SlideShare a Scribd company logo

IT law : the middle kingdom between east and West

Download as PPTX, PDF
Lilian Edwards
Lilian Edwards

This document discusses balancing privacy, security, business interests, and other values. It notes that recent Western experience shows promoting security over privacy can hurt industry by reducing consumer confidence, and that lack of privacy protection can impact business profits from data usage. The document suggests China could learn lessons from this experience, and that global trends show strengthening, not weakening, privacy is important to maintain trust and enable digital innovation.

Law
1 of 19
IT Law: the Middle Kingdom between East and West Lilian Edwards Professor of E-Governance and Director, Centre for Internet law and Policy University of Strathclyde
http://www.strath.ac.uk/internetlaw/ Lilian.edwards@strath.ac.uk
Privacy as a Middle Kingdom Security Privacy Business profits Freedom of speech Consumer convenience
Lessons for China? • Privacy vs security – recent Western experience • Impact of lack of privacy on profit – recent Western experience • Does limiting privacy law in favour of other values work? • What can China learn from this?
Privacy vs security
Richard Hannigan, Director GCHQ, 3 November 2014 • Calling for technology firms such as as Facebook and Google to share personal data of users more readily with security service s eg by not supplying stronger encryption to consumers in the wake of Snowden • Tech firms “little more than “command and control networks of choice for terrorists and criminals” • “GCHQ is happy to be part of a mature debate on privacy in the digital age. But privacy has never been an absolute right and the debate about this should not become a reason for postponing urgent and difficult decisions.”
Privacy and profit
OBA: data as “the new oil” of the economy • “Advertising based on the observation of the behaviour of individuals over time. Behavioural advertising seeks to study the characteristics of this behaviour through their actions (repeated site visits, interactions, keywords, online content production etc) in order to develop a specific profile and provide data subjects with adverts tailored to match their inferred interests” (Art 29 WP 2/2010) • Online advertising now largest sector in UK (since 2009) c 30% – bigger than TV, radio, newsprint etc. c 59% spend of this on search ads , mainly AdWords (Google revenues). • IAB: Social media revenues - advertising delivered on social platforms, inc social networking and social gaming -> rose by 58% H1 2014. Mobile revenues increased 76%. • Wired: “every industry that becomes digital eventually becomes free” (Anderson, 2008) • Failure to find other business models for digital world?
Big data • “If information wants to be free, data wants to merge” (Grossman) • UK Government Information Economy Strategy 2013: 90% of global data generated in the last 2 years -> “business sectors across the economy have the potential to be transformed by data, analytics and modelling” • “..UK Government will continue to drive and influence EU …to ensure that growth opportunities are not inhibited by new or existing levels of regulation” • ? Challenges DP princs of data minimisation and purpose specification (Tene and Polonetsky, 2013) – “fishing expedition”
Big bureaucracy? • Considerable opposition by both UK and US to enactment of General Data Protection Regulation to improve data privacy in EU – not “business friendly” • HMG Seizing the Data Opportunity 2013 : “the GDPR does not strike the correct balance between ’privacy and innovation.. we should be careful about overly prescriptive regulation that increases red tape and costs for businesses, the public sector, and for regulators” • Similar earlier reactions by industry to new laws on cookies consent 2009-2011 – OUT-law “Please kill this cookie monster to save EU websites” • And to the “right to be forgotten” (Google Spain), HL, 2014: “..judgment of the Court is unworkable. It does not take into account the effect the ruling will have on smaller search engines which, unlike Google, are unlikely to have the resources to process the thousands of removal requests they are likely to receive.”
Privacy and consumer enjoyment C4, May 2010
From virtual to real world “sharing”: consumers gain? Smart meters
Privacy and freedom of expression
How does the law protect informational privacy? • International human rights law eg ECHR, UNDHR • Specific international guidelines/treaties/supranational law – OECD guidelines on personal data,1980 – Council of Europe Convention on Automatic Processing of Personal Data 1981 – EC Data protection law – required minimum in EU states - taken up as “gold standard” in many overseas states – US : no similar omnibus protection of personal data – but some strong sectoral laws eg health, financial info, kids data – China : no omnibus “DP” law but increasing legal protection in Internet related sector • What lessons can China learn from current concerns about balancing privacy, security and profit?
Data Protection Principles – DP Directive 95/46/EC 1. Personal Data shall be processed lawfully and fairly (“collection limitation”). 2. Personal Data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in a manner incompatible with those purposes (“purpose /use limitation”). 3. Personal data shall be adequate, relevant and not excessive in relation to the purpose for which it was processed (add “data minimisation” principle? – DP Reg) 4. Personal data shall be accurate and kept to date if necessary (“data quality”). 5. Personal data shall not be kept for a longer time than it is necessary for its purpose. (“retention”) 6. Personal data can only be processed in accordance with the rights of the data subjects (“openness”) 7. Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing (“security”). 8. Data export principle PLUS – independent regulator/watchdog + some degree of bureaucracy for business?
Global adoption of DP law (or DP+)as a standard for privacy rights? • Greenleaf 2012 – not EU v US anymore • DP laws fast becoming a comprehensive global standard – 89 such laws 2012, growing fast • Only just over half are in European states (56%) • 2/3 of APEC members have data privacy laws in private or public sector • Some new laws exceed current EU DP norms, rts of interoperability, privacy by design, etc – “third wave” • Remaining outliers among “digital” nations – China and the US!
Privacy vs security OR loss of privacy -> loss of profit? 1. Does promoting security over privacy help industry? Snowden – loss of consumer confidence in both B2C and B2B markets in EU • Evidence from EU industry – Information Technology & Innovation Foundation report, 2014 – US cloud providers may lose 10-20% of their EU market share = $35 billion over the next three years – Cloud Security Alliance report,10% of 207 non EU companies had cancelled contracts with US cloud cos since Snowden – NTT Comms report: c 25-30% of IT decisionmakers in Germany, France, UK “wanted to keep data in own country” – AWS setting up German data centre – “"Right now, there are many customers who don't want to buy American -- or to buy from a NATO country in general," F-Secure – Impact on government procurement - • Evidence from non-EU states – Election officials in India canceled a deal with Google to improve voter registration. – In China, sales of Cisco routers dropped 10 percent (Huffington Post) – Russia ban on user data being stored in US -> possible ban on all Apple products ( • Reaction from UK industry and government- – Plea for ethical codes and MORE privacy restraints/supervision for industry not LESS – “Addressing consumer confidence in the Digital Economy” – DP plus ethical approval for new big data products, security by design, privacy by design – IEC committee – “A Unified Ethical Frame for Big Data Analysis” , industry, lead by Hewlett Packard
Privacy vs consumer convenience? • Do consumers care about privacy after all? Not just about business attitudes? • Citizen attitudes towards data privacy – EuroBarometer 201 • People disclose personal data, including biographical information (almost 90%), social information (almost 50%) and sensitive information (almost 10%) on these sites. • 70% said they were concerned about how companies use this data and they think that they have only partial, if any, control of their own data. • 74% want to give their specific consent before their ` data is collected and processed on the Internet. • Privacy affecting if not ending data market – cf rise of Snapchat, Whatsapp, Ello – privacy as a feature not a bug
Conclusions • Privacy is seen as a value which may be damaging to other more crucial societal goals such as (crucially) national security, business profits • These are both concerns to legislatures in China and the EU/UK • However recent history shows that downgrading privacy protection in the name of security and profit may be counter productive • And the global trend is in fact to greater privacy protection – by both soft and hard law as well as “code” - to restore business and consumer trust and confidence

