SlideShare ist ein Scribd-Unternehmen logo
1 von 17
Downloaden Sie, um offline zu lesen
From Law to Code:
Translating Legal Principles into Digital
Rules
Michael Lang and Rónán
Kennedy
National University of Ireland, Galway
michael.lang@nuigalway.ie
Image: Karl-Ludwig Poggemann,
https://www.flickr.com/photos/hinkelstone/
Privacy: Gathering Insights from Lawyers and Technologists
Maynooth University, July 1, 2015
Overview
• Public perceptions of the ‘Right to be Forgotten’
• Implementation challenges
• Privacy in security policy implementation
• Privacy in requirements analysis and design
2
Privacy: Gathering Insights from Lawyers and Technologists
Maynooth University, July 1, 2015
Public Perceptions of the
‘Right to be Forgotten’
• Survey conducted by Clare Doherty & Michael
Lang (NUIG), Autumn 2013
 Objective: obtain a sense of how people feel about the
proposed right to be forgotten and how it might be
implemented
• Respondent profile
 260 respondents
 Ranged in age from 17 to 61, mean of 29 years
 14 different counties (Ireland 82%, Others 18%)
 Employed persons 74%, Students 17%, Others 9%
3
Privacy: Gathering Insights from Lawyers and Technologists
Maynooth University, July 1, 2015
Do you know what your privacy
rights are?
Privacy: Gathering Insights from Lawyers and Technologists
Maynooth University, July 1, 2015
Are existing controls effective
against on-line reputational
damage?
Privacy: Gathering Insights from Lawyers and Technologists
Maynooth University, July 1, 2015
Are you in favour of “right to be
forgotten” becoming law?
Privacy: Gathering Insights from Lawyers and Technologists
Maynooth University, July 1, 2015
What type of information
should you have right to
erase?
Privacy: Gathering Insights from Lawyers and Technologists
Maynooth University, July 1, 2015
Implementation
Challenges
• Legal rules:
• Flexible, deliberately unclear, contested,
malleable
• Digital:
• Rigid, clearly defined in advance, strictly
operationalised, difficult to change
8
Privacy: Gathering Insights from Lawyers and Technologists
Maynooth University, July 1, 2015
ICT and
Legal Processes
Legal processes neither simple nor linear
Not easily modelled by logic or expert systems
Risk of destructive feedback cycle
ICT as embedded and entrenched infrastructure
9
Privacy: Gathering Insights from Lawyers and Technologists
Maynooth University, July 1, 2015
Translating Legal
Principles into Digital
Rules
 Dangers of digital decision-making
 Closed, inflexible, unaccountable systems
 Containing assumptions, biases, mistakes
 Formalising practices and knowledge is difficult
 Need to ‘Get It Right First Time’
10
Privacy: Gathering Insights from Lawyers and Technologists
Maynooth University, July 1, 2015
“Privacy” in IS Security
Risk Management
• Information systems risk management strategies
are based on rational process:
 What is likelihood of something going wrong?
 What is the severity: loss of life? loss of money?
loss of reputation?
 Cost-benefit analysis
• So, … do organisations really care about
safeguarding privacy? Or is it worth taking a risk?
11
Privacy: Gathering Insights from Lawyers and Technologists
Maynooth University, July 1, 2015
Information Systems
Development:
The Importance of “Clear”
Requirements• ISD Project Management: time / cost / quality challenge
(“software crisis” conundrum)
• “In nearly every software project that fails to meet
performance and cost goals, requirements inadequacies
play a major and expensive role in project failure” (Alford &
Lawson, 1979)
• “The hardest single part of building a software system is
deciding precisely what to build. No other part of the
conceptual work is as difficult as establishing the detailed
technical requirements ... No other part of the work so
cripples the resulting system if done wrong.” (Brooks, 1987)
12
Privacy: Gathering Insights from Lawyers and Technologists
Maynooth University, July 1, 2015 13
Getting the Requirements
“Right”
Privacy: Gathering Insights from Lawyers and Technologists
Maynooth University, July 1, 2015
Getting the Requirements
Right:
What Does “Privacy”
Mean ?
14
Privacy: Gathering Insights from Lawyers and Technologists
Maynooth University, July 1, 2015
Privacy as a
“Requirement”• Information systems developers don’t deal with
laws, principles, rights, etc.
• They deal with “requirements”: clear, complete,
consistent specifications of the behaviour of a
system
 Requirements definition: procedural logic,
data attributes
 Requirements prioritisation: feasibility, cost,
“must have” versus “nice-to-have”
15
Privacy: Gathering Insights from Lawyers and Technologists
Maynooth University, July 1, 2015
“Privacy by Design”
• Privacy by Design: vague set of principles
 No methodological guidance: how do systems
developers build privacy into design process?
• Privacy by Re-Design: retro-fitting existing systems
 Very expensive
 Computers are designed to share, retain, index, and
analyse information … They are not designed to
“forget”. Even “erasure” is not straightforward.
Privacy: Gathering Insights from Lawyers and Technologists
Maynooth University, July 1, 2015
Over to you …
• Michael Lang1
& Rónán Kennedy2
, NUI Galway
• 1. School of Business & Economics, NUI Galway
Michael.Lang@nuigalway.ie
• 2. School of Law, NUI Galway
Ronan.M.Kennedy@nuigalway.ie
17

