Communications on the Right to Be Forgotten Chairs: Mònica Vilasau. Lecturer, School of Law and Political Science (UOC).
The Emerging Right To Be Forgotten In Data Protection Law: Some Conceptual And Legal Problems. David Lindsay, Associate Professor, Faculty of Law, Monash University, Melbourne (Australia).
When looking at privacy, we have to look before at identity. For instance identity formation in social networking sites or virtual worlds. In liquid societies it seems that we have to compulsory be creating and reinventing our identities. The problem is that what once was used for identity purposes in a given context, if data lasts forever this may pose a problem in the future, when the identity issue is no more relevant and/or the context has changed.
Thus, a right to be forgotten should be the first one of a new group of rights concerning privacy and personal data. Though technological based solutions may not be solutions at all, but social constructs/contracts is what we actually need.
El poder de autodeterminación de los datos personales en Internet. María Dolores Palacios González, Profesora Titular de Derecho civil, Universidad de Oviedo.
The goal of Law is trying to find a balance between opposing interests.
In the case of personal data explicit consent should be the norm — with the appropriate exceptions when access to data is a necessity and does not go against fundamental rights.
There is a risk of censorship if there is an unbalance towards privacy, and a risk of inefficiency in guaranteeing privacy if there is an unbalance towards freedom of expression.
Naming and Shaming in Greece: Social Control, Law Enforcement and the Collateral Damages of Privacy and Dignity. Lilian Mitrou, Associate Professor, Department Information and Communication Systems Engineering, University of the Aegean (Greece).
Naming as the disclosure, publication and dissemination of the identity of a person, who is convicted or suspected of crime or tax evasion. Shaming is a private emotional reaction, an individualized experience. A social process of purposefully expressing disapproval and/or contempt with the intention or effect of provoking embarrassment, discomfort, anger and fear.
In Greece it is legal to disclose the identities of sex offenders, and mandatory for tax evaders. This supposes a moral condemnation both of the offensive conduct and the offender, implying social sanctions and serious impacts on the ability of a person to engage in society. Indeed, there is a collision between shaming and presumption of innocence, as usually naming and shaming comes before guiltiness is proven.
There is no statistical or practical evidence that shaming is appropriate, necessary and reasonable in order to achieve deterrent of crime, but there does exist evidence that shaming makes much more difficult social reinsertion.
A right of oblivion comes to hand.
As personal blogs and social media in general are very difficult to target, the goal of regulation and right to forget policies should be search engines.
Communications on privacy and electronic commerce. Chairs: Mª Rosa Llácer Matacás. Professor of Civil Law. University of Barcelona.
Handling cookies within the european union: making the cookies crumble? Eleni Kosta, Senior Research Fellow, Interdisciplinary Centre for Law and ICT (ICRI)-KU Leuven (Belgium).
Old cookies provision: only in electronic communications, for storing information or gaining access to some information, resident in the user’s computer, and whose usage the user had the right to object. Now, the new requirements require explicit consent after having been provided with clear and comprehensive information. And it includes not only electronic communications, but also other digital devices like CDs, DVDs, USB keys, etc. that sometimes install software or put/retrieve information from the user’s device.
There is also a huge difference between first-party cookies and third-party cookies, the latter the more dangerous/risky in terms of privacy.
After this change, both local regulation and browser technologies may require some update to accomplish the new requirements of the law.
Nuevos retos de la regulación jurídica y deontológica de la publicidad en las redes sociales. Esther Martínez Pastor, Prof. Contratado Doctor. Universidad Rey Juan Carlos; Mercedes Muñoz Saldaña, Prof. Contratado Doctor. Universidad de Navarra.
What is the balance between the customer/user and the business in social networking sites, when the latter would like to have as much data as possible from the user, while the user increasingly aims towards more privacy. Added to this, the basic user does not know much about technology and does not know what a cookie is, less how to enable/disable them. That the EU law plans that websites ask the users for consent is a contradiction if we take into account how knowledgeable in technology is the basic user.
Maybe we should educate the user, but not on technical terms but plain English.
On the other hand, from the advertising businesses point of view, it is becoming increasingly difficult to know what is the regulatory framework that applies to one’s business at a given time.
El reto de la protección de datos de las personas mayores en la sociedad del ocio digital. Isidro Gómez-Juárez Sidera, Doctorando, Facultad de Administración y Dirección de Empresas, Universitat Politècnica de València; María de Miguel Molina, Profesora Titular, Departamento de Organización de Empresas, Universitat Politècnica de València.
We are increasingly speaking about two collectives within the broader concept of elderly people: the third age (65-80 y.o.) and the fouth age (+80 y.o.). Minors are a major concern of authorities and are widely protected, but it does not happen the same with our elders. And it is just a fact that elders are usually non-tech savvy / digitally illiterate and suffer from a lot of threats to their privacy, scam, etc.
A research was carried on to perform a SWOT analysis on elders and online entertainment. Besides digital literacy, elderly people require a lot of information. On another train of thought, we should distinguish between legal practices and ethical practices. Sometimes law just won’t catch up with all walks of practices, partly because it enters the field of ethical practices and being informed about such practices.
After information, autonomy of will and control (over one’s data) are a must.
PNR and SWIFT Agreements. External Relations of the EU on Data Protection Matters. Cristina Blasi Casagran, Researcher, Law Department, European University Institute, Florence (Italy).
The EU and the US have signed several (4 so far) agreements to share personal name records (PNR) since 9/11 attacks. The agreements were aimed at fighting international terrorism and had to accomplish with the current law on data protection. After the Treaty of Lisbon (2007), the European Parliament gained competence to veto some specific agreements, and that is why the newest PNR agreement with the US (2012) was vetoed.
Current treaties (US, Australia, Canada) ask for data retention in source countries and data is transferred under a push system: it is not the country that wants the data that asks for it, but the country that gathers the data the one that transfers it to third countries.
Concerning the sharing of data from financial transactions or SWIFT agreements there have been 3 of them: the TFTP in 2001 and two SWIFT agreements in 2009 and 2020.
After many agreements for sharing data, do we have a US-EU framework agreement on data protection? No, we don’t. We have a clear unbalance between security and privacy, and a clear bias towards or influence of the US legal system.
Online entertainment and customer protection Pedro A. de Miguel Asensio. Catedrático de Derecho internacional privado de la Universidad Complutense de Madrid. Autor de la obra Derecho Privado de Internet
Who is a customer in online entertainment?
Mechanisms of customer protection:
Obligation to inform / right to information.
Right to desist.
Protection against abusive clauses in contracting within general conditions.
Actions on unfair competence, illicit advertising, trademarks.
Personal data protection.
Protection of (other) personal rights.
There is huge disparity between the US regulator framework and the EU’s. Indeed, this may be a reason why most international operators are based in the US. Establishment of standards, policies and reform of the actual legal framework might bring big changes in Europe: would a change in EU Law enable that the “next Twitter” could be born in Europe? In the US, normally businesses have less barriers but customers are much more protected, while in the EU it happens just the contrary: restrictions are put upon businesses but once they do not respect the customer, the latter has less legal coverage.
Operators normally act in three steps: they set their business models and fix general terms of use; the adapt some terms to the local law; and they yield to local courts in case of legal disputes. Normally, EU law makes it possible that customers can complain before their local courts: even if customers “technically” can be buying their services abroad, the law tries to bring the dispute as close as possible to the customer. And this includes, for instance, that the information on the website is fully accessible (language, terms, etc.) for the customer that the service is targeting.
Service providers increasingly operate at a global scale and under different standards (e.g. EU vs. US). There are risks in not accurately protecting the customer, but, on the other hand, overprotection can incur in damaging the industry. It is interesting to consider, though, that if we e.g. can adapt, customize or even personalize (online) advertising, why not the terms of use of a specific digital service or good.
Panel on New business models for contents distribution on line Chairs: Moderator: Judith Clarés. Lecturer. Information and Communication Department. Universitat Oberta de Catalunya.
Sydney Borjas Piloto, Gerente de Artes Escénicas. Grupo SGAE.
The possibility to compress audio and video have enabled new business models based on digital convergence. In parallel, the regulatory framework has also evolved and made possible that new investors and initiatives can flourish as there is a higher degree of legal security.
It is now possible to opt for a multi-channel and one-to-one model.
New actors have appeared: hardware manufacturers that also provide contents.
Last, the advancements in connectivity/broadband have also enabled that distribution of content online can now to an upper level.
