Day 1

Stream 1B

Trade Secrets, Cybersecurity & The Wrongful Acquisition Tort 

Sharon K. Sandeen

The discourse surrounding cybersecurity typically involves stories of some form of computer hacking or other nefarious means by which one person or entity gains information from another. While the nature of the information that is obtained is often of value to the victims of the cyber-intrusion or their clients (usually because it is confidential business or personal information), it may also be of little value, particularly in the long-term. Thus, if we want to deter cyber-intrusions, it makes little sense to focus on the nature of the information if the “wrong” is the intrusion itself. As in “meat space” where both burglary and theft of property are two separate and punishable wrongs under both tort and criminal laws, the act of cyber-intrusion and the act of taking valuable information should be understood as two wrongs. Unfortunately, while this notion of wrongdoing is clearly reflected in legal principles that developed at common law for the terrestrial world, it has yet to fully develop in the realm of cyberspace. Seeds of the distinction can be seen in U.S. law when one compares the elements of a claim under the Computer Fraud and Abuse Act (CFAA) and the recently enacted Defend Trade Secrets Act of 2016 (DTSA), with the CFAA focusing on the act of intrusion and the DTSA focusing on the nature of the information taken. But embedded within the DTSA and the state law upon which it is based, the Uniform Trade Secrets Act (UTSA), lies a similar distinction that has not been fully explored in the literature; namely, the distinction between the trade secret wrongs of “disclosure or use in breach of a duty of confidence” and “acquisition by improper means.” Interestingly, it appears that the latter wrong developed in the United States much later than the breach of confidence claim which was imported from England beginning in the mid-19th Century. This paper will explore the development of what is henceforth labeled “the wrongful acquisition tort” for purposes of determining both its origins and elements. A goal of the paper is to determine whether it makes sense to conceive of the wrongful acquisition tort as part of the law of trade secrecy (or breach of confidence) or whether it should stand alone so that the nature of the information acquired is less important that the act of wrongful acquisition itself. One ramification of the distinction may be in how we conceive of the harm that is caused by the wrongful acquisition, particularly in cases where the acquired information is not subsequently disclosed or used. Another is that recognition of a separate tort of wrongful acquisition might allow us to better distinguish between employee and non-employee trade secret misappropriation claims with their differing public policy implications and defenses. Relatedly, understanding the origins and elements of the wrongful acquisition tort may help to define when and how employers should be allowed to contractually define what constitutes improper access (and therefore, wrongful acquisition) of information by employees. 

IoT: What does Trade Secrecy have to do with a Sharing-based Paradigm? 

C. Sappa – J. Ziegelmayer

Technological developments introducing substantial social, cultural and economic changes often lead to long disputes over Intellectual Property rights (IPRs). The advent of the Internet of Things (IoT) will be no different; on the contrary, it will widen the scope of potential litigation issues. IoT is a network of interconnected physical objects, each embedded with sensors that collect and upload data to the Internet for analysis or monitoring and control. Examples include IoT-enabled smart homes, smart-city traffic systems, and smart waste-management systems. In order to carry out their activities, IoT companies can choose between in-house and outsourcing models for embedding their information into cloud services. In either case, they need to protect the information stored against unfair practices of employees, collaborators, and other market operators. Thus, IPRs and data protection become a major concern from the perspective of both companies and consumers vis-à-vis the corresponding legal obligations expected to be included in Service Level Agreements (SLAs). This paper examines the tension created between the protection of information that provides a competitive advantage to IoT companies versus openness, transparency, and consumers’ rights. Thus, the analysis will focus on protection of trade secrets, i.e., information that derives economic value from not being generally known or readily ascertainable by proper means and is the subject of "reasonable efforts" to maintain its secrecy. The analysis examines general principles of trade secrecy protection as understood from several legal frameworks in a comparative perspective as well as related case law and contractual aspects including SLAs. In particular, this paper discusses this protection, which was designed before the advent of the IoT and therefore may not be suited to the new connected and sharing-based paradigm. Specifically, the study contends that liability rules would suit this emerging paradigm better than exclusive IPRs. The focus on this upstream protection will help to understand the bottleneck that may be created at the downstream level as to consumer rights in a sharing and openness-based paradigm for fostering innovation. 

Stream 2B

Innovation of platforms: quis custodiet ipsos custodes?

Dr Jonathan Galloway

Competition law is fast becoming the regulatory instrument of choice in much of Europe for responding to challenges created by platforms, whether as a means of tackling Facebook in Germany, or Google by the EU. Superficially competition authorities appear well equipped to respond to protect the public interest when market structures and established behaviour are threatened by economically powerful platforms, yet competition law has more narrowly defined objectives than that of the public interest, and manipulating a regulatory regime to achieve set outcomes can have cancerous consequences. Competition law and policy encounters many challenges in scrutinizing dynamic markets. The pace of product research and development, and in some sectors also the rapidly increasing interconnectivity of digital products, creates an initial obstacle for competition authorities to undertake an independent, impartial, and informed review of the operation of markets and firm behaviour. There are several ex ante tools that competition authorities can utilize to maintain internal awareness and understanding of key sectors and markets, such as sector inquiries, ongoing engagement activities, and tailored HR policies including professional placement opportunities and targeted recruitment. The competence of competition authorities to understand dynamic markets is a mere starting point to what should be a wider role in the promotion of innovation. This paper focuses on two aspects of the role of competition authorities in promoting innovation. Firstly, this paper argues that competition authorities have a competition advocacy role within government and wider society in educating and highlighting the benefits to be gained from competitive markets. Competition authorities can be provided with various powers to facilitate this role, such as being able to report on pending legislation, but the more significant aspect of advocacy within and across government is likely a willingness to confront long entrenched interests, as exemplified by the sharing economy. Competition authorities should be prepared and able to review existing regulation in light of societal and technological changes, so as to ensure regulation continues to be fit for purpose and is not merely protecting incumbents against disruptive competition. Secondly, when innovative business products and/or practices give rise to competition concerns, this paper argues that it is important for competition authorities to be willing to scrutinize that conduct, but to do so in a manner that is not ‘picking winners’ in fast-moving dynamic markets. Competition authorities must be wary against becoming part of a proxy battle for the market. This paper will argue that competition policy has an important role in promoting innovation within the economy, but it must do so in a way that is perceived as legitimate as opposed to seeking to pursue unspoken non-competition objectives. If competition authorities achieve this they will gain respect and retain their legitimacy within government and the business community, both nationally and internationally. This paper will identify key policy principles that competition authorities ought to abide by in order to secure the legitimacy of enforcement activity against platforms, as well as to secure the broader legitimacy of competition regimes themselves. To foreshadow its conclusion, this paper predicts that, even though things may change dramatically on the surface, the metaphysical s tructure of intellectual property laws seem likely to stay very much the same.

