The right to trust your vote: Cybersecurity, human rights and electronic voting download

van Daalen, O. & Hoekstra, N.
2024

cybersecurity, Electronic voting, Human rights

Bibtex

Report{nokey, title = {The right to trust your vote: Cybersecurity, human rights and electronic voting}, author = {van Daalen, O. and Hoekstra, N.}, url = {https://www.ivir.nl/publications/the-right-to-trust-your-vote-cybersecurity-human-rights-and-electronic-voting/vandaalenhoekstra2024a/}, year = {2024}, date = {2024-12-05}, keywords = {cybersecurity, Electronic voting, Human rights}, }

Annotatie bij Hof van Justitie EU 9 maart 2021, Hof van Justitie EU 22 juni 2021 & Hoge Raad 27 januari 2023 download

Nederlandse Jurisprudentie, iss. : 34, num: 314, pp: 6726-6728, 2024

case law, Copyright

Bibtex

Case note{nokey, title = {Annotatie bij Hof van Justitie EU 9 maart 2021, Hof van Justitie EU 22 juni 2021 & Hoge Raad 27 januari 2023}, author = {Hugenholtz, P.}, url = {https://www.ivir.nl/publications/annotatie-bij-hof-van-justitie-eu-9-maart-2021-hof-van-justitie-eu-22-juni-2021-hoge-raad-27-januari-2023-stichting-brein-news-service-europe/annotatie_nj_2024_314/}, year = {2024}, date = {2024-12-05}, journal = {Nederlandse Jurisprudentie}, issue = {34}, number = {314}, keywords = {case law, Copyright}, }

Demonopolizing the European Public Domain: Google Books Exclusivity Clauses and the Open Data Directive download

Arends, A., Bont, A. de & Rosenberg, M.
2024

Abstract

This report is the result of a collaboration between Open Future and the Glushko & Samuelson Information Law and Policy Lab at the Law Faculty of the University of Amsterdam. Open Future is interested in understanding the evolving landscape around the use of public domain and openly licensed works for the purpose of training Generative AI systems. One of the largest sources of such data are the digitization partnerships between a number of European libraries and Google that were launched from 2010 onwards. These digitization partnerships were controversial at the time because they contain clauses that ensure that Google enjoys an exclusivity period with regard to commercial use of the digitized works. As a result, Google has a privileged position when it comes to access to large swaths of the European public domain. In the context of the emergence of generative AI as a new technological paradigm, access to this data likely constitutes a signicant competitive advantage that is hard to reconcile with both the public domain status of these collections and policies aimed at providing a level playing eld for smaller and European AI developers. In April 2024, Open Future approached the Information Law and Policy Lab with a request to examine the legal status of the datasets produced by the Google Books project in regard to their exclusivity clauses.

Bibtex

Report{nokey, title = {Demonopolizing the European Public Domain: Google Books Exclusivity Clauses and the Open Data Directive}, author = {Arends, A. and Bont, A. de and Rosenberg, M.}, url = {https://www.ivir.nl/publications/demonopolizing-the-european-public-domain-google-books-exclusivity-clauses-and-the-open-data-directive/241127_demonopolizing-the-european-public-domain/}, year = {2024}, date = {2024-11-14}, abstract = {This report is the result of a collaboration between Open Future and the Glushko & Samuelson Information Law and Policy Lab at the Law Faculty of the University of Amsterdam. Open Future is interested in understanding the evolving landscape around the use of public domain and openly licensed works for the purpose of training Generative AI systems. One of the largest sources of such data are the digitization partnerships between a number of European libraries and Google that were launched from 2010 onwards. These digitization partnerships were controversial at the time because they contain clauses that ensure that Google enjoys an exclusivity period with regard to commercial use of the digitized works. As a result, Google has a privileged position when it comes to access to large swaths of the European public domain. In the context of the emergence of generative AI as a new technological paradigm, access to this data likely constitutes a signicant competitive advantage that is hard to reconcile with both the public domain status of these collections and policies aimed at providing a level playing eld for smaller and European AI developers. In April 2024, Open Future approached the Information Law and Policy Lab with a request to examine the legal status of the datasets produced by the Google Books project in regard to their exclusivity clauses.}, }

