Law Applicable to Cloud Computing Contracts Concluded with Consumers under Regulation 593/2008, According to the CJEU Case Law

The undoubted popularity of cloud computing stems in particular from the fact that the provider can simultaneously offer access to his or her computing resources to an almost unlimited number of users located in different countries. Although this feature brings significant benefits to the provider, it also raises serious questions regarding the law governing the contract. The concerns become especially relevant in the case of contracts concluded between a consumer and a professional due to the limits of the choice of law and the special rules protecting consumers.The article analyses the law applicable to cloud computing contracts concluded with consumers. The considerations focus on the special provisions regarding consumer protection. Contrary to some comments, the article claims that the current legal framework is sufficient to determine the applicable law, although this task is not without doubts

Regulating Data as Property: A New Construct for Moving Forward

The global community urgently needs precise, clear rules that define ownership of data and express the attendant rights to license, transfer, use, modify, and destroy digital information assets. In response, this article proposes a new approach for regulating data as an entirely new class of property. Recently, European and Asian public officials and industries have called for data ownership principles to be developed, above and beyond current privacy and data protection laws. In addition, official policy guidances and legal proposals have been published that offer to accelerate realization of a property rights structure for digital information. But how can ownership of digital information be achieved? How can those rights be transferred and enforced? Those calls for data ownership emphasize the impact of ownership on the automotive industry and the vast quantities of operational data which smart automobiles and self-driving vehicles will produce. We looked at how, if at all, the issue was being considered in consumer-facing statements addressing the data being collected by their vehicles. To formulate our proposal, we also considered continued advances in scientific research, quantum mechanics, and quantum computing which confirm that information in any digital or electronic medium is, and always has been, physical, tangible matter. Yet, to date, data regulation has sought to adapt legal constructs for “intangible” intellectual property or to express a series of permissions and constraints tied to specific classifications of data (such as personally identifiable information). We examined legal reforms that were recently approved by the United Nations Commission on International Trade Law to enable transactions involving electronic transferable records, as well as prior reforms adopted in the United States Uniform Commercial Code and Federal law to enable similar transactions involving digital records that were, historically, physical assets (such as promissory notes or chattel paper). Finally, we surveyed prior academic scholarship in the U.S. and Europe to determine if the physical attributes of digital data had been previously considered in the vigorous debates on how to regulate personal information or the extent, if at all, that the solutions developed for transferable records had been considered for larger classes of digital assets. Based on the preceding, we propose that regulation of digital information assets, and clear concepts of ownership, can be built on existing legal constructs that have enabled electronic commercial practices. We propose a property rules construct that clearly defines a right to own digital information arises upon creation (whether by keystroke or machine), and suggest when and how that right attaches to specific data though the exercise of technological controls. This construct will enable faster, better adaptations of new rules for the ever-evolving portfolio of data assets being created around the world. This approach will also create more predictable, scalable, and extensible mechanisms for regulating data and is consistent with, and may improve the exercise and enforcement of, rights regarding personal information. We conclude by highlighting existing technologies and their potential to support this construct and begin an inventory of the steps necessary to further proceed with this process

Drones-as-a-Service (DaaS) : An analysis of the Operator as Service Provider and its potential liabilities under light of Regulation (EU) 2019/947

Giving the consolidation of a framework that allows for the operations of drones for commercial purposes by the new implemented Regulation (EU) 2019/947 on the rules and procedures for the operation of unmanned aircraft, this thesis introduces the reader to both the origin of the technology, the potential business applications of drones in the civil environment, and the current provisions regarding the risk-based operational characteristics of the Regulation as means to analyse the previously existing air and contractual law’s provisions. Through the exploration of the relevant legal principles and regulatory guidelines available for the interpretation of liability assignment and applicability, and by comparing the regulation to the contractual model in order to provide a deeper understanding of how the technology can be commercialized on a Drone-as-a-Service model, the author presents the relevant need of further legislation addressing the application of liability regimes harmonization between Member States from the perspective of the Unmanned Aircraft Systems Operator to satisfy the modern Cloud-Based Services Agreements model and allow the use of Internet as a platform for cross-jurisdictional performance. The first chapter revolves around the historical development and the growing civil interest in the application of drones to activities as a novel, as well as to already established activities that are currently performed by different technologies. Furthermore, it presents the possibility of its characterisation under the framework currently employed by cloud-based services regarding its commercial contractual format. The second chapter focuses on introducing the new Regulations (EU) 2019/947 and 2019/945, which have set the legal and regulatory frame for the safe conduction of activities of unmanned aircrafts, including the principles that served as base for the development of the provision;, the operational rules; machinery requirements and classifications; and the categories’ classification system that have been created for risk assessment. Overall, the frame serves as a guide for anyone interested in venturing in this business. The third chapter explores the international laws and EU air laws that will influence the ruling and potential jurisprudence regarding liability decisions. It aims at presenting both the relevance of Member States autonomy over regulatory decisions and importance towards contractual liabilities disputes. The focus is strongly focused on Operators that will be employed by service providers under the conceptualised cloud-based services agreements contracts framework. Finally, the thesis presents its conclusions and recommendations towards the commercial parties and legislators