Risk and Online Platforms: Regulatory and other Perspectives

Gary Low 

Singapore, in preparation, for the Chairmanship of ASEAN in 2018, has announced ambitious plans to set up a regional digital economy in an effort to deepen the block’s economic integration and improve global trade competitiveness. Both profits and perils follow, as barriers to cross-border trade in goods and services are progressively dismantled and access to disparate geographic markets becomes more easily facilitated. This paper assesses the risks posed to consumers by online platforms of increased exposure to adulterated or counterfeit goods. It argues that the bloc’s current fragmented approach to the regulation of these types of risks is wholly inadequate. What is called for is a harmonized and robust regulatory framework which in part draws inspiration from the European Law Institute’s (ELI) recent draft model rules for online platforms, as well as proposals for a more coherent strategy for risk management which empowers both national regulators as well as consumers.

Plenary Session 1

CASE law – is there more to Connected, Autonomous, Shared and Electric mobility than just data and liability issues?

Simon Spooner

It’s widely accepted that between them connectivity, autonomy, the sharing economy and electrification are quickly disrupting transport as we currently know it.  Especially when it comes to connected and autonomous vehicles, lawyers are rightly focussing on their attention on knotty issues such the need for regulatory change, who has what access to data for which purposes, how liability is likely to be shared and so on.  But don’t we need to look wider, beyond just the vehicles themselves?  This presentation will delve deeper into the skills and areas of discipline that will be needed by lawyers of the future, both in the short and medium terms, in order to make sure that the next generation of intelligent mobility becomes a reality.

Recreational drones and alleged privacy intrusions: any personal remedies?

Chen Siyuan

The last few years has seen a great proliferation of consumer unmanned aerial vehicles -- or "drones" -- being used for photography and videography. Jurisdictions around the world have struggled to formulate laws and regulations that strike the right balance between privacy and safety on the one hand, and the unbridled development of cutting-edge technology and the freedom of expression on the other. Three factors compound this problem: first, most policymakers do not adequately understand drone technology and its inherent limitations; secondly, drone technology is evolving very quickly; and lastly, because of great public pressure, governments typically patch up existing aviation laws that have no relevance to drones or simply copy laws from other jurisdictions in a case of the blind leading the blind. This presentation presupposes that the day that consumer drones pose a genuine threat to privacy rights is not far away, and examines whether any country has largely succeeded in regulating this aspect of drone technology, while striking the right balance with competing interests.

Day 2

Stream 1A

Normalizing Business Practices Through the Use of Wrap Contracts

Nancy S. Kim

New technologies often create legal and ethical issues.  Courts and legislatures are typically slow to respond to issues created by technology.  Businesses often step into this gap with contracts, which they use to create new business and social norms.  For example, private companies collect vast troves of data for a variety of purposes ranging from personalizing advertisements to assessing insurability.   These data collection practices were unknown to most consumers until the past few years and even now, many consumers are unaware of the extent of online profiling.    In the early days of the Internet, it was unclear whether businesses had the legal right to collect consumer information; however, businesses could reduce the risk of violating existing laws by having consumers consent to the practice.  Consumers were unlikely to consent to intrusive practices in order to use an unfamiliar and questionable service.  Businesses thus used digital contracts to obtain technical consent while at the same time, obscuring to what consumers were consenting.  By the time most consumers realized the extent to which their private information was being disseminated, those data collection practices had solidified into a business norm and consumers had grown dependent upon online services. The Internet of Things poses additional challenges for consumers and privacy and contracts are helping create new norms which govern their use.  Products are being licensed not sold, sensitive information is being collected and distributed, and companies are seeking limitations of liability which run counter to consumer expectations.  Further complicating matters is that many of these “Things” are proclaiming to be services - and not products - and thus not subject to laws governing the sale or lease of commercial goods.  These norms are being established through new forms of contracts.  Consent is a way for companies to reduce risk where the legality of certain actions is uncertain.   Existing laws often allow otherwise prohibited activity with consumer consent.  Consent is typically in the form of a non-traditional or “wrap” contract.  My paper discusses how wrap contracts have been instrumental in shaping today’s online environment which has had a paradigm-shifting impact upon the marketplace and society.  As technology changes, we are certain to see new forms of wrap contracts. I will discuss what the future might look like if we continue to view wrap contracts as legitimate vehicles for contracting and obtaining consent. I also propose solutions which aim to increase transparency and better reflect consumer choices while maintaining efficiency.

