U.S.-Russian Strategic Arms Reductions: Nonlinear Challenges,Practical Opportunities

The Obama Administration's desire to push forward with strategic nuclear arms reductions during the President's second term requires the navigation of numerous shoals and reefs. U.S. and Russian negotiators will have to overcome both political and military obstacles to accomplish post-New START reductions in long-range nuclear weapons. For example, efforts to reduce offensive nuclear weapons are complicated by U.S. and NATO plans for missile defenses deployed in Europe and by exigencies in U.S. and Russian domestic politics. In addition, the military-technical aspects of cyber war and nuclear deterrence can no longer be treated, analytically or practically, as isolated compartments. This article considers several aspects of the relationships among possible post-START offensive force reductions, advanced conventional weapons including missile defenses, and emerging cyber capabilities.     

Standardisation: A tool for addressing market failure within the software industry

Despite the maturity of the software industry, empirical research demonstrates that average software quality, when measured through the presence of software defects, is low. Such defects cause a wide array of issues, not least in the form of vulnerabilities, which support a multi-billion pound a year industry of fraud in cyber crime. This paper suggests that this is the result of market failure stemming from two factors: the first is that information asymmetry prevents the establishment of software quality prior to purchase; whilst the second is that the legal provisions available under private law are unable in their current form to adequately address software liability issues. On that basis this paper proposes the use of standardisation as a tool to address both of these shortcomings by providing an industry benchmark against which software quality can be ascertained, as well as forming a legal tool for determining causation for the purposes of establishing legal liability.     

Internet of things – Governance quo vadis?

The Internet of Things (IoT) as an emerging global Internet-based information architecture facilitating the exchange of goods and services is gradually developing. While the technical aspects are being discussed in detail a legal framework does not exist so far. The first supranational organization trying to work out an IoT governance framework has been the European Commission by appointing a large group of experts to examine the relevant aspects of a possible IoT governance regime. In the meantime, however, the activities have been degraded. Nevertheless, even if the differences between the IoT and the Internet have been overestimated at the beginning, many elements of the IoT differ in part from the corresponding problems in the Internet. Therefore, an analysis of the major IoT governance issues (legitimacy, transparency, accountability, anticompetitive behavior) seems to be worthwhile to conduct.     

Digital identity,privacy and the right to identity in the United States of America

This article analyses digital identity as an emergent legal concept in the United States of America, as a consequence of the move to place all federal government services on-line. The features and functions of digital identity and its legal nature are examined, and the consequences are considered.     

The retention of personal information online: A call for international regulation of privacy law

New technologies permit online businesses to reduce expenses and increase efficiency by, for example, storing information in “the cloud”, engaging in online tracking and targeted advertising, location and tracking technologies, and biometrics. However, the potential for technology to facilitate long term retention of customers' personal information raises concerns about the competing right of individuals to the privacy of their personal information. Although the European Commission has recently released a proposal for regulation to “provide a data subject with the right to be forgotten and to erasure”, neither the OECD Privacy Guidelines nor the APEC Privacy Framework includes any requirement to delete personal information. While New Zealand includes a “limited retention principle” in the Privacy Act 1993, apart from one limited exception the privacy principles cannot be enforced in court. Taking New Zealand privacy law as an example, this paper examines the issue of retention of customer data, explains why this is a serious problem and argues that although it could be addressed by appropriate amendments to domestic laws, domestic privacy legislation may not be sufficient in an online environment. In the same way as other areas of law, such as the intellectual property regime, have turned to global regulatory standards which reflect the international nature of their subject matter, international privacy regulation should be the next stage for the information privacy regime.     

The legal construction of privacy and data protection

In this contribution, the authors explore the differences and interplays between the rights to privacy and data protection. They describe the two rights and come to the conclusion that they differ both formally and substantially, though overlaps are not to be excluded. Given these different yet not mutually exclusive scopes they then apply the rights to three case-studies (body-scanners, human enhancement technologies, genome sequencing), highlighting in each case potential legal differences concerning the scope of the rights, the role of consent, and the meaning of the proportionality test. Finally, and on the basis of these cases, the authors propose paths for articulating the two rights using the qualitative and quantitative thresholds of the two rights, which leads them to rethink the relationship between privacy and data protection, and ultimately, the status of data protection as a fundamental right.     

The Bermuda Islands blow ‘sweet & sour’ on employers’ liability for Internet libel

The Bermudian Supreme Court (at first instance) recently ruled in Bermuda Restaurants Limited (t/a “Chopsticks”) v. Jonathan Daspin and ConvergEx Global Markets Ltd. (Civil Jurisdiction 2008: No. 134 (to be reported)) on the issue of whether an employer (here, a company) should be held liable for an allegedly libellous email publication by its employee, the managing director. The Judge was asked by the employer company to determine two issues of law which exposed the company and which centred on its vicarious liability for its employee's actions, including whether the use of the company's email system, during working hours, made it complicit in the publication. The Court held, applying principles of English and Canadian law, that the company was not vicariously liable and by extension that it was not the email's publisher.     

EU developments in IP,IT & telecommunications law

This is the latest edition of Baker & McKenzie's column on developments in EU law relating to IP, IT and telecommunications. This article summarises recent developments that are considered important for practitioners, students and academics in a wide range of information technology, e-commerce, telecommunications and intellectual property areas. It cannot be exhaustive but intends to address the important points. This is a hard copy reference guide, but links to outside web sites are included where possible. No responsibility is assumed for the accuracy of information contained in these links.     

Protecting personal data in wartime: The destruction of the alphabetic tabulators in Oslo

As a contribution to this special issue of CLSR, Jon Bing offers a unique wartime account of one of the earliest attempts to prevent ‘online processing’ of personal data by the occupying authorities for oppressive purposes.