The New F-word: The case of fragmentation in Dutch cybersecurity governance external link

Mirzaei, P. & Busser, E. de
Computer Law & Security Review, vol. 55, num: 106032, 2024

Abstract

The fragmentation of the Dutch cybersecurity government landscape is a widely discussed phenomenon among politicians, policy makers, and cybersecurity specialists. Remarkably though, a negative narrative is underlying the idea of fragmentation, suggesting that we are dealing with a serious problem. A problem that has the potential of impeding cybersecurity governance in the Netherlands. This research zooms in on how cybersecurity governance is organised within the central government, and which organisations are concerned with the creation, implementation, and oversight of cybersecurity policies vis à vis Dutch society. This article provides an overview of all central government organisations (de Rijksoverheid) that are involved in cybersecurity governance on a strategic level. This research provides the first step in doctoral research into the possible implications of the fragmentation of cybersecurity governance in the Dutch central government, and how this fragmentation could potentially impact policy creation, implementation, and oversight. Based on the mapping of this governance landscape, it set out to measure fragmentation based on the number of units or organisations that are concerned with cybersecurity governance in the central government on a strategic level. This study has found that based on Boyne's (1992) notion of fragmentation and the Dutch governments’ definition of tiers, the Dutch cybersecurity governance landscape could indeed, when meticulously following Boyne's counting procedure, be regarded as fragmented.

cybersecurity, fragmentation, Internet governance, the netherlands

Bibtex

Article{nokey, title = {The New F-word: The case of fragmentation in Dutch cybersecurity governance}, author = {Mirzaei, P. and Busser, E. de}, url = {https://www.sciencedirect.com/science/article/pii/S0267364924000980}, doi = {https://doi.org/10.1016/j.clsr.2024.106032}, year = {2024}, date = {2024-11-15}, journal = {Computer Law & Security Review}, volume = {55}, number = {106032}, pages = {}, abstract = {The fragmentation of the Dutch cybersecurity government landscape is a widely discussed phenomenon among politicians, policy makers, and cybersecurity specialists. Remarkably though, a negative narrative is underlying the idea of fragmentation, suggesting that we are dealing with a serious problem. A problem that has the potential of impeding cybersecurity governance in the Netherlands. This research zooms in on how cybersecurity governance is organised within the central government, and which organisations are concerned with the creation, implementation, and oversight of cybersecurity policies vis à vis Dutch society. This article provides an overview of all central government organisations (de Rijksoverheid) that are involved in cybersecurity governance on a strategic level. This research provides the first step in doctoral research into the possible implications of the fragmentation of cybersecurity governance in the Dutch central government, and how this fragmentation could potentially impact policy creation, implementation, and oversight. Based on the mapping of this governance landscape, it set out to measure fragmentation based on the number of units or organisations that are concerned with cybersecurity governance in the central government on a strategic level. This study has found that based on Boyne\'s (1992) notion of fragmentation and the Dutch governments’ definition of tiers, the Dutch cybersecurity governance landscape could indeed, when meticulously following Boyne\'s counting procedure, be regarded as fragmented.}, keywords = {cybersecurity, fragmentation, Internet governance, the netherlands}, }

Copyright, the AI Act and extraterritoriality external link

Kluwer Copyright Blog, 2024

AI Act, Copyright

Bibtex

Online publication{nokey, title = {Copyright, the AI Act and extraterritoriality}, author = {Quintais, J.}, url = {https://copyrightblog.kluweriplaw.com/2024/11/28/copyright-the-ai-act-and-extraterritoriality/}, year = {2024}, date = {2024-11-28}, journal = {Kluwer Copyright Blog}, keywords = {AI Act, Copyright}, }

The paradox of lawful text and data mining? Some experiences from the research sector and where we (should) go from here external link

