Sales through blogs in Malaysia: should we regulate them?

Selling goods through blogs is becoming a trend in Malaysia particularly for consumer goods. Goods like homemade chocolate, cup cakes, designed and personal accessories are among the many types of businesses which are commonly carried up via blogs. The popularity of blog sales give rise to legal concerns such as should these the blogs’ businesses be regulated as it is possible these blogs maybe mere bogus or scams or simply temporary in nature. What about the consumer rights arising from these transactions? This article will examine this issue from the Malaysian law perspective with some comparison with a heavily regulated jurisdiction like Singapore. (103 words

Patching the patchwork: appraising the EU regulatory framework on cyber security breaches

Breaches of security, a.k.a. security and data breaches, are on the rise, one of the reasons being the well-known lack of incentives to secure services and their underlying technologies, such as cloud computing. In this article, I question whether the patchwork of six EU instruments addressing breaches is helping to prevent or mitigate breaches as intended. At a lower level of abstraction, the question concerns appraising the success of each instrument separately. At a higher level of abstraction, since all laws converge on the objective of network and information security – one of the three pillars of the EU cyber security policy – the question is whether the legal ‘patchwork’ is helping to ‘patch’ the underlying insecurity of network and information systems thus contributing to cyber security. To answer the research question, I look at the regulatory framework as a whole, from the perspective of network and information security and consequently I use the expression cyber security breaches. I appraise the regulatory patchwork by using the three goals of notification identified by the European Commission as a benchmark, enriched by policy documents, legal analysis, and academic literature on breaches legislation, and I elaborate my analysis by reasoning on the case of cloud computing. The analysis, which is frustrated by the lack of adequate data, shows that the regulatory framework on cyber security breaches may be failing to provide the necessary level of mutual learning on the functioning of security measures, awareness of both regulatory authorities and the public on how entities fare in protecting data (and the related network and information systems), and enforcing self-improvement of entities dealing with information and services. I conclude with some recommendations addressing the causes, rather than the symptoms, of network and information systems insecurity

