Jusletter IT

Digital Rights

  • Author: Ahti Saarenpää
  • Category of articles: Zum Generalthema Verantwortungsbewusste Digitalisierung
  • Category: Articles
  • Region: EU
  • Field of law: Legal Theory
  • Collection: Conference proceedings IRIS 2020
  • DOI: 10.38023/dc3b26fb-0ea8-489b-864f-631b8824d95a
  • Citation: Ahti Saarenpää, Digital Rights , in: Jusletter IT 28. Februar 2020
We live in a digital network society, because the «information society», once such a popular concept, no longer serves our communicative needs. When we talk about digitalization, we are quick to present numbers but must also answer the question of whether we need renewed or new legislation to address the developments under way. Recent years have seen the emergence of the concept of digital rights that would seemingly form a special branch of jurisdiction. Discussion of the issue has intensified in the last few years as greater consideration has been given to our constitutional rights. In this article I examine the question of whether we in fact need special constitutional digital rights and what such rights might be. The author participated in the implementation of the Personal Data Directive and functioned as the vice chair of the Finnish Data Protection Board. The work of the Board was discontinued following the coming into force of the GDPR. This article is based in part on the author’s introductory article to the FIADI Manual of Legal Informatics, published in 2019.

Inhaltsverzeichnis

  • 1. Technology and law
  • 2. The concept of a digital right
  • 3. Structure of our rights
  • 4. Conclusion
  • 5. References

1.

Technology and law ^

[1]

Technology and law have a relationship that goes way back: regulation and research have been fundamental activities since the advance of technology began. Indeed, there is no other option. Sooner or later, new technology will give rise to questions such as how law should deal with a particular phenomenon and whether new regulation is needed, existing regulation should be amended, or current practices modified. The simple reflex to call for more regulation often indicates a lack of regulatory sophistication. Unfortunately, one all too often hears how legislators fail to keep up with significant technological developments.1

[2]

It is altogether too simplistic to think that a new technological innovation or application necessarily requires reform of existing laws or the enactment of new ones. Our first instinct should be to test the limits of interpretation allowed by the present system to see if there really is a need for change. And, in the case of technology in particular, we should remember the role of standards and certifications in guiding practice.2 Similarly, codes of practice – codes of conduct – offer crucial paralegal tools for dealing with novel developments. They can be legal «wake up calls». Contrast this with the regrettable tendency of many lawyers to wait for preliminary rulings; this is a poor approach indeed if one wants to keep abreast of technology – although in some cases bypass appeals may speed things up.3

[3]

What is more, it is essentially unthinkable today to assess the potential need for new regulations without taking into account the legally significant change we see taking place in the very nature of the state. We live in the new constitutional state, where our constitutional rights are no longer as abstract and theoretical as they were before. We have to redouble our efforts to achieve an optimal constitutional legal culture.4 One key element of this culture in the digital Network Society is the legal planning of information systems – data systems by legal design.

[4]

One relevant issue in the constitutional state in the new Network Society is legal welfare. This is a welfare that highlights human worth and, by extension, our right to self-determination. We endeavour to safeguard this welfare through the legal planning (design) of information systems and the receipt of information, as well as the legal quality of these processes. In keeping with this approach, our rights should as often as possible be realized as fully and as early as possible in any process. The path of information as a whole has become a crucial legal issue.5 Access will naturally be one aspect of this planning, but it is only part of the big picture. We should not accept solutions where access means opening the door to a «black box»6.

[5]

The long path of information takes in our modern society ranges from technological choices to the possibilities of and restrictions on the recycling of information. In the modern constitutional state, each of the stages on this path must proceed with due regard for human and fundamental rights. This is not a simple undertaking. The risks that cause a scarcity of justice are increasing. The traditional era of static documents in oldfashioned paper format or technical data base systems, a relatively tractable period in legal terms, is now mostly over. We have entered the era of rights in digital form and a digital environment, an era in which the path of information from beginning to end will call for legal scrutiny at every turn. And we have entered the age, when it is possible to design smart digital data systems.7

[6]

In the midst of this change, it is more important than ever that we pause to reflect on the meaning of the concepts we use in both legislation and law in general. They help us to orient ourselves in the jungle of legislative texts. Can and should we have and use the concept of digital right/rights too?

2.

The concept of a digital right ^

[7]

«Digital right» is still a quite new and rarely used term. One is hard put to find it in the basic works on Legal Informatics. For example, it is nowhere to be found in Ian J. Lloyd’s widely acclaimed modern textbook Information Technology Law, the eighth edition of which came out in 2017.8 Professor Lloyd does not need that concept.

[8]

We should not assume that digitalization as a technological or political project will give rise to rights of a wholly new and different nature on the ground. Any talk of digital rights in these contexts grossly simplifies what is at issue; it would be societal and political advertising more than anything else. «Digital» is increasingly becoming a marketing term alongside its use in research and teaching, where it describes a societal development.

[9]

One of the first interesting academic descriptions of the digital society is that found in Digital Democracy. Discourse and Decision Making in the Information Age by Barry N. Hague and Brian Loader9. The book was published in 1999 and is used extensively in the Nordic countries, for example. Yet it does not open a window on digital rights. This is all too typical of social science research examining developments in society.10

[10]

Yet, in certain contexts the question of digital rights as a facet of the digital society was taken up rather early on. An illustrative example is the website Derechos Digitales, started in Chile in 2005 but still rather unfamiliar in Europe, which has become a comprehensive forum covering all of Latin America.11 It is also a forum supporting timely discussion of human rights generally.

[11]

Part of the reason why «digital right» has yet to become an established term is undoubtedly the fact that to date only few laws have been enacted that use the term or that can be seen as legislating such rights. One example of such a law that merits mention here is the 2014 Brazilian Marco Civil da Internet. The regulative idea can be seen as an internet-related one. For example, article 1 reads: «This Law establishes principles, guarantees, rights and obligations for the use of the internet in Brazil and provides guidelines for the actions of the Union, the States, the Federal District and the municipalities in this regard». Interestingly, the Act also uses the new concept of digital culture. Another noteworthy example is a white paper issued in Malta in 2012, in which the government spelled out the reasons for the new regulation.12

[12]

Two important observations can be made illustrating what laws on digital rights and the related discussion have in common. First, they pertain to information networks – primarily the Internet – and this is what many organizations want them to do. A good example in Europe is EDRI, the European Digital Rights Association. As we know, members of that organization include many civil and human rights organizations from across Europe. EDRI was founded already 2002.13 And, for example, the World Economic Forum describes digital rights nowadays in the following terms: «Digital rights are basically human rights in the internet era.»

[13]

Secondly, the legislation required involves especially legislation at the level of human and fundamental rights14. The concept is already in use in this sense in the United Nations. Single provisions or laws are no longer a viable solution. At issue is something far greater and more significant than regulation of a particular technological product or phenomenon. Human and fundamental rights should be protected even on networks. This is absolutely straightforward. The Council of Europe adopted this idea in 2014. And the UN Human Rights Council (HRC) accepted the same principle in 2018.

[14]

Following these short observations, a closer look is in order at what digital rights are. In my view, it is not enough to speak in general terms of internet rights or fundamental rights. If we do so, we succumb to a certain change blindness. One question we have to ask is what status such rights will have or should have in the lawyer’s toolbox.

3.

Structure of our rights ^

[15]

Our conception of the legal world doubtless includes the established notion that human and fundamental rights are the most important ones. The deep structure of legal thinking is based on human and constitutional rights. We can also speak in terms of the «value chain» of legislation, in which the values at the end of the chain enjoy special protection.15

[16]

It is actually rather straightforward to proceed along the value chain from an individual provision to the level of fundamental rights. One of the indisputable regulatory problems of the constitutional state is that the growth and importance of human and fundamental rights spark an increase in situations where the relationship between rights must be weighed in practice. There are very few established doctrines of interpretation to help us here. In 2001, Professor Luigi Ferrajoli started a deep-going discussion about the relationship between different human and basic rights16. This discussion continues, thanks to the classic ideas of professor Robert Alexy in particular17.

[17]

The requirement of weighing the relative importance of rights can be found – it is in fact built into – both the Personal Data Directive and the GDPR. Without giving any detailed guidelines, both instruments anticipate there being cases requiring reconciliation of personal data protection and public access to official documents in contexts where no special provisions have been enacted on the issue in question18.

[18]

The most significant international preliminary rulings on cases involving this tension are the ruling of the European Court of Human Rights in a Finnish case involving the publication of public tax data (Satamedia) and the ruling handed down by the Court of Justice of the European Union in the Google Spain case. At the risk of a slight simplification, it can be said that in both regulatory contexts the courts concluded that the protection of personal data takes precedence over the principle of publicity.19

[19]

I will not go into any detail on these rulings, which I find to be right on the mark. An adequate treatment of them would make for a presentation in its own right.20 For present purposes, it is more important to stop and think about what our legislative system would end up looking like if we augmented it with special digital fundamental rights. This is a proposal that has been put forward in many connections in recent years.

[20]

One example is the Barcelona Charter, published in conjunction with the Second Digital Law World Congress at the beginning of 2019.21

[21]

The Charter lists a total of 21 concerns that would merit attention. Some, such as the protection of personal data, have already been addressed through general or specific legislation. Following is the list:

  1. Human rights and freedoms currently in force.
  2. Right to digital identity.
  3. Right to digital citizenship.
  4. Right to dignity and the free development of personality in the context of technological developments.
  5. Right to freedom and equality in the access to the digital environment.
  6. Right to security of technological developments.
  7. Right to intimacy and confidentiality in the digital environment.
  8. Right to be forgotten and to digital memory.
  9. Right to protection of personal data.
  10. Right to freedom of thought, expression and information in the digital environment.
  11. Right to digital education and professional training.
  12. Right to freedom of enterprise and technological developments.
  13. Right to intellectual property and technological environments.
  14. Right to equality and prohibition of discrimination in the use of technologies.
  15. Right to protection of minors, persons with