Abstract

Scientific research can be tricky business. This paper critically explores the 'lawful access' requirement in European copyright law which applies to text and data mining (TDM) carried out for the purpose of scientific research. Whereas TDM is essential for data analysis, artificial intelligence (AI) and innovation, the paper argues that the 'lawful access' requirement in Article 3 CDSM Directive may actually restrict research by complicating the applicability of the TDM provision or even rendering it inoperable. Although the requirement is intended to ensure that researchers act in good faith before deploying TMD tools for purposes such as machine learning, it forces them to ask for permission to access data, for example by taking out a subscription to a service, and for that reason provides the opportunity for copyright holders to apply all sorts of commercial strategies to set the legal and technological parameters of access and potentially even circumvent the mandatory character of the provision. The paper concludes by drawing on insights from the recent European Commission study 'Improving access to and reuse of research results, publications and data for scientific purposes' that offer essential perspectives for the future of TDM, and by suggesting a number of paths forward that EU Member States can take already now in order to support a more predictable and reliable legal regime for scientific TDM and potentially code mining to foster innovation.

ai, CDSM Directive, Copyright, text and data mining

Bibtex

Article{nokey, title = {The paradox of lawful text and data mining? Some experiences from the research sector and where we (should) go from here}, author = {Szkalej, K.}, url = {https://ssrn.com/abstract=5000116 }, doi = {https://doi.org/10.2139/ssrn.5000116 }, year = {2024}, date = {2024-11-04}, abstract = {Scientific research can be tricky business. This paper critically explores the \'lawful access\' requirement in European copyright law which applies to text and data mining (TDM) carried out for the purpose of scientific research. Whereas TDM is essential for data analysis, artificial intelligence (AI) and innovation, the paper argues that the \'lawful access\' requirement in Article 3 CDSM Directive may actually restrict research by complicating the applicability of the TDM provision or even rendering it inoperable. Although the requirement is intended to ensure that researchers act in good faith before deploying TMD tools for purposes such as machine learning, it forces them to ask for permission to access data, for example by taking out a subscription to a service, and for that reason provides the opportunity for copyright holders to apply all sorts of commercial strategies to set the legal and technological parameters of access and potentially even circumvent the mandatory character of the provision. The paper concludes by drawing on insights from the recent European Commission study \'Improving access to and reuse of research results, publications and data for scientific purposes\' that offer essential perspectives for the future of TDM, and by suggesting a number of paths forward that EU Member States can take already now in order to support a more predictable and reliable legal regime for scientific TDM and potentially code mining to foster innovation.}, keywords = {ai, CDSM Directive, Copyright, text and data mining}, }

Opinion of the European Copyright Society on CG and YN v Pelham GmbH and Others, Case C-590/23 (Pelham II) external link

Mezei, P., Senftleben, M. & Sganga, C.
European Copyright Society, 2024

Abstract

In its questions for preliminary ruling, the German Federal Court of Justice asked for clarification as regards the definition of pastiche under EU copyright law; and, in essence, whether and how this concept applies to musical sampling. In the present Opinion, the European Copyright Society takes the view that pastiche is an autonomous concept of EU law. Article 5(3)(k) InfoSoc Directive (ISD) should be read as an overarching provision including three forms of permitted use that share their underlying nature but shall be judged differently. The meaning of pastiche cannot be understood as a mere imitation of an artistic style and it need not entail an explicit interaction with the original work. The presence of humour or mockery is not a necessary requirement for the application of the pastiche exception. Also, the expression resulting from the exercise of the pastiche exception need not itself be an original work. Finally, the intention of the user to create pastiche plays no role in the review of the legality of any given use. At the same time, legitimate forms of pastiche need to have their own features that are distinguishable from the copyrighted expression in pre-existing works used as source materials. Overall the use of the pastiche exception for purposes of musical sampling, as in the underlying Metall auf Metall case, complies with all the three steps of Article 5(5) ISD.