ERP implementation methodologies and frameworks: a literature review

Enterprise Resource Planning (ERP) implementation is a complex and vibrant process, one that involves a combination of technological and organizational interactions. Often an ERP implementation project is the single largest IT project that an organization has ever launched and requires a mutual fit of system and organization. Also the concept of an ERP implementation supporting business processes across many different departments is not a generic, rigid and uniform concept and depends on variety of factors. As a result, the issues addressing the ERP implementation process have been one of the major concerns in industry. Therefore ERP implementation receives attention from practitioners and scholars and both, business as well as academic literature is abundant and not always very conclusive or coherent. However, research on ERP systems so far has been mainly focused on diffusion, use and impact issues. Less attention has been given to the methods used during the configuration and the implementation of ERP systems, even though they are commonly used in practice, they still remain largely unexplored and undocumented in Information Systems research. So, the academic relevance of this research is the contribution to the existing body of scientific knowledge. An annotated brief literature review is done in order to evaluate the current state of the existing academic literature. The purpose is to present a systematic overview of relevant ERP implementation methodologies and frameworks as a desire for achieving a better taxonomy of ERP implementation methodologies. This paper is useful to researchers who are interested in ERP implementation methodologies and frameworks. Results will serve as an input for a classification of the existing ERP implementation methodologies and frameworks. Also, this paper aims also at the professional ERP community involved in the process of ERP implementation by promoting a better understanding of ERP implementation methodologies and frameworks, its variety and history

EU Privacy seals project: Challenges and Possible Scope of an EU Privacy Seal Scheme. Final Report Study Deliverable 3.4

The objective of this report is focus on the challenges of implementing an effective EU privacy seal and its possible scope. It returns the focus to privacy and data protection, and presents further groundwork to feed into Task 4 of the Study (Proposals and evaluation of options for an EU-wide privacy seals scheme). Where relevant, research results and analyses of Tasks 1 and 2 are used. First, the report assesses the gaps in current privacy seal sector. Next, it highlights the advantages of, priorities for and possible scope of an EU privacy seal scheme. Eventually, four case studies (CCTV systems, cloud services, smart metering systems and biometric systems) illustrate the possible scope of an EU privacy seal scheme and demonstrate whether an EU privacy seals scheme would bring any added value to privacy and data protection.JRC.G.6-Digital Citizen Securit

