International Journal of Law and Information Technology - Advance Access

Doing Business with Consumers Online: Privacy, Security and the Law

Shelly, M., Jackson, M. — 2008-04-22

The purpose of this paper is to identify privacy, security and legal issues facing small business in the business to consumer (B2C) e-commerce environment. Forty websites of small businesses based in Australia are examined to assess whether the content on these websites conforms with legal obligations. The study found that many of the websites examined appear not to be complying fully with their obligations under privacy and fair trading legislation as well as with those imposed in contracts with merchant facility providers.

Addressing the "Cyberspace Fallacy": Targeting the Jurisdiction of an Electronic Consumer Contract

Gillies, L. E. — 2008-04-16

There are widely held views of how the jurisdiction of an online contract should be established. Cyber-liberterians favour a separate cyberspace jurisdiction, maintaining that online activities should be regulated entirely separately without recourse to national courts and laws. Traditionalists maintain that the existing paradigms of location and activity are capable of determining the jurisdiction of an online contract. What is agreed is that the dematerialised nature of online activity renders the location of the parties and the place where their commercial activities take place difficult to determine. Whilst Reed's "Cyberspace Fallacy" acknowledges the challenges in determining the jurisdiction of an online contract, that author also reminds us that such challenges are not new. A variety of connecting factors have been used to establish jurisdiction of a contract conducted by electronic means. As Zekos suggested recently in an article in this Journal, 2 consideration must be given to a new means of determining the jurisdiction of an online contract. It is the purpose of this article firstly, to highlight the difficulties with the operation of existing connecting factors in establishing the jurisdiction of an electronic contract and secondly to propose how "intentional targeting" – if properly defined - can provide an efficient and adaptive connecting factor to determine the jurisdiction of an electronic consumer contract.

Cybersquatting: Prevention better than cure?

Moore, M. — 2008-04-02

Since the early Commercialisation of the World Wide Web, cybersquatting as a phenomenon has been in existence and has been consistently rising; with recent 2006 figures showing a 25% increase up from the previous year.

This paper examines the various legal mechanisms that have been employed to deal with cybersquatting by examining firstly, the reaction of the Courts and secondly, the reaction of the registering authorities. Finally the paper looks at some of the more recent attempts to curb cybersquatting at the registration level by the employment of phased registration periods and additionally some radical solutions suggested in some circles will also be examined.

The paper concludes that while the reactive strategies developed by the Courts and the registering authorities are effective once cybersquatting is committed, the real solution must surely lie in preventative action at the registration stage if the battle to curb cybersquatting is finally to be won.

Curriculum Themes: Teaching Global Cyberlaw

Quirk, P. — 2008-03-15

Teaching in rapidly changing areas of law can lead to disjointed syllabi, and soon-forgotten materials. This article outlines a series of ten themes for teaching ‘cyberlaw’ in an attempt to overcome such problems. The themes cover jurisdiction, agency, payments, risk transfer, security, taxation, crime, history, privacy and IP. These can be adapted or changed to suit the needs and preferences of individual teachers. The article discusses each theme in the light of recent developments in the law. A set of advanced sub-topics is also proposed for the future.

Legal Issues in Wireless Building Automation: an EU Perspective

Gadzheva, M. — 2008-03-15

Wireless building automation solutions promise to revolutionize home and commercial building management where fast deployment, increased building efficiency and optimal occupant comfort and convenience are top priorities. The ability to support people and/or device mobility, easy building reconfiguration, data, voice and video applications plus emerging indoor location-based services will unlock their future success. Wireless building automation systems are still at an early stage of development; however, as more and more building functions and applications are controlled electronically and wirelessly, constant occupant surveillance, tracking, personal profiling and security breaches, would raise deep concerns about the survival of privacy. Building privacy and security in the initial design should ensure that all necessary or required controls exist to protect access to and dissemination of personal information over the wireless building automation network. The applicability of the new EU regulatory framework for electronic communications and services will depend on the legal qualification of the network and services: private, public or a mixture of both.

When Rights Clash Online: The Tracking of P2p Copyright Infringements Vs. the EC Personal Data Directive

Benjamin Vincents, O. — 2007-10-31

Looking for zero-sum or win-win outcomes: A game-theoretical analysis of the fair use debate

Chang, Y.-L. — 2007-09-28

DRM (Digital Rights Management) affects the traditional doctrine of fair use. Currently the fair use debate in essence involves an ‘interest conflict’ between the information industries and the individual user. That is, industry prefers fared use while the user's preference is for traditional free use. In order to make the fair use solution feasible, it depends heavily on the industry and user's willingness to obey the final outcome. This paper argues that the key point required to accommodate the fair use debate is the coordination concept which is important but long ignored because we have been used to treating fair use debates as an all-or-nothing problem. Hence, this paper recommends that the ‘battle of the sexes’ game, long accepted as useful for dealing with the coordination problem involving interest conflict between the parties and also Schelling's ‘focal point’ concept (exploring expectation convergence of all affected parties) can provide useful game-theoretic insight for lawyers to think about how to avoid zero-sum solutions to the fair use debate.

Identifying the Identity Thief: Is it time for a (smart) Australia Card?

Cradduck, L., Mccullagh, A. — 2007-09-28

Identity theft restricts victims’ lives, even if the stolen identity is not used for criminal purposes, as victims may be unable to obtain documents or benefits until the thief is prosecuted. The issue for regulators and consumers is that with the expansion of digital technologies identity theft is at once easier to perpetrate and harder to detect. This paper reviews the regulation of identity theft in Australia in light of the introduction by the Queensland Government on 7 February 2007 of a specific offence of identity theft. Aligned with this is the introduction on the same day by the Australian Government of the Human Services (Enhanced Service Delivery) Bill 2007 under which a smart ‘Access Card’ will be issued to Australian residents who receive Federal benefits. This paper discusses issues that will influence the effectiveness of these schemes.

The "Final" Privacy Frontier? Regulating Trans-Border Data Flows

Gunasekara, G. — 2007-08-13

This article examines the threat to privacy posed by the transfer of personal information from one jurisdiction to another. Despite international trends towards greater protection of personal information significant challenges to personal privacy arise in this context. These include the use of outsourcing by businesses, the encroachment of security laws and the potential ‘spill-over’ of technologies developed for combating terrorism into the private sector. Also significant are technologies enabling the ‘profiling’ of individuals and ‘data mining’ across borders. Against this backdrop the article considers existing jurisdictional responses towards regulating personal information flows across borders. It considers various actual or proposed solutions including ‘safe-harbours’, contractual mechanisms and extra-territorial applications. The article concludes that many of the existing approaches to regulating trans-border information flows are to some extent deficient and suggests the need for a new ‘fourth generation’ set of data protection protocols. In formulating the latter, analogies are drawn from other relevant areas of the law in order to furnish creative solutions to the problem.