Recommended

Draft data protection regn 2012
Draft data protection regn 2012Draft data protection regn 2012
Draft data protection regn 2012
lilianedwards
 
Digital Economy by Johannes Bauer
Digital Economy by Johannes BauerDigital Economy by Johannes Bauer
Digital Economy by Johannes Bauer
QuelloCenteratMichiganStateUniversity
 
Good Governance with Things Digital
Good Governance with Things Digital Good Governance with Things Digital
Good Governance with Things Digital
Communication and Media Studies, Carleton University
 
Privacy & Data Ethics
Privacy & Data EthicsPrivacy & Data Ethics
Privacy & Data Ethics
Erik Kokkonen
 
Open Government in Great Britain
Open Government in Great BritainOpen Government in Great Britain
Open Government in Great Britain
Point_conference
 
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz..."Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
Cédric Laurant
 
LAK16 privacy and analytics (2016)
LAK16 privacy and analytics (2016)LAK16 privacy and analytics (2016)
LAK16 privacy and analytics (2016)
Wolfgang Greller
 
information technology
information technologyinformation technology
information technology
Silam Barasan
 

Recommended

Draft data protection regn 2012
Draft data protection regn 2012Draft data protection regn 2012
Draft data protection regn 2012
lilianedwards
 
Digital Economy by Johannes Bauer
Digital Economy by Johannes BauerDigital Economy by Johannes Bauer
Digital Economy by Johannes Bauer
QuelloCenteratMichiganStateUniversity
 
Good Governance with Things Digital
Good Governance with Things Digital Good Governance with Things Digital
Good Governance with Things Digital
Communication and Media Studies, Carleton University
 
Privacy & Data Ethics
Privacy & Data EthicsPrivacy & Data Ethics
Privacy & Data Ethics
Erik Kokkonen
 
Open Government in Great Britain
Open Government in Great BritainOpen Government in Great Britain
Open Government in Great Britain
Point_conference
 
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz..."Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
Cédric Laurant
 
LAK16 privacy and analytics (2016)
LAK16 privacy and analytics (2016)LAK16 privacy and analytics (2016)
LAK16 privacy and analytics (2016)
Wolfgang Greller
 
information technology
information technologyinformation technology
information technology
Silam Barasan
 
Digital economy
Digital economyDigital economy
Digital economy
Rupaliosho
 
EveryCloud_GDPR_Whitepaper_v2
EveryCloud_GDPR_Whitepaper_v2EveryCloud_GDPR_Whitepaper_v2
EveryCloud_GDPR_Whitepaper_v2
Paul Richards
 
Data driven innovation for education
Data driven innovation for education Data driven innovation for education
Data driven innovation for education
EduSkills OECD
 
