You are currently browsing the category archive for the ‘Commentaries’ category.
Although it’s far from perfect, I think the Uniform Domain-Name Dispute-Resolution Policy (UDRP) is a good model for online dispute resolution (ODR) because of its following characteristics: (i) it applies to a very specific, narrow field – cybersquatting and domain names; (ii) it has global application and domain registrants are contractually bound when registering a domain name to undertake arbitration under the UDRP (no jurisdiction issue); (iii) its non-national in that no specific national law specifically applies (no choice of law problem); (iv) the costs are as a whole not prohibitive; (v) the proceedings are transparent since the decisions are published and available to the public; (vi) its subject community may be heterogeneous but there are still certain common values and norms; (vii) it has on tap a number of experienced arbitrators; (viii) the proceedings do not bar the parties from bringing the dispute to ordinary courts if they so wish; and (ix) the simple procedure under the UDRP is appropriate for the non-highly complex issue of cybersquatting.
This post was originally written for a class in Information Technology Law when I was an LLM student at the University of Edinburgh.
ODR is mandatory if, pursuant to the agreement between the provider and the consumer, the consumer is required to pursue the exclusive remedy of arbitration or other forms of ODR. ODR is binding if the parties agree that any result or decision that comes out of the proceedings is legally binding and enforceable on them – that is, the result affects the rights and obligations between the parties. ODR’s transparency depends on whether all the procedural steps are disclosed or known to the parties, the arbiter or mediator discloses any possible conflict of interest or warrants that no such conflict of interest exists, the decisions are published or made available to the public, and the parties are informed of the legal and factual bases on which a decision or result is founded on.
ODR is generally helpful for consumer as long as the following basic rights are preserved: (i) the consumer’s due process rights (right to be heard, right to a fair and impartial hearing of his or her case); (ii) the proceedings are neither too short or too long; (iii) the requirement of undertaking ODR is not unconscionable; or (iv) the ODR process does not effectively deny the consumer of the right to redress and access to courts.
This post was originally written for a class in Information Technology Law when I was an LLM student at the University of Edinburgh.
For a consumer, ADR is generally preferable over ordinary litigation because the former costs less and can be resolved quicker. The expense of undertaking lengthy and laborious court proceedings will far exceed any possible favorable outcome since most consumer complaints involve relatively small values.
ADR is useful in those circumstances where: (i) most if not all of the evidence to be presented are documentary in nature; (ii) the facts are not disputed; or (iii) only questions of law or the interpretation of the agreement between the parties are involved. ADR can also be helpful in commercial disputes since the parties are normally sophisticated business entities which normally do not see dispute settlements as ends in themselves but as a natural consequence of doing business. In other words, the main goal of companies is to engage in business and not engage in non-profitable and distracting litigation. Thus, commercial entities would rather have the matter resolved quickly so that they can get on with businesses. Most multinational companies who are engaged in transnational or global transactions prefer to resolve conflicts between and among themselves through ADR since it makes more business sense to do so.
This post was originally written for a class in Information Technology Law when I was an LLM student at the University of Edinburgh.
The Computer Misuse Act (CMA) prohibits the unauthorized modification of the contents of any computer, which includes the introduction of viruses . In general, the gravamen of the crime is the introduction or spreading of the virus into a computer. The mere writing of a computer virus is not a crime. However, it may be possible that the mere writing of a computer virus will result in a Section 3 offence. An example of this is when a employee writes the code of a self-executing computer virus from scratch onto his office computer which is connected to the office network. In this specific situation, the mere writing or coding of a computer virus is tantamount to the spreading of the same.
The crime of “unauthorized modification of the contents of any computer” doesn’t just cover the spreading of viruses to cause damage but also makes it a crime to: (i) change the data on any computer without authority (e.g., students hacking into a system to change their grades); (ii) installation of spyware; (iii) installing DRM/TPM software without consent of the user; (iv) unethical websites hijacking your browser (e.g., changing your home page) or installing a browser tool bar without your authorization; (v) installing any client side software without your consent (technically, even the installation of website cookies can be illegal).
With respect to updates to the CMA, experts mainly recommend the criminalization of Denial of Service Attacks and increasing of the imposable penalties. The most important reform to cybercrime may be those that promote better enforcement and prosecution through mutual cooperation between nations.
This post was originally written for a class in Information Technology Law when I was an LLM student at the University of Edinburgh.
Law, technology and society 
Lobotomy and not forgetting: Why the right to be forgotten is fundamentally flawed
August 6, 2014 in Commentaries | Leave a comment
The right to be forgotten is fatally flawed. Memories, whether in relation to individuals, society or technical networks, are not mere data. In the human brain, memories are made up of connections and networks of neurons and synapses. No single neuron or synapse holds a piece of memory; memory arises from the interactions and patterns produced by firing neurons and synapses. Similarly, in the networked society, memories about a particular person reside in the minds of many individuals as well as in the very information systems that they use, and these memories are based on people’s relationships, communications and interactions with others.
The right to be forgotten is problematic because it is works within the framework of data protection laws, which is principally focused on the control and processing of (personal) data. The basic notion of the right to be forgotten is that a person can be forgotten through the mere deletion of data. But, as described above, memories are not discrete objects (files) to be simply erased, but arise from and are products of complex relations (links, connections and communications). The latter is much harder to delete or undo. Furthermore, such erasure or censorship may lead to questionable results as seen in the problematic use of super-injunctions in England that sought to protect privacy but overly restrained freedom speech and the press and ultimately proved ineffectual.
Whether it’s an individual, a society or a network that’s striving to forget or to be forgotten, forgetting is never a simple affair because it inherently involves multiple people and things and their intricate relations. To be completely forgotten, you would have to excise your identity and memories about you from the minds of a host of people, from things and experiences you shared with other persons, and from the places and events you’ve been to when you were with others. Unlike mere data, memory is highly relational and contextual. Deleting a single file or link is never enough; one has to erase many things, if not everything, to be truly forgotten. The same can be said about “memory” online. The internet, the Web and Google’s search index are not so much databases but networks of techno-social knowledge, connections and communications that cannot be deleted without untoward results.
If someone wants to be forgotten in relation to personal information that is “inadequate, irrelevant or no longer relevant” but has become publicly known to other people, it would necessitate the erasure of knowledge about that information from the minds of people. Any attempt to do this is not only impossible but also extremely ridiculous. The same Sisyphean absurdity exists in the attempt to be forgotten online. By forcing the deletion of links in Google’s search results, a person is attempting to erase publicly available and accessible information, connections and communications of other individuals and entities (including Google) about him or her, and to deny them the right to remember and speak about what they know.
In truth, the right to be forgotten is ultimately an attempt, not to forget, but to lobotomize people and the internet, and take away their ability to possess knowledge and to communicate and make connections about it. For those who champion the right be forgotten for information that is publicly known, one should remember that other people too have an equal if not greater right to remember, to not forget, and to speak about what they know about you.