Weitere ähnliche Inhalte

Was ist angesagt?

Cross-Disciplinary Insights on Big Data Challenges and Solutions
Cross-Disciplinary Insights on Big Data Challenges and SolutionsCross-Disciplinary Insights on Big Data Challenges and Solutions
Cross-Disciplinary Insights on Big Data Challenges and SolutionsBYTE Project
 
Responsible digital transformations(1)
Responsible digital transformations(1)Responsible digital transformations(1)
Responsible digital transformations(1)PanagiotisKeramidis
 
"Legal implementation barriers of privacy-preserving technologies" eLAW prese...
"Legal implementation barriers of privacy-preserving technologies" eLAW prese..."Legal implementation barriers of privacy-preserving technologies" eLAW prese...
"Legal implementation barriers of privacy-preserving technologies" eLAW prese...e-SIDES.eu
 
Information and Communications Technology for Environmental Regulation: Criti...
Information and Communications Technology for Environmental Regulation: Criti...Information and Communications Technology for Environmental Regulation: Criti...
Information and Communications Technology for Environmental Regulation: Criti...Rónán Kennedy
 
Addressing non economical externalities
Addressing non economical externalitiesAddressing non economical externalities
Addressing non economical externalitiesBYTE Project
 
A-XLRM summary for BYTE case studies: Crisis, culture and health
A-XLRM summary for BYTE case studies: Crisis, culture and healthA-XLRM summary for BYTE case studies: Crisis, culture and health
A-XLRM summary for BYTE case studies: Crisis, culture and healthBYTE Project
 
from data to artificial intelligence, from laboratory to industry
from data to artificial intelligence, from laboratory to industryfrom data to artificial intelligence, from laboratory to industry
from data to artificial intelligence, from laboratory to industryWidy Widyawan
 
Robotic process automation in local government a system for efficiency, or ju...
Robotic process automation in local government a system for efficiency, or ju...Robotic process automation in local government a system for efficiency, or ju...
Robotic process automation in local government a system for efficiency, or ju...PanagiotisKeramidis
 
AI Governance and Ethics - Industry Standards
AI Governance and Ethics - Industry StandardsAI Governance and Ethics - Industry Standards
AI Governance and Ethics - Industry StandardsAnsgar Koene
 
Spring Splash 3.4.2019: When AI Meets Ethics by Meeri Haataja
Spring Splash 3.4.2019: When AI Meets Ethics by Meeri Haataja Spring Splash 3.4.2019: When AI Meets Ethics by Meeri Haataja
Spring Splash 3.4.2019: When AI Meets Ethics by Meeri Haataja Saidot
 
Bias in algorithmic decision-making: Standards, Algorithmic Literacy and Gove...
Bias in algorithmic decision-making: Standards, Algorithmic Literacy and Gove...Bias in algorithmic decision-making: Standards, Algorithmic Literacy and Gove...
Bias in algorithmic decision-making: Standards, Algorithmic Literacy and Gove...Ansgar Koene
 
Chinese taipei ct012 1366641392
Chinese taipei ct012 1366641392Chinese taipei ct012 1366641392
Chinese taipei ct012 1366641392Nurul Yakin
 
Human Agency on Algorithmic Systems
Human Agency on Algorithmic SystemsHuman Agency on Algorithmic Systems
Human Agency on Algorithmic SystemsAnsgar Koene
 
Ann ackaert - handle with ecare: 5 years of ict research in the homecare envi...
Ann ackaert - handle with ecare: 5 years of ict research in the homecare envi...Ann ackaert - handle with ecare: 5 years of ict research in the homecare envi...
Ann ackaert - handle with ecare: 5 years of ict research in the homecare envi...imec.archive
 
