Technology & Law

General information : Technology & Law



Ethisch hacken
Ymkje Lugten

Internetbankieren van ING werkt niet meer, data van KPN zijn vrij toegankelijk en patiëntendossiers liggen op straat. Hackers kunnen grote schade aanrichten in een samenleving die steeds verder digitaliseert. Bedrijven en de overheid werken hard aan streng beveiligde computersystemen, maar soms is er toch die ene hacker die ze te slim af is. De politie heeft een speciaal cybercrime-team en ook het Openbaar Ministerie doet zijn best om hackers achter slot en grendel te zetten. Sommige hackers hebben echter geen kwade bedoelingen, maar willen juist helpen. Ze kraken de mailbox van een kamerlid vanwege het maatschappelijk belang of maken het publiek duidelijk op welke wijze persoonlijke informatie is op te vragen op websites van overheden en bedrijven. Als `ethische` hackers bestaan, hoe mogen zij dan te werk gaan en op welke manier kunnen zij juridisch beschermd worden? Zijn er richtlijnen denkbaar die de goede hackers beschermen, maar tegelijk voorkomen dat de kwaadwillende hacker zijn straf ontloopt?

Ymkje Lugten studeerde strafrecht aan de Universiteit Utrecht en werkt nu bij de Raad voor de rechtspraak. Ze verdiepte zich in hackers, richtlijnen en bedrijven die samenwerken met hackers. In dit boek biedt zij een overzicht van haar bevindingen en de mogelijkheden en onmogelijkheden van het beschermen van ethische hackers.

€ 14.95 Verkrijgbaar via of uw lokale boekhandel

Recent Publications


Trust on the line
Esther Keymolen

Governments, companies, and citizens all think trust is important. Especially today, in the networked era, where we make use of all sorts of e-services and increasingly interact and buy online, trust has become a necessary condition for society to thrive. But what do we mean when we talk about trust and how does the rise of the Internet transform the functioning of trust? This books starts off with a thorough conceptual analysis of trust, drawing on insights from -amongst othersphilosophy and sociology to sharpen our understanding of the topic. The book explains how the arrival of large systems – such as the internet- has changed the character of trust which today is no longer based on interpersonal interactions but has become completely mediated by technologies. Based on the layered building plan of the Internet itself, a new conceptual lens called 4 Cs is developed to analyse and understand trust in the networked era. The 4Cs refer to the 4 layers which all have to be taken into account to assess trust online, namely: context,code, codification, and curation. The 4cs bring together the firsthand experiences of the user (context), the sort of technology that is being used (code), the legal implication (codification) and business interests (curation) in order to get a clear picture of the trust issues that may arise. In the final part of the book some real-life cases are discussed (digital hotel keys, Airbnb, online personalization) to illustrate how trust –analysed through the 4 Cs lens- might flourish or be challenged in our current networked era.


Profiling Technologies in Practice

This volume presents the findings of some interesting research into profiling. The aim of the research has been to identify and tackle the challenges posed by profiling technologies to fundamental rights. The focus is on data protection, and the context is that of the European Union.

This volume testifies to the increased awareness of the far-reaching implications of profiling, notably with regard to democracy and the rule of law. Profiling confronts traditional understandings of fundamental rights with a new environment that is progressively contingent on data-driven applications and infrastructures. Profiling nourishes the advance of smart grids, smart cars and traffic management, remote e-health, personalized advertising and search engines, as well as data-driven fraud detection, policing, criminal justice and foreign intelligence.

Mireille Hildebrandt, co-editor of “Profiling the European Citizen”


Digital Rights Management Systems vs. users´ privacy
Robert Kutiš

At the time of their introduction, Digital Rights Management systems were often triumphantly presented as the decisive technological response to digital piracy. However, shortly after their introduction it became clear that this technological protection presents a rather small, but costly speed bump on the digital highway leading to the protected content, and not a panacea for this undesirable phenomenon. As a result, Digital Rights Management systems have undergone crucial transformation. With their further development, the Digital Rights Management systems ceased to focus solely on combating piracy and started to collect vast amounts of information about the users and content usage for various purposes. This book describes the crucial stages of this process, evaluates the extent of the threat to the privacy of users’ using protected content and assesses both - legality and legitimacy of the current use of Digital Rights Management systems. Although this book emphasizes privacy and data protection legislation in the European Union and Digital Rights Management systems usage interrelation, it also offers non-legal insight by adding social and economical views on the development in the field.

€ 14.95 Verkrijgbaar via of uw lokale boekhandel


Made in Africa
Hanna Weijers

An ICT revolution is underway in Africa. New possibilities have been created by the landing of international broadband sea cables on African shores and by the rapid spread of mobile telephony all over the continent. As a result, there are many startup ICT businesses trying to create new and inventive products and services, based upon internationally available technology but tailored to African markets and needs. However, little
empirical research has yet been done regarding role that law plays in the absorption of technological knowledge in this particular sector and context.

In this study, empirical data from case studies in Zambia, Kenya and Ghana is compared to what has been assumed in literature to be the role of law in absorptive capacity. The results of this
study provide insight in the actual role that law has played for startup ICT businesses, which may have significant policy implications for national governments and regulators in developing countries that seek to promote their ICT sector.