Copyright

Bibtex

Online publication{nokey, title = {Opinion of the European Copyright Society on CG and YN v Pelham GmbH and Others, Case C-590/23 (Pelham II)}, author = {Mezei, P. and Senftleben, M. and Sganga, C.}, url = {https://europeancopyrightsociety.org/wp-content/uploads/2024/11/ecs-opinion-pelham-ii-1.pdf}, year = {2024}, date = {2024-11-06}, journal = {European Copyright Society}, abstract = {In its questions for preliminary ruling, the German Federal Court of Justice asked for clarification as regards the definition of pastiche under EU copyright law; and, in essence, whether and how this concept applies to musical sampling. In the present Opinion, the European Copyright Society takes the view that pastiche is an autonomous concept of EU law. Article 5(3)(k) InfoSoc Directive (ISD) should be read as an overarching provision including three forms of permitted use that share their underlying nature but shall be judged differently. The meaning of pastiche cannot be understood as a mere imitation of an artistic style and it need not entail an explicit interaction with the original work. The presence of humour or mockery is not a necessary requirement for the application of the pastiche exception. Also, the expression resulting from the exercise of the pastiche exception need not itself be an original work. Finally, the intention of the user to create pastiche plays no role in the review of the legality of any given use. At the same time, legitimate forms of pastiche need to have their own features that are distinguishable from the copyrighted expression in pre-existing works used as source materials. Overall the use of the pastiche exception for purposes of musical sampling, as in the underlying Metall auf Metall case, complies with all the three steps of Article 5(5) ISD.}, keywords = {Copyright}, }

Trust in context: The impact of regulation on blockchain and DeFi external link

Bodó, B. & Filippi, P. de
Regulation & Governance, 2024

Abstract

Trust is a key resource in financial transactions. Traditional financial institutions, and novel blockchain-based decentralized financial (DeFi) services rely on fundamentally different sources of trust and confidence. The former relies on heavy regulation, trusted intermediaries, clear rules (and restrictions) on market competition, and long-standing informal expectations on what banks and other financial intermediaries are supposed to do or not to do. The latter rely on blockchain technology to provide confidence in the outcome of rules encoded in protocols and smart contracts. Their main promise is to create confidence in the way the blockchain architecture enforces rules, rather than to trust banks, regulators, and markets. In this article, we compare the trust architectures surrounding these two financial systems. We provide a deeper analysis of how proposed regulation in the blockchain space affects the code- and confidence-based architectures which so far have underwrote DeFi. We argue that despite the solid safeguards and guarantees which code can offer, the confidence in DeFi is still very much dependent on more traditional trust-enhancing mechanisms, such as code governance, and antifraud regulation to address some of the issues which currently plague this domain, and which have no immediate, purely software-based solutions. What is more, given the risks of bugs or scams in the DeFi space, regulation and trusted intermediaries may need to play a more active role, in order for DeFi to gain the trust of the next generation of users.

blockchain, Regulation, trust

Bibtex

Article{nokey, title = {Trust in context: The impact of regulation on blockchain and DeFi}, author = {Bodó, B. and Filippi, P. de}, url = {https://onlinelibrary.wiley.com/doi/abs/10.1111/rego.12637}, doi = {https://doi.org/10.1111/rego.12637}, year = {2024}, date = {2024-10-06}, journal = {Regulation & Governance}, abstract = {Trust is a key resource in financial transactions. Traditional financial institutions, and novel blockchain-based decentralized financial (DeFi) services rely on fundamentally different sources of trust and confidence. The former relies on heavy regulation, trusted intermediaries, clear rules (and restrictions) on market competition, and long-standing informal expectations on what banks and other financial intermediaries are supposed to do or not to do. The latter rely on blockchain technology to provide confidence in the outcome of rules encoded in protocols and smart contracts. Their main promise is to create confidence in the way the blockchain architecture enforces rules, rather than to trust banks, regulators, and markets. In this article, we compare the trust architectures surrounding these two financial systems. We provide a deeper analysis of how proposed regulation in the blockchain space affects the code- and confidence-based architectures which so far have underwrote DeFi. We argue that despite the solid safeguards and guarantees which code can offer, the confidence in DeFi is still very much dependent on more traditional trust-enhancing mechanisms, such as code governance, and antifraud regulation to address some of the issues which currently plague this domain, and which have no immediate, purely software-based solutions. What is more, given the risks of bugs or scams in the DeFi space, regulation and trusted intermediaries may need to play a more active role, in order for DeFi to gain the trust of the next generation of users.}, keywords = {blockchain, Regulation, trust}, }