Malaysia's Digital Economy: A New Driver of Development
Malaysia's Digital Economy: A New Driver of DevelopmentMalaysia's Digital Economy: A New Driver of Development
Malaysia's Digital Economy: A New Driver of Development
Ziaullah Mirza
 
2. Eleanor Stewart - Key Note: Openness As A Value #pdfua
2. Eleanor Stewart - Key Note: Openness As A Value #pdfua2. Eleanor Stewart - Key Note: Openness As A Value #pdfua
2. Eleanor Stewart - Key Note: Openness As A Value #pdfua
TechSoup Europe
 
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...
Andrea Omicini
 
Digital Economy
Digital EconomyDigital Economy
Digital Economy
Shaifali Pandey
 
Research on Legal Protection of Data Rights of E Commerce Platform Operators
Research on Legal Protection of Data Rights of E Commerce Platform OperatorsResearch on Legal Protection of Data Rights of E Commerce Platform Operators
Research on Legal Protection of Data Rights of E Commerce Platform Operators
YogeshIJTSRD
 
Smart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislationSmart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislation
caniceconsulting
 
Information governance a_necessity_in_to
Information governance a_necessity_in_toInformation governance a_necessity_in_to
Information governance a_necessity_in_to
Anne ndolo
 
Cybersecurity and Data Privacy
Cybersecurity and Data PrivacyCybersecurity and Data Privacy
Cybersecurity and Data Privacy
WilmerHale
 
Marsden #Regulatingcode MIT
Marsden #Regulatingcode MITMarsden #Regulatingcode MIT
Marsden #Regulatingcode MIT
Chris Marsden
 
Technology’s role in data protection – the missing link in GDPR transformation
Technology’s role in data protection – the missing link in GDPR transformationTechnology’s role in data protection – the missing link in GDPR transformation
Technology’s role in data protection – the missing link in GDPR transformation
at MicroFocus Italy ❖✔
 
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalData Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Dr. Donald Macfarlane
 
Digital Economy Overview
Digital Economy Overview Digital Economy Overview
Digital Economy Overview
Ziaullah Mirza
 
Legal issues in technology
Legal issues in technologyLegal issues in technology
Legal issues in technology
EzraGray1
 
How Can We Incorporate the Digital Economy into Development Strategies?
How Can We Incorporate the Digital Economy into Development Strategies?How Can We Incorporate the Digital Economy into Development Strategies?
How Can We Incorporate the Digital Economy into Development Strategies?
Economic Research Institute for ASEAN and East Asia
 
eGovernance Research Grand Challenges
eGovernance Research Grand ChallengeseGovernance Research Grand Challenges
eGovernance Research Grand Challenges
Yannis Charalabidis
 
Minnesota iGov a report by the State Chief Information Officer Gopal Khanna
Minnesota iGov a report by the State Chief Information Officer Gopal KhannaMinnesota iGov a report by the State Chief Information Officer Gopal Khanna
Minnesota iGov a report by the State Chief Information Officer Gopal Khanna
Gopal Khanna
 
The death of data protection sans obama
The death of data protection sans obamaThe death of data protection sans obama
The death of data protection sans obama
Lilian Edwards
 
The death of data protection
The death of data protection The death of data protection
The death of data protection
Lilian Edwards
 
Malcolm Crompton, IIS Partners Irish Future Internet Forum - Socioeconomics
Malcolm Crompton, IIS Partners Irish Future Internet Forum - SocioeconomicsMalcolm Crompton, IIS Partners Irish Future Internet Forum - Socioeconomics
Malcolm Crompton, IIS Partners Irish Future Internet Forum - Socioeconomics
Irish Future Internet Forum
 

More Related Content

What's hot

EveryCloud_GDPR_Whitepaper_v2
EveryCloud_GDPR_Whitepaper_v2EveryCloud_GDPR_Whitepaper_v2
EveryCloud_GDPR_Whitepaper_v2
Paul Richards
 
Malaysia's Digital Economy: A New Driver of Development
Malaysia's Digital Economy: A New Driver of DevelopmentMalaysia's Digital Economy: A New Driver of Development
Malaysia's Digital Economy: A New Driver of Development
Ziaullah Mirza
 
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...
Andrea Omicini
 
Research on Legal Protection of Data Rights of E Commerce Platform Operators
Research on Legal Protection of Data Rights of E Commerce Platform OperatorsResearch on Legal Protection of Data Rights of E Commerce Platform Operators
Research on Legal Protection of Data Rights of E Commerce Platform Operators
YogeshIJTSRD
 
Technology’s role in data protection – the missing link in GDPR transformation
Technology’s role in data protection – the missing link in GDPR transformationTechnology’s role in data protection – the missing link in GDPR transformation
Technology’s role in data protection – the missing link in GDPR transformation
at MicroFocus Italy ❖✔
 
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalData Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Dr. Donald Macfarlane
 
Minnesota iGov a report by the State Chief Information Officer Gopal Khanna
Minnesota iGov a report by the State Chief Information Officer Gopal KhannaMinnesota iGov a report by the State Chief Information Officer Gopal Khanna
Minnesota iGov a report by the State Chief Information Officer Gopal Khanna
Gopal Khanna
 