Rules and Legal Framework in Digital Trade

학위논문 (석사) -- 서울대학교 대학원 : 국제대학원 국제학과(국제통상전공), 2021. 2. 안덕근.Digital Transformation is imperative for any businesses today to remain active and connected in the evolving world. The digital surge has widely occurred in various areas, especially in troubled times of the pandemic, lockdown and social withdrawal. The digital transformation has been particularly recommended to textile and apparel industry by many experts in order to improve efficiency on every level in the business, and its necessity was emphasized even more with the recent severe downturn of the industry. The prevailing attention to digital transformation is now apparent across all countries and businesses, yet its consequences have not been thoroughly perceived and prepared, causing serious issues and concerns. With the importance of digital transformation in the textile and apparel industry being highlighted, those problems are bound to serve as obstacles to the industry. Since digital trade happens in an intangible and transmissive form, its scope and pace of world trade are beyond control and expectation. Therefore, it is highly crucial to have an organized legal framework that prevents and regulates any potential troubles from transnational digital activities. The international regulatory system on digital trade is currently in a state of confusion that requires cooperation and efforts. This paper examines the current status of international digital trade regulations and accentuates the necessity to develop them from the status quo. Since the digital transformation will become more pervasive over time, countries will need to find a way to narrow down discrepancies in the understanding—collision between the idea of free data transfer and data sovereignty—to reach a consensus and build a robust international regulatory framework that encompasses every important aspect of digital trade.디지털 전환은 급변하는 사회에서 살아남기 위한 기업의 필수 전략이 되었다. 이는 다양한 분야에서 광범위하게 일어나고 있으며, 특히 코로나바이러스 대유행으로 인해 급속도로 확산되고 있다. 그중에서도 섬유 ・ 의류 산업의 디지털 전환은 비즈니스 효율성 향상을 위해 그 필요성이 꾸준히 언급되어 왔다. 그러나 디자인, 생산, 판매 등 전통적인 방식을 고수할 수밖에 없는 산업의 특성상 모든 기업에서 쉽게 진행되기는 어려웠다. 하지만 계속되는 산업 침체와 코로나바이러스의 여파로 인하여 디지털 전환의 중요성이 더욱 강조되고 있다. 최근 여러 국가와 기업에서 디지털 전환과 정보통신기술에 대한 관심과 집중이 더욱 급증하고 있다. 그러나 증가하는 디지털 기술의 활용과는 달리 그에 따른 법적 쟁점 등 결과에 대한 해결책이 마련되지 않아 심각한 문제와 우려를 낳고 있다. 섬유 ・ 의류 산업의 디지털 전환이 권장되고 그 중요성이 강조되고 있는 가운데 이러한 문제점들은 글로벌 디지털 경쟁력을 키워가고 있는 기업에게 큰 장애물로 작용할 수밖에 없다. 또한 디지털 무역은 지금 이 순간에도 꾸준히 일어나고 있기 때문에 그 범위와 속도를 가늠하기가 매우 어렵다. 따라서, 국경 간 디지털 교역에서 발생할 수 있는 문제를 방지하고 규제하는 체계적인 법적 틀은 갖는 것이 매우 중요하다. 디지털 통상에 대한 국제 규범은 여전히 협력과 개선이 필요한 혼란 상태에 있다. 본 논문은 현 국제 디지털 무역 규제를 조사하고 더욱 발전시켜 산업에 실질적으로 적용 가능한 세부적이고 실용적인 국제법을 가져야 한다는 내용을 강조하고 있다. 다자무역협상에서 다루어져야 할 국제 규제를 현재 지역무역협정으로 대신하고 있지만, 시간이 지남에 따라 더욱 광범위한 디지털 전환이 이루어질 것이므로 각국은 국내산업을 보호하려는 견해와 디지털 무역장벽을 무너뜨리려는 견해 차이를 조정하여 보다 구체적이고 확실한 다자적 차원의 국제 규범을 세우려는 자세를 가져야 할 것이다.I. Introduction 1 1. Background of Digital Transformation 1 2. Scope of Digital Transformation 2 II. Overview of Textile and Apparel Industry 4 1. Structure of Textile and Apparel Industry 4 1-1. Types of Retailers 4 1-2. Business Process 6 2. Current Status and Future Direction of Textile and Apparel Industry 8 2-1. Industry Downturn 8 2-2. Impact of the COVID-19 Pandemic 10 III. Digital Transformation in Textile and Apparel Industry 15 1. E-Commerce and Digital Platforms 15 2. Digital Wearable Devices and Mobile App Services 19 3. Smart Textiles and Smart Garments 23 4. Virtual Fitting and 3D Technologies 25 IV. Digital Trade Regulations at the Multilateral Level 29 1. Digital Trade Regulations in the WTO 31 2. EU General Data Protection Regulation (GDPR) 33 3. APEC Cross-border Privacy Rules (CBPR) and Privacy Framework 36 V. Development of Digital Trade Regulations in the RTAs 40 1. Chapter 14 of CPTPP: Electronic Commerce 40 2. Chapter 19 of USMCA: Digital Trade 42 3. US-Japan Digital Trade Agreement 43 4. Singapore-Australia Digital Economy Agreement 46 VI. Assessment on Digital Trade Regulations in Korea 48 1. Global Digital Competitiveness of Korean Textile and Apparel Industry 48 2. Digital Trade Regulations at the International Level 50 VII. Conclusion 53Maste

Protection of Personal Data and its status as a Fundamental Right - In the scope of International Law and EU Law

Personal data protection has raised discussion during the recent years both in international and national level. With the development of technology, internationalism and the economy it is more and more important to protect the personal data. The adequate way to protect the personal data needs to be considered thoroughly; should it be protected with secondary legislation or with fundamental legislation? During the recent years, the personal data protection legislation in both international and national level has increased. Despite this, the protection of personal data faces threads and challenges every day. These threads and challenges emerge from the inconsistency of international and national data protection legislations, from terrorism and crime, and from the economic and technological development. Also the collisions between different fundamental rights are challenging. For instance, it is not always easy to assess the order of importance between the personal data protection and the right to free flow of data. In this thesis I shall research the status of personal data protection in international level and in international jurisdiction. I will start my research by assessing the threads and challenges personal data protection faces every day. I shall then take a closer look into the relevant European Union law and then to international law. I shall also make a slight comparison between the EU law and the international law. My goal is to figure out the actual challenges and threads to personal data protection and, also, the legal protection that personal data needs and already has. I believe I have reached this goal. I believe that the personal data should be protected as a fundamental right, but it hasn’t reached this status in international level yet. For the data protection to reach this status as a fundamental right, international legislations and regulations needs to be revised. My research methods have mostly been legal dogmatic. My research is mainly based on the relevant legal literature, sources of laws and other written legal sources. The empiric parts in this thesis are mainly from the author herself

Crisis communication in organizational data breach situations: Facebook data breach 2018