Emerging information technologies: challenges for consumers

Kayleen Manwaring

A ‘third wave’ of computing is emerging, encompassing technologies that have been called many names, including ubiquitous and pervasive computing, ambient intelligence, the Internet of Things and eObjects.  This third wave will bring about significant socio-technical change, especially in the lives of consumers.  With this change comes the possibility of a disconnection between consumer protection law and the new things, activities and relationships enabled by the third wave.  In previous research, I developed a framework of core and common attributes, and interactions, to describe the technologies in a way that can be used as a foundation for analysing the implications of the “third wave” from legal, business strategy and public policy perspectives. This paper will use this framework to identify a number of challenges for consumers in consumer transactions arising out of new things, activities and relationships made possible by the third wave that bear further investigation in a number of jurisdictions as to whether they are likely to give rise to legal problems. These challenges will then be appraised in the light of the recently revised United Nations Guidelines for Consumer Protection, to identify whether likely detrimental outcomes for consumers may conflict with these principles. Identification of legal problems is crucial at an early stage of technological development, to assist in avoiding two problems: the first is the stifling of beneficial innovation by over-regulation, the second is the cementing of socially undesirable outcomes if vested interests are left unchecked. Early literature on third wave technologies made it clear that laws concerning consumer privacy need to be a priority for further examination. However, this paper will look beyond privacy to examine other areas that could pose problems. For example, laws concerning safety and quality also need urgent examination in order to deal with widespread security problems already evident in third wave technologies, and particularly the potential for physical harm. Incentives for suppliers to provide intelligible and timely information to consumers must also be evaluated to ensure that complexity of the technology does not effectively negate consumer choice and effective competition. Less evident in current technologies, but likely to be a concern as technologies develop and become more prevalent, is the potential for unfair marketing practices that target already vulnerable consumers or even create them. It is also important that consumer access to appropriate redress for breaching other consumer protection principles be protected, as this forms the foundation of the efficacy of those other principles. This paper is intended to provide a basis for policy makers, lawyers and judge in a variety of jurisdictions to examine whether their current consumer protection legislation can adequately provide appropriate consumer protection in the face of the third wave.

Consent and Disclosure in the Age of the Internet-of-Things

Eliza Mik

This paper addresses the legal challenges resulting from the integration of Internet-based technologies into physical environments. Such integration can be broadly associated with the Internet-of-things, defined as the interconnection of physical objects and the proliferation of to sensor-embedded environments. The Internet-of-things does not involve desktop computers. Interactions can occur using any device, in any location, and in any format. It is not longer about the Internet being a platform for commerce, but about commerce becoming distributed and ubiquitous. The distinction between traditional retail environments and more private spaces, such as homes or cars, becomes blurred. Goods can be ordered from a smart mirror in a shop, from amazon’s echo smart speaker in the kitchen or “by” a personal (artificially intelligent) assistant embedded in a smart fridge. It becomes necessary to analyse the implications of the new types of interfaces: the move away from screens and keyboards towards interfaces deploying voice or touch commands. Some user experiences are designed to mimic, or simulate, traditional retail activities (e.g. selection of goods from virtual shelves) others have no off-line equivalent (purchasing clothes by talking to a smart mirror). Some new retail interfaces require deliberate user interaction, others operate in the background, without consumers are being aware of their presence (e.g. hidden sensors in shopping carts). Irrespective of these divisions, each of which signals a discrete set of problems, the pervasive presence of novel computer interfaces and new ways of interacting with the environment, raises the risk of inadvertent transactions, security breaches and privacy violations. This has implications for the presence of contractual intention and the awareness that a transaction may take place. How do retailers meet consent, notice and disclosure requirements in such non-traditional interfaces? How do they effectively communicate the terms of the transaction, extract consent or alert the consumer that a transaction is occurring? To recall: legal doctrine is still struggling with relatively simple point-and-click interfaces exemplified by e-commerce websites. One can only imagine the controversies that will arise when an AI assistant (embedded in a speaker or in the wall of a changing room) inquires whether the consumer wants to proceed with the transaction. It becomes necessary to approach consent, notice and disclosure requirements from two 2 discrete angles:  contract law and privacy protection.  There is a significant overlap between these areas. Consent and notice are an important part of the contract formation process, while consent and disclosure are the prerequisites of collecting, processing and utilizing personal information. There is another overlap between contract and privacy protection: depending on the business model adopted by particular retailer or manufacturer, consumers may be paying for the use of a particular smart device with their personal information; alternatively the smart device will be partially “subsidized” by the manufacturer’s (or retailer’s) right to collect and utilize the consumers personal information. 

Stream 1B

Talkin’ Bout A Revolution: Artificial Intelligence Authorship

Aviv Gaon, 

Meet Simi. Simi is an artificially intelligent program (AI). Simi passes the Turing Test, which evaluates whether a machine is able to exhibit intelligent behavior; she can be considered ‘conscious’ in this respect, and has the ability to evolve. Suppose that in making her own choices, Simi generates pieces of original music that the programmer never envisioned or intended her to produce. Who owns the copyright to Simi’s music? Is it fair that Simi’s music will belong to a company or person who ‘owns’ her? Should it remain the programmer’s property? Alternatively, is it justifiable to allow Simi copyright over her/its own creations? 

Computer programs and copyright protection have never been considered a good match. Computer programming was not originally perceived as a form of creative expression like music or painting. Intellectual property law (IP) therefore did not offer protection for computer programs in the first stages of their development. The National Commission on New Technological Uses of Copyright Works (CONTU) recommended in 1976 that the United States Congress amend the U.S. Copyright Act to consider the product of a computer program a ‘work’ under copyright law. However, copyright law does not recognise a computer as the author of the copyrighted work. Hence, copyright for the creations of an AI, whatever they may be, will be granted to their programmer (or another owner of the AI itself, whether human or corporate). In challenging the orthodoxy that excludes AI from human-author rights, my presentation will examine the possibility of considering AIs as the authors of their creations under copyright law. The term ‘artificial intelligence’ was coined during the Dartmouth Summer Research Project on AI in 1956. The Dartmouth conference is considered a pivotal event in AI as a research field. However, the roots of AI concept go back to the 1940s and Alan Turing’s famous paper ‘Computing Machinery and Intelligence’. Turing was the first scholar to pose the question, ‘Can a machine think?’ Though many continued his research in the ensuing decades, it was not until the 1990s that AI research truly gained momentum. Part of accepting the ‘AI deserve copyright’ argument involves arguing against the perception that only human creations are worthy of copyright protection. I shall contend that such a perception, which derives from the Romantic author and individualist paradigms, has weakened in modern society. AI presents a new challenge to IP law. Take the incentive theory, for example: the US Constitution empowers Congress ‘to promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries’ (US Const. Art I § 8 cl 8). Granting exclusive rights to authors should impose social costs on the public only to the extent that they encourage creation. At first glance, it might seem that this type of incentive-based reasoning would not apply to an AI since its only motivation would presumably be the provision of electrical power. However, this claim might be false; if we expect AIs to possess human qualities, we can expect that these early AIs may share similarities with human behavior. Another issue is that incentive theory might not be particularly relevant even for humans. 