What's hot (19)

Digital economy
Digital economyDigital economy
Digital economy
 
EveryCloud_GDPR_Whitepaper_v2
EveryCloud_GDPR_Whitepaper_v2EveryCloud_GDPR_Whitepaper_v2
EveryCloud_GDPR_Whitepaper_v2
 
Data driven innovation for education
Data driven innovation for education Data driven innovation for education
Data driven innovation for education
 
Malaysia's Digital Economy: A New Driver of Development
Malaysia's Digital Economy: A New Driver of DevelopmentMalaysia's Digital Economy: A New Driver of Development
Malaysia's Digital Economy: A New Driver of Development
 
2. Eleanor Stewart - Key Note: Openness As A Value #pdfua
2. Eleanor Stewart - Key Note: Openness As A Value #pdfua2. Eleanor Stewart - Key Note: Openness As A Value #pdfua
2. Eleanor Stewart - Key Note: Openness As A Value #pdfua
 
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...
Privacy through Anonymisation in Large-scale Socio-technical Systems: The BIS...
 
Digital Economy
Digital EconomyDigital Economy
Digital Economy
 
Research on Legal Protection of Data Rights of E Commerce Platform Operators
Research on Legal Protection of Data Rights of E Commerce Platform OperatorsResearch on Legal Protection of Data Rights of E Commerce Platform Operators
Research on Legal Protection of Data Rights of E Commerce Platform Operators
 
Smart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislationSmart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislation
 
Information governance a_necessity_in_to
Information governance a_necessity_in_toInformation governance a_necessity_in_to
Information governance a_necessity_in_to
 
Cybersecurity and Data Privacy
Cybersecurity and Data PrivacyCybersecurity and Data Privacy
Cybersecurity and Data Privacy
 
Marsden #Regulatingcode MIT
Marsden #Regulatingcode MITMarsden #Regulatingcode MIT
Marsden #Regulatingcode MIT
 
Technology’s role in data protection – the missing link in GDPR transformation
Technology’s role in data protection – the missing link in GDPR transformationTechnology’s role in data protection – the missing link in GDPR transformation
Technology’s role in data protection – the missing link in GDPR transformation
 
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalData Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
 
Digital Economy Overview
Digital Economy Overview Digital Economy Overview
Digital Economy Overview
 
Legal issues in technology
Legal issues in technologyLegal issues in technology
Legal issues in technology
 
How Can We Incorporate the Digital Economy into Development Strategies?
How Can We Incorporate the Digital Economy into Development Strategies?How Can We Incorporate the Digital Economy into Development Strategies?
How Can We Incorporate the Digital Economy into Development Strategies?
 
eGovernance Research Grand Challenges
eGovernance Research Grand ChallengeseGovernance Research Grand Challenges
eGovernance Research Grand Challenges
 
Minnesota iGov a report by the State Chief Information Officer Gopal Khanna
Minnesota iGov a report by the State Chief Information Officer Gopal KhannaMinnesota iGov a report by the State Chief Information Officer Gopal Khanna
Minnesota iGov a report by the State Chief Information Officer Gopal Khanna
 

Similar to IT law : the middle kingdom between east and West

The death of data protection sans obama
The death of data protection sans obamaThe death of data protection sans obama
The death of data protection sans obama
Lilian Edwards
 
Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?
Lumension
 
[SLIDES] Internet of Things presentation at AEI (Sept 2014)
[SLIDES] Internet of Things presentation at AEI (Sept 2014)[SLIDES] Internet of Things presentation at AEI (Sept 2014)
[SLIDES] Internet of Things presentation at AEI (Sept 2014)
Adam Thierer
 
EveryCloud_GDPR_Whitepaper_v2
EveryCloud_GDPR_Whitepaper_v2EveryCloud_GDPR_Whitepaper_v2
EveryCloud_GDPR_Whitepaper_v2
Keith Purves
 
D2-5_BIG DATA EmilianoAnzellotti_v2 [
D2-5_BIG DATA EmilianoAnzellotti_v2 [D2-5_BIG DATA EmilianoAnzellotti_v2 [
D2-5_BIG DATA EmilianoAnzellotti_v2 [
Emiliano Anzellotti
 

Similar to IT law : the middle kingdom between east and West (20)

The death of data protection sans obama
The death of data protection sans obamaThe death of data protection sans obama
The death of data protection sans obama
 
The death of data protection
The death of data protection The death of data protection
The death of data protection
 
Malcolm Crompton, IIS Partners Irish Future Internet Forum - Socioeconomics
Malcolm Crompton, IIS Partners Irish Future Internet Forum - SocioeconomicsMalcolm Crompton, IIS Partners Irish Future Internet Forum - Socioeconomics
Malcolm Crompton, IIS Partners Irish Future Internet Forum - Socioeconomics
 
Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?
 
The GDPR for Techies
The GDPR for TechiesThe GDPR for Techies
The GDPR for Techies
 
Be careful what you wish for: the great Data Protection law reform - Lilian E...
Be careful what you wish for: the great Data Protection law reform - Lilian E...Be careful what you wish for: the great Data Protection law reform - Lilian E...
Be careful what you wish for: the great Data Protection law reform - Lilian E...
 