Objectives The main objective of this study was to explore how effective crisis communication can help an organization facing a data breach to minimize the organizational damage caused by the data breach crisis. In an optimal situation, this research explains why certain crisis response guidelines and communication characteristics are useful in data breaches and how they affect the relationship between the organization and the crisis stakeholders. In addition to this, this research should be helpful for all organizations facing a data breach in the future, as it shows from the perspective of a giant global social network company, which forms of crisis communication are useful and which are not. Summary This research studies the existing literature on traditional organizational crises and on crisis management and crisis communication and compares the information to modern data breach crises. To use the information from the literature effectively, information from the literature review will be compared to a big data company Facebook’s recent data breach in September 2018, affecting initially over 50 million people. The research aim is to find out, how crisis communication is the most effective when an organization is facing a data breach. This bachelor’s thesis is a qualitative study and it uses a combination of common effective crisis communication characteristics and a traditional crisis communication theory, SCCT by Timothy Coombs, as guidelines for a recent major data breach case. Conclusions The common characteristics of effective crisis communication are still expected from a company facing a data breach by the media and the crisis stakeholders, especially when individuals’ personal data is affected. However, a common crisis communication theory SCCT is proven to be mostly incompatible with modern data breach crisis, which means that there is a need for a guiding theory for data breach crisis communication including the characteristics required by the crisis stakeholders and the media. In addition to this, this research concludes that regardless of effective or ineffective crisis communication, the company’s prior crisis history and reputation have a significant effect on how crisis communication is responded to

Strengthening e-crime legislation in the UAE: learning lessons from the UK and the EU

The electronic revolution brought with it technological innovations that are now integral to communication, business, commerce and the workings of governments all over the world. It also significantly changed the criminal landscape. Globally it has been estimated that crime conducted via the internet (e-crime) costs more than €290 billion annually. Formulating a robust response to cybercrime in law is a top priority for many countries that presents ongoing challenges. New cybercrime trends and behaviours are constantly emerging, and debates surrounding legal provisions to deal with them by increasing online tracking and surveillance are frequently accompanied by concerns of the rights of citizens to freedom, privacy and confidentiality. This research compares the ways that three different legislative frameworks have been navigating these challenges. Specifically, it examines the legal strategies of the United Arab Emirates (UAE), the United Kingdom (UK) and the European Union (EU). The UAE is comparatively inexperienced in this area, its first law to address e-crime was adopted in 2006, sixteen years after the UK, and so the express purpose of this study is to investigate how e-crime legislation in the UAE can be strengthened. Drawing on a range of theoretical resources supplemented with empirical data, this research seeks to provide a comprehensive account of how key e-crime legislation has evolved in the UAE, the UK and the EU, and to evaluate how effective it has been in tackling cybercrime. Integral to this project is an analysis of some of the past and present controversies related to surveillance, data retention, data protection, privacy, non-disclosure and the public interest. An important corollary of this research is how e-crime legislation is not only aligned with political and economic aims, but when looking at the UAE, the discrete ways that legislation can be circumscribed by cultural, social and religious norms comes into focus

Analyses of selected legal issues related to personal data security and the inter-relationship between personal data protection law in Africa and Europe

It has been well documented that the unprecedented use of computerized technology to process personal information in the 1960s in Europe and the US led to concerns about individual privacy, which resulted in the introduction of a branch of law regulating the processing of personal data, known today as personal data protection law. Over the years, this relatively new domain of law has introduced rights and obligations which appear to have the capacity to regulate a vast variety of domains of activity as long as they involve processing information about humans. This publication-based thesis regroups five published/accepted articles which generally seek to appreciate the significance of rights and obligations of this branch of law within the EU and Africa. The Chapters in this thesis focus on a limited variety of selected themes in data protection law. The first Chapter addresses the lack of clarification of the meaning of a breach of security in EU data protection law, and the second Chapter examines the level of personal data security protection guaranteed by African regional data protection instruments. The third and fourth Chapters both explore the potential effect of the transposition of EU data protection legal standards into African soil, respectively focusing on the processing of public examination results and on curtailing the prevalence of teacher-student abuses on university campuses. The fifth and final Chapter presents a comparative analysis between the EU GDPR, the Ghanaian Data Protection Act 2012 and Kenyan Data Protection Act 2019 in their approaches to consolidate the OECD data protection principles. The thesis conclusively finds that transposing EU data protection standards into Africa could help regulate some under-regulated domains of activity. But the continent's institutions still need to do a lot in terms of harmonising and promoting personal data protection law among its countries