ADM Without Profiling
2.2 ADM with Profiling
2.3 Why ML?
3 ADM in the GDPR
3.1 Contract
3.2 Member State or EU Law
3.3 Consent
4 Conclusions
References
Algorithmic Suspicion in the Era of Predictive Policing
1 Introduction
2 Watchful Gaze of the New Technologies: 24/7 Surveillance of the Thoughts and Actions
2.1 Physical Surveillance: Disappearance of the Right to Be Left Alone
2.2 Cyber Surveillance: Monitoring Digital Personality
2.3 Profiling and Scoring Ordinary Suspects via Big Data
3 Legal Assessment of Data-Based Discretion: Surveilling, Profiling and Data-Driven Policing
3.1 Accumulating and Processing Data for the Purposes of Crime Prevention and Detection
3.2 Profiling and Predictive Policing for the Purpose of Crime Prevention
4 Conclusion
References
Part II: Data Protection
Ensuring the Protection of Privacy of Cryptocurrency Users: An Impossible Task?
1 Introduction
2 The Limited Confidentiality on a Public Blockchain
2.1 A Transparent Register of Transactions
2.2 Consequences on the Categorization of Data
2.2.1 The Categorisation of Public Keys
2.2.2 The Categorisation of Transactional Data
3 The Maladjustment of the GDPR to Ensure Users´ Data Protection
3.1 The Maladjustment Resulting from the Immutability of the System
3.2 The Maladjustment Resulting from the System´s Decentralization
3.3 The Insufficiency of Data Protection Measures Through the Gatekeepers
4 Anonymization Methods to Overcome This Lack of Confidentiality
4.1 A Balanced Approach and a Comprehensive Level of Data Protection
4.2 From a Balanced to a Strictly Individualistic Approach of Data Protection
5 Limits to Anonymisation Techniques
5.1 Technical Knowledge as a Prerequisite for an Adequate Level of Data Protection
5.2 Limitation to Anonymization Techniques?
6 Conclusion
References
Are We Obligated to Employ Algorithmic Decision-Making?
1 Introduction
2 Defining Efficiency
3 Sources
3.1 Constitutional Law
3.1.1 Efficiency and Self-Governing Bodies
3.1.2 Auditing Efficiency
3.1.3 Principle of Equality and Rationality
3.2 Ordinary Laws
3.3 Case Law
3.4 Interim Conclusion
4 The Crux with Trade-Offs
5 Criticism
6 Efficient Implementation and Data Protection
7 Solving the Dilemma
8 Digital-Check
9 Conclusion
References
Digital Personal Assistants with AI and Data Protection GDPR & E-Privacy-Reg
1 Overview Digital Assistant
1.1 Definition
1.2 ``Siri´´, ``Alexa´´ and ``Google Assistant´´ as Today´s Examples of Digital Assistants
2 Data Protection Related Questions
2.1 Data Flows and Data Processing Activities
2.2 Application of the GDPR and Roles
2.2.1 User Perspective
2.2.2 Provider Perspective
2.3 Legal Bases
2.3.1 Voice Recording and Conversion to Text
2.3.2 User Profiling and Automated Individual Decisions
2.3.3 Cloud Computing
2.4 Data Protection Principles
2.5 International Application
2.6 Additional GDPR Requirements
2.6.1 Data Protection Officer
2.6.2 Data Protection Impact Assessment
2.7 ePrivacy-Regulation Draft
2.7.1 General
2.7.2 Art. 8 ePrivacy Regulation Draft
2.7.3 Art. 10 ePrivacy Regulation Draft
2.7.4 Art 16 ePrivacy Regulation Draft
2.8 Conclusion
References
GDPR Compliance for East European Non-EU Companies
1 Conclusion
References
Part III: IT Security
IT Security Measures and Their Relation to Data Protection
1 Introduction
2 Basics of IT Security
2.1 Protection Goals
3 On the Relation Between IT Security and Data Protection
3.1 Article 32 GDPR
3.2 Protection Goals and Data Protection
3.2.1 Plausible Deniability
3.2.2 Specific Protection Goals of Data Protection
3.2.3 Reconciling Protection Goals
4 Reactive Security
4.1 Logging and SIEM
4.2 Intrusion Detection Systems
4.3 The Role of IDS in Data Protection
4.4 Pseudonymisation
4.5 Decryption of TLS Communication
5 Conclusion
References
The Legal Framework for IT Security in the ``Industry 4.0´´
1 Introduction
1.1 IT Security for the Industrial Internet: Recent Challenges
1.2 Law and IT Security: Initiatives by the European Legislator
2 Tasks and Tools in Regulating IT Security
2.1 Variety of Approaches in the Current Development
2.2 Tasks and Measures to Regulate IT Security
2.3 The Two Task Areas in Regulating IT Security
3 Establishing Normative Requirements
3.1 Legislation
3.1.1 Lack of Broadly Applicable Horizontal Legislation
3.1.2 IT Security Requirements in General Norms
3.1.3 Conclusion
3.2 Government Supervision
3.3 Jurisprudence
3.4 Standards
3.5 Interim Result
3.6 Possible Approach: Linking Legal Requirements to Private Norms
4 Enforcement of Security Requirements
4.1 Overview: Enforcement Mechanisms for IT Security
4.2 Factors of Effective Norm Enforcement Through Liability
5 Reflections De Lege Ferenda
5.1 Necessity of Legal Measures
5.2 Aspects of IT Security Through Liability
5.2.1 Advantages of Steering Through Liability
5.2.2 Improved Regulation
5.3 Certification
6 Conclusion
References
The Role of Criminal Law in Regulating Cybercrime and IT Security
1 Criminal Law and Regulation: Core Concepts, Models, and Limitations
1.1 The Role of Criminal Law
1.2 Generic Limitations to Criminal Law
1.3 Criminal Law as a Regulatory Tool?
2 Substantive Criminal Laws on Cybercrime in Europe and Germany: An Overview
2.1 Typology of Laws on Cybercrime
2.2 EU Criminal Law on Cybercrime
2.3 German Substantive Criminal Laws on Cybercrime
3 Cybercrime Law and Regulating IT Security
3.1 Targeted Repression and Prevention of Attacks on IT Systems: Attacks and Attackers
3.2 Mediated Repression and Prevention of Attacks on IT Systems: Criminal Law Requirements and Obligations on IT Security
3.3 Indirect Repression and Prevention of Attacks on IT Systems: Negligent Criminal Liability
4 Conclusion
References
Phishing in Online Banking - An Overview of the Development and the European and German Legal Positions
1 Introduction
2 Terminology and Development
2.1 Definition and Examples
2.2 Development of Phishing
3 Phishing Methods and Online Banking Processes
3.1 Phishing Methods
3.2 Online Banking-Processes
4 Basic Apportionment of Risk in Online Banking
4.1 Legal Basis
4.1.1 Payment Services Directive (PSD 2)
4.1.2 German Regulation
4.2 Basic Principle: Payment Services Provider Bears the Risk
5 Liability in Online Banking
5.1 Assumption of Authorisation Through Legal Fiction
5.1.1 Liability for Apparent Authority
5.1.1.1 Apparent Authority Situation
5.1.1.2 Attribution
5.1.2 Prima Facie Evidence
5.1.3 Legal Consequence of the Legal Fiction
5.2 Liability of the Customer Due to Non-Existence of an Authorisation
5.2.1 Misplaced Payment Instrument (Situation 1)
5.2.2 Misuse or Breach of Duty (Situations 2 and 3)
5.2.2.1 Possible Breaches of Duty
5.2.2.1.1 Duty of Confidentiality
5.2.2.1.2 Appropriate Reactions to Suspicious Circumstances
5.2.2.1.3 Duties Relating to the Securing of One´s Own Infrastructure
5.2.2.1.4 Notification Obligations
5.2.2.2 Gross Negligence
5.2.3 No Exclusion of Liability
5.2.3.1 § 675v Section 5 BGB
5.2.3.2 § 675v Section 2 BGB
5.2.3.3 § 675v Section 4 BGB
5.2.3.3.1 Two-Factor Authentication
5.2.3.3.2 Independence of the Security Elements Used
5.2.4 Reverse Exception: Fraud
5.2.5 No Contributory Negligence of the Bank
6 Conclusion
References
Internet of Things and Consumers´ Privacy in a Brazilian Perspective: Digital Vulnerability and Dialogue of Sources
1 Introduction
2 Internet of Things and Data Collection
3 Consumer Privacy in the Iot and Transparency
4 Final Considerations
References
Part IV: Legal Tech
Legal Tech and Computational Legal Theory
1 Legal Tech Is (Alpha) Go
1.1 Playing Games with AI and Law
1.2 From Games to Law
1.3 The Law and Ethics of Legal AI
2 A Case Study in Legal AI
3 Symbolic Meaning, AI, HCI and the Law
4 Creative and Empathic Legal AI
4.1 The Robot as Legal Metaphor
4.2 Legal AI with Soft Skills
4.2.1 When Time Is of the Essence
4.2.2 Empathetic Legal AI
4.3 Creative Legal AI
4.4 Embracing Bias?
5 Conclusion
References
Smart Contracts in the Civil Law Countries: The Legislative Analysis and Regulation Perspectives
1 The Smart Contract Definition
2 The Smart Contract Regulation in Belarus
3 The Smart Contract Regulation in Portugal
4 The Smart Contract Regulation in Italy
5 The Smart Contract Regulation in the EU
6 The Attitude Towards Smart Contracts in Germany
7 The Smart Contract Regulation in Russia
7.1 Bills on Smart Contracts
7.2 Other Provisions Applicable to Smart Contracts
8 Specific Issues Arising in Connection with Smart Contracts
9 Conclusion
References
Articles
Crowdsourcing as a Means for Participatory Legislation
1 Introduction
2 Different Forms of Participation
2.1 Opinion Polls
2.2 Initiatives/Petitions
2.3 Feedback and Commenting
2.4 Know-How Accumulation
2.5 Commons-Based Peer Production
2.6 Different Methods-Different Goals
3 Specific Examples
3.1 Iceland´s Crowdsourced Constitution
3.2 Madison
3.3 Finland´s Off-Road Traffic Law
4 The Wisdom of Crowds
4.1 Original Idea
4.2 Application to the Legislative Process
5 Discussion
5.1 Openness and Transparency
5.2 Participation, Inclusiveness and Accountability of the Public
5.3 Deliberation
5.4 Representativeness
5.5 Educational Approach
5.6 Accountability of Lawmakers
5.7 Quality of Crowd-Input
5.8 Sabotage Attempts and Interest Group Influence
6 Conclusion
References