DAY 1_ITEM 4_Privacy and personal data protection.ppt
DAY 1_ITEM 4_Privacy and personal data protection.pptDAY 1_ITEM 4_Privacy and personal data protection.ppt
DAY 1_ITEM 4_Privacy and personal data protection.ppt
 
Data protection & security breakfast briefing master slides 28 june-final
Data protection & security breakfast briefing master slides 28 june-finalData protection & security breakfast briefing master slides 28 june-final
Data protection & security breakfast briefing master slides 28 june-final
 
Quick Guide: EU General Data Protection Regulation and Smart Metering
Quick Guide: EU General Data Protection Regulation and Smart MeteringQuick Guide: EU General Data Protection Regulation and Smart Metering
Quick Guide: EU General Data Protection Regulation and Smart Metering
 
EU General Data Protection: Implications for Smart Metering
EU General Data Protection: Implications for Smart MeteringEU General Data Protection: Implications for Smart Metering
EU General Data Protection: Implications for Smart Metering
 
[SLIDES] Internet of Things presentation at AEI (Sept 2014)
[SLIDES] Internet of Things presentation at AEI (Sept 2014)[SLIDES] Internet of Things presentation at AEI (Sept 2014)
[SLIDES] Internet of Things presentation at AEI (Sept 2014)
 
Privacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital SetupPrivacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital Setup
 
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...
 
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...
 
Lexing Barcelona Conference
Lexing Barcelona ConferenceLexing Barcelona Conference
Lexing Barcelona Conference
 
DWS16 - Plenary - Is trust really necessary - Xavier Lorphelin, Serena Capital
DWS16 - Plenary - Is trust really necessary - Xavier Lorphelin, Serena CapitalDWS16 - Plenary - Is trust really necessary - Xavier Lorphelin, Serena Capital
DWS16 - Plenary - Is trust really necessary - Xavier Lorphelin, Serena Capital
 
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...The Evolution of Data Privacy - A Symantec Information Security Perspective o...
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
 
GDPR (En) JM Tyszka
GDPR (En) JM TyszkaGDPR (En) JM Tyszka
GDPR (En) JM Tyszka
 
EveryCloud_GDPR_Whitepaper_v2
EveryCloud_GDPR_Whitepaper_v2EveryCloud_GDPR_Whitepaper_v2
EveryCloud_GDPR_Whitepaper_v2
 
D2-5_BIG DATA EmilianoAnzellotti_v2 [
D2-5_BIG DATA EmilianoAnzellotti_v2 [D2-5_BIG DATA EmilianoAnzellotti_v2 [
D2-5_BIG DATA EmilianoAnzellotti_v2 [
 

More from Lilian Edwards

Global Governance of Generative AI: The Right Way Forward
Global Governance of Generative AI: The Right Way ForwardGlobal Governance of Generative AI: The Right Way Forward
Global Governance of Generative AI: The Right Way Forward
Lilian Edwards
 
Can ChatGPT be compatible with the GDPR? Discuss.
Can ChatGPT be compatible with the GDPR? Discuss.Can ChatGPT be compatible with the GDPR? Discuss.
Can ChatGPT be compatible with the GDPR? Discuss.
Lilian Edwards
 
Slave to the Algo-Rhythms?
Slave to the Algo-Rhythms?Slave to the Algo-Rhythms?
Slave to the Algo-Rhythms?
Lilian Edwards
 

More from Lilian Edwards (19)

Global Governance of Generative AI: The Right Way Forward
Global Governance of Generative AI: The Right Way ForwardGlobal Governance of Generative AI: The Right Way Forward
Global Governance of Generative AI: The Right Way Forward
 
How to regulate foundation models: can we do better than the EU AI Act?
How to regulate foundation models: can we do better than the EU AI Act?How to regulate foundation models: can we do better than the EU AI Act?
How to regulate foundation models: can we do better than the EU AI Act?
 
Can ChatGPT be compatible with the GDPR? Discuss.
Can ChatGPT be compatible with the GDPR? Discuss.Can ChatGPT be compatible with the GDPR? Discuss.
Can ChatGPT be compatible with the GDPR? Discuss.
 
What Do You Do with a Problem Like AI?
What Do You Do with a Problem Like AI?What Do You Do with a Problem Like AI?
What Do You Do with a Problem Like AI?
 
The GDPR, Brexit, the UK and adequacy
The GDPR, Brexit, the UK and adequacyThe GDPR, Brexit, the UK and adequacy
The GDPR, Brexit, the UK and adequacy
 
Slave to the Algorithm 2016
Slave to the Algorithm 2016 Slave to the Algorithm 2016
Slave to the Algorithm 2016
 
Cloud computing : legal , privacy and contract issues
Cloud computing : legal , privacy and contract issuesCloud computing : legal , privacy and contract issues
Cloud computing : legal , privacy and contract issues
 
Privacy, the Internet of Things and Smart Cities
Privacy, the Internet of Things and Smart Cities Privacy, the Internet of Things and Smart Cities
Privacy, the Internet of Things and Smart Cities
 
From Privacy Impact Assessment to Social Impact Assessment: Preserving TRrus...
From Privacy Impact Assessment to Social Impact Assessment: Preserving TRrus...From Privacy Impact Assessment to Social Impact Assessment: Preserving TRrus...
From Privacy Impact Assessment to Social Impact Assessment: Preserving TRrus...
 
