We are pleased to share with you the third newsletter of the HUJI CyberLaw Program and to update you on the progress of our program.
Our upcoming first anniversary of the program is a good opportunity for us to take stock of our research activity and to articulate with greater clarity our mission and anticipated directions of future research. All in all, there is much activity to report on: The Program has launched six fully funded research projects: NSM activities as predictors of terrorist activity, regulation of Israel’s private market cyber-security standards, prevention of computer-based crimes, regulation of online surveillance, the legal status of the Tallinn Rules for the regulation of cyber-warfare, and the regulation of cyber-based human enhancement for military purposes. In addition, we have submitted or are in the process of preparing 13 research proposals covering a range of topics from the development of lex cybernetica to the regulation of smart cars, from regulation of online “fake news” to online shaming, and from privacy in IoT to the study of white collar cyber-crime. To this lengthy list of projects, we should also add the individual research projects being undertaken by 16 of our research fellows and associates.
Despite the great variety in research questions explored, three common threads run through all of these projects: Regulation, Liability, and Enforcement.
I thank you for your interest in our work, and look forward to hearing your thoughts and comments about this newsletter and our activities.
Sincerely,
Yuval Shany
Our upcoming first anniversary of the program is a good opportunity for us to take stock of our research activity and to articulate with greater clarity our mission and anticipated directions of future research. All in all, there is much activity to report on: The Program has launched six fully funded research projects: NSM activities as predictors of terrorist activity, regulation of Israel’s private market cyber-security standards, prevention of computer-based crimes, regulation of online surveillance, the legal status of the Tallinn Rules for the regulation of cyber-warfare, and the regulation of cyber-based human enhancement for military purposes. In addition, we have submitted or are in the process of preparing 13 research proposals covering a range of topics from the development of lex cybernetica to the regulation of smart cars, from regulation of online “fake news” to online shaming, and from privacy in IoT to the study of white collar cyber-crime. To this lengthy list of projects, we should also add the individual research projects being undertaken by 16 of our research fellows and associates.
Despite the great variety in research questions explored, three common threads run through all of these projects: Regulation, Liability, and Enforcement.
- Regulation – Whether we are studying cyber-warfare, the proliferation of online “fake news,” or the use of smart cars, it is clear that the regulatory challenges raised by cyber-security differ radically from those that arise in more traditional regulatory environments. This is because many activities in cyber-space create risks and adverse impacts on a much larger scale than their non-cyber counterparts. For example, due to its quick spread, easy accessibility, and perpetual presence, online shaming may constitute a qualitatively different phenomenon to offline shaming. Moreover, the capacity to regulate cyber-activities through state-centered or inter-state legislation is severely limited by the deterritorialized and decentralized features of cyber-space, the prominent role of IT companies in developing activities in cyber-space, and the sharp increase in the number and diversity of potential sources of risk and objects of protection.
- Liability – The above-mentioned security challenges have engendered diverse responses by governments, international agencies, IT companies, end-users, and insurers, which in turn raise complicated questions of legal liability and accountability. For example: Do internet intermediaries incur legal liability for online bullying, defamation or incitement to violence? Who should incur the costs of Bitcoin hacks? And what is the relationship between rights and duties adjudicated by online dispute settlers and traditional courts? The slow pace of regulation and the growing gap between existing laws and technological innovation create increasing incentives to regulate through the imposition of legal liability, notwithstanding the problematic nature of such reactive standard setting processes.
- Enforcement – The special features of cyber-space also mean that traditional territorial based law-enforcement is an inadequate tool for addressing the many challenges of cyber-crime and the need to react to other violations. Accordingly, new response strategies are being developed, including “hackbacks,” private enforcement and CERTs, involving a variety of private and public actors above and beyond traditional police or security services. At the same time, cyber-space also offers new avenues of crime detection and enforcement that raise complicated practical, ethical, and legal questions.
I thank you for your interest in our work, and look forward to hearing your thoughts and comments about this newsletter and our activities.
Sincerely,
Yuval Shany