The impact of Business Process Outsourcing on privacy and data protection - a thorough risk analysis
Kalin Cvetkov

At present, a company, either small/medium enterprise or huge corporation, develops its activities within a competitive environment where solely the perspicacious one could gain a profit and hold or improve its positions on the market. Therefore, “firms increasingly buy all or at least parts of selected services they need from external service providers. This is especially true for services which rely to a great extent on new information and communication technologies and they carry out that task by means of outsourcing. The aim of the present research is to examine how a premature termination of a business process outsourcing project (hereafter BPO) might infringe upon several major provisions of the current EU data protection framework. Such a question is relevant because of the technological means inherent in a BPO through which personal data are being processed, and of the great possibility for unlawful data processing after a premature termination of the project. Therefore, a BPO falls under the scope of regulation by Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Ultimately, as the research will show, the DPD 95/46/EC as a legal instrument devoted to protect the right to personal data protection turns to be unable to provide sufficient protection on the data subjects’ rights in the context of prematurely terminated BPO contract. Therefore, the Proposed Data Protection Regulation represents an instrument that could deal properly with the said issue, especially if some proposals for amendments made within the present paper be taken into account.  


Verkeersgegevens en artikel 13 Grondwet
Bert-Jaap Koops en Jan Smits, mmv Frank van der Kroon

Nu de telegraaf is verdwenen en het Internet is ingeburgerd, wil de wetgever artikel 13 van de Grondwet – het brief-, telefoon- en telegraafgeheim – vervangen door een brief- en telecommunicatiegeheim. Momenteel beschermt artikel 13 Grondwet alleen de inhoud van communicatie, en niet verkeersgegevens, dat wil zeggen gegevens zoals wie met wie wanneer belt of mailt. Maar hoe baken je verkeersgegevens af van inhoud van communicatie? Sommige verkeersgegevens zijn tegelijk inhoud, zoals de onderwerpsregel van een emailbericht, en vaak geven verkeersgegevens, zoals  Internetadressen, informatienummers en locatiegegevens, zicht op de inhoud van communicatie.
En naast het conceptuele onderscheid is er ook een technische uitdaging: kun je in de dynamische Internetcontext, waarin doorlopend nieuwe protocollen verschijnen, verkeersgegevens wel steeds technisch scheiden van de inhoud van communicatie?

Dit boek, dat geschreven is in opdracht van het ministerie van Binnenlandse Zaken en Koninkrijksrelaties in het kader van de herziening van artikel 13 Grondwet, geeft antwoord op de vraag in hoeverre het mogelijk is om verkeersgegevens en inhoud van communicatie nu en in de nabije toekomst voldoende scherp af te bakenen, zowel in technische als in juridische zin. Het biedt een integrale reflectie op het onderscheid tussen verkeersgegevens en communicatie-inhoud in een sterk aan veranderingen onderhevig communicatielandschap. De visie die hierin wordt gepresenteerd op de betekenis en de (on)houdbaarheid van het onderscheid tussen verkeersgegevens en inhoud is niet alleen van belang voor de herziening van artikel 13 Grondwet, maar ook voor de verdere ontwikkeling van het straf(proces)recht en het bestuursrecht rond elektronische communicatie in de toekomst.

€ 16.95 Verkrijgbaar via of uw lokale boekhandel


Intellectual Property and Human Rights: is a Balance Possible?
Sara Fiorentini

The intellectual property regime influences almost every sphere of economic life, having a significant impact on the protection and promotion of human rights. This succinct introduction gives a brief view of the long-standing issue concerning an intellectual property definition, as well as of its historical origins and evolutions, and of its fundamental fields of protection. The author provides a view on the relationship between intellectual property and human rigths that have for long been treated in virtual isolation from each other and investigates the fundamental international and regional provisions that have created an intersection between human rights law and intellectual property regimes. The book also includes the most relevant legal instruments on Intellectual Property and Human Rights.


Digital Personae and Profiles in Law
Arnold Roosendaal

Every individual is represented in digital form in numerous data sets. Commercial companies use these digital representations as a basis for making decisions that affect the individual. This has implications for privacy and autonomy of the individual and the ability to construct one’s own identity. This study describes how digital representations are created and for what purposes. An analysis is made of the implications this has for individuals and why privacy, autonomy, and identity construction are at stake. In this context legal protection of individuals is provided by data protection legislation. The current framework, however, appears to be insufficient in relation to the problems identified in this study. Other legal constructs are assessed to see whether alternative approaches could help offer legal protection. Finally, a proposal is presented to embed the concepts of digital personae and profiles (as forms of digital representations) as portraits in data protection law.

Arnold Roosendaal studied Dutch Law and obtained an LLM in Law and Technology. After his LLM, he followed a Research Master Programme, for which he obtained his MPhil. Arnold completed this PhD thesis at the Tilburg Institute for Law, Technology, and Society (TILT), Tilburg University, The Netherlands. Currently, he works at TNO, the Netherlands Organisation for Applied Scientific Research. In addition he is partner at Fennell Roosendaal Onderzoek en Advies. He has a great interest in law and technology and the implications of technological developments on society. Arnold has participated in several international research projects, such as FIDIS, PrimeLife, and PRISMS and has written several international publications. He regularly participates in conferences as a speaker or panelist.

Other interesting publications: