The proceedings of the 8th International Conference on Internet, Law & Politics (IDP 2012): Challenges and Opportunities of Online Entertainment. will be free for download in the following days on this page.
Content, besides some minor editing, has followed the originals, so the reader will find both articles in Spanish or English.
To cite this works use, please, any of the following references:
Cerrillo i Martínez, A., Peguera, M., Peña-López, I., Pifarré de Moner, M.J., & Vilasau Solana, M. (coords.) (2012). Retos y oportunidades del entretenimiento en línea. Actas del VIII Congreso Internacional, Internet, Derecho y Política. Universitat Oberta de Catalunya, Barcelona 9-10 Julio, 2012. Barcelona: UOC-Huygens Editorial.
Cerrillo i Martínez, A., Peguera, M., Peña-López, I., Pifarré de Moner, M.J., & Vilasau Solana, M. (coords.) (2012). Challenges and Opportunities of Online Entertainment. Proceedings of the 8th International Conference on Internet, Law & Politics. Universitat Oberta de Catalunya, Barcelona 9-10 July, 2012. Barcelona: UOC-Huygens Editorial.
Panel on Privacy On Line Chairs: José Luis Piñar Mañas. Professor of Administrative Law. Vice-Chancellor of International Relations at CEU San-Pablo University (Madrid). Former Director, Spanish Data Protection Authority..
Antonio Troncoso Reigada. Professor of Constitutional Law. Former Director, Data Protection Authority of the Region of Madrid.
The Internet has a huge potential for participation, especially social media. Freedom of expression has found a perfect platform on the Internet. Thus, minors have not to have their access to the Internet or social networking sites forbidden.
The proliferation of barriers for data protection is creating too many problems for the evolution of the Internet: we need a harmonization of law, not only within the EU but worldwide. Especially now that cloud computing is becoming mainstream.
The regulation framework in the EU is becoming better, but there is a certain lack of democracy, a lack of political and public debate on the issue.
Esther Mitjans. Professor of Constitutional Law, University of Barcelona. Director of the Catalan Data Protection Authority.
In the Internet age, privacy is a very important matter, present everywhere. There is a need for risk management, as these are new territories with new practices that bring with them plenty of risks and hazards. Behaviours of people cause not only risks upon themselves but also upon third parties. Data protection is about the crossroads of all these risks and practices. And we do not have to forget that the Internet does not believe in boundaries, borders and frontiers.
María González, Head of Legal for Spain, Portugal & Greece at Google.
The problem of short-term regulation can affect innovation, economic growth and the evolution of the Internet as a communication (not only business) platform.
Concerning cookies, the industry is now trying to decide what is the best design for opting-in concerning tracing cookies, and that the user is empowered with the control of their own data and privacy.
Regulation has to be based on transparency: all practices related to data protection, public, private and corporate have to be transparent and accountable.
The “physical” location of data is totally irrelevant when they are constantly replicated and transferred. Thus, what matters is demanding liability and responsibility to the firm, but not that these data are kept on a closed box in a specific territory or jurisdiction.
Communications on Government and Regulatory Policies Chairs: Agustí Cerrillo Martínez, Senior Lecturer and Dean of the School of Law and Political Science of the Universitat Oberta de Catalunya (UOC).
Guiding Principles for Online Copyright Enforcement. Andrew McDiarmid, Senior Policy Analyst, Center for Democracy & Technology, Washington, DC (USA); David Sohn, General Counsel, Center for Democracy & Technology (USA).
Since the 2008, in the US there has been a pro-intellectual property regulation process, establishing the IP enforcement coordinator and increasing the resources for government enforcement. Principles for a balanced copyright enforcement:
Target true bad actors.
Preserve safe harbours.
Study the costs and benefits.
Voluntary initiatives must respect consumer interests.
Set realistic goals.
Education and lawful options are essential.
Domain Name-focused enforcement is a blunt instrument: entire sites are affected, including other sites. There are workarounds and it violates safe harbour cases. There is a harm to free expression due to overbreadth. There are risks of evasion.
Internet Co-Regulation and Constitutionalism. Christopher T. Marsden, Director of the Essex Centre for Comparative and European Law. Senior Lecturer, Essex School of Law (UK).
Statute backed code, appointed by the Government. Threat of regulatory intervention.
Approved code, regulated by an independent body. Treat of sanctions.
Industry code, set by the industry associates. Industry self-interest.
Unilateral code, set by service providers. Individual self-interest.
Co-regulation (the independent body’s) is more interesting than statutory regulation or self (industry & unilateral) regulation, which are, notwithstanding, the ones that are more common.
