Vol. 5.4, December 2001


Law or Technology?

The aim of the EJCL, of whose Editorial Board I recently became a member, is to publish articles and promote discussion in regard to the methodology of comparative law and comparative private law. In his Editorial to the 5.3 issue, professor Sjef van Erp mentioned that this also includes the role of law in regulating ICT developments. A key question that comes to my mind when reading this, is what exactly the role of law is in regulating the various consequences of the new dimensions of the Internet, (mobile) electronic commerce, electronic government, e-mail and other forms of electronic communication?

A clear look at the current developments shows that not the traditional legal instruments, but technology itself is gaining more and more importance. All around the world, we note that technology proves to be an important instrument in the handling of legal problems, in particular problems related to enforcing the law. Solutions using legislative measures, provided by court rulings or introduced by means of self-regulatory mechanisms, appear to produce insufficient results. Instead, more adequate alternatives appear to be provided by a variety of technological applications.

Various technologies have been developed and introduced that offer a wide range of opportunities for enforcing the law in an on-line world. Personal data can be protected using techniques such as privacy-enhancing technologies (PET)(1), privacy quality marks(2) and encryption. Electronic management systems(3) can contribute to the enforcement of copyrights, and filtering programs(4) can be used to protect young surfers from certain information on the Internet.

An important advocate of the application of technical instruments to replace legislation is the American professor Reidenberg. In his well-known article in the Texas Law Review, Reidenberg introduces the Lex Informatica as a new instrument of legislation.(5) The basis of the Lex Informatica is that technology can be used to give form to certain rights and obligations. An important advantage of this technical 'instrument of legislation' is that technology obliges users to act in a certain way, so that rights and obligations can be implemented immediately and not ex post, as is often the case with traditional legal instruments. What is and is not permitted is, as it were, preprogrammed.

More recently, the benefits of technology have also come to the attention of policy-makers. Partly with a view to the benefit of the automatic and immediate enforcement of rights, the role of technology in enforcing legislation has come under the spotlight at policy-making level, partly because the market and certain interest groups are demanding this more emphatically. For example, with regard to the field of intellectual property rights, the WIPO (World Intellectual Property Organisation) as well as the European Union in its recent Directive on Copyright in the Information Society(6) have undertaken to provide procedures to enforce copyright. To this end, their Member States are obliged to offer sufficient legal protection to technical measures which those entitled to copyrights can use to enable them to exercise those rights (such as anti-copying measures) and provide legal protection against unauthorised changes or deletions to copyright information (copyrights management information) or the distribution of works which are known to 19 December 2001have changed or removed such information. Now what about the distribution and use of systems that circumvent anti-copying measures in order to exercise the legitimate and longtime recognised right to make a copy of certain copyrighted material for one's own personal use?

Hence, as is often the case, wherever benefits are gained in relation to problems, new problems appear to arise. In this case, problems arise with regard to freedom of expression (for example, as a result of filtering), the protection of privacy (in the case of the use of certain investigation techniques) and communication secrecy (for example, in the event of a further regulation of encryption). Technology appears to enable individuals claiming an apparent right, interest groups of concerned parents, privacy watchdogs and others to dictate their vision of the information society. A close look at the developments reveals other side-effects as well. Technology also appears to play a prominent role in the distribution among participants in the on-line world of opportunities to enforce their rights and obligations. In order to adequately use the technologies and thus guarantee one's rights or obligations, it appears essential that Internet users have adequate insight into the specifics of these techniques. Those who fail to acquire such insight are lost in cyberspace! The application of cookies(7) available via the Internet is a clear example. Whoever unsuspectingly surfs the Internet will soon pick up, without realising it, a variety of cookies that keep track of surfer behaviour on the Net. On the other hand, those who are familiar with the technology, will know how to avoid the cookies and therefore retain more privacy. Moreover, projects such as P3P(8) and PICS(9) show that the degree of privacy or freedom of opinion which people have on the Internet is determined to a considerable degree by adequate knowledge of the use of these resources.