From Privacy Impact Assessment to Social Impact Assessment: Preserving TRrus...
From Privacy Impact Assessment to Social Impact Assessment: Preserving TRrus...From Privacy Impact Assessment to Social Impact Assessment: Preserving TRrus...
From Privacy Impact Assessment to Social Impact Assessment: Preserving TRrus...Lilian Edwards
 
Entrepreneurs Attitude towards the Computer and its Effect on ...
Entrepreneurs Attitude towards the Computer and its Effect on ...Entrepreneurs Attitude towards the Computer and its Effect on ...
Entrepreneurs Attitude towards the Computer and its Effect on ...Videoguy
 
Keynote speech – ai as a mean to better inform policy makers true or false(1)
Keynote speech – ai as a mean to better inform policy makers true or false(1)Keynote speech – ai as a mean to better inform policy makers true or false(1)
Keynote speech – ai as a mean to better inform policy makers true or false(1)PanagiotisKeramidis
 
Ethics In DW & DM
Ethics In DW & DMEthics In DW & DM
Ethics In DW & DMabethan
 

Was ist angesagt? (19)

Cross-Disciplinary Insights on Big Data Challenges and Solutions
Cross-Disciplinary Insights on Big Data Challenges and SolutionsCross-Disciplinary Insights on Big Data Challenges and Solutions
Cross-Disciplinary Insights on Big Data Challenges and Solutions
 
Responsible digital transformations(1)
Responsible digital transformations(1)Responsible digital transformations(1)
Responsible digital transformations(1)
 
"Legal implementation barriers of privacy-preserving technologies" eLAW prese...
"Legal implementation barriers of privacy-preserving technologies" eLAW prese..."Legal implementation barriers of privacy-preserving technologies" eLAW prese...
"Legal implementation barriers of privacy-preserving technologies" eLAW prese...
 
Information and Communications Technology for Environmental Regulation: Criti...
Information and Communications Technology for Environmental Regulation: Criti...Information and Communications Technology for Environmental Regulation: Criti...
Information and Communications Technology for Environmental Regulation: Criti...
 
Addressing non economical externalities
Addressing non economical externalitiesAddressing non economical externalities
Addressing non economical externalities
 
A-XLRM summary for BYTE case studies: Crisis, culture and health
A-XLRM summary for BYTE case studies: Crisis, culture and healthA-XLRM summary for BYTE case studies: Crisis, culture and health
A-XLRM summary for BYTE case studies: Crisis, culture and health
 
from data to artificial intelligence, from laboratory to industry
from data to artificial intelligence, from laboratory to industryfrom data to artificial intelligence, from laboratory to industry
from data to artificial intelligence, from laboratory to industry
 
Robotic process automation in local government a system for efficiency, or ju...
Robotic process automation in local government a system for efficiency, or ju...Robotic process automation in local government a system for efficiency, or ju...
Robotic process automation in local government a system for efficiency, or ju...
 
AI Governance and Ethics - Industry Standards
AI Governance and Ethics - Industry StandardsAI Governance and Ethics - Industry Standards
AI Governance and Ethics - Industry Standards
 
Spring Splash 3.4.2019: When AI Meets Ethics by Meeri Haataja
Spring Splash 3.4.2019: When AI Meets Ethics by Meeri Haataja Spring Splash 3.4.2019: When AI Meets Ethics by Meeri Haataja
Spring Splash 3.4.2019: When AI Meets Ethics by Meeri Haataja
 
Bias in algorithmic decision-making: Standards, Algorithmic Literacy and Gove...
Bias in algorithmic decision-making: Standards, Algorithmic Literacy and Gove...Bias in algorithmic decision-making: Standards, Algorithmic Literacy and Gove...
Bias in algorithmic decision-making: Standards, Algorithmic Literacy and Gove...
 
Chinese taipei ct012 1366641392
Chinese taipei ct012 1366641392Chinese taipei ct012 1366641392
Chinese taipei ct012 1366641392
 
Human Agency on Algorithmic Systems
Human Agency on Algorithmic SystemsHuman Agency on Algorithmic Systems
Human Agency on Algorithmic Systems
 
Ann ackaert - handle with ecare: 5 years of ict research in the homecare envi...
Ann ackaert - handle with ecare: 5 years of ict research in the homecare envi...Ann ackaert - handle with ecare: 5 years of ict research in the homecare envi...
Ann ackaert - handle with ecare: 5 years of ict research in the homecare envi...
 