Co-regulation says that civil society, the people, should have a formal role in it: multistakeholder-isation, it is a process and not a static model, e.g. the ICANN. This is yet to be enforced by governments and courts.
We need movement towards formal recognition and formalisation of co-regulation: Legislation 2.0
Electronic Democracy, Internet and Governance. A concretion. Fernando Galindo Ayuda, Catedrático de Filosofía del Derecho, Universidad de Zaragoza.
Access to information: conscious participation of citizens over a specific matter. Governance as politics: the art of ruling in the pursuit of public well-being. The Internet is certainly boosting communication, but is it fostering democracy?
Reviving privacy: the opportunity of cyber-security. Maria Grazia Porcedda, Research assistant, Department of Law, European University Institute, Florence (Italy).
What is cybercrime?
Crimes against availability, integrity and confidentiality of computer systems: illegal access and hacking, illegal interception, data interference (malware, botnets, trojans), system interference (DoS, DDoS).
Computer related: forgery, fraud.
Content-related crimes: child pornography.
There are different notions of security and privacy, depending on where the weight is put between privacy and security and what is the approach towards cybercrime. But we can integrate de facto security and privacy. Cybersecurity is about protecting privacy, both by passive measures taken by educated users and by active measures against cybercrime.
PIPA, SOPA, OPEN — The end of piracy or privacy? László Németh, PhD Student, Institute of Comparative Law, Faculty of Law, University of Szeged (Hungary).
PIPA and SOPA are similar in many ways: against foreign (rogue) sites, domain name seizure, in personam, in rem action, presumption of guilt, voluntary action, etc.
PIPA and SOPA have raised concerns, objections and even protests.
The OPEN act demands the web to be kept open.
We surely now need new global treaties (WIPO, WTO), and in the makings of these treaties the users should be asked for their opinion. Of course, one of the problems of “asking the users” is how to find valid interlocutors. The website KeepTheWebOpen.com includes the feature of commenting on the OPEN Act.
Communications on the Right to Be Forgotten Chairs: Mònica Vilasau. Lecturer, School of Law and Political Science (UOC).
The Emerging Right To Be Forgotten In Data Protection Law: Some Conceptual And Legal Problems. David Lindsay, Associate Professor, Faculty of Law, Monash University, Melbourne (Australia).
When looking at privacy, we have to look before at identity. For instance identity formation in social networking sites or virtual worlds. In liquid societies it seems that we have to compulsory be creating and reinventing our identities. The problem is that what once was used for identity purposes in a given context, if data lasts forever this may pose a problem in the future, when the identity issue is no more relevant and/or the context has changed.
Thus, a right to be forgotten should be the first one of a new group of rights concerning privacy and personal data. Though technological based solutions may not be solutions at all, but social constructs/contracts is what we actually need.
El poder de autodeterminación de los datos personales en Internet. María Dolores Palacios González, Profesora Titular de Derecho civil, Universidad de Oviedo.
The goal of Law is trying to find a balance between opposing interests.
In the case of personal data explicit consent should be the norm — with the appropriate exceptions when access to data is a necessity and does not go against fundamental rights.
There is a risk of censorship if there is an unbalance towards privacy, and a risk of inefficiency in guaranteeing privacy if there is an unbalance towards freedom of expression.
Naming and Shaming in Greece: Social Control, Law Enforcement and the Collateral Damages of Privacy and Dignity. Lilian Mitrou, Associate Professor, Department Information and Communication Systems Engineering, University of the Aegean (Greece).
Naming as the disclosure, publication and dissemination of the identity of a person, who is convicted or suspected of crime or tax evasion. Shaming is a private emotional reaction, an individualized experience. A social process of purposefully expressing disapproval and/or contempt with the intention or effect of provoking embarrassment, discomfort, anger and fear.
In Greece it is legal to disclose the identities of sex offenders, and mandatory for tax evaders. This supposes a moral condemnation both of the offensive conduct and the offender, implying social sanctions and serious impacts on the ability of a person to engage in society. Indeed, there is a collision between shaming and presumption of innocence, as usually naming and shaming comes before guiltiness is proven.
There is no statistical or practical evidence that shaming is appropriate, necessary and reasonable in order to achieve deterrent of crime, but there does exist evidence that shaming makes much more difficult social reinsertion.
A right of oblivion comes to hand.
As personal blogs and social media in general are very difficult to target, the goal of regulation and right to forget policies should be search engines.
Communications on privacy and electronic commerce. Chairs: Mª Rosa Llácer Matacás. Professor of Civil Law. University of Barcelona.
Handling cookies within the european union: making the cookies crumble? Eleni Kosta, Senior Research Fellow, Interdisciplinary Centre for Law and ICT (ICRI)-KU Leuven (Belgium).