UK copyright, online intermediaries and enforcement
UK copyright, online intermediaries and enforcementUK copyright, online intermediaries and enforcement
UK copyright, online intermediaries and enforcement
 
the Death of Privacy in Three Acts
the Death of Privacy in Three Actsthe Death of Privacy in Three Acts
the Death of Privacy in Three Acts
 
Revenge porn: punish, remove, forget, forgive?
Revenge porn: punish, remove, forget, forgive? Revenge porn: punish, remove, forget, forgive?
Revenge porn: punish, remove, forget, forgive?
 
From piracy to “The Producers?
From piracy to “The Producers?From piracy to “The Producers?
From piracy to “The Producers?
 
The Death of Privacy in Three Acts
The Death of Privacy in Three ActsThe Death of Privacy in Three Acts
The Death of Privacy in Three Acts
 
Police surveillance of social media - do you have a reasonable expectation of...
Police surveillance of social media - do you have a reasonable expectation of...Police surveillance of social media - do you have a reasonable expectation of...
Police surveillance of social media - do you have a reasonable expectation of...
 
What do we do with aproblem like revenge porn ?
What do we do with aproblem like revenge porn ?What do we do with aproblem like revenge porn ?
What do we do with aproblem like revenge porn ?
 
Slave to the Algo-Rhythms?
Slave to the Algo-Rhythms?Slave to the Algo-Rhythms?
Slave to the Algo-Rhythms?
 
9worlds robots
9worlds robots9worlds robots
9worlds robots
 
Cdas 2012, lilian edwards and edina harbinja
Cdas 2012, lilian edwards and edina harbinjaCdas 2012, lilian edwards and edina harbinja
Cdas 2012, lilian edwards and edina harbinja
 

Recently uploaded

一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
e9733fc35af6
 
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理
bd2c5966a56d
 
一比一原版(Warwick毕业证书)华威大学毕业证如何办理
一比一原版(Warwick毕业证书)华威大学毕业证如何办理一比一原版(Warwick毕业证书)华威大学毕业证如何办理
一比一原版(Warwick毕业证书)华威大学毕业证如何办理
Fir La
 
Interpretation of statute topics for project
Interpretation of statute topics for projectInterpretation of statute topics for project
Interpretation of statute topics for project
VarshRR
 
一比一原版(TheAuckland毕业证书)新西兰奥克兰大学毕业证如何办理
一比一原版(TheAuckland毕业证书)新西兰奥克兰大学毕业证如何办理一比一原版(TheAuckland毕业证书)新西兰奥克兰大学毕业证如何办理
一比一原版(TheAuckland毕业证书)新西兰奥克兰大学毕业证如何办理
F La
 
一比一原版(IC毕业证书)帝国理工学院毕业证如何办理
一比一原版(IC毕业证书)帝国理工学院毕业证如何办理一比一原版(IC毕业证书)帝国理工学院毕业证如何办理
一比一原版(IC毕业证书)帝国理工学院毕业证如何办理
Fir La
 
一比一原版(USC毕业证书)南加州大学毕业证学位证书
一比一原版(USC毕业证书)南加州大学毕业证学位证书一比一原版(USC毕业证书)南加州大学毕业证学位证书
一比一原版(USC毕业证书)南加州大学毕业证学位证书
irst
 
一比一原版埃克塞特大学毕业证如何办理
一比一原版埃克塞特大学毕业证如何办理一比一原版埃克塞特大学毕业证如何办理
一比一原版埃克塞特大学毕业证如何办理
Airst S
 

Recently uploaded (20)

Relationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdfRelationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdf
 
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
 
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
 
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理
 
一比一原版(Warwick毕业证书)华威大学毕业证如何办理
一比一原版(Warwick毕业证书)华威大学毕业证如何办理一比一原版(Warwick毕业证书)华威大学毕业证如何办理
一比一原版(Warwick毕业证书)华威大学毕业证如何办理
 
Navigating Employment Law - Term Project.pptx
Navigating Employment Law - Term Project.pptxNavigating Employment Law - Term Project.pptx
Navigating Employment Law - Term Project.pptx
 
Interpretation of statute topics for project
Interpretation of statute topics for projectInterpretation of statute topics for project
Interpretation of statute topics for project
 
Sangyun Lee, Duplicate Powers in the Criminal Referral Process and the Overla...
Sangyun Lee, Duplicate Powers in the Criminal Referral Process and the Overla...Sangyun Lee, Duplicate Powers in the Criminal Referral Process and the Overla...
Sangyun Lee, Duplicate Powers in the Criminal Referral Process and the Overla...
 