Between the cracks: Blind spots in regulating media concentration and platform dependence in the EU external link

Seipp, T., Helberger, N., Vreese, C.H. de & Ausloos, J.
Internet Policy Review, vol. 13, iss. : 4, 2024

Abstract

Alongside the recent regulations addressing platforms and digital markets – the Digital Services Act (DSA) and the Digital Markets Act (DMA) – the European Union’s (EU) European Media Freedom Act (EMFA) aims to safeguard media freedom and pluralism, two essential pillars of democracy. The EMFA introduces several provisions, including rules specifically focused on assessing media concentration in "the online environment". While these initiatives are commendable, there are noticeable blind spots in how EU regulations tackle the issues of dependence on, and the power of, platforms amidst the rising trend of media concentration. An essential aspect that needs attention is the technological power of these platforms, underpinned by their economic and political power. We find that neither the infrastructural power of platforms – transforming them from “gatekeepers” to “digital infrastructure and AI providers” – nor their relational power – creating imbalances and dependencies while posing sustainability challenges for (local) journalism – are effectively addressed in the current EU regulatory frameworks, despite both forms of power driving digital media concentration. The article then concludes with recommendations for a way forward capable of preserving values such as media pluralism and editorial independence.

EU, media concentration, Media law, Platforms, Regulation

Bibtex

Article{nokey, title = {Between the cracks: Blind spots in regulating media concentration and platform dependence in the EU}, author = {Seipp, T. and Helberger, N. and Vreese, C.H. de and Ausloos, J.}, url = {https://policyreview.info/articles/analysis/regulating-media-concentration-and-platform-dependence}, doi = {https://doi.org/10.14763/2024.4.1813 }, year = {2024}, date = {2024-11-14}, journal = {Internet Policy Review}, volume = {13}, issue = {4}, pages = {}, abstract = {Alongside the recent regulations addressing platforms and digital markets – the Digital Services Act (DSA) and the Digital Markets Act (DMA) – the European Union’s (EU) European Media Freedom Act (EMFA) aims to safeguard media freedom and pluralism, two essential pillars of democracy. The EMFA introduces several provisions, including rules specifically focused on assessing media concentration in \"the online environment\". While these initiatives are commendable, there are noticeable blind spots in how EU regulations tackle the issues of dependence on, and the power of, platforms amidst the rising trend of media concentration. An essential aspect that needs attention is the technological power of these platforms, underpinned by their economic and political power. We find that neither the infrastructural power of platforms – transforming them from “gatekeepers” to “digital infrastructure and AI providers” – nor their relational power – creating imbalances and dependencies while posing sustainability challenges for (local) journalism – are effectively addressed in the current EU regulatory frameworks, despite both forms of power driving digital media concentration. The article then concludes with recommendations for a way forward capable of preserving values such as media pluralism and editorial independence.}, keywords = {EU, media concentration, Media law, Platforms, Regulation}, }

Annotatie bij EHRM 13 februari 2024 (Podchasov / Rusland) download

Computerrecht, iss. : 3, num: 98, pp: 184-185, 2024

Abstract

Het EHRM acht een verplichting die er in de prakijk op neerkomt dat encryptietechnologie wordt verzwakt in strijd met artikel 8 EVRM.

Bibtex

Case note{nokey, title = {Annotatie bij EHRM 13 februari 2024 (Podchasov / Rusland)}, author = {van Daalen, O.}, url = {https://www.ivir.nl/publications/annotatie-bij-ehrm-13-februari-2024-podchasov-rusland/annotatie_computerrecht_2024_98/}, year = {2024}, date = {2024-11-14}, journal = {Computerrecht}, issue = {3}, number = {98}, abstract = {Het EHRM acht een verplichting die er in de prakijk op neerkomt dat encryptietechnologie wordt verzwakt in strijd met artikel 8 EVRM.}, }