Analysis on Digital Tax Non-Compliance with GATS

학위논문(석사) -- 서울대학교대학원 : 국제대학원 국제학과(국제통상전공), 2021.8. 배지연.The game-changing phenomenon that shifted the world into the current fourth industrial revolution would be ‘Digitalization’. The world has just begun its journey into the new digitalized world, and it will continuously evolve into a more intricate and integrated one. In a transitional period where everything is uncertain and new, opportunities for multilateral negotiations arise, which would help the world coordinate and cooperate to face the unknown digitalized future. Such negotiations allow the international society to implement better rules and policies, ensuring equitable opportunities on a level playing field. In this context, the ‘digital economy and trade’ is one of many fields where international cooperation and coordination are critically needed. Everything that used to be conducted manually, physically, and tangibly is now being conducted automatically, remotely, and intangibly. Goods and services have become digitally available and electronically transmittable, a phenomenon that calls for significant changes not only in the economy and trade but also in the surrounding rules, norms, and policies. Currently, the OECD is leading important and timely negotiations on ways to govern the digitalized economy and trade. One of the first agendas is to draw up a consensus-based agreement concerning the effective international tax measures for the digitalized economy and trade, which would prevent base erosion and profit shifting. However, due to the delayed negotiations, unilateral measures are beginning to arise. This paper aims to first, introduce the aspects of the digitalized economy and trade. Second, outline the current efforts of negotiations to come up with a unified international tax system fit for the digitalized economy and trade. Third, analyze how potential unilateral digital tax measures could face non-compliance with existing WTO trade agreements. Lastly, draw out implications on how international organizations and society should cooperate and coordinate to better prepare for the digitalized future.‘디지털화 (Digitalization)’는 4차산업으로의 패러다임 전환을 이끌어 준 중요한 역할을 하였다. 새로운 디지털 시대로의 진입은 시작에 불과할 뿐만 아니라 앞으로 끊임 없는 진화를 거듭하며 훨씬 더 복합적이며 융합된 형태로 발전할 것이다. 지금과 같이 모든 것이 새롭고 불확실한 과도기적 시기의 가장 큰 이점은 세계가 협력하여 새로운 디지털 시대를 마주할 수 있도록 협상의 기회를 제공 한다는 것이다. 이를 통해 모두에게 공정하고, 변화하는 환경에 맞는 통상 규범과 정책들이 확립되기를 기대해 볼 수 있다. 마찬가지로 디지털 경제 및 통상으로의 전환에 있어서도 국제적 협력이 절실히 필요하다. 기존의 아날로그 시대에서는 유형(tangible)의 재화 및 서비스를 수동적이며 물리적으로 거래했다면, 현재의 디지털화 된 시대에서는 무형(intangible)의 재화 및 서비스를 자동으로 그리고 원격으로 거래하고 있다. 재화 및 서비스가 디지털화 되고 전자적으로 전송이 가능해지면서 국제 경제 및 통상 환경에 큰 변화를 가져오고 있을 뿐만 아니라 이를 둘러싸고 있는 규범과 정책에도 막대한 영향을 미치고 있다. 현재 OECD에서는 디지털 경제 및 통상 환경을 효과적으로 관리하기 위한 중요하면서도 시의 적절한 이슈를 다루고 있는데 그 중의 하나가 바로 디지털 경제 및 통상에 대한 과세, 즉 ‘디지털세 (Digitl Tax)’에 대한 국제적 협상이다. 2013년부터 OECD는 디지털 시대에 맞는 국제조세체계의 도입이 불가피 하다는 공동의 의견을 바탕으로 포괄적 이행체계 (Inclusive Framework)에 착수하였다. 다국적 기업의 세원 잠식을 통한 조세 회피를 방지(BEPS)하기 위해 G20 및 세계 139개국과 협의 중이지만 협상에 진전이 더뎌 일방적 혹은 단독적(unilateral) 디지털세 도입을 추진하려는 움직임이 일어나고 있다. 이러한 흐름 가운데, 디지털세에 대한 시의적절 한 연구의 필요성이 있어 본 논문에서는 첫째, 디지털 경제 및 통상에 대한 여러 측면들을 소개하고, 둘째, 디지털 시대에 걸맞는 통합 국제조세체계의 개편 및 수립을 위한 노력들을 살펴볼 것이며, 셋째, 합의 없이 일방적 혹은 단독적으로 디지털세를 부과하는 행위의 잠재적 WTO 협정 저촉성에 대해 분석해 볼 것이다. 이를 바탕으로 국제기구와 국제사회가 디지털 시대를 위기가 아닌 기회로 맞이하기 위해 어떠한 노력과 협의가 필요한지에 대한 시사점을 도출할 것이다.Chapter 1. Introduction 1 1.1 Background and Purpose of Study 1 Chapter 2. Digital Economy and Trade 3 2.1 Dimensions of the Digital Economy and Trade 3 2.1.1 Definitions 3 2.1.2 Scope 5 2.1.3 Business models 7 2.1.4 Trends 9 2.2 International Agreements on Digital Trade 11 2.2.1 Moratorium on Customs Duties on Electronic Transmissions 13 2.2.2 GATS 15 2.2.3 Preferential Trade Agreements 17 Chapter 3. Taxation on Digital Trade 22 3.1 Background and Scope of Digital Tax 22 3.2 Types of Digital Tax 25 3.2.1 Indirect Tax 25 3.2.2 Direct Tax 28 3.2.3 Expansion of PE 30 3.3 Actions on Digital Tax 31 3.3.1 OECD 32 3.3.2 EU 36 3.3.3 Individual Countries 38 3.3.4 US 42 Chapter 4. Digital Tax Non-compliance with GATS 46 4.1 National Treatment Under GATS 47 4.1.1 National Treatment Obligations and Applicability 48 4.1.1.1 Obligations: Specific Commitments in the Schedule 48 4.1.1.2 Applicability I: Technological Neutrality 50 4.1.1.3 Applicability II: Measure Affecting Services Trade 52 4.1.2 Like Services and Suppliers 54 4.1.3 Less Favorable Treatment 58 4.2 General Exceptions 63 4.2.1 GATS Article XIV(a): Protection of Public Morals and Order 64 4.2.2 GATS Article XIV(c): Compliance with Laws and Regulations 65 4.2.3 GATS Article XIV(d): Effective Imposition of Direct Taxes 66 4.2.4 GATS Article XIV(e): Avoidance of Double Taxation 67 4.2.5 GATS Article XIV Chapeau 68 Chapter 5. Implications 72 5.1 Modification in WTO Trade Agreements 72 5.2 Cooperation among International Organizations 74 5.3 Coordination among International Societies 75 Chapter 6. Conclusion 79 References 81 국문초록 89석

Cybersecurity and Liability in a Big Data World

The interplay between big data and cloud computing is at the same time undoubtedly promising, challenging and puzzling. The current technological landscape is not without paradoxes and risks, which under certain circumstances may raise liability issues for market operators. In this article we illustrate the several challenges in terms of security and resilience that market operators face as their overcoming is of strategic importance for businesses wishing to be deemed privacy-respectful and reliable market actors. After a brief overview of the potentialities and drawbacks deriving from the combination of big data and cloud computing, this article illustrates the challenges and the obligations imposed by the European institutions on providers processing personal data – pursuant to the General Data Protection Regulation – and on providers of digital services and essential services – according to the NIS Directive. We also survey the European institutions’ push towards the development and adoption of codes of conduct, standards and certificates, as well as their last proposal for a new Cybersecurity Act. We conclude by showing that, despite this articulate framework, big data and cloud service providers still leverage on their strong market power to use “contractual shields” and escape liability