![Sample our Law journals, sign in here to start your FREE access for 14 days]({"type":"image" , "src" : "/sda/5942/TOC-Subject-Sample-2021-Law.jpg"})
Abstract
In his famous book Code and Other Laws of Cyberspace Lawrence Lessig examined the impact of the code of cyberspace on our lives. He criticized the concepts that hold that cyberspace is by its nature free and therefore should be free from any government interference. On the contrary, he stated that ‘[l]liberty in cyberspace will not come from the absence of the state’ and argued that ‘the invisible hand of cyberspace [is] constructing an architecture that perfects control’. To underpin this statement he evolved the concept according to which the software code that constitutes cyberspace is law. On the basis of this precondition he called for the regulation of code and code makers in order to avoid the disappearance of the freedoms that we enjoy in our ‘bricks and mortar world’. He said ‘[w]e may be antigovernment, but for the most part we believe that there are collective values that ought to regulate private action. We are also committed to the idea that collective values should regulate the emerging technical world. Our problem is that we do not know how it should be regulated, or by whom.’ The present article examines how this question was reflected and answered by the European Union institutions in the last decade and analyses the adequacy of the European cyberspace policy in relation to this challenge.
Notes
1 Lessig, p 220.
2 Lessig, pp 63–64.
3 Lessig, pp 100–102.
4 East Coast Code refers to regulations enacted by US Government institutions that are mainly located on the east coast. West Coast Code refers to software code, which is the product of the IT industry with main industrial centres on the west coast of the USA, Lessig, p 53.
5 ‘East Coast Code – law – regulates by enabling and limiting options that individuals have, to the end of persuading them to behave in a certain way. East Coast Code does this by increasing the cost to those who would deviate from the rules required by the code. West Coast Code does the same,’ Lessig, p 221.
6 Lessig, p 5.
7 Lessig, p 6.
8 In Lessig's view ‘regulability means the capacity of a government to regulate behavior within its proper reach. In the context of the Internet, that means the ability of the government to regulate the behavior of its citizens (and perhaps others as well) on the Net,’ p 19.
9 Lessig, pp 30–42.
10 Lessig, pp 64–84.
11 ‘… these architectures and values they embed should be architectures and values that we have chosen. They are political in the most ordinary way: they are structures that order real life, and ought therefore to be structures that we have in some sense chosen,’ Lessig, p 199.
12 ‘But our problem is not with governance in cyberspace. Our problem is simply with governance. There is no special set of dilemmas that cyberspace will present … . We may be antigovernment, but for the most part we believe that there are collective values that ought to regulate private action. We are also committed to the idea that collective values should regulate the emerging technical world. Our problem is that we do not know how it should be regulated, or by whom?’, Lessig, pp 218–219.
13 Only one official document, the European Council recommendation of 25 June 2001 on contact points maintaining a 24-hour service for combating high-tech crime (OJ C 187, 03/07/2001), uses the term ‘cyberspace’ but only once. In spite of the fact that the recommendation was a follow-up measure of G8 talks in 2001 it is more likely that the wording was the result of some kind of laziness.
14 Growth, Competitiveness, Employment: The Challenges and Ways Forward into the 21st Century, White Paper, COM (93) 700, 5 December 1993 and Europe and the Global Information Society: Recommendation to the European Council, 26 May 1994.
15 White Paper, p 92.
16 White Paper, p 94.
17 ‘The information society has the potential to improve the quality of life of Europe's citizens, the efficiency of our social and economic organization and to reinforce cohesion’, Bangemann Report, p 9.
18 Commission Communication to the Council, the European Parliament, the Economic and Social Committee and the Committee of the Regions on Illegal and Harmful Content on the Internet, COM (96) 487. The communication resulted in a community multi-annual action plan in 1999. (‘Decision No 276/1999/EC of the European Parliament and of the Council of 25 January 1999 adopting a multi-annual Community action plan on promoting safer use of the Internet by combating illegal and harmful content on global networks’, Official Journal L 033, 06/02/1999 P. 0001–0011.)
19 Europe's Way to the Information Society. An Action Plan, COM (94) 347, 19 July 1994.
20 The idea of an enabling regulatory framework had already appeared in the White Paper, however with a much limited scope. It encompassed only the telecom liberalization, standardization, protection of data and privacy and security of information and communication systems, White Paper, p 97.
21 It is important to note that the European Commission did not raise an explicit formulation of the question of regulability. The communication takes it as evident that the regulation of cyberspace is obviously possible and even necessary for the full exploitation of the possibilities that an information society offers.
22 Communication from the Commission to the Council and European Parliament on Standardization and the Global Information Society: the European Approach, COM(96)359.
23 European Council Decision 87/95/EEC of 22 December 1986 on standardization in the field of information technology and telecommunications.
24 Green Paper, Convergence of the Telecommunications, Media and Information Technology Sectors, and the Implications for Regulation. Towards an Information Society Approach, COM (97) 623, 3 December 1997.
25 The Convergence of the Telecommunications, Media and Information Technology Sectors, and the Implications for Regulation. Results of the Public Consultation on the Green Paper, COM (97) 623. COM (99) 108, 9 March 1999. ‘Council conclusions of 27 September 1999 concerning the results of the public consultation on the Convergence Green Paper (in particular the aspects relating to the media and the audiovisual sector)’, Official Journal C 283, 06/10/1999 P. 0001–0002.
26 International Ministerial Conference, Global Information Networks: Realizing the Potential, Bonn, 6–8 July 1997, at the initiative of the German Government.
27 Communication from the Commission to the Council, the European Parliament, the Economic and Social Committee and the Committee of the Regions – A European Initiative in Electronic Commerce, COM(97)157.
28 A declaration of the ministerial conference can be found at http://europa.eu.int/ISPO/bonn/Min_declaration/i_finalen.html
29 The effect can be easily measured in the shortening of the preparatory time of the relevant directives. While the preparation of the distance-selling directive took nearly 11 years from the birth of the idea until the national implementations, all the other e-commerce directives needed less than 6 years.
30 Directive 97/7/EC of the European Parliament and of the European Council of 20 May 1997 on the protection of consumers in respect of distance contracts.
31 ‘Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures,’ Official Journal L 013, 19/01/2000 P. 0012–0020.
32 ‘Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (“Directive on electronic commerce”)’, Official Journal L 178, 17/07/2000 P. 0001–0016.
33 ‘Directive 2001/29/EC of the European Parliament and of the Council of 22 May 2001 on the harmonization of certain aspects of copyright and related rights in the information society’, Official Journal L 167, 22/06/2001 P. 0010–0019.
34 The importance of data protection in this field is highly reflected by the Article 29 Working Party. In the last 2 years nearly two-thirds of the elaborated documents of the Working Party are directly connected to information society-related issues, http://europa.eu.int/comm/internal_market/privacy/workingroup_en.htm
35 ‘Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data’, Official Journal L 281, 23/11/1995 P. 0031–0050.
36 ‘Directive 97/66/EC of the European Parliament and of the Council of 15 December 1997 concerning the processing of personal data and the protection of privacy in the telecommunications sector’, Official Journal L 024, 30/01/1998 P. 0001–0008.
37 ‘Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications)’, Official Journal L 201, 31/07/2002 P. 0037–0047.
38 Besides these two data protection-specific directives data protection appears as a horizontal requirement in all the above-mentioned e-commerce directives as well.
39 European Council decision of 31 March 1992 in the field of security of information systems (92/242/EEC).
40 ‘The need for action in the area of network security has become increasingly evident in recent months. Increases in high profile sabotage, like the “I Love You” virus and denial of service attacks, have raised public awareness about the potential for real economic damage arising from the insecurity of networks’, Communication from the Commission to the Council and the European Parliament – E-Europe 2002: Impact and Priorities A Communication to the Spring European Council in Stockholm, 23–24 March 2001 COM(2001)140.
41 European Council resolution of 18 February 2003 on a European approach towards a culture of network and information security, 2003/C48/01.
42 ‘Regulation (EC) No 460/2004 of the European Parliament and of the Council of 10 March 2004 establishing the European Network and Information Security Agency’, Official Journal L 077, 13/03/2004 P. 0001–0011.
43 ‘There exists a whole range of rules which limit for different reasons the use and distribution of a certain content. The infringement of these rules lead to the illegality of the content. Certain issues do not involve protection of public order, but rather the protection of the rights of individuals (protection of privacy and reputation) and of an environment allowing creation of content to flourish (intellectual property)’, Communication on Illegal and Harmful Content on the Internet, COM(96)487.
44 Convention on Cybercrime, Budapest, 23 Novmber 2001.
45 ‘Common Position 1999/364/JHA of 27 May 1999, adopted by the Council on the basis of Article 34 of the Treaty on European Union on negotiations relating to the Draft Convention on Cyber Crime held in the Council of Europe’, Official Journal L 142 of 05.06.1999. Subsequently, the European Council had already adopted a recommendation on a 24-hour service for combating high-tech crime (European Council recommendation of 25 June 2001 on contact points maintaining a 24-hour service for combating high-tech crime, 2001/C187/02).
46 The Charter of Fundamental Rights of the European Union Article 8, http://www.europarl.eu.int/charter/default_en.htm
47 ‘Ministers recognize that it is crucial to build trust and confidence in Global Information Networks by ensuring that basic human rights are respected and by safeguarding the interests of society in general…’, Bonn Ministerial Declaration.
48 In spite of this it seems that the policy is much control focused since the E-Europe 2002 action plan, which indicates that a long-term balance is still not achieved.
49 Although the electronic communication data protection directive (Directive 2002/58/EC) and the e-commerce directive (Directive 2000/31/EC) clearly prohibited the sending of unsolicited commercial communications, the law enforcement proved to be completely ineffective. Therefore the European Commission has recently published a communication to assess the possibilities of effective law enforcement. The assessment also covered possible technical solutions. Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions on Unsolicited Commercial Communications or ‘Spam’, COM(2004)28.
50 Despite the fact that a regulation had already been elaborated in 2002 (‘Regulation (EC) No 733/2002 of the European Parliament and of the Council of 22 April 2002 on the implementation of the .eu Top Level Domain (Text with EEA relevance)’, Official Journal L 113, 30/04/2002 P. 0001–0005) the registration of ‘.eu’ domains is not possible yet. For more details on the recent status of the procedure visit www.eurid.org.
51 For more information visit the European Commission information site, http://europa.eu.int/information_society/eeurope/2005/all_about/digital_rights_man/index_en.htm
52 Proposal for a Directive of the European Parliament and of the Council on the Patentability of Computer-implemented Inventions, COM(2002)92. The proposal after 2 years debate was dropped by the European Council in December 2004. For more details visit http://europa.eu.int/comm/internal_market/en/indprop/comp/
53 Communication from the Commission to the Council, the European Parliament, the Economic and Social Committee and the Committee of the Regions – Globalization and the Information Society – The Need for Strengthened International Coordination, COM(98)50.