Sci-Tech Disruption and Intellectual Property:

A Metaphysical Approach to the Future of Intellectual Property Laws

Dr Alexandra George

“Disruption” is a catchword of our time. Innovative technologies are changing the face of industry, changing the nature of work, and changing the realms of possibility. Emerging technologies such as 3-D printing, artificial intelligence, and blockchain, are changing the way people think about the future and seem likely to prompt developments in intellectual property. Medical advances are making personalized drugs increasingly realistic. Growing replacement and enhanced body parts in laboratories and controlling machines merely with brainwaves are no longer just fantasies from sci-fi movies. Humans are increasingly outsourcing our thinking to computers and our memories to electronic gadgets. Mind downloads, interconnected brains, and an era filled with cyborgs and transhumans may be just around the corner. As happened during previous periods of scientific progress and technological revolution, inventive developments are increasingly disrupting the established order of things.

A hegemonic part of that established order is intellectual property law, which affords property rights over many new creations. Intellectual property laws are often justified as promoters of innovation and development, and they are credited with stimulating investment in novel technologies. At the same time as they are tasked with fostering creativity and invention, these laws are themselves subject to the effects of change wrought by the ideas, information, technologies and symbols whose development they have underpinned. Thus, not only can intellectual property laws be agents of scientific and technological change, but sci-tech is often a propellant of responsive amendments and updates to intellectual property laws. In the face of such transformational change, will the development of intellectual property law be evolutionary or revolutionary? Will change to the law be radical or subtle? What will intellectual property laws look like in the future?This paper uses a metaphysical analysis of intellectual property laws to explore how these questions are likely to be answered in the future. Investigating the nature and form of intellectual property law, and the essence of its constituent parts, it examines how those laws might respond to disruptive technologies. Could new disruptive technological developments shake the foundational legal concepts that are used to construct intellectual property objects?⁠ For example, would scanning and mapping the contents of human minds/brains, or backing that 'copy' of a person's thoughts and memories up to a computer, challenge fundamental premises underpinning copyright law? What would happen to the idea/expression dichotomy if all human ideas could be automatically mapped in material form by scanning and recording brain waves? Could the fixation requirements survive? This paper explores these issues.

Losing Funny Money - The Future of Risks and Gains Underlying Block Chain Technologies

Professor Katja Weckström (Lindroos)

UEF Law School, University of Eastern Finland

Block chain technology is predicted to transform the world order, including law and democracy, as we know it. Many applications of this technology, including cryptocurrencies and the service institutions linked to them, are challenging laws and societal structures globally. This paper applies Lessig’s theory of governance. Whether activities are regulated by technology, law, markets or social networks, is merely a question of transforming the power-balance in society. Existing Western law is primarily a manifestation of legal regulation designed to further the value of democracy. Thus, the Rule of Law is merely a contract to play by the rules set by the majority at any given time. Democracy is the vehicle for transforming law. While blockchain-technology is superior for certain financial transactions, we should recognize technology as a means of governance as any other, and not assume superiority for every kind of peer-to-peer transaction. With every technology comes the context of its use and the risks and gains surrounding transactions. This paper assesses the transformative potential of blockchain technology as a tool for governing risks arising in the context of transactions, whether verifying identities, encrypting content or providing means of exchange. It argues that blockchain technology relies on existing regulatory structures for essential elements of concluding reliable transactions. It is not suited to replace legal regulation or adherence to the Rule of Law. While regulation by technology may be superior at forcing compliance, services linked to and uses of cryptocurrency leave significant room for usurpation of power. Regulation by markets (free market economy) or by social networks (sharing economy) are suitable for transactions between users that share the same level of risk and same personal value allotted to the transaction. These transactions require consent. However, these forms of regulation are susceptible to usurpation of power by third parties or groups. Each rely on the laws of contract and tort to function, and the enforcement tools available to those wronged. This paper introduces a shift of focus in legal regulation to accommodate new networks of governance.

Stream 2A

Artificial Intelligence’s Enigmatic Glitches: Practical Challenges Confronting Tort Law in the United States, Europe, and Japan 

Mizuki Hashiguchi 

Intelligent machines are becoming increasingly prevalent in our society. In December 2016, an autonomous drone successfully delivered a television streaming stick and a bag of popcorn to the purchaser’s garden in Cambridge, U.K. As of February 2017, self-driving vehicles are being tested on public roads in California, U.S.A. A medical robotics manufacturer in the United States and a Dutch technology company developed a platform that enables artificial intelligence to guide the movement of catheters used during medical surgery for blood vessels. In Japan, an environmental engineering company created an artificial intelligence system that learns how to autonomously monitor garbage incineration facilities, and gives advice on how to ameliorate a facility’s operations. A concern associated with autonomous technology is that intelligent machines might behave in unexpected ways. For instance, there are statistics indicating that self-driving software commits an error approximately “once per mile.” Thus, errors in artificial intelligence cannot be ruled out. Generally speaking, glitches in intelligent machines could lead to injury to individuals and property, as well as economic loss to businesses. This academic paper analyzes the practical challenges that artificial intelligence poses to the application of traditional tort law principles. The paper focuses on tort law in the United States, United Kingdom, France, and Japan through three perspectives. First, the level of the duty of due care needs to be reexamined in light of the emergence of intelligent machines. The level should be high enough to ensure that members of society will not be subject to unreasonable risk of harm linked to artificial intelligence that runs out of control. At the same time, however, the standard of care imposed on the creators and users of intelligent machines should preferably not be so high as to stifle the development and use of beneficial autonomous technology. Second, an evaluation of proximate causation is a challenge because the behaviors of intelligent machines are often unpredictable. Under the doctrine of proximate cause, individuals and entities would not be liable for unforeseeable results. If an intelligent machine behaves in a harmful manner due to an enigmatic error in the decision-making process of artificial intelligence, should the resulting damage be characterized as unforeseeable or foreseeable? One could argue that the consequence is unforeseeable because intelligent machines are meticulously designed to operate properly. On the other hand, one could also argue that the damage is foreseeable because bizarre errors are part of the innate characteristic occasionally exhibited by artificial intelligence. Third, the allocation of responsibility for damage caused by intelligent machines is complicated by the fact that the designers, developers, manufacturers, sellers, and users of artificial intelligence systems often do not have control over every single movement of intelligent machines. Moreover, when artificial intelligence makes an erroneous decision after learning from a vast amount of data, a human inspector might not be able to identify the error. A circumspect approach is instrumental in allocating the responsibility for the behavior of intelligent machines to ensure fairness in the imposition of responsibility while achieving just and equitable compensation. 

