Final Report Summary - GODINO (GOVERNING DIGITAL INFORMATION: Users' control and sovereignty over unpublicized digital information in the European Union)
Name of Fellow: Dr. Kristina Irion
Department: Institute for Information Law (IViR), University of Amsterdam
Scientific Supervisor: Prof. Nico van Eijk
Period covered: 01/01/2014 – 31/12/2015
Website: http://www.ivir.nl/onderzoek/godino
2. Summary
This research focused on the implications of virtualization and remote computing for individuals’ digital records, ie. those information which are not disclosed or shared as user generated content but used to sit on our desktop. The question was answered with a combination of legal analysis and empirical research were whether - taken together - the progressing virtualization and the disruption of physical control produce a backslide for individual positions of rights that is not properly understood. This understanding, however, is crucially needed in order to allow users’ interests to be taken fully into account when formulating new policies that would govern retail cloud services.
The overall objectives of the research project were to:
(a) Investigate the legal treatment of personal records residing on third party equipment;
(b) Gather evidence on users’ attitudes about how personal records are protected as virtual private assets;
(c) Assess the socio-economic and societal consequences of the transformation against the multidisciplinary rationales for affording legal protection; and
(d) Address the governance challenge of personal records in order to conceive policy recommendations.
The research achieved to render the anticipated results:
(a) analysis of the composite effect of the various subject matter laws and the discrepancies of legal protection for information residing on third party equipment from a user perspective;
(b) assessment of the changes in the legal quality of the protection afforded to individual users and the societal and socio-economic dimension of this transformation;
(c) conceptual contribution to the governance of individual users’ personal records in the cloud; and
(d) raising public awareness and issue recommendations how to address the governance of individual users’ digital records in the cloud.
Specific research outcomes are:
1. Against the backdrop of the transformation of personal record-keeping practices, I argue that the disruption of physical control and cloud services’ commercial propositions produce a backslide for individual positions of rights.
2. Sectoral laws applicable to the situation of cloud services produce disparate levels of protection and even gaps where no protection is afforded to personal records.
3. The lacking understanding of the individual dimensions of the ongoing transformation and its socio-economic and societal impact could be misjudged diverting policy makers and stakeholders attention to issues of privacy and security.
4. Individual users’ perceptions are geared towards full protection of their personal records in the cloud, not really precise about the legal situation.
5. New draft legislation at EU level addresses some of the contractual shortcomings but fails to propose a level of legal protection that would be adequate to the digital home.
Please find the Final Report attached.
Department: Institute for Information Law (IViR), University of Amsterdam
Scientific Supervisor: Prof. Nico van Eijk
Period covered: 01/01/2014 – 31/12/2015
Website: http://www.ivir.nl/onderzoek/godino
2. Summary
This research focused on the implications of virtualization and remote computing for individuals’ digital records, ie. those information which are not disclosed or shared as user generated content but used to sit on our desktop. The question was answered with a combination of legal analysis and empirical research were whether - taken together - the progressing virtualization and the disruption of physical control produce a backslide for individual positions of rights that is not properly understood. This understanding, however, is crucially needed in order to allow users’ interests to be taken fully into account when formulating new policies that would govern retail cloud services.
The overall objectives of the research project were to:
(a) Investigate the legal treatment of personal records residing on third party equipment;
(b) Gather evidence on users’ attitudes about how personal records are protected as virtual private assets;
(c) Assess the socio-economic and societal consequences of the transformation against the multidisciplinary rationales for affording legal protection; and
(d) Address the governance challenge of personal records in order to conceive policy recommendations.
The research achieved to render the anticipated results:
(a) analysis of the composite effect of the various subject matter laws and the discrepancies of legal protection for information residing on third party equipment from a user perspective;
(b) assessment of the changes in the legal quality of the protection afforded to individual users and the societal and socio-economic dimension of this transformation;
(c) conceptual contribution to the governance of individual users’ personal records in the cloud; and
(d) raising public awareness and issue recommendations how to address the governance of individual users’ digital records in the cloud.
Specific research outcomes are:
1. Against the backdrop of the transformation of personal record-keeping practices, I argue that the disruption of physical control and cloud services’ commercial propositions produce a backslide for individual positions of rights.
2. Sectoral laws applicable to the situation of cloud services produce disparate levels of protection and even gaps where no protection is afforded to personal records.
3. The lacking understanding of the individual dimensions of the ongoing transformation and its socio-economic and societal impact could be misjudged diverting policy makers and stakeholders attention to issues of privacy and security.
4. Individual users’ perceptions are geared towards full protection of their personal records in the cloud, not really precise about the legal situation.
5. New draft legislation at EU level addresses some of the contractual shortcomings but fails to propose a level of legal protection that would be adequate to the digital home.
Please find the Final Report attached.
