Internet regulation

How can we regulate the Internet? This seemingly innocent question has been the subject of countless books and articles for just over the past twenty years. Part of the reason why it continues to be a vibrant and relevant topic is the difference of opinions on what is going on. On the one hand we have those who believe that the Internet is a free and open space that requires no regulation, and/or is incapable of being regulated. On the other hand we have those who think that regulation is not only desirable, but that the Internet as it exists now is completely regulated because of the prevalence of state surveillance, and that all semblance of freedom is a mere illusion

Adaptive Architecture:Regulating human building interaction

In this paper, we explore the regulatory, technical and interactional implications of Adaptive Architecture (AA) and how it will recalibrate the nature of human-building interaction. We comprehensively unpack the emergence and history of this novel concept, reflecting on the current state of the art and policy foundations supporting it. As AA is underpinned by the Internet of Things (IoT), we consider how regulatory and surveillance issues posed by the IoT are manifesting in the built environment. In our analysis, we utilise a prominent architectural model, Stuart Brand’s Shearing Layers, to understand temporal change and informational flows across different physical layers of a building. We use three AA applications to situate our analysis, namely a smart IoT security camera; an AA research prototype; and an AA commercial deployment. Focusing on emerging information privacy and security regulations, particularly the EU General Data Protection Regulation 2016, we examine AA from 5 perspectives: physical & information security risks; challenges of establishing responsibility; enabling occupant rights over flows, collection, use & control of personal data; addressing increased visibility of emotions and bodies; understanding surveillance of everyday routine activities. We conclude with key challenges for AA regulation and the future of human–building interaction

Democracy and Digital Authoritarianism: An Assessment of the EU’s External Engagement in the Promotion and Protection of Internet Freedom. College of Europe EU Diplomacy Paper 01/2020

The past decade has seen a gradual global increase in digital authoritarianism. Internet shutdowns, online censorship, mass surveillance and violations of privacy rights have all become more frequent in parts of the world where citizens are not guaranteed sufficient digital rights. The task of defending, promoting and protecting internet freedom is becoming increasingly relevant for the European Union (EU) − for internal digital and cybersecurity policies as well as for the EU’s external promotion of democracy and human rights. Whilst much has been written about the various internal policies which establish and protect internet freedom within the European Union and its member states, the EU’s external engagement in this field remains critically under-researched. To what extent does the EU engage externally in the promotion and protection of internet freedom? This paper answers this question by covering a wide variety of policy fields including human rights and democracy promotion, digital policy, enlargement and neighbourhood policy, development cooperation and trade policy. Whereas the EU faces a limited opportunity to shape global norms with regard to internet freedom or to change the course of digitally authoritarian states, it has demonstrated several strengths which deserve not to be overlooked. These include, for example, the externalisation of internal data protection and policies and the provision of direct support and protection for civil society. Despite facing significant obstacles, the promotion and protection of internet freedom has become an important area of the EU’s external action which is only set to become more relevant in the coming years

The Need for a Shared Responsibility Regime between State and Non-State Actors to Prevent Human Rights Violations Caused by Cyber-Surveillance Spyware

Technology has undoubtedly contributed to the field of human rights. Internet connection and a smartphone has enabled activists to call out political leaders, shine light on human atrocities and organize mass protests through social media platforms. This has resulted in many authoritarian governments spending large amounts of their resources to purchase cyber-surveillance spyware systems from multi-national corporations to closely monitor and track their citizens for any signs of dissidence. Such technology has enabled authoritarian regimes to commit human right violations ranging from invasion of privacy, arbitrary arrest, arbitrary detention, torture and even murder. Despite the uncovering of such questionable transactions by journalists and civil society groups, multinational corporations continue to sell such products to governments with troubling human rights practices without any legal liability. Similar to the reports of unpunished criminal misconduct and human rights abuses committed by contracted private military security companies in Afghanistan and Iraq, corporations selling surveillance spyware have also escaped accountability. This is in part due to the significant difficulty in finding corporate entities liable under the current international legal system and the general inapplicability of international human rights laws to non-state actors. This is especially disconcerting when multinational corporations have emerged to be such powerful actors in modern societies due to globalization and the privatization of many governmental functions. This Note responds to this problem by proposing a new shared responsibility regime between state and non-state actors, where the state becomes an accountable stakeholder in order to better regulate the sale of surveillance spyware and provide a better possibility of recourse to victims of human rights violations. Inspired by the multi-stakeholder approach taken in the development of the International Code of Conduct for Private Security Service Providers and its oversight committee, the International Code of Conduct Association, this Note calls for an analogous system in the regulation of surveillance spyware exports