Understanding the Role of Labor Unions and Collective Bargaining
Understanding the Role of Labor Unions and Collective BargainingUnderstanding the Role of Labor Unions and Collective Bargaining
Understanding the Role of Labor Unions and Collective Bargaining
 
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation StrategySmarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
 
一比一原版(TheAuckland毕业证书)新西兰奥克兰大学毕业证如何办理
一比一原版(TheAuckland毕业证书)新西兰奥克兰大学毕业证如何办理一比一原版(TheAuckland毕业证书)新西兰奥克兰大学毕业证如何办理
一比一原版(TheAuckland毕业证书)新西兰奥克兰大学毕业证如何办理
 
一比一原版(IC毕业证书)帝国理工学院毕业证如何办理
一比一原版(IC毕业证书)帝国理工学院毕业证如何办理一比一原版(IC毕业证书)帝国理工学院毕业证如何办理
一比一原版(IC毕业证书)帝国理工学院毕业证如何办理
 
Philippine FIRE CODE REVIEWER for Architecture Board Exam Takers
Philippine FIRE CODE REVIEWER for Architecture Board Exam TakersPhilippine FIRE CODE REVIEWER for Architecture Board Exam Takers
Philippine FIRE CODE REVIEWER for Architecture Board Exam Takers
 
一比一原版(USC毕业证书)南加州大学毕业证学位证书
一比一原版(USC毕业证书)南加州大学毕业证学位证书一比一原版(USC毕业证书)南加州大学毕业证学位证书
一比一原版(USC毕业证书)南加州大学毕业证学位证书
 
Who is Spencer McDaniel? And Does He Actually Exist?
Who is Spencer McDaniel? And Does He Actually Exist?Who is Spencer McDaniel? And Does He Actually Exist?
Who is Spencer McDaniel? And Does He Actually Exist?
 
Elective Course on Forensic Science in Law
Elective Course on Forensic Science in LawElective Course on Forensic Science in Law
Elective Course on Forensic Science in Law
 
Shubh_Burden of proof_Indian Evidence Act.pptx
Shubh_Burden of proof_Indian Evidence Act.pptxShubh_Burden of proof_Indian Evidence Act.pptx
Shubh_Burden of proof_Indian Evidence Act.pptx
 
589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf
 
一比一原版埃克塞特大学毕业证如何办理
一比一原版埃克塞特大学毕业证如何办理一比一原版埃克塞特大学毕业证如何办理
一比一原版埃克塞特大学毕业证如何办理
 
Analysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptx
Analysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptxAnalysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptx
Analysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptx
 

