The chapter examines how the information revolution impacts the field of data protection in a twofold way. On the one hand, the scale and amount of cross-border interaction taking place in cyberspace illustrate how the information revolution affects basic tenets of current legal frameworks, such as the idea of the law as a set of rules enforced through the menace of physical sanctions and matters of jurisdiction on the Internet. On the other hand, many impasses of today's legal systems on data protection, liability, and jurisdiction can properly be tackled by embedding normative constraints into information and communication technologies, as shown by the principle of privacy by design in such cases as information systems in hospitals, video surveillance networks in public transports, or smart cards for biometric identifiers. Normative safeguards and constitutional constraints can indeed be embedded in places and spaces, products and processes, so as to strengthen the rights of the individuals and widen the range of their choices. Although it is unlikely that “privacy by design” can offer the one-size-fits-all solution to the problems emerging in the field, it is plausible that the principle will be the key to understanding how today's data protection issues are being handled.
TopIntroduction
In order to understand how the information revolution challenges current tenets of the law, focus should be on the ways in which the use of information and communication technologies (ICTs) has changed over the past decades: whereas human societies have been ICTs-related for hundreds of years, but mainly dependent on technologies that revolve around energy and basic resources, today’s societies are increasingly dependent on ICTs and, moreover, on information as a vital resource (Floridi 2014). Several contributions to both Information Technology Law (Bainbridge, 2008; Lloyd, 2011; etc.), and Artificial Intelligence and the Law (Casanovas et al. 2011; Palmirani et al. 2013; etc.) make this point clear: the information revolution has affected not only the substantial and procedural sides of the law, but its cognitive features as well. The impact of technology on today’s legal systems can be fully appreciated through a threefold perspective.
First, technology has engendered new types of lawsuits or modified old ones. As the next generation of offences arose within the field of computer crimes in the early 1990s, technology also impacted on traditional rights such as copyright (1709) and privacy (1890), turning them into a matter of access, control, and protection over information in digital environments (Heide, 2001; Tavani and Moor, 2001; Ginsburg, 2003; Floridi, 2006).
Secondly, technology has blurred traditional national boundaries as information on the internet tends to have a ubiquitous nature. This challenges the very conception of the law as enforced through physical sanctions in the nation-state. Spamming, for instance, offers a good example: it is transnational par excellence and does not diminish despite harshening criminal laws (like the CAN-SPAM Act passed by the U.S. Congress in 2003). No threat of sanctions, in other words, seems to limit spamming.
Finally, technology has deeply transformed the approach of experts to legal information. As Herbert A. Simon pointed out in his seminal book on The Sciences of Artificial, this transformation is conveniently illustrated by research in design theory, which “is aimed at broadening the capabilities of computers to aid design, drawing upon the tools of artificial intelligence and operations research” (Simon, 1996). While scholars increasingly insist on the specific impact of design or “architecture” and “code” on legal systems (Lessig, 1999; Katyal, 2002; Zittrain, 2008; van Schewick, 2010), both artificial intelligence and operations research not only further design but, in doing so, affect the structure and evolution of legal systems (Pagallo, 2010).