Old cookies provision: only in electronic communications, for storing information or gaining access to some information, resident in the user’s computer, and whose usage the user had the right to object. Now, the new requirements require explicit consent after having been provided with clear and comprehensive information. And it includes not only electronic communications, but also other digital devices like CDs, DVDs, USB keys, etc. that sometimes install software or put/retrieve information from the user’s device.
There is also a huge difference between first-party cookies and third-party cookies, the latter the more dangerous/risky in terms of privacy.
After this change, both local regulation and browser technologies may require some update to accomplish the new requirements of the law.
Nuevos retos de la regulación jurídica y deontológica de la publicidad en las redes sociales. Esther Martínez Pastor, Prof. Contratado Doctor. Universidad Rey Juan Carlos; Mercedes Muñoz Saldaña, Prof. Contratado Doctor. Universidad de Navarra.
What is the balance between the customer/user and the business in social networking sites, when the latter would like to have as much data as possible from the user, while the user increasingly aims towards more privacy. Added to this, the basic user does not know much about technology and does not know what a cookie is, less how to enable/disable them. That the EU law plans that websites ask the users for consent is a contradiction if we take into account how knowledgeable in technology is the basic user.
Maybe we should educate the user, but not on technical terms but plain English.
On the other hand, from the advertising businesses point of view, it is becoming increasingly difficult to know what is the regulatory framework that applies to one’s business at a given time.
El reto de la protección de datos de las personas mayores en la sociedad del ocio digital. Isidro Gómez-Juárez Sidera, Doctorando, Facultad de Administración y Dirección de Empresas, Universitat Politècnica de València; María de Miguel Molina, Profesora Titular, Departamento de Organización de Empresas, Universitat Politècnica de València.
We are increasingly speaking about two collectives within the broader concept of elderly people: the third age (65-80 y.o.) and the fouth age (+80 y.o.). Minors are a major concern of authorities and are widely protected, but it does not happen the same with our elders. And it is just a fact that elders are usually non-tech savvy / digitally illiterate and suffer from a lot of threats to their privacy, scam, etc.
A research was carried on to perform a SWOT analysis on elders and online entertainment. Besides digital literacy, elderly people require a lot of information. On another train of thought, we should distinguish between legal practices and ethical practices. Sometimes law just won’t catch up with all walks of practices, partly because it enters the field of ethical practices and being informed about such practices.
After information, autonomy of will and control (over one’s data) are a must.
PNR and SWIFT Agreements. External Relations of the EU on Data Protection Matters. Cristina Blasi Casagran, Researcher, Law Department, European University Institute, Florence (Italy).
The EU and the US have signed several (4 so far) agreements to share personal name records (PNR) since 9/11 attacks. The agreements were aimed at fighting international terrorism and had to accomplish with the current law on data protection. After the Treaty of Lisbon (2007), the European Parliament gained competence to veto some specific agreements, and that is why the newest PNR agreement with the US (2012) was vetoed.
Current treaties (US, Australia, Canada) ask for data retention in source countries and data is transferred under a push system: it is not the country that wants the data that asks for it, but the country that gathers the data the one that transfers it to third countries.
Concerning the sharing of data from financial transactions or SWIFT agreements there have been 3 of them: the TFTP in 2001 and two SWIFT agreements in 2009 and 2020.
After many agreements for sharing data, do we have a US-EU framework agreement on data protection? No, we don’t. We have a clear unbalance between security and privacy, and a clear bias towards or influence of the US legal system.
Online entertainment and customer protection Pedro A. de Miguel Asensio. Catedrático de Derecho internacional privado de la Universidad Complutense de Madrid. Autor de la obra Derecho Privado de Internet
Who is a customer in online entertainment?
Mechanisms of customer protection:
Obligation to inform / right to information.
Right to desist.
Protection against abusive clauses in contracting within general conditions.
Actions on unfair competence, illicit advertising, trademarks.
Personal data protection.
Protection of (other) personal rights.
There is huge disparity between the US regulator framework and the EU’s. Indeed, this may be a reason why most international operators are based in the US. Establishment of standards, policies and reform of the actual legal framework might bring big changes in Europe: would a change in EU Law enable that the “next Twitter” could be born in Europe? In the US, normally businesses have less barriers but customers are much more protected, while in the EU it happens just the contrary: restrictions are put upon businesses but once they do not respect the customer, the latter has less legal coverage.
I am professor at the School of Law and Political Science of the Open University of Catalonia,
and researcher at the Internet Interdisciplinary Institute and the eLearn Center of that university.
I am also the director of the Open Innovation project at Fundació Jaume Bofill.