Siri, Who’s the Boss? For Whom Do Intelligent Agents Work? 

Salil K. Mehra

Temple University, Beasley School of Law, Philadelphia, USA 

Intelligent agents are already here. They exist not only in our smartphones (Apple’s Siri), but increasingly, in our homes (Amazon’s Alexa) and vehicles – consider the workings of the semi-self-driving Tesla. Not too long ago, the view that computers and computer programs were mere tools of the person using them was seen as incontestable. But increasingly, policymakers are confronting the possibility that computer programs may develop the capacity to act as agents in the legal sense. This Article confronts three different established paradigms by which to answer a potentially very important legal question: For whom do intelligent agents work? The answer to this question may affect liability under a variety of legal regimes, including contract, tort and competition law – and looking forward, as the capacity for agency increases, labor and anti-discrimination law. First, contract law might answer that intelligent agents’ true masters are defined by their terms of service – but a review of these agreements reveals key contract formation problems. Second, agency law might suggest that users – who chiefly direct these intelligent agents – are their masters, though current agency law’s fixation with software as a “mere tool” of its user oversimplifies the relationship. Finally, competition law and its “single entity” doctrines focuses less on form than on function; however, intelligent agents may perform both economic and non- economic functions that might require more varied treatment than competition law provides. As a result, this Article concludes that, initially, a sliding scale based on the degree of economic versus non-economic function should be used to determine the standard to be applied to decide for whom intelligent agents work. 

Stream 2B

Contracting for the Internet of Things: Fading out the Echo of Privacy and Consumer Protection 


This paper studies the contracts of the Internet of Things with a focus on privacy and consumer protection. An empirical qualitative methodology is adopted; Amazon Echo is the chosen use case, for at least three reasons. Firstly, it is the main smart home product launched in 2016, thus enabling a comparison with my previous research where I focused on the Nest thermostat, with which Echo is interoperable (Noto La Diega and Walden 2016). Secondly, it enables an analysis of the intersection between the Internet of Things and the latest obsession, i.e. artificial intelligence, thanks to Alexa, its voice assistant. Thirdly, Alexa is Amazon’s attempt to become the operating system for the Internet of Things, “just as Google Android and Apple iOS have done with mobile” (Kharpal 2017). Noto La Diega and Walden (2016) showed that, in the Internet of Things, consumers’ trust is betrayed by a contractual quagmire. Analysing the terms of service, privacy policy, end-user licence agreements, etc. (collectively ‘legals’), we saw that they were too many, too long, too opaque. We evidenced the potential unenforceability of some sections, particularly under the Unfair Terms EU Directive. We also suggested to revitalise a sometimes forgotten legal regime called product liability in order to strengthen the consumers’ position. This on the basis of a new definition of product as the inextricable mixture of hardware, software, data and service. This research will enable to test our previous hypotheses. The contractual situation of Nest and Echo appears similar, this confirming our hypothesis. Indeed, if one uses or accesses Amazon’s home automation device, they must agree to the following terms: Alexa Terms of Use, Conditions of Use, Privacy Notice, Cookies & Internet Advertising, Amazon Prime Terms and Conditions, Amazon Music Terms of Use, Kindle Terms of Use, Audible Conditions of Use, and Amazon Device Terms of Use. The contractual review, as carried out in our previous study, is now coupled with the Flesch-Kincaid Grade Level Readability Test, as well as with a text analysis software. The latter will be used not only to point out patterns and issues in the ‘legals’, but also to peruse the users’ reviews (currently 4105 on Amazon eCommerce portal). This will enable to understand what are the key issues in the consumers’ views, thus following a genuine problem-based approach. It is interesting, for instance, the in the top 4 of the top rated answers, there are two replies to questions concerning surveillance and privacy. This might confirm those data whereby the consumers care about their privacy, even though they behave in a way to give away privacy (the so-called privacy paradox). The fact that people accept the ‘legals’ without reading or understanding them (Fairer Finance 2014) is part of this paradox. Therefore, in this paper I refine the proposal of Noto La Diega (2016) of an ‘awareness by design’ app.

The IoT for kids: How to protect the privacy of young persons in an interconnected world

Assoc Prof Normann Witzleb

Today’s children and young persons grow up in an increasingly interconnected world. Their use of smart devices generates huge amounts of personal information about their social interactions, their educational progress and their health. While the Internet of Things can offer major benefits, the social and legal norms around these technological advances are still in development. Connected devices can educate, entertain and protect children, but the ill-considered exposure to constant monitoring and analysis may also have detrimental effects on a young person’s social and personal development. This paper will enquire into this new threat to children’s privacy, explore the interests of children, parents, schools and other parties that require consideration and discuss how the data protection framework in which such activities take place should be formulated.