An additional problem is the extent to which technology offers the necessary flexibility to incorporate the nuances of our fine-tuned system of rights and obligations. Experiences in the United States with filter programs have shown that this technology is often much too rigorous. Examples show that non-offensive information is rejected if it includes certain words (for example, sites set up by anti-drug projects are rejected because they contain the term 'drug'). As far as the nuances of our legal system are concerned, one may also point to copyright. Copyright law includes a wide range of detailed exceptions to the authors' exclusive rights in the interest of freedom of information. For example, there is a regulation for the use of certain works for individual private purposes whereby different rules are imposed depending on the type of work (writing, music, software, etc.). Experiences with copying protection techniques implemented by suppliers of information now reveal that such techniques offer no room for adequate exercise of these rights of use in specific situations considering the type of work involved, meaning that the freedom of information is put under pressure. In short, wherever the finesses of our legal system are concerned, the technology usually turns out to be a too coarsely meshed instrument. In addition, the views on what is or is not offensive information also differ per country or culture.

The above shows that it is extremely important to gain adequate insight into the degree to which technology has started to influence the norm-setting in our society. Also, attention should be given to the position of national governments and international bodies in this development. If we fail to recognise the above developments, individuals and market forces will become the key players in defining the norms and values of the on-line world by means of pro-active control through technology. Our law, established by careful procedures under democratic control, will then turn out to be an instrument of only minor importance. The cynical words of the American professor Lessig basically say enough: 'In the well-implemented system, there is no civil disobedience. Law as a code is a start to the perfect technology of justice.(10)

Corien Prins
Tilburg University, Center for Law, Public Administration and Informatisation


1. Privacy-enhancing technologies is a system of technological measures which protect the privacy of users from other persons. The main principle of PET is that technology is used to prevent the use of a variety of identifying personal data. See the report of the Dutch Data Protection Agency and the Information and Privacy Commissioner of Ontario, Canada, entitled Privacy Enhancing Technologies (The Hague 1995); <http://www.cbpweb.nl>.

2. One example is the quality mark that TRUSTe issues. This institution, initiated by the information industry, certifies sites which comply with the privacy policy as drawn up by TRUSTe. These sites are then permitted to display the TRUSTe-logo on the site. See <http://www.truste.com>, date of perusal 21 March 2001. Currently, the system of quality marks is also applied outside the privacy domain. For example, a number of European consumer associations introduced the web-trader quality mark for sites which comply with a certain level of consumer protection during on-line transactions.

3. Electronic copyright management systems are computerised systems which securely control the distribution of works protected by copyrights, manage rights, carry out a variety of monitoring functions and charge reimbursements.

4. Filtering programs are used to 'purify' files from certain words, texts or images which are considered undesirable. It is primarily in the United States that filtering and labelling programs with such poignant names as NetNanny, Safesurf and Surfwatch are used on a large scale in schools and public libraries.

5. J.R. Reidenberg (1998), 'Lex Informatica: The Formulation of Information Policy Rules through Technology', Texas Law Review 3: 553-594.

6. 2001/29/EC, L 167/10, 22 June 2001; <http://europa.eu.int/eur-lex/nl/lif/dat/2001/nl_301L0029.html>.

7. Cookies are files released by web sites visited by consumers onto the same consumer's hard disk so that this consumer is recognised by the site the next time s/he visits it as that specific visitor who has already consulted the information on the site before. In this way, profiles of visiting consumers can be generated.

8. P3P stands for the Platform for Privacy Preferences, a project set up by the World Wide Web Consortium (W3C) that contains a set of protocols and agreements with which browsers or other programs can 'negotiate' automatically on the issuing of personal details. The system works on the basis of privacy wishes and privacy profiles determined by users.

9. PICS stands for Platform for Internet Content Selection. This platform scans the content of web sites and then labels them as necessary. Using filter programs sites without PICS labels are then automatically blocked. This is one way for the Internet to apply self-censorship.

10. L. Lessig (1996), 'The Zones of Cyberspace', Stanford Law Review, 48, p. 1408.

To Issue Archives Search Comments Help EJCL home