IDP2013 (IV): Privacy (I)

Notes from the 9th Internet, Law and Politics Congress: Big Data: Challenges and Opportunities, organized by the Open University of Catalonia, School of Law and Political Science, and held in Barcelona, Spain, on 25-26 June 2013. More notes on this event: idp2013.

Moderator: Clara Marsan. Lecturer, School of Law and Political Science (UOC).

Preserving Privacy in Times of Counter Cyber-Terrorism Data Mining
Liane Colonna. The Swedish Law and Informatics Research Institute. Stockholm University, Doctoral Candidate.

Terrorist use of the Internet: Communicate, recruit, fundraise, train, launch propaganda videos, etc.

Which poses surveillance challenges: filter terrorist communications, locate terrorist communications, uncover terrorist identity hiding, etc.

Data mining:

  • can make sense of huge amounts of data.
  • creates “new” knowledge.
  • can generate hypotheses. You do not need a prior theory.

Data mining is “seeing the forest from the trees”.

Governments cannot disclose their data mining procedures as they would enable criminals to circumvent their practices by changing their behaviour.
How do we get both security and privacy?

The European Court of Human Rights asks for:

  • is there an interference?
  • is the interference justified?

The problem is how to balance legality, legitimacy and proportionality. Are there procedural safeguards that limit the scope of the law?

Analysis of  the European legislation on transfers of Passenger Name Record (PNR) within the framework of the fight against international terrorism
Alicia Chicharro. Profesora contratada doctora de Derecho Internacional Público de la Universidad Pública de Navarra

What happens when huge amounts of data are transferred to national security agencies? Usually, security wins in the trade-off with privacy.
When different countries require the collection of data from air voyagers, some incompatibilities may arise between different countries’ regulations. What to do? What can airlines do to accomplish both regulations (origin and destiny)?

The European Union has bilateral agreements with the US, Canada and Australia. And all of them are different among them: they have different goals, different sets of data to be shared/transmitted are defined, different time-spans where data can be used, and, indeed, they all rely on the domestic (destiny) regulation to be able to tell what rights to apply to the European citizen facilitating their data.

One of the problems with EU regulation on international data transission is that it has always been reactive to the demands of third countries. The EU should be more proactive and try and agree on shared regulation that lies within some red-lines drawn by the EU itself.

Protection of personal identity in face of untrue statements on the web
María Dolores Palacios González. Profesora Titular de Derecho civil de la Universidad de Oviedo.

What happens when a person is attributed the authorship of a text they have never written? Can they claim “non-authorship”? To whom? How? e.g. the Wikipedia entry for a write attributes to him being the author of a work when they are not the authors, and the Wikipedia managers will not change the entry despite the “author” clarifying that they never wrote that piece.

Some laws (e.g. in Germany) consider illicit attributing to someone writings that they never penned, especially when these writings can confuse the image or the personal identity of that person, e.g. by identifying them with ideologies that they do not share.
This would be a right to one’s identity but not from the usual approach of the issue. This may be necessary as the Internet has changed dramatically the potential to alter one’s words or ideas. And there is no other approach to this issue from other perspectives: privacy, identity, intellectual property rights, etc.

Maybe the best approach would be the one that applies to mass media: the right to rectification, that is, the right to be presented in society the way one wishes best. The problem is that the Internet has multiplied the difficulties to identify what is a medium, who is the owner/administrator, who is the responsible for a specific bunch of content, etc.


What should be stored and what can be already been used “because it’s out there”? Colonna: sure the line should be laid around the principle of proportionality… wherever this principle may lay.

Clara Marsan: Is there any research on the impact on privacy vs. the performance of surveillance practices? Literature on “traditional” surveillance usually says that the impact on privacy is much bigger than the successes against terrorism. Colonna: the problem is that most of this information is classified, so there is no way of telling the impact or the benefits of digital surveillance.


9th Internet, Law and Politics Conference (2013)

7th Internet, Law and Politics Congress (VI). Fundamental rights, freedoms and liability on the Internet

Notes from the 7th Internet, Law and Politics Congress: Net Neutrality and other challenges for the future of the Internet, organized by the Open University of Catalonia, School of Law and Political Science, and held in Barcelona, Spain, on 11-12 July 2011. More notes on this event: idp2011.

Track on fundamental rights, freedoms and liability on the Internet
Chairs: Clara Marsan Raventós. Lecturer, School of Law and Political Science (UOC)

Patricia Escribano Tortajada
Right to honour vs. freedom of expression in the Net

Defamation on the Internet has become quite an extended practice. What are the limits to freedom of expression vs. the right to honour? And what are the limits of the right to honour vs. freedom of expression?

There is a difference between illicit content — which is against the law — and harmful content, which may damage your reputation while being completely legal.

Some elements are aggravating the problem of harming one’s honour: the high volume of digital content, anonymity and trolling, advertising in websites (i.e. not requiring login for being able to post content), who can access the content, etc.

What are websites doing? Requiring authentication (at least via e-mail), terms of use, ability to edit comments, report inappropriate comments, etc. Some of them, though, are actually a potential threat against freedom of expression.

Most of the law is aimed at protecting the ISP while the citizen remains unprotected. There should be an effort in trying to define better the limits of the right to honour and freedom of expression, when and how regulation applies and, most especially, how do we protect the individual.

Primavera De Filippi, Smári McCarthy
Cloud Computing: Legal Issues in Centralized Architectures

Cloud computing has had a side effect in personal communications: when most of them used to be peer-to-peer through a decentralized service (most times a desktop and one’s own server), now many communications have shifted to public and into centralized services.

Most users do not know how to read the terms of service or would just not read them. Thus, they think they are getting services for free while they are giving away many of their rights.

Another side effect is the lock-in that happens once you’ve got your data and content out in the cloud, and can but just manage it remotely, not massively and with serious concerns whether this content still is your property.

We cannot only rely on national law when it comes to the Internet, but international agreements do not seem to do better. So, what should be done?

Anne W. Salisbury
Anonymity, Trash Talk and Cyber-Smearing on the Internet

The first thing that one has to demonstrate defamation is that the statement made is opinion and not fact, and that is has been exaggerated.

But on the Internet it also depends on other aspects. For instance, the blog were the statement is made and the use of the language (i.e. some words do not any more refer to the original definition of that word, but have become slang with different meanings).

So, many supposed libels or defamations are not such when looked under a different glass.

Indeed, disclosing the anonymity of the “defamators” can sometimes be much more harming that the supposed defamation they committed.

Mª Dolores Palacios González
The stress between impunity in the Net and limiting freedom of expression

There are many examples where anonymous contributors to blogs or forums insult third parties, including individuals, governments and firms. ISPs usually have the safe harbour that most Internet laws provide according to which they have no liability on such harmful comments and statements in general. Though the problem still exist: there are harmful comments on many websites.

But some exceptions should be made, or at least some issues taken into consideration.

For instance, if there is comment moderation, the act of editing and/or approving the comment with defaming statements should not be protected with the safe harbour for ISPs.

Alicia Chicharro
The space of freedom, security and justice and cybercrime in the European Union

The Lisboa treaty shifts “upwards” many of the decisions related to crime and cyberlaw, resulting in a top-down approach to penal law in the member states. There is, though, the right to veto a directive, and also the principle of subsidiarity. Cybercrime is included within this new framework.


7th Internet, Law and Politics Conference (2011)