SUMMARY

11 FEBRUARY 2020

Meet the Author Series: Internet and Jurisdiction Global Status Report

Summary by Alessandra Calvi (Researcher at BPH-Research Group on Law, Science, Technology & Society (LSTS)/ VUB)

SUMMARY

On 9 December 2019, the Brussels Privacy Hub had the last appointment with the Meet the Author Series for the year 2019 with Prof. Dan Svantesson (Bond University, Australia), author of the world’s first Internet & Jurisdiction Global Status Reportlaunched at the United Nations Internet Governance Forum and published by the Internet and Jurisdiction Policy network. Discussants were Christopher Kuner (Professor at Vrije Universiteit Brussels) and Laura Drechsler (Doctoral researcher at Vrije Universiteit Brussels / FWO Aspirant). The debate was chaired by Hielke Hijmans (Director/President of Litigation Chamber at Belgian Data Protection Authority).  

Hielke Hjimans opened the event recalling the importance (and uncertainty) of the interrelationships between internet and jurisdiction. On the one hand, there is a need for effective application of EU law, on the other hand, there are the extra European dimensions. These two dimensions, in terms of privacy and data protection, may clash. He observed how the current tendency of shifting the responsibility of regulating the internet and jurisdiction from the public sector to the private one may be determined by the necessity, rather than by an actual choice of the governments. He then gave the floor to the author.

Dan Svantesson explained that the main goals of the Report  were two: first, to provide an overview of the current initiatives aimed at regulating the internet and addressing cross border legal challenges; second, to deploy a capacity building tool, serving as source for those countries lacking, or seeking to improve, rules and policy on internet and jurisdiction.

Laura Drechsler expressed her appreciation for the Report, especially because it ranges from “if” regulating internet and jurisdiction, to “how” to do it and address also the issue of “who” should do it.

She appreciated that the Report gives lot of examples of national level solutions addressing the relationship between internet and jurisdiction, but she questioned the suitability of the national dimension to address the mismatches between internet and jurisdiction. She pointed out that self-regulation of platforms is presented as alternative, but she warned against the risk of having platforms acting both as legislators and regulators. She also pointed out that, even though Internet regulators are often non-state actors (ICANN), internet is still a public space. She then invited the author to share his ideas about the future of internet and jurisdiction, questioning in particular: whether there will be a proliferation of private players and initiatives or rather a more global understanding; how to address the jurisdictional crawling, whereas potential jurisdictional claims may not correspond their actual enforcement; what the impact on data transfers will be, also considering the entry into force of the General Data Protection Regulation (GDPR).    

Christopher Kuner complimented the author for the comprehensiveness of the Report, that addresses many legal and policy challenges on internet and jurisdiction. He nevertheless observed that some findings of the report, i.e. the fragmentation, the lack of coordination, the proliferation of the initiatives, are not surprising, considering that there are many countries with different laws all over the world. Even more, this diversity could be beneficial, in the sense of limiting jurisdictional redundancy and promoting innovation. He argued that more coordination may be desirable and that institutes like amicus curiae may be beneficial and lead to innovation. He warned against the risk in terms of lack legitimacy, that could derive from receiving inputs from all over the world. He finally asked the author to express his position about geo-blocking.  

Dan Svantesson admitted that, albeit everyone calls for more coordination, nobody wants to be coordinated and we are very far from finding a solution. He agreed that many of the challenges mentioned in the Report are not new, but he considered important to address them in an era where the world is more interconnected. A merit of the Report in that sense was to be able to approach key players.

He acknowledged that the Report would benefit from even more input from regions other than Europe and North America, but highlighted that the most commonly debated initiatives – such as the GDPR – stem from Europe and North America. Albeit it was difficult to collect information from other countries and regions, he was confident that, for the future, there will be more global input, considering the increasing number of regional initiatives on internet and jurisdiction, coming especially from South America.

He defended the importance of multistakeholderism, that enables to broaden perspectives whereas courts’ decisions – in the absence of an appropriate facilitation of amicus curiae briefs – only refer to the parties’ interests in individual cases.

He referred to the European Union as a dominant actor in the field of internet and jurisdiction, as witnessed by the GDPR. He called for a “Global South impact assessment” to be performed by countries when adopting new laws, in order to properly assess the impact of their jurisdictional claims. Under a “Global South impact assessment”, law makers would consider: (1) how their proposed law will impact the Global South, and (2) what will happen if the Global South adopts similar laws. For example, if all countries in the world had rules obliging companies to have a representative within their territory (as in Art. 27 GDPR), this would not be scalable.

Concerning geo-blocking, Dan Svantesson saw it as an effective solution capable to maintain a global network, at the same time respecting national laws. Although this can lead to fragmentation, it is a necessity where different laws want to be kept.

Christopher Kuner thought there has been progress in data protection. He called for a global legal pluralism, where conflicts will be solved with dispute settlement mechanisms and not with a global law.  

A Q&A with the audience then started.

The idea for having a global United Nation treaty, eventually on a cluster of topics, was advanced, as well as the need to further explore the future relationship between the GDPR and the Convention 108+. The need to improve the communication between academia and policy makers was stressed.

It was pointed out that fragmentation is not bad per se, considering that where there is uniformity, there is always a unique entity that sets standards. Dan Svantesson noted the idea of using a targeting approach, that is becoming quite popular especially in consumer protection, and seems a part of the GDPR, or alternatively a dis-targeting approach that currently is less common. Laura Drechsler questioned the possibility of using cookies for targeting. An attendee observed that big companies may be too big to be regulated, outlining that countries, nowadays, may not the most powerful players. Laura Drechsler observed that platforms can determine the scope of data subject rights and design how we use our rights. Dan Svantesson warned against the risk to build relations based on power rather than legitimacy. He called for the need to find a balance between States and companies.

Hielke Hijmans concluded the discussion, thanking the speakers and the audience for the lively debate. 

Copyright © Brussels Privacy Hub

Copyright © Brussels Privacy Hub