IT law : the middle kingdom between east and West

  • 1. IT Law: the Middle Kingdom between East and West Lilian Edwards Professor of E-Governance and Director, Centre for Internet law and Policy University of Strathclyde
  • 3. Privacy as a Middle Kingdom Security Privacy Business profits Freedom of speech Consumer convenience
  • 4. Lessons for China? • Privacy vs security – recent Western experience • Impact of lack of privacy on profit – recent Western experience • Does limiting privacy law in favour of other values work? • What can China learn from this?
  • 6. Richard Hannigan, Director GCHQ, 3 November 2014 • Calling for technology firms such as as Facebook and Google to share personal data of users more readily with security service s eg by not supplying stronger encryption to consumers in the wake of Snowden • Tech firms “little more than “command and control networks of choice for terrorists and criminals” • “GCHQ is happy to be part of a mature debate on privacy in the digital age. But privacy has never been an absolute right and the debate about this should not become a reason for postponing urgent and difficult decisions.”
  • 8. OBA: data as “the new oil” of the economy • “Advertising based on the observation of the behaviour of individuals over time. Behavioural advertising seeks to study the characteristics of this behaviour through their actions (repeated site visits, interactions, keywords, online content production etc) in order to develop a specific profile and provide data subjects with adverts tailored to match their inferred interests” (Art 29 WP 2/2010) • Online advertising now largest sector in UK (since 2009) c 30% – bigger than TV, radio, newsprint etc. c 59% spend of this on search ads , mainly AdWords (Google revenues). • IAB: Social media revenues - advertising delivered on social platforms, inc social networking and social gaming -> rose by 58% H1 2014. Mobile revenues increased 76%. • Wired: “every industry that becomes digital eventually becomes free” (Anderson, 2008) • Failure to find other business models for digital world?
  • 9. Big data • “If information wants to be free, data wants to merge” (Grossman) • UK Government Information Economy Strategy 2013: 90% of global data generated in the last 2 years -> “business sectors across the economy have the potential to be transformed by data, analytics and modelling” • “..UK Government will continue to drive and influence EU …to ensure that growth opportunities are not inhibited by new or existing levels of regulation” • ? Challenges DP princs of data minimisation and purpose specification (Tene and Polonetsky, 2013) – “fishing expedition”
  • 10. Big bureaucracy? • Considerable opposition by both UK and US to enactment of General Data Protection Regulation to improve data privacy in EU – not “business friendly” • HMG Seizing the Data Opportunity 2013 : “the GDPR does not strike the correct balance between ’privacy and innovation.. we should be careful about overly prescriptive regulation that increases red tape and costs for businesses, the public sector, and for regulators” • Similar earlier reactions by industry to new laws on cookies consent 2009-2011 – OUT-law “Please kill this cookie monster to save EU websites” • And to the “right to be forgotten” (Google Spain), HL, 2014: “..judgment of the Court is unworkable. It does not take into account the effect the ruling will have on smaller search engines which, unlike Google, are unlikely to have the resources to process the thousands of removal requests they are likely to receive.”
  • 11. Privacy and consumer enjoyment C4, May 2010
  • 12. From virtual to real world “sharing”: consumers gain? Smart meters
  • 13. Privacy and freedom of expression
  • 14. How does the law protect informational privacy? • International human rights law eg ECHR, UNDHR • Specific international guidelines/treaties/supranational law – OECD guidelines on personal data,1980 – Council of Europe Convention on Automatic Processing of Personal Data 1981 – EC Data protection law – required minimum in EU states - taken up as “gold standard” in many overseas states – US : no similar omnibus protection of personal data – but some strong sectoral laws eg health, financial info, kids data – China : no omnibus “DP” law but increasing legal protection in Internet related sector • What lessons can China learn from current concerns about balancing privacy, security and profit?
  • 15. Data Protection Principles – DP Directive 95/46/EC 1. Personal Data shall be processed lawfully and fairly (“collection limitation”). 2. Personal Data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in a manner incompatible with those purposes (“purpose /use limitation”). 3. Personal data shall be adequate, relevant and not excessive in relation to the purpose for which it was processed (add “data minimisation” principle? – DP Reg) 4. Personal data shall be accurate and kept to date if necessary (“data quality”). 5. Personal data shall not be kept for a longer time than it is necessary for its purpose. (“retention”) 6. Personal data can only be processed in accordance with the rights of the data subjects (“openness”) 7. Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing (“security”). 8. Data export principle PLUS – independent regulator/watchdog + some degree of bureaucracy for business?
  • 16. Global adoption of DP law (or DP+)as a standard for privacy rights? • Greenleaf 2012 – not EU v US anymore • DP laws fast becoming a comprehensive global standard – 89 such laws 2012, growing fast • Only just over half are in European states (56%) • 2/3 of APEC members have data privacy laws in private or public sector • Some new laws exceed current EU DP norms, rts of interoperability, privacy by design, etc – “third wave” • Remaining outliers among “digital” nations – China and the US!
  • 17. Privacy vs security OR loss of privacy -> loss of profit? 1. Does promoting security over privacy help industry? Snowden – loss of consumer confidence in both B2C and B2B markets in EU • Evidence from EU industry – Information Technology & Innovation Foundation report, 2014 – US cloud providers may lose 10-20% of their EU market share = $35 billion over the next three years – Cloud Security Alliance report,10% of 207 non EU companies had cancelled contracts with US cloud cos since Snowden – NTT Comms report: c 25-30% of IT decisionmakers in Germany, France, UK “wanted to keep data in own country” – AWS setting up German data centre – “"Right now, there are many customers who don't want to buy American -- or to buy from a NATO country in general," F-Secure – Impact on government procurement - • Evidence from non-EU states – Election officials in India canceled a deal with Google to improve voter registration. – In China, sales of Cisco routers dropped 10 percent (Huffington Post) – Russia ban on user data being stored in US -> possible ban on all Apple products ( • Reaction from UK industry and government- – Plea for ethical codes and MORE privacy restraints/supervision for industry not LESS – “Addressing consumer confidence in the Digital Economy” – DP plus ethical approval for new big data products, security by design, privacy by design – IEC committee – “A Unified Ethical Frame for Big Data Analysis” , industry, lead by Hewlett Packard
  • 18. Privacy vs consumer convenience? • Do consumers care about privacy after all? Not just about business attitudes? • Citizen attitudes towards data privacy – EuroBarometer 201 • People disclose personal data, including biographical information (almost 90%), social information (almost 50%) and sensitive information (almost 10%) on these sites. • 70% said they were concerned about how companies use this data and they think that they have only partial, if any, control of their own data. • 74% want to give their specific consent before their ` data is collected and processed on the Internet. • Privacy affecting if not ending data market – cf rise of Snapchat, Whatsapp, Ello – privacy as a feature not a bug
  • 19. Conclusions • Privacy is seen as a value which may be damaging to other more crucial societal goals such as (crucially) national security, business profits • These are both concerns to legislatures in China and the EU/UK • However recent history shows that downgrading privacy protection in the name of security and profit may be counter productive • And the global trend is in fact to greater privacy protection – by both soft and hard law as well as “code” - to restore business and consumer trust and confidence

Editor's Notes

  1. "I believe that 'Central Kingdom' is a more accurate translation for 'Zhong Guo' (China) than 'Middle Kingdom'. The term 'Middle Kingdom' does not imply that China is superior to other peoples and nations around it — China just happens to be located in the middle geographically; the term 'Central Kingdom', however, implies that China is superior to any other people and nation 'under the heaven' and that it thus occupies a 'central' position in the known universe."
  2. “secrets are lies”, “sharing is caring” and “privacy is theft Weibo
  3. “US tech firms are already dealing with intense public skepticism for their role in assisting government-lead, privacy-invading programmes like Prism. I would surmise that Hannigan is well aware of the PR (and potentially economic) disaster that would ensue upon closer collaboration between companies like Facebook or Google and government intelligence agencies