Corporate Avatars and the Erosion of the Populist Fourth Amendment

The current state of Fourth Amendment jurisprudence leaves it to technology corporations to challenge court orders, subpoenas, and requests by the government for individual users’ information. The third-party doctrine denies people a reasonable expectation of privacy in data they transmit through telecommunications and Internet service providers. Third-party corporations become, by default, the people’s corporate avatars. Corporate avatars, however, do a poor job of representing individuals’ interests. Moreover, vesting the Fourth Amendment’s government-oversight functions in corporations fails to cohere with the Bill of Rights’ populist history and the Framers’ distrust of corporations.This article examines how the third-party doctrine proves unsupportable in the big data surveillance era, in which communicating and sharing information through third parties’ technology is a necessary condition of existence, and non-content data, such as Internet subscriber information or cell site location information, provides an intimate portrait of a person’s activities and beliefs. Recognizing the potential for excessive government surveillance, scholars, courts, and Congress have endorsed corporations as one solution to executive branch overreach and privacy invasion.This article demonstrates through government and corporations’ reports that companies have rarely challenged government requests for their users’ data. Incentives to cooperate with government surveillance, including highly profitable relationships with government, government regulation of companies, and statutory immunity, make it unlikely corporations will ever prove adequate avatars. The article further documents how expansive search powers originated in England with the aid of private industry, making corporations dubious guardians of the Fourth Amendment.The article offers practicable solutions that will increase individual agency. First, the third-party doctrine should be limited in order to permit an expectation of privacy in some non-content data. Second, Congress should enact proprietary rights in certain personal data. In many instances, government surveillance may constitute a deprivation of that property interest, requiring notice and an opportunity to challenge the surveillance. Finally, advances in technology should facilitate individuals’ selection of corporations’ services and devices that ensure notice of government surveillance and enable direct communication between the people and government over searches and seizures

Governing by internet architecture

In the past thirty years, the exponential rise in the number of Internet users around the word and the intensive use of the digital networks have brought to light crucial political issues. Internet is now the object of regulations. Namely, it is a policy domain. Yet, its own architecture represents a new regulative structure, one deeply affecting politics and everyday life. This article considers some of the main transformations of the Internet induced by privatization and militarization processes, as well as their consequences on societies and human beings.En los últimos treinta años ha crecido de manera exponencial el número de usuarios de Internet alrededor del mundo y el uso intensivo de conexiones digitales ha traído a la luz cuestiones políticas cruciales. Internet es ahora objeto de regulaciones. Es decir, es un ámbito de la política. Aún su propia arquitectura representa una nueva estructura reguladora, que afecta profundamente la política y la vida cotidiana. Este artículo considera algunas de las principales transformaciones de Internet inducida por procesos de privatización y militarización, como también sus consecuencias en las sociedades y en los seres humanos

Auto-regulating New Media

Using Foucault's (1977, 1978) notion of panoptic method of governmentality and looking at the case of Singapore's Internet policy, this paper attempts to expand on the idea-and ideals-of 'auto-regulation'(Lee, 2000, pp. 4-5; Lee & Birch, 2000). Auto-regulation, as I shall posit in this paper, provides a way for regulatory enforcement and surveillance to become sufficiently transparent and 'normalised' so that 'the exercise of power may be supervised by society as a whole'(Foucault, 1977, pp.207-208) rather than by a select group of policy and law enforcement officers, or civil society /activist groups

Foucault in Cyberspace: Surveillance, Sovereignty, and Hardwired Censors

This is an essay about law in cyberspace. I focus on three interdependent phenomena: a set of political and legal assumptions that I call the jurisprudence of digital libertarianism, a separate but related set of beliefs about the state\u27s supposed inability to regulate the Internet, and a preference for technological solutions to hard legal issues on-line. I make the familiar criticism that digital libertarianism is inadequate because of its blindness towards the effects of private power, and the less familiar claim that digital libertarianism is also surprisingly blind to the state\u27s own power in cyberspace. In fact, I argue that the conceptual structure and jurisprudential assumptions of digital libertarianism lead its practitioners to ignore the ways in which the state can often use privatized enforcement and state-backed technologies to evade some of the supposed practical (and constitutional) restraints on the exercise of legal power over the Net. Finally, I argue that technological solutions which provide the keys to the first two phenomena are neither as neutral nor as benign as they are currently perceived to be. Some of my illustrations will come from the current Administration proposals for Internet copyright regulation, others from the Communications Decency Act and the cryptography debate. In the process, I make opportunistic and unsystematic use of the late Michel Foucault\u27s work to criticise some the jurisprudential orthodoxy of the Net

Internet Giants as Quasi-Governmental Actors and the Limits of Contractual Consent

Although the government’s data-mining program relied heavily on information and technology that the government received from private companies, relatively little of the public outrage generated by Edward Snowden’s revelations was directed at those private companies. We argue that the mystique of the Internet giants and the myth of contractual consent combine to mute criticisms that otherwise might be directed at the real data-mining masterminds. As a result, consumers are deemed to have consented to the use of their private information in ways that they would not agree to had they known the purposes to which their information would be put and the entities – including the federal government – with whom their information would be shared. We also call into question the distinction between governmental actors and private actors in this realm, as the Internet giants increasingly exploit contractual mechanisms to operate with quasi-governmental powers in their relations with consumers. As regulators and policymakers focus on how to better protect consumer data, we propose that solutions that rely upon consumer permission adopt a more exacting and limited concept of the consent required before private entities may collect or make use of consumer’s information where such uses touch upon privacy interests