Legislative genesis and judicial death of a directive: The European Court of Justice invalidated the data retention directive (2006/24/EC) thereby creating a sustained period of legal uncertainty about the validity of national laws which enacted it

The Grand Chamber has ruled that the data retention directive was invalid ex tunc since it seriously interfered with the fundamental rights to respect for private life and protection of personal data and exceeded the limits of the principle of proportionality which are provided for in the Charter. The scope and temporal effects of this ruling should be clarified, especially its legal impacts on national laws of Member States which enacted the directive. In addition, the findings of the Grand Chamber on geographical safeguards have far-reaching implications on the retention and storage of personal data in the EU.     

South Korea's innovations in data privacy principles: Asian comparisons

Over the last two decades, at least a dozen Asian jurisdictions have adopted significant data privacy (or ‘data protection’) laws. South Korea started to implement such laws in relation to its public sector in the 1990s, then its private sector from 2001, culminating in the comprehensive Personal Information Privacy Act of 2011. Internationally, there have been two stages in the development of data privacy principles (the common core of such laws), the first typified by the OECD's data protection Guidelines of 1981, and the second typified by the European Union data protection Directive of 1995, with a third stage currently under development.     

美国科技成果转化优先序研究

美国作为全球科技创新大国,科技成果转化率很高。从政府的角度来看,美国有一个精密的系统,来根据社会、国家和城市的需要确定科技成果转化的优先序列。这个优先序列在一定时期内会具有一定的稳定性,也会随着社会需要的变化做出调整。政府通过科技政策和立法中确定的各种保障措施,推动它们的优先转化。这对我国有一定的借鉴意义。     

Discriminating natural images and computer generated graphics based on the impact of CFA interpolation on the correlation of PRNU

To discriminate natural images from computer generated graphics, a novel identification method based on the features of the impact of color filter array (CFA) interpolation on the local correlation of photo response non-uniformity noise (PRNU) is proposed. As CFA interpolation generally exists in the generation of natural images and it imposes influence on the local correlation of PRNU, the differences between the PRNU correlations of natural images and those of computer generated graphics are investigated. Nine dimensions of histogram features are extracted from the local variance histograms of PRNU to represent the identification features. The discrimination is accomplished by using a support vector machine (SVM) classifier. Experimental results and analysis show that it can achieve an average identification accuracy of 99.43%, and it is robust against scaling, JPEG compression, rotation and additive noise. Thus, it has great potential to be used in image source pipelines forensics.     

Information assurance in a distributed forensic cluster

When digital forensics started in the mid-1980s most of the software used for analysis came from writing and debugging software. Amongst these tools was the UNIX utility ‘dd’ which was used to create an image of an entire storage device. In the next decade the practice of creating and using ‘an image’ became established as a fundamental base of what we call ‘sound forensic practice’. By virtue of its structure, every file within the media was an integrated part of the image and so we were assured that it was wholesome representation of the digital crime scene. In an age of terabyte media ‘the image’ is becoming increasingly cumbersome to process, simply because of its size. One solution to this lies in the use of distributed systems. However, the data assurance inherent in a single media image file is lost when data is stored in separate files distributed across a system. In this paper we assess current assurance practices and provide some solutions to the need to have assurance within a distributed system.     

略论技术哲学的研究纲领——兼与吕乃基、远德玉两位教授商榷

技术哲学的基本研究对象是技术人工物,技术与技术人工物是存在与存在者的关系。技术不是技术人工物,不是技术的外在表现,不是技术的本质,也不是技术本身。技术就是技术,是技术一般,是对技术个别的扬弃。技术哲学的研究就是要在厘清技术的概念和技术哲学的基本研究对象基础上,揭示技术人工物的内部结构—功能关系,探讨技术与文化的关系,为推动和实现我国的技术创新提供理论指导。     

Police investigations in Internet open sources: Procedural-law issues

Analysing large amounts of data goes to the heart of the challenges confronting intelligence and law enforcement professionals today. Increasingly, this involves Internet data that are ‘open source’ or ‘publicly available’. Projects such as the European FP7 VIRTUOSO are developing platforms for open-source intelligence by law enforcement and public security, which open up opportunities for large-scale, automated data gathering and analysis. However, the mere fact that data are publicly available does not imply an absence of restrictions to researching them. This paper investigates one area of legal constraints, namely criminal-procedure law in relation to open-source data gathering by the police. What is the legal basis for this activity? And under what conditions can domestic and foreign open sources be investigated?     

Plain text passwords: A forensic RAM-raid

Despite many academic studies in the last 15 years acknowledging the investigative value of physical memory due to the potential sensitive nature of data it may contain, it arguably remains rarely collected at-scene in most criminal investigations. Whilst this may be due to factors such as first responders lacking the technical skills to do this task, or simply that it is overlooked as an evidence source, this work seeks to emphasise the worth of this task by demonstrating the ability to recover plain-text login credentials from it. Through an examination of logins made to 15 popular online services carried out via the Chrome, Edge and Mozilla Firefox browsers, testing shows that plain-text credentials are present in RAM in every case. Here, a transparent test methodology is defined and the results of test cases are presented along with ‘string markers’ which allow a practitioner to search their RAM captures for the presence of unknown credential information for these services in future cases.     

政治系统与法律系统对于技术风险的决策观察

德国社会学家尼古拉斯·卢曼的社会系统论和二阶观察理论所提供的社会建构论框架,有助于我们从技术、时间、知识、决策等维度厘清技术风险形成的复杂社会机制,促进我们对政治系统和法律系统中的技术风险管制活动进行反思性观察。政治系统通过政策性决策活动规划和控制技术风险的努力,本身也会导致决策风险,政治系统因此发展出令规制失灵而被社会遗忘的应对能力;法律系统内部发展出来的风险预防原则,其功能不在于增加社会的安全水平,而是作为一种程序性反应机制,吸收因科学技术后果的不确定性所导致的环境复杂性。     

Citizens’ Readiness to Adopt and Use E-government Services in the City of Harbin,China

This study applied the Technology Acceptance Model (TAM) to investigate the factors that would influence adoption and use of e-government services by citizens of Harbin in China. A total of 382 respondents took part in the study. The findings of this research revealed that Perceived Ease of Use, Perceived Service Quality, and Citizen Trust have significant positive impact on citizens’ intention to adopt and use e-government services while Perceived usefulness was found not to have any significant positive impact on citizens’ intention to use e-government services in Harbin, China. The implications of this study is further discussed.