Laws as Sinde-Wert in Spain or Hadopi in France are trying to protect the industry while not injuring citizen rights. And the level of observance of these laws does have an impact at the international level and the prices that have to be paid for accessing content from major distributors (e.g. it is cheaper to buy content from Germany than from Spain).
Another barrier for the advancement of new models is that not all theatres have the latest technology. If theatres were all digitized, multi-platform distribution would be easier as it would be much cheaper than it is now, as it requires different (physical) products for different platforms.
Same with law and the different regulatory frameworks.
Jaume Ripoll, Director Editorial y socio fundador de filmin
For the last 5 years, the music industry has created cool portals that are fancy and trendy, but that do not provide what the user is looking for when they go to the Internet to watch films. The industry has tried to teach the user while the user already knows what they want. We need to know who the users are, where they are, what do they want, when and how.
The industry has to look ahead: yes people buy DVDs and yes people still rent movies on videoclubs, but the future is the Internet, which is what will surely last.
There is too much film production (circa 2,000 films a year in Europe). Too many supply for theatres and DVDs… but not too much for the Internet. And in the Internet, if offered in appropriate ways, there is enough demand for this much supply. And the Internet is not only desktops: it’s phones, it’s tablets, it’s laptops, etc.
The Internet also makes possible to avoid time lapses, to wait for the film to be issued in DVD or for TV. You read the critic on the paper, you see the movie on the Net. Indeed, there still are many places where many films just won’t make it to theatres: why take from that user the experience of watching a specific film?
The one who chooses is the user, not the distributor.
One of the problem, though, of choosing… is having to choose itself. How can the user tell from 2,800 films (the actual library at Filmin) which one to choose? Filmin offered, instead of categories of films, moods for films (“want to remember my couple”, “forgetting about my kids”, etc.)
To do that, it is important to create strong networks of distribution with other “filmins” around Europe.
Content is now consumed in several platforms, anywhere. It is thus essential to have agreements with (a) content providers and with (b) device manufacturers. Thus, the distributor can provide access to any kind of content from any kind of device.
We have to be aware of the different types of users: some users are used to the TV, so it is important to bring digital content to the TV, i.e. the smart TV. On the other hand, there are digital natives that use technology as a natural thing and have an upper level user experience. New initiatives have also to be aware of these digital natives.
There are several consumption models: video on demand (VOD), subscription, electronic sell-through (EST) or purchase, etc.
The user wishes everything: anything, anytime, anywhere.
Key factors to consolidate video on demand: prices, regulatory framework, windows. Prices should be lower, but the fear of cannibalization of other supports does not allow (yet) for cheaper prices. Until a critical mass is reached that pays back the possible cannibalization of other formats, prices will keep being relatively high. Windows of release definitely depend on major distributors and theatres reaching an agreement, but there is a trend towards openness and flexibility.
Communications on fundamental rights Chairs: Miquel Peguera. Senior Lecturer, School of Law and Political Science (UOC).
Constitution 2.0 and Rule of Law: on the Iceland Constitution. Pere Simón Castellano, Derecho Constitucional de la Universitat de Girona.
Even if everyone has to obey the law, it is also true that theory and practice of Law are somewhat different things. ICTs may have also helped in this dichotomy from theory to practice, affecting the rule of Law.
Transparency and participation have, on the other hand, also changed the landscape of law enforcement and its efficiency.
The case of the Iceland Constitution is a very good example of this change of paradigm. The whole process, all the debates and conversations were either streamed or published online.
But can the Iceland case be extrapolated to other places with more population? Does it scale? Is the citizenry ready for more doses of democracy? Will people be eager or able to participate more intensely?
Redefining the isegory: open data citizens. Helena Nadal Sánchez, Departamento de Derecho Público de la Universidad de Burgos; Javier de la Cueva González-Cotera, Abogado.
Why isegory? Our actual challenges are very much like the challenges that had to face our ancestors. Technologies might be a little bit different, but they are technologies anyway. Open data is a new way of understanding freedom of expression, the capability to participate and engage in citizenship.
The initiative Adopt a Senator showed that citizens are usually more careful and efficient in providing good data on public issues. They work better for democracy through transparency.
The principle of demarcation: data traceability should be under certain criteria, like validity: that is, truth may not be necessary, but formal rigour is absolutely a must. Coherence of data. A heuristic in 4 stages has been drawn so that validity can be assessed depending on its traceability.