Stream 3A

FinTech and Smart Law Enforcement in Luxembourg and the UK 

Dr Gavin Robinson Université du Luxembourg 

FinTech innovations represent serious barriers to the application of criminal law since, similarly to internet service providers, they process information shared or stored by data owners. If criminals use FinTech companies, traces of their activity are not available to law enforcement authorities (LEAs) without the cooperation of those private entities. Without their help, LEAs would often simply not be able to detect, investigate and/or prosecute a large number of offences. Cooperation between LEAs and Fintech companies is therefore crucial, but existing cooperation rules in national criminal procedure are greatly challenged as regards scope of application ratione personae, materiae and loci. FinTech companies present an exponential “window of opportunity” for cybercriminals. The scale, impact and growth of such cybercrime are huge and merit close analysis. For instance, payment data hacking in the US was at an all-time high in 2014, with an increase of 21% on the year before. Cybercrime and other black market activities (including money laundering, but also many other types of organised crime) committed via Fintech companies raise questions as to the link with security issues and liability of financial institutions and FinTech companies. One of the most innovative aspects of FinTech is that it may lead to the automatisation of know your customer (‘KYC’) or compliance measures and thereby outstrip duties to cooperate with law enforcement. FinTech thereby allows compliance costs to be reduced through the privatisation of law enforcement. Involving private sector entities in law enforcement is a growing tendency that can be traced back to the monitoring duties imposed on financial institutions to prevent money laundering and terrorist financing. FinTech, however, promises not only to use innovative technologies in order to disrupt the delivery of traditional financial services per se but, through RegTech, to harness those same technologies in order to create vastly more efficient forms of private law enforcement – a recent example being the emergence of fraud detection startups. The premise of this paper is that cooperation of FinTech companies with LEAs will become increasingly important due to the opening up by fast-developing technologies of new avenues for criminal wrongdoing. Drawing on comparative analysis and interaction with stakeholders in both financial centres, it explores the questions: What specific concerns do FinTech companies in Luxembourg and the UK face in practice when they are obliged to cooperate with law enforcement authorities? What is the scope of application of national cooperation rules in the two selected legal systems, and how can these be improved in order to keep pace with fast-developing FinTech, while also ensuring more legal certainty and coherence and striking a satisfactory balance between effective law enforcement and fundamental rights (in particular, the rights to privacy and data protection and the right to a fair trial)? How might emerging RegTech be harnessed in order to enhance FinTech-LEA cooperation and protect against new risks, and is such a ‘privatised law enforcement’ approach feasible and desirable for FinTech? 

Under the Electronic Eye: a legal evaluation of predictive policing 

Lucia Sommerer

"The[...]choice is [...] whether collectively we will allow the coders to select our values for us."

Time Magazine named predictive policing one of the 50 most important innovations in 2011. The software concept that is designed to give police departments the locations of future crimes before they occur has since spread around the world and is considered one of the most promising technology-led law enforcement tactics to date. My article argues that the pursuit of security via predictive policing poses a significant challenge for the rule of law principle and fundamental rights. In addition to an analysis of the legal implications of predictive policing, the thesis suggests a framework of principles by which predictive policing may be governed in the future. From a legal evaluation perspective, it will take an in-depth look at current predictive policing tactics worldwide as well as a look at the future of predictive policing with regard to the use of artificial intelligence and social media data. At the center of this article lie the following research questions: What legal implications does a predictive policing approach hold with regard to the Anglo-American principle of the rule of law (and its continental European equivalent of the Rechtsstaatsprinzip), fundamental rights and the reasonable suspicion threshold for police action? Particular areas of interest are in this regard privacy and equality rights, transparency and accountability. Will predictive policing de facto lower the bar for police action? Do predictive policing schemes touch on data protection questions? Are predictive algorithms neutral and unbiased or are they a mathematically justified method for racial profiling and discrimination? Details about the exact composition of the algorithms are classified, and trade secrets are a necessity for companies that operate for financial gain, but does this secrecy contradict the rule of law if the algorithm is applied by governments in a policing context? How should predictive policing be regulated? Predictive policing algorithms are being developed by mathematicians in conjunction with social scientists without professional legal input and are being deployed by police departments without in-depth legal counsel. Based on the findings to the primary research questions this article will develop a framework of principles by which predictive policing may be governed and conceptualize a control and regulating regime. Such predictive policing governance regime will further address legal safeguards towards conceivable future predictive policing developments, e.g. the use of social media as a data source. Hype and fear around predictive policing have been growing in the recent years. This is an important moment for a grounded inquiry into predictive policing’s socio-legal effects and prospects. Legal scholarship must not allow itself to be overtaken by the rapid technical evolution. 

Can Machines Really think? Perspectives from a Computer Science – Trained Law Prof

By Assco Prof Hannah YeeFen LIM

This paper will debunk the myth of “intelligence” in Artificial Intelligence (AI) machines and Autonomous Vehicles (AVs) ie self-driving cars. It will explain in comprehensible lay person language the workings of AI from a computer science and software engineering a perspective. From this “bottom up” software engineering first principle foundations, it will argue that the legal regulation of AI machines an AVs should be considered in a nuanced and holistic manner. The question of legal liability for such devices and machines should not be left to manufacturers of AI machines and AVs to simply assert “black box” technology or trade secret protection and certainly not left to contractual clauses. To do so would be to abdicate responsibility for the safety and protection of citizens.

The paper comes from a book written by the presenter entitled Regulating Autonomous Vehicles and Artificial Intelligence Machines to be published by Edward Elgar Publishing in 2018

Online Dispute Resolution: Challenges and Lessons for Dispute Resolution 

Dorcas quek and Eunice Chua

Artificial intelligence and recent technological innovations have transformed not only the existing legal infrastructure, but also how disputes are resolved. Online Dispute Resolution (“ODR”) has grown in prominence as a way to bring quick and effective redress in e-commerce and a wide array of other conflicts. This paper discusses the implications of ODR on dispute resolution and prevention, exploring issues such as the multi-faceted role played by technology as the “fourth party” within the dispute resolution process; security and confidentiality issues;  the function of face-to-face interaction; and how dispute resolution is likely to evolve in the light of the rapid changes in ODR.

