Security and harmonisation in the European Information Technology market


The earth does not only consist of water and ground anymore, but of cables, antennas and satellites. This does not not only lead to a different perspective on the world itself, but to a different legal perspective on all matters brought up through this development.


So how can you develop a legal perspective on something that was once described as not only mathematical concepts or a graphical representation of abstracted data, but a consensual hallucination with an unthinkable complexity. Like data matrices in a dark, distant future. This is what science fiction author William Gibson then called "Cyberspace". A word we use so often, that is so deep in our common lexicon. For us nothing special anymore - and we know, that all day life, that things we do, decide, communicate, buy, sell, compare in a digital way need a framework. A legal framework. In the last 25 years a new Law was created out of necessity and the confusion on how to regulate this. Cyberspace is characterized by a tremendous permeability of boundaries: physical, political, social. What is needed here is therefore just simple regulation, too. Regulation by Governance or Self regulation? The principle of free flow of information may not be regulated, but a general Co-Regulation, i.e. Public, governmental bodies, firms and consumer organisations working together is necessary to develop a legal framework for security issues, that includes everybodies needs.


Alternative forms of regulation might include economic markets and social norms, as well as relationships defined contractually or via other legally-enforceable means. But national governments cannot expect to contain the effects of cyberspace, because it is truly a global technology, simultaneously nowhere and everywhere. This means that inhabitants of cyberspace can "move" from one legal jurisdiction to another, and "choose" the legal rules that might apply to them. We tend to view law as formal law, that is, state-sanctioned mechanisms for imposing certain rules of liability or enforcing certain conduct upon those within the political borders of the sovereign.


But what do we refer to? How did and do norms develop and who decides? Are we referring to just the descriptive technological aspects, such as the TCP/IP protocol or file transfer protocol? Or to the social consequences of these technologies? Or do we refer to the practical side, when problems between persons arise, that were in touch with each other only through electronic communication?


The legal requirements on the field of contracts and trade seem to be fulfilled, the classical roles of Civil Law gave enough help - nationally. But what if persons are in different countries with very different social and legal norms? What if third person, who broke through security barriers that did not work well enough, is involved? Privacy and the different problems created in the web are still a field of problems, conflicts, but sometimes, developing as this area is, innovating, too. "Privacy" is the right of the individual to decide about the level of disclosure of information. Traffic data in the internet is highly disclosing information about communication behaviour, interests, private and other contacts. This data needs highly to be protected, because even without the communication data itself the traffic data is enough to analyse personal social relationships, media use and all other forms of social, cultural or economic communication incl. transactions over networks. For example people will only freely use information websites about AIDS or Alcoholics Anonymous if the operators of the websites are not required to store access information. All traffic data is sensitive and privacy is a fundamental right. Storing the data puts them at the unacceptable risk of beeing released to the wrong people. Data retention refers to the general storage of data without concrete suspicion. This is a violation of fundamental rights and of the principles of a constitutional state. There is no justification for such a procedure, since the great majority of the affected did neither commit a crime nor draw suspicion on them.


Data interception on the other hand is done individually and only after an order by a judge or similar authority. A victim of data interception has the right to proceed against the individual interception. Why does mandatory retention pose legal problems with regard the European Convention for Human Rights?


The presumption of innocence is one of the fundamental principles of a constitutional state. Data retention violates this principle and implements the presumption of guilt. Because data retention cannot prevent crimes, it also implies a violation of Article 8 - Right to respect for private and family life - of the European Convention for Human Rights.


Consumers are concerned with privacy issues. Especially related to the Internet, many have developed a distrust, because complete anonymity is a fiction. They fear profiling and abuse. Data retention will not overcome these fears but even amplify them. Therefore, data retention could also have an economic impact besides the direct costs for the retention.


Even worse, the existence of such data is a growing fear in the consumers life, that has huge social, political and other effects. If people have the feeling, that the governments do not trust them, most of them don't see any reason to trust the governments.


Security issues have a huge impact on the relationship between governments and itīs citizens. Especially in the discussions how eGovernment could look like this topic creates huge discussions. People want eGovernment. They want the phone-book, the service, the interaction. They want available information, they want it easy to handle. And it is possible, many good examples are to be seen in the USA and even on the Internet websites of the European Union.


The European Union faces a problem here. As it is seated in Brussels, it seems to be quite unavailable for the European citizens. On their website we have a brilliant example of easy research, either on the EU as such or on all matters that have to do with Europe. EGovernment as information centre. Critical voices say , that the EU and it's decisions and decision making bodies are too far away from its own citizens. Still the eGovernmental side gives here a nice different picture and how it can work in this distance. The distance is the same but the picture about it gets clearer. Still, the wish for more interaction is missing and there is still a lot unused potential within all European states. But so many questions, with some it seems they cannot be solved quickly, come out of this. One example: Is the digital signature as good as a real signature? A lot of problems need to be solved first to let eGovernment in the Administrative accents be as good as normal, non-digital governmental interaction between all parties is. This is one more thought, where I am optimistic to share interesting ideas with you.


Let's take a look at a topic of europeanwide Liberalisation and Harmonisation.


Since 1979, since the "Dublin-Report" the European Union had an eye on the standardised Law of Telecommunication, especially regarding sets, interfaces and services. Before everything regarding telecommunications was officially excluded from every regulation on a European level. These important ideas of European standardisation came from Margaret Thatcher, an interesting fact by side, don't you think? This was intensified up from 1984 through a so-called "Action Programme Telecommunication", where the Council of Ministers discussed an open market for Telecommunications equipment, -setting-ups and- facilities. The "Greenbook Telecommunication", published 1987 gave a more detailed framework, of what needs to be discussed:


" The speed of new technological developments ( examples are the digitalisation in general, Computer-networks, Techniques of fibre optic cable, satellites) " The opportunities of access (audiovisual media, Databases) " The need of Communication in general, that increased in a explosively fast way


Since Maastricht and Amsterdam, the regulations about telecommunications are clearer. They are included in the Art. 28 like any other goods. No import limitations, no restrictions of admission, no discrimination in the area supply and sales-conditions. Everything free? No conditions? Nothing else to think about? Paradise?


Surely not.. The Harmonisation of all that includes telecommunication matters is on a good and straight way. The European view is broad and inspiring, but still not everything is faced yet. Rules about technical standards are missing in every day practise and a satisfying harmonisation regarding Copyright Law in E-commerce is not in sight yet.


Liberalisation, Deregulation and Harmonisation happen through Decisions, Greenbooks and Actionplans for convergent and common Telecommunicationspolitics. Yet often the voluntary character of regulations cannot lead to a satisfying harmonisation of national Laws - worldwide. European standards that invite other countries must be kept in mind and there is so much more room for discussions - and solutions. We met here in Marrakesch to discuss all these matters, to bring up solutions and maybe even to guide a way. Therefore I wish all of us fruitful and successful discussions with perspectives that will bring all of us a step further.


Torna alla pagina precedente (Back)