Isegory breaks with hierarchy and the deterministic approach to history. Citizenship is liquid and it is on a daily basis, on doing, that institutions are built. Permissions have to be dealt with under the light of freedom of expression, not intellectual property.
Data preservation and illicit actions in matters of intellectual property: a constitutional vision of the Directive 2006/24. María Concepción Torres Díaz, Profesora de Derecho Constitucional, Universidad de Alicante.
What is the possibility and/or the impact on law that ISP reveal personal data in case of infraction of intellectual property rights? What are the rights affected? Privacy, data protection, secret of communications, intellectual property rights. Which is the priority? And in case where priorities were fixed on whether the crime is felony, how do we describe what constitutes felony?
In principle, personal date have to be available for research purposes, and detection and prosecution of serious crime.
Thus, depending on each specific case, it has to be accurately assessed the purpose of disclosing personal data. In any case, the Court of Justice of the European Union allows the disclosure of personal data if the national law (in this case in Sweden) also allows this disclosure.
The balance between intellectual property and data protection: on the changing weight of a new law. Gloria González Fuster, Researcher at Vrije Universiteit Brussel (VUB), Research Group on Law Science Technology & Society (LSTS) (Belgium).
SABAM (the Belgian authors association) in Scarlett Extended vs. SABAM and SABAM vs. Netlog asked for content filtering because of copyright infringement. Both cases have been partly cited as good examples for voting against ACTA.
Historically, the Court of Justice of the European Union has been inconsistent and changing on the way it has approached data protection when the later has been confronted against intellectual property rights. The problem has always been finding the correct balance between data protection or privacy and intellectual property rights.
In the cases of Scarlett Extended and Netlog, the Court of Justice of the European Union states that imposing filtering systems does not respect the fair balance between intellectual property rights and the right of personal data protection.
The “Ley Sinde”: a lost opportunity to regulate online entertainment in Spain. Ercilia García Álvarez, Catedrática Facultad de Economía y Empresa Universidad Rovira i Virgili; Jordi López Sintas, Profesor Titular de Universidad Facultad de Economía y Empresa Universidad Autónoma de Barcelona; Sheila Sánchez Bergara, Estudiante de Doctorado de la Universidad Rovira i Virgili.
Recently, there have been new practices in online entertainment that carry with them new legal tensions and legal answers to these tensions (both at the academic and legislator levels). But these answers have not really fit reality or practice. History has shown that there is an unbalance or bias towards intellectual property right holders, and users are usually last in line.
The Spanish “Ley Sinde” has not solved any of these problems. There are neither changes in consumption or practices nor in business models.
Communications on copyright Chairs: Raquel Xalabarder. Professor of Intellectual Property. Universitat Oberta de Catalunya.
Copyright infringing content available online. Federica Casarosa, European University Institute, Department of Law, Florence (Italy)
There are new actors that have entered the supply chain: citizens/users and intermediaries; new models for content distribution; an increased role for ISP: they collect content from users, they deliver content online; there are blurring boundaries from the different actors, etc.
ISP liability is a sine-qua-non condition for copyright infringement. Thus, ISP have to be noticed of content infringing copyright.
In France, the notice is a set of specific items defined by law, while in Italy it is a case-by-case evaluation of sufficient level of detail in order to recognise the infringing content.
As per monitoring obligations, in France there is an obligation to monitor further infringements with the collaboration of copyright owners; while in Italy there is no ex ante filtering activity (also in case of previous notice on similar content).
There is a crucial difference in the definition of what a hosting provider is between France and Italy. While in Italy there is a distinction between an active and a passive host, in France there is no such a distinction.
Thus, there is a need for harmonization at the European level.
Emulation is the Most Sincere Form of Flattery: Retro Videogames, ROM Distribution and Copyright. Benjamin Farrand, Lecturer in Intellectual Property Law, The University of Strathclyde (UK).
What is the balance from accessing copyrighted works and the right of access to cultural works.
In consoles, you need some hardware to be able to run a specific software. Emulators get rid of this necessity, by making it possible to use software (the emulator) instead of the hardware (the console). This, indeed, also enables the copy of ROM files aside from cartridges. But, is it legal to create emulators themselves?