Stream 3B

Not-So-Big and Big Credit Data, Data Brokers, and FinTech in the EU: Old and New Challenges in an Enduring Policy and Legal Conundrum

Dr Federico Ferretti

The paper discusses the role and usage of traditional and non-traditional consumer data in the retail financial markets of the European Union in the context of the economic theories, policies, and law within which they work. Across Europe there is no common practice of using the credit data of consumers, which can be exploited for several purposes. Mostly, they are used by the lending industry as a risk-management tool to underwrite borrowing decisions or price risks, but they can also be used as a practice of creditworthiness assessment. In some Member States, consumer data are part of a broader information centralisation system for the prudential supervision of banks and the financial system as a whole. Within this already complex picture, emerging technologies and the processing of new generations of personal data are starting to give way to new business models that can transform retail financial markets (Fintechs). Whatever the function the data perform, their source, type, breath, and depth differ greatly from country to country. Unlike for the harmonisation of EU rules on credit to consumers for the creation of the internal market, the underlying consumer data infrastructure remains fragmented at national level, failing to achieve univocal, common, or defined policy objectives under a harmonised legal framework. Likewise, the establishment of the Banking Union and the prudential supervision of the Euro-area demand standardisation and convergence of the data used to measure debt levels, arrears, and delinquencies. The many functions and different usages of credit data suggest that the policy goals to be achieved should inform the design and structure of the databases, as well as the role, legal, and institutional framework of the organisations managing the data system (the Data Brokers). This is also because fundamental rights and consumer protection concerns arise from the dissemination and sharing of traditional and non-traditional data, as well as from their expanding uses. Against the potential benefits in the use of personal data, consumers face risks for data protection, as well as financial and social exclusion. This is an area of the EU internal market that demands attention of the EU legislator without further delays.

Distributed ledger technology architecture for the automation of claims against overdue payments in commercial transaction: a proof of technology under Italian law.

Marco Crepaldi

The delay of payment in commercial transactions is a pressing problem for small and medium-size companies. On average small businesses wait twice as long for invoices to be paid in respect to larger companies, often this delay causes a lack of liquidity that can even lead to bankruptcy. In this paper, we investigate the possibility and the feasibility of an information system to automate the process of legal enforcement of commercial transactions (invoices in particular) to improve efficiency and lowering the costs of legal assistance. The proposed architecture is modular, in the sense that specific components may be added or removed in compliance to specific regulation on a jurisdiction-base. The system consists of a distributed ledger for the transmission of information about the claim and a smart contract-type layer (combined with a document generator and a web-based user interface) for the automation of the steps necessary to keep track of the status of the invoice and, eventually, forwarding a claim to obtain a court order of payment. The proposed system may also be limited to the processing of metadata about a specific transaction such as amount (automatically adding interest in accordance to the various late payment regulations) date due, eventual partial payment etc., therefore its implementation does not depend on a specific jurisdiction and it may be (also) designed with the requirement of human intervention if needed. In the end of the paper we apply the proposed architecture to Italian jurisdiction proving that the proposed technology could (a) reduce inefficiencies in the process of claiming a payment for a commercial transaction (b) reduce the risk of errors (c) reduce the costs of access to the judicial system thereby improving accessibility and (d) foster the competitivity of small and medium companies.

Taxation of Cryptocurrencies: the Bitcoin case from a European perspective 

Luisa Scarcella 

Cryptocurrencies and in particular Bitcoin have reached an increasing importance within our society and economy in the last years. Because of the particular features characterizing Bitcoin, such as pseudonymity, its digital creation and transaction, its independency from physically intended space and its decentralization, trying to regulate this innovation tends to be an extremely difficult process. The positions taken by international and European institutions in the last two years were many and different, often in contrast with each other. Although important institutions like OECD, the International Monetary Fund, the European Commission, the European Central Bank and the European Banking Authority are aware of the complexities and risks given by decentralized digital currencies, we are still far from concrete policies on the subject.  At the same time, also from a tax law perspective, the main characteristics of this particular technology represent a true challenge to our traditional tax systems. In order to be able to address the taxation issues rising from this cryptocurrency, first of all it is essential to analyse the three economic activities interrelated to Bitcoin, which are: mining, financial transactions and the possibility to purchase goods and services. With reference to the substantial taxation issues, these three activities have different relevance whether we examine direct or indirect taxes. In relation to indirect taxes, the European Court of Justice (ECJ) “Hedqvist” decision (Case C- 264/14 Skatteverket v David Hedqvist) is particularly important. With this decision, the Court stated, not surprisingly, that the exchange of Bitcoin for fiat currency consists in a supply of services. However, a far more interesting aspect is the fact that the court (following the Advocate-General’s opinion) held that an exchange of bitcoin fell within the exemption in Article 135(1) lit. e) of the VAT Directive, which exempts transactions ‘concerning currency, bank notes and coins used as legal tender’ from VAT. Nevertheless, in many Member States, the treatment in terms of direct taxation of this particular cryptocurrency differs from the one suggested by the ECJ for VAT issues, as they do not recognize and do not treat Bitcoin as other means of payments (such as legal tender). The aim of this paper is to offer an overview of the current tax treatment of Bitcoin, starting from the positions assumed by international and European Institutions. Furthermore, based on how we define the nature of Bitcoin, an analysis of the taxes that shall be levied on cryptocurrencies ́ related activities will be provided, also referring to the current situation in some European Member States.

On Blockchain Technology Applied to Securities Markets 

Frank Hoogendijk

Blockchain is the talk of the town. Blockchain technology, i.e. distributed ledgers that enable decentralized verification, is believed to make “the middleman” in various sectors completely redundant.  In a first wave, the financial sector will be subject to this disruptive new technology. The success of Bitcoin, Ether and other cryptocurrencies is making financial institutions and central banks anxious. Initiatives such as R3, a consortium of more than 70 of the world's largest financial institutions that conducts R&D with regard to blockchain in the financial sector, is a good illustration thereof. Are the middlemen actually scared of being side- lined? Or are there also other reasons for their interest in blockchain technology? The envisaged research paper/presentation will be exploring the (lack of?) potential of blockchain technology in the financial sector. More specifically, we want to investigate the development of blockchain based secondary markets for securities. The first blockchain based secondary market for shares was developed by Bolero (KBC Bank) in Belgium. The research presentation would look into the pro’s & con’s of using blockchain technology in this respect, based on critical interviews with the Bolero developers, project leaders and KBC’s legal team. Furthermore, we will be comparing the Bolero secondary market with similar initiatives that have been taken around the world. We will be deriving a current state of play on the use of block chain technology for new secondary markets, and provide relevant insights from a corporate/financial and regulatory law point of view.  Finally, we  will be looking into whether there are reasons for regulatory intervention regarding the use of blockchain technology in the financial markets sector. Laws and regulations can, after all, both enable and inhibit innovation. 

Presentations Blockchains – Implications for Commercial Law

Beyond BitCoin – legal impurities and off-chain assets

Professor Chris Reed

BitCoin is conceptually a “pure” technology, in that the system undertakes the minimum level of activities which are necessary to perform its  core functions of recording and transacting entitlements to assets (proof of work aside). However, if we attempt to use the technology for off-chain assets, such as shares, tangible goods or real estate, we discover that there is a host of legal requirements which demand that “impurities” are built into the technology. The primary function of any distributed ledger system is to provide evidence about participants, objects and transactions between them. This works well for on-chain assets like Bitcoin, but less well for tangible assets and real estate because rights in those assets cannot be completely captured on the ledger. However, the technology is potentially useful for intangible off-chain assets provided that the necessary legal impurities do not damage the evidential value of the ledger. The purpose of this paper is to identify those legal impurities and then analyse whether they should be incorporated into the technical workings of the system, or whether is it necessary to be more radical and “purify” the legal regime so as to allow distributed ledger systems to work most efficiently.

The use of blockchain in developing electronic alternatives to bills of lading: legal aspects

Miriam Gioldby                           

This presentation will examine the potential for blockchain to substitute paper transport documentation, providing a cost-efficient and widely-accessible functional equivalent. In doing so it will analyse various pilot programmes, in particular, trials by Maersk and IBM and by Wave BL and Barclays. The main focus will be on the legal questions that may potentially arise as a result of the use of these alternatives for cross-border trade.

Bitcoin as Property

Kelvin Low

Associate Professor, SMU

The hype over bitcoins has been compared to the tulip mania in 17th century Netherlands and it has spawned a host of similar cryptocurrencies. As it has gained in popularity, the law has approached the subject warily, mostly from a regulatory perspective. However, no comprehensive consideration of the fundamental nature of a bitcoin owner’s private law relation to his/her/its bitcoins has been properly conducted. Whether or not bitcoins or other cryptocurrencies achieve mainstream adoption or remain of interest to only a niche audience, this question will inevitably have to be properly addressed. This paper proposes to consider if bitcoins might be recognised as the subject of property rights by Commonwealth courts and if so, what such rights ought to entail. It will begin with a careful consideration of the controversial question of the scope of the law of property before considering bitcoin’s place within the law of property (if any). What is the meaning of property in the common law? What fundamental differences exist between tangible and intangible property? If ownership of bitcoins is worthy of protection, what shape should it take? It suggests that the common law adopts a more expansive view of property than civilian systems and that it is thus able to accommodate bitcoins and other cryptocurrencies within its law of property. However, owing to their unusual nature, legal rights to them must take on a unique and unorthodox form. The code underlying Bitcoin also poses particular challenges to the law which this paper also addresses. 

International trade in the electronic age – Blockchains and Electronic Bills of Lading

Jens Krebs

For centuries sales of goods at sea involved the use of bills of lading. Those documents are employed to deal with a number of issues which arise in international trade when the parties are apart, and with the rise of electronic means of communication various attempts have been made to transpose them into a digital form. All those attempts faced a serious challenge which none of them was able to solve satisfactorily. The bill of lading has a special characteristic distinguishing it from all other types, ie. it is a document of title and as such confers constructive possession over the goods it lists onto the rightful bearer of the bill. The uniqueness of this document is an essential ingredient which ensures that the number of possible holders is limited by the number of originals tendered. In an electronic context, however, the ‘original’ is not ‘transferred’ in that the holder gives up ‘possession’ and ‘hands over’ the document; rather, it creates an identical copy of the ‘bill’ thereby undermining the purpose of such document. The way to avoid this so far has been the use of a closed system. A carrier will create an entry in the system’s database which represents the bill of lading and, thus, identifying the legal holder. This ‘e-bill’ can then be transferred to other parties and the party currently associated with the e-bill is deemed the ‘holder’ and has title to the goods identified by it. The downside is that all parties must be registered with the same service platform requiring a periodical subscription fee. With the use of blockchain technology, it will be argued, there is a way of uniquely identifying an electronic document (and its contents) and attribute its ‘ownership’ to a person. This person must be a user of the blockchain system, participation to which is not subject to a subscription fee. Yet, there are still a number of uncertainties which have to be cleared up before the use of this technology can be recommended. First, the suitability of the technology ought to be considered generally to explain the benefits of using a ‘trustless’ system. Further difficulties may, however, arise with regard to special types of bills of lading requiring ‘indorsement’ which is traditionally done by way of signing the bill.

-Presentation: Machine Learning and the Law

Machine Learning: Regulatory Challenges, Regulatory Opportunities, and Regulatory Red Lines

Roger Brownsword

Building on previous work, Professor Brownsword will consider three large regulatory matters raised by the dramatic emergence of machine learning technologies.

First, as with any emerging technology, regulators face the threefold challenge: (i) to support rather than stifle beneficial innovation; (ii) to make provision for an acceptable management of risks to human health and safety and the environment; and (iii) to respect fundamental community values. How are regulators to meet these desiderata, neither over-regulating nor under-regulating and regulating machine learning in a focused and sustainable way? 

Secondly, machine learning presents an opportunity to enhance the technological tools that are already available to regulators (identifying individuals and groups that are, respectively, ‘high risk’ or ‘low risk’ in some relevant respect). Is this an opportunity to be taken? How far will societies tolerate the employment of tools that are not entirely transparent, that involve ‘false positives’ and that might amplify existing biases? 

Finally, should there be any red lines with regard to the use of machine learning? It will be suggested that, at the very least, regulators should protect the essential preconditions for human social existence whatever the supposed benefits of new technologies.