From Privacy Impact Assessment to Social Impact Assessment: Preserving TRrus...
From Privacy Impact Assessment to Social Impact Assessment: Preserving TRrus...From Privacy Impact Assessment to Social Impact Assessment: Preserving TRrus...
From Privacy Impact Assessment to Social Impact Assessment: Preserving TRrus...
 
Entrepreneurs Attitude towards the Computer and its Effect on ...
Entrepreneurs Attitude towards the Computer and its Effect on ...Entrepreneurs Attitude towards the Computer and its Effect on ...
Entrepreneurs Attitude towards the Computer and its Effect on ...
 
Keynote speech – ai as a mean to better inform policy makers true or false(1)
Keynote speech – ai as a mean to better inform policy makers true or false(1)Keynote speech – ai as a mean to better inform policy makers true or false(1)
Keynote speech – ai as a mean to better inform policy makers true or false(1)
 
Cybersecurity and Academic Research
Cybersecurity and Academic ResearchCybersecurity and Academic Research
Cybersecurity and Academic Research
 
Ethics In DW & DM
Ethics In DW & DMEthics In DW & DM
Ethics In DW & DM
 

Ähnlich wie From Law to Code: Translating Legal Principles into Digital Rules

e-SIDES workshop at BDV Meet-Up, Sofia 14/05/2018
e-SIDES workshop at BDV Meet-Up, Sofia 14/05/2018e-SIDES workshop at BDV Meet-Up, Sofia 14/05/2018
e-SIDES workshop at BDV Meet-Up, Sofia 14/05/2018e-SIDES.eu
 
A Case for Expectation Informed Design - Full
A Case for Expectation Informed Design - FullA Case for Expectation Informed Design - Full
A Case for Expectation Informed Design - Fullgloriakt
 
Towards data responsibility - how to put ideals into action
Towards data responsibility - how to put ideals into actionTowards data responsibility - how to put ideals into action
Towards data responsibility - how to put ideals into actionMindtrek
 
A Case for Expectation Informed Design
A Case for Expectation Informed DesignA Case for Expectation Informed Design
A Case for Expectation Informed Designgloriakt
 
Privacy by Design Seminar - Jan 22, 2015
Privacy by Design Seminar - Jan 22, 2015Privacy by Design Seminar - Jan 22, 2015
Privacy by Design Seminar - Jan 22, 2015Dr. Ann Cavoukian
 
e-SIDES workshop at ICE-IEEE Conference, Madeira 28/06/2017
e-SIDES workshop at ICE-IEEE Conference, Madeira 28/06/2017e-SIDES workshop at ICE-IEEE Conference, Madeira 28/06/2017
e-SIDES workshop at ICE-IEEE Conference, Madeira 28/06/2017e-SIDES.eu
 
Data protection and privacy framework in the design of learning analytics sys...
Data protection and privacy framework in the design of learning analytics sys...Data protection and privacy framework in the design of learning analytics sys...
Data protection and privacy framework in the design of learning analytics sys...Tore Hoel
 
Enabling Science with Trust and Security – Guest Keynote
Enabling Science with Trust and Security – Guest KeynoteEnabling Science with Trust and Security – Guest Keynote
Enabling Science with Trust and Security – Guest KeynoteGlobus
 
005. Ethics, Privacy and Security
005. Ethics, Privacy and Security005. Ethics, Privacy and Security
005. Ethics, Privacy and SecurityArianto Muditomo
 
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...Karlos Svoboda
 
Luciano uvi hackfest.28.10.2020
Luciano uvi hackfest.28.10.2020Luciano uvi hackfest.28.10.2020
Luciano uvi hackfest.28.10.2020Joanne Luciano
 
Chapter -6- Ethics and Professionalism of ET (2).pptx
Chapter -6- Ethics and Professionalism of ET (2).pptxChapter -6- Ethics and Professionalism of ET (2).pptx
Chapter -6- Ethics and Professionalism of ET (2).pptxbalewayalew
 
Ensuring User Data Protection And Privacy
Ensuring User Data Protection And PrivacyEnsuring User Data Protection And Privacy
Ensuring User Data Protection And PrivacyMandy Hebert
 
Emerging Technologies in Data Sharing and Analytics at Data61
Emerging Technologies in Data Sharing and Analytics at Data61Emerging Technologies in Data Sharing and Analytics at Data61
Emerging Technologies in Data Sharing and Analytics at Data61Liming Zhu
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarEryk Budi Pratama
 
Ethics & Privacy for Learning Analytics
Ethics & Privacy for Learning AnalyticsEthics & Privacy for Learning Analytics
Ethics & Privacy for Learning AnalyticsTore Hoel
 
The privacy and security implications of AI, big data and predictive analytics
The privacy and security implications of AI, big data and predictive analyticsThe privacy and security implications of AI, big data and predictive analytics
The privacy and security implications of AI, big data and predictive analyticsDan Michaluk
 
Brussels Privacy Hub: SATORI and iTRACK
Brussels Privacy Hub: SATORI and iTRACKBrussels Privacy Hub: SATORI and iTRACK
Brussels Privacy Hub: SATORI and iTRACKTrilateral Research
 

Ähnlich wie From Law to Code: Translating Legal Principles into Digital Rules (20)

e-SIDES workshop at BDV Meet-Up, Sofia 14/05/2018
e-SIDES workshop at BDV Meet-Up, Sofia 14/05/2018e-SIDES workshop at BDV Meet-Up, Sofia 14/05/2018
e-SIDES workshop at BDV Meet-Up, Sofia 14/05/2018
 
A Case for Expectation Informed Design - Full
A Case for Expectation Informed Design - FullA Case for Expectation Informed Design - Full
A Case for Expectation Informed Design - Full
 
Towards data responsibility - how to put ideals into action
Towards data responsibility - how to put ideals into actionTowards data responsibility - how to put ideals into action
Towards data responsibility - how to put ideals into action
 
A Case for Expectation Informed Design
A Case for Expectation Informed DesignA Case for Expectation Informed Design
A Case for Expectation Informed Design
 
Privacy by Design Seminar - Jan 22, 2015
Privacy by Design Seminar - Jan 22, 2015Privacy by Design Seminar - Jan 22, 2015
Privacy by Design Seminar - Jan 22, 2015
 
Review questions
Review questionsReview questions
Review questions
 
e-SIDES workshop at ICE-IEEE Conference, Madeira 28/06/2017
e-SIDES workshop at ICE-IEEE Conference, Madeira 28/06/2017e-SIDES workshop at ICE-IEEE Conference, Madeira 28/06/2017
e-SIDES workshop at ICE-IEEE Conference, Madeira 28/06/2017
 
Data protection and privacy framework in the design of learning analytics sys...
Data protection and privacy framework in the design of learning analytics sys...Data protection and privacy framework in the design of learning analytics sys...
Data protection and privacy framework in the design of learning analytics sys...
 
Enabling Science with Trust and Security – Guest Keynote
Enabling Science with Trust and Security – Guest KeynoteEnabling Science with Trust and Security – Guest Keynote
Enabling Science with Trust and Security – Guest Keynote
 
005. Ethics, Privacy and Security
005. Ethics, Privacy and Security005. Ethics, Privacy and Security
005. Ethics, Privacy and Security
 
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...
Privacy, Accountability and Trust Privacy, Accountability and Trust Privacy, ...
 
Luciano uvi hackfest.28.10.2020
Luciano uvi hackfest.28.10.2020Luciano uvi hackfest.28.10.2020
Luciano uvi hackfest.28.10.2020
 
Chapter -6- Ethics and Professionalism of ET (2).pptx
Chapter -6- Ethics and Professionalism of ET (2).pptxChapter -6- Ethics and Professionalism of ET (2).pptx
Chapter -6- Ethics and Professionalism of ET (2).pptx
 
Ensuring User Data Protection And Privacy
Ensuring User Data Protection And PrivacyEnsuring User Data Protection And Privacy
Ensuring User Data Protection And Privacy
 
Emerging Technologies in Data Sharing and Analytics at Data61
Emerging Technologies in Data Sharing and Analytics at Data61Emerging Technologies in Data Sharing and Analytics at Data61
Emerging Technologies in Data Sharing and Analytics at Data61
 
Chapter 3
Chapter 3Chapter 3
Chapter 3
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI Webinar
 
Ethics & Privacy for Learning Analytics
Ethics & Privacy for Learning AnalyticsEthics & Privacy for Learning Analytics
Ethics & Privacy for Learning Analytics
 
The privacy and security implications of AI, big data and predictive analytics
The privacy and security implications of AI, big data and predictive analyticsThe privacy and security implications of AI, big data and predictive analytics
The privacy and security implications of AI, big data and predictive analytics
 
Brussels Privacy Hub: SATORI and iTRACK
Brussels Privacy Hub: SATORI and iTRACKBrussels Privacy Hub: SATORI and iTRACK
Brussels Privacy Hub: SATORI and iTRACK
 

Mehr von Rónán Kennedy

Rethinking Reflexive Law for the Information Age
Rethinking Reflexive Law for the Information AgeRethinking Reflexive Law for the Information Age
Rethinking Reflexive Law for the Information AgeRónán Kennedy
 
Information and Communications Technology in Water Regulation
Information and Communications Technology in Water RegulationInformation and Communications Technology in Water Regulation
Information and Communications Technology in Water RegulationRónán Kennedy
 
#StopSopaIreland, Keyboard Warriors and 86 Questions: Updating Irish Copyrigh...
#StopSopaIreland, Keyboard Warriors and 86 Questions: Updating Irish Copyrigh...#StopSopaIreland, Keyboard Warriors and 86 Questions: Updating Irish Copyrigh...
#StopSopaIreland, Keyboard Warriors and 86 Questions: Updating Irish Copyrigh...Rónán Kennedy
 
Teaching Legal Writing Online
Teaching Legal Writing OnlineTeaching Legal Writing Online
Teaching Legal Writing OnlineRónán Kennedy
 
Climate Change Law and Policy After Cancún
Climate Change Law and Policy After CancúnClimate Change Law and Policy After Cancún
Climate Change Law and Policy After CancúnRónán Kennedy
 
Role of Information in Environmental Regulation
Role of Information in Environmental RegulationRole of Information in Environmental Regulation
Role of Information in Environmental RegulationRónán Kennedy
 

Mehr von Rónán Kennedy (7)

Cloughpenny overview
Cloughpenny overviewCloughpenny overview
Cloughpenny overview
 
Rethinking Reflexive Law for the Information Age
Rethinking Reflexive Law for the Information AgeRethinking Reflexive Law for the Information Age
Rethinking Reflexive Law for the Information Age
 
Information and Communications Technology in Water Regulation
Information and Communications Technology in Water RegulationInformation and Communications Technology in Water Regulation
Information and Communications Technology in Water Regulation
 
#StopSopaIreland, Keyboard Warriors and 86 Questions: Updating Irish Copyrigh...
#StopSopaIreland, Keyboard Warriors and 86 Questions: Updating Irish Copyrigh...#StopSopaIreland, Keyboard Warriors and 86 Questions: Updating Irish Copyrigh...
#StopSopaIreland, Keyboard Warriors and 86 Questions: Updating Irish Copyrigh...
 
Teaching Legal Writing Online
Teaching Legal Writing OnlineTeaching Legal Writing Online
Teaching Legal Writing Online
 
Climate Change Law and Policy After Cancún
Climate Change Law and Policy After CancúnClimate Change Law and Policy After Cancún
Climate Change Law and Policy After Cancún
 
Role of Information in Environmental Regulation
Role of Information in Environmental RegulationRole of Information in Environmental Regulation
Role of Information in Environmental Regulation
 

Kürzlich hochgeladen

An introduction to Indian Contract Act, 1872 by Shraddha Pandit
An introduction to Indian Contract Act, 1872 by Shraddha PanditAn introduction to Indian Contract Act, 1872 by Shraddha Pandit
An introduction to Indian Contract Act, 1872 by Shraddha PanditSHRADDHA PANDIT
 
Corporate Sustainability Due Diligence Directive (CSDDD or the EU Supply Chai...
Corporate Sustainability Due Diligence Directive (CSDDD or the EU Supply Chai...Corporate Sustainability Due Diligence Directive (CSDDD or the EU Supply Chai...
Corporate Sustainability Due Diligence Directive (CSDDD or the EU Supply Chai...Dr. Oliver Massmann
 
Classification of Contracts in Business Regulations
Classification of Contracts in Business RegulationsClassification of Contracts in Business Regulations
Classification of Contracts in Business RegulationsSyedaAyeshaTabassum1
 
ArtificiaI Intelligence based Cyber Forensic Tools: Relevancy and Admissibili...
ArtificiaI Intelligence based Cyber Forensic Tools: Relevancy and Admissibili...ArtificiaI Intelligence based Cyber Forensic Tools: Relevancy and Admissibili...
ArtificiaI Intelligence based Cyber Forensic Tools: Relevancy and Admissibili...Anadi Tewari
 
Patents and AI: Current Tools, Future Solutions
Patents and AI: Current Tools, Future SolutionsPatents and AI: Current Tools, Future Solutions
Patents and AI: Current Tools, Future SolutionsAurora Consulting
 
xLran: Open source AI for legal hackers.
xLran: Open source AI for legal hackers.xLran: Open source AI for legal hackers.
xLran: Open source AI for legal hackers.mike689707
 
Islamabad High Court Judges wrote a letter to Supreme Judicial Council.pdf
Islamabad High Court Judges wrote a letter to Supreme Judicial Council.pdfIslamabad High Court Judges wrote a letter to Supreme Judicial Council.pdf
Islamabad High Court Judges wrote a letter to Supreme Judicial Council.pdfNo One
 
Women and the World of Climate Change- A Conceptual Foundation by Shraddha Pa...
Women and the World of Climate Change- A Conceptual Foundation by Shraddha Pa...Women and the World of Climate Change- A Conceptual Foundation by Shraddha Pa...
Women and the World of Climate Change- A Conceptual Foundation by Shraddha Pa...SHRADDHA PANDIT
 
The Ultimate Guide to Drafting Your Separation Agreement with a Template
The Ultimate Guide to Drafting Your Separation Agreement with a TemplateThe Ultimate Guide to Drafting Your Separation Agreement with a Template
The Ultimate Guide to Drafting Your Separation Agreement with a TemplateBTL Law P.C.
 

Kürzlich hochgeladen (10)

An introduction to Indian Contract Act, 1872 by Shraddha Pandit
An introduction to Indian Contract Act, 1872 by Shraddha PanditAn introduction to Indian Contract Act, 1872 by Shraddha Pandit
An introduction to Indian Contract Act, 1872 by Shraddha Pandit
 
Corporate Sustainability Due Diligence Directive (CSDDD or the EU Supply Chai...
Corporate Sustainability Due Diligence Directive (CSDDD or the EU Supply Chai...Corporate Sustainability Due Diligence Directive (CSDDD or the EU Supply Chai...
Corporate Sustainability Due Diligence Directive (CSDDD or the EU Supply Chai...
 
Classification of Contracts in Business Regulations
Classification of Contracts in Business RegulationsClassification of Contracts in Business Regulations
Classification of Contracts in Business Regulations
 
ArtificiaI Intelligence based Cyber Forensic Tools: Relevancy and Admissibili...
ArtificiaI Intelligence based Cyber Forensic Tools: Relevancy and Admissibili...ArtificiaI Intelligence based Cyber Forensic Tools: Relevancy and Admissibili...
ArtificiaI Intelligence based Cyber Forensic Tools: Relevancy and Admissibili...
 
Patents and AI: Current Tools, Future Solutions
Patents and AI: Current Tools, Future SolutionsPatents and AI: Current Tools, Future Solutions
Patents and AI: Current Tools, Future Solutions
 
xLran: Open source AI for legal hackers.
xLran: Open source AI for legal hackers.xLran: Open source AI for legal hackers.
xLran: Open source AI for legal hackers.
 
Islamabad High Court Judges wrote a letter to Supreme Judicial Council.pdf
Islamabad High Court Judges wrote a letter to Supreme Judicial Council.pdfIslamabad High Court Judges wrote a letter to Supreme Judicial Council.pdf
Islamabad High Court Judges wrote a letter to Supreme Judicial Council.pdf
 
Criminalizing Disabilities & False Confessions
Criminalizing Disabilities & False ConfessionsCriminalizing Disabilities & False Confessions
Criminalizing Disabilities & False Confessions
 
Women and the World of Climate Change- A Conceptual Foundation by Shraddha Pa...
Women and the World of Climate Change- A Conceptual Foundation by Shraddha Pa...Women and the World of Climate Change- A Conceptual Foundation by Shraddha Pa...
Women and the World of Climate Change- A Conceptual Foundation by Shraddha Pa...
 
The Ultimate Guide to Drafting Your Separation Agreement with a Template
The Ultimate Guide to Drafting Your Separation Agreement with a TemplateThe Ultimate Guide to Drafting Your Separation Agreement with a Template
The Ultimate Guide to Drafting Your Separation Agreement with a Template
 

From Law to Code: Translating Legal Principles into Digital Rules

  • 1. From Law to Code: Translating Legal Principles into Digital Rules Michael Lang and Rónán Kennedy National University of Ireland, Galway michael.lang@nuigalway.ie Image: Karl-Ludwig Poggemann, https://www.flickr.com/photos/hinkelstone/
  • 2. Privacy: Gathering Insights from Lawyers and Technologists Maynooth University, July 1, 2015 Overview • Public perceptions of the ‘Right to be Forgotten’ • Implementation challenges • Privacy in security policy implementation • Privacy in requirements analysis and design 2
  • 3. Privacy: Gathering Insights from Lawyers and Technologists Maynooth University, July 1, 2015 Public Perceptions of the ‘Right to be Forgotten’ • Survey conducted by Clare Doherty & Michael Lang (NUIG), Autumn 2013  Objective: obtain a sense of how people feel about the proposed right to be forgotten and how it might be implemented • Respondent profile  260 respondents  Ranged in age from 17 to 61, mean of 29 years  14 different counties (Ireland 82%, Others 18%)  Employed persons 74%, Students 17%, Others 9% 3
  • 4. Privacy: Gathering Insights from Lawyers and Technologists Maynooth University, July 1, 2015 Do you know what your privacy rights are?
  • 5. Privacy: Gathering Insights from Lawyers and Technologists Maynooth University, July 1, 2015 Are existing controls effective against on-line reputational damage?
  • 6. Privacy: Gathering Insights from Lawyers and Technologists Maynooth University, July 1, 2015 Are you in favour of “right to be forgotten” becoming law?
  • 7. Privacy: Gathering Insights from Lawyers and Technologists Maynooth University, July 1, 2015 What type of information should you have right to erase?
  • 8. Privacy: Gathering Insights from Lawyers and Technologists Maynooth University, July 1, 2015 Implementation Challenges • Legal rules: • Flexible, deliberately unclear, contested, malleable • Digital: • Rigid, clearly defined in advance, strictly operationalised, difficult to change 8
  • 9. Privacy: Gathering Insights from Lawyers and Technologists Maynooth University, July 1, 2015 ICT and Legal Processes Legal processes neither simple nor linear Not easily modelled by logic or expert systems Risk of destructive feedback cycle ICT as embedded and entrenched infrastructure 9
  • 10. Privacy: Gathering Insights from Lawyers and Technologists Maynooth University, July 1, 2015 Translating Legal Principles into Digital Rules  Dangers of digital decision-making  Closed, inflexible, unaccountable systems  Containing assumptions, biases, mistakes  Formalising practices and knowledge is difficult  Need to ‘Get It Right First Time’ 10
  • 11. Privacy: Gathering Insights from Lawyers and Technologists Maynooth University, July 1, 2015 “Privacy” in IS Security Risk Management • Information systems risk management strategies are based on rational process:  What is likelihood of something going wrong?  What is the severity: loss of life? loss of money? loss of reputation?  Cost-benefit analysis • So, … do organisations really care about safeguarding privacy? Or is it worth taking a risk? 11
  • 12. Privacy: Gathering Insights from Lawyers and Technologists Maynooth University, July 1, 2015 Information Systems Development: The Importance of “Clear” Requirements• ISD Project Management: time / cost / quality challenge (“software crisis” conundrum) • “In nearly every software project that fails to meet performance and cost goals, requirements inadequacies play a major and expensive role in project failure” (Alford & Lawson, 1979) • “The hardest single part of building a software system is deciding precisely what to build. No other part of the conceptual work is as difficult as establishing the detailed technical requirements ... No other part of the work so cripples the resulting system if done wrong.” (Brooks, 1987) 12
  • 13. Privacy: Gathering Insights from Lawyers and Technologists Maynooth University, July 1, 2015 13 Getting the Requirements “Right”
  • 14. Privacy: Gathering Insights from Lawyers and Technologists Maynooth University, July 1, 2015 Getting the Requirements Right: What Does “Privacy” Mean ? 14
  • 15. Privacy: Gathering Insights from Lawyers and Technologists Maynooth University, July 1, 2015 Privacy as a “Requirement”• Information systems developers don’t deal with laws, principles, rights, etc. • They deal with “requirements”: clear, complete, consistent specifications of the behaviour of a system  Requirements definition: procedural logic, data attributes  Requirements prioritisation: feasibility, cost, “must have” versus “nice-to-have” 15
  • 16. Privacy: Gathering Insights from Lawyers and Technologists Maynooth University, July 1, 2015 “Privacy by Design” • Privacy by Design: vague set of principles  No methodological guidance: how do systems developers build privacy into design process? • Privacy by Re-Design: retro-fitting existing systems  Very expensive  Computers are designed to share, retain, index, and analyse information … They are not designed to “forget”. Even “erasure” is not straightforward.
  • 17. Privacy: Gathering Insights from Lawyers and Technologists Maynooth University, July 1, 2015 Over to you … • Michael Lang1 & Rónán Kennedy2 , NUI Galway • 1. School of Business & Economics, NUI Galway Michael.Lang@nuigalway.ie • 2. School of Law, NUI Galway Ronan.M.Kennedy@nuigalway.ie 17