Usually, reverse engineering (the process behind the creation of emulators) is legal, but the industry claims that emulators damage their sales/revenues. A criticism against this industry claim is that emulators usually come very much later than consoles, and thus only release old games that do not really compete with the current ones. On the other hand, newer consoles do not usually feature legacy games as they are not perceived as being economically viable or profitable, but they do appear on emulators.
Should thus videogames be considered cultural heritage/ public domain after 15-20 years? Should we consider a ‘use it or lose it’ approach to videogames?
The Digital Cloud Recorder: Modern VCR or New Intermediary? Robin Kerremans, consultant with Deloitte in Diegem, Brussels (Belgium); Geert Somers, Lawyer, Partner at time.lex, (Brussels), Affiliated Researcher ICRI-KULeuven (Belgium).
We have moved from the video-cassette recorder (VCR), to digital recorders and, now, to digital cloud recorders (DCR): there are no more boundaries of time that you can record, things you can record at the same time, disk space, etc. They normally provide format shifting, screen shifting, time shifting, live streaming, etc.
What is the legal status of the copy made by a DCR? Can we way that it is the private copy you would have done with a VCR? Is it the same concept of ‘reproduction’ in the sense of Belgian copyright law? According to law, they access legally disclosed source and audiovisual content, so DCR and VCR so far are the same thing. Notwithstanding, copies have to be made within the family circle and used therein. The question being: who is actually making the copy in the cloud, who is the ‘copier’? There surely is a distinction between who is the technical copier and who is the maker of the copy.
Besides, in Belgium exceptions to personal copies include “any medium”, which includes “the cloud”.
The three step (advertising, time of storage, remuneration) is somewhat unclear. Is the copy a temporary technical copy? Is stream-back public communication?
Collective Licensing of On Line Music and the Recent Initiatives in the EU. Enrico Bonadio, Lecturer in IP law – City University London (UK).
Collective licensing is a system under which copyright holders authorise collecting societies (CS) to license their copyright to users: CS grant users licenses covering foreign repertoires, there are reciprocal representation agreements, multi-repertoire licenses (but not multi-territorial licenses, as there sometimes are territorial restrictions as stated in specific clauses), etc.
The traditional licensing system requires authorizations for each country where music is to be licensed, especially in a changing environment where supports are multiple and new ones appearing every now and then.
Maybe a EU-wide licensing would provide successful in making things easier for everyone. Some criticism arises in the fact that it may still be costly for certain commercial users that still require an extended repertoire, that multi-repertoire blanket licences may still have “market appeal”, that there would be a loss of the usual single point of reference, and, somehow, there might be a “repertoire fragmentation”. On the other hand, there could be a possible “race to the bottom”, a detriment to right holders, low-quality management of their works, and, sometimes, even low remuneration.
Some initiatives: CELAS initiative 2007 (Centralised European Licensing and Administrative Service), Pan-European Digital Licensing Initiative (PEDL) 2006, ARMONIA Initiative 2007.
Cloud-Based cyberlocker services for music: other incoming battles in the endless war between copyright and technology? Aura Bertoni, Research Fellow in Intellectual Property Law, Bocconi University (Italy); Maria Lillà Montagnani, Assistant Professor of Commercial Law, Bocconi University (Italy).
What changes are taking place in online music distribution with the advent of cloud computing?
A first problem arises with the very same definition of cloud computing, as it changes depending on what the point of view (technological, economical, etc.) is and what kind of computing services are we looking at (SaaS, PaaS, IaaS). Cloud computing is more an economic model than a specific technology.
iTunes, Spotify or Google’s Music Beta are different initiatives of cloud computing for music, and they already represent an evolution from the former to the latter: the former contemplates consumption as happening offline, while Spotify and Google’s Music contemplate online consumption of music, the latter with an ‘individual public cloud’, very different to Spotify’s.
Spotify is a cloud-based music service; Google Music is a music locker service (MLS) requiring every user to upload every song; MP3tunes is an MLS with single storage method that requires requiring to upload only songs not included in its library; last, iCloud is another MLS with single storage method and songs upgrade.
We have shifted from device-centric to information-centric music distribution.
We have thus to modernise copyright law to accommodate the new reality of music distribution: from the right to exclude to the right to have a fair remuneration; reforming the private copy regulation (what is a digital copy?); defining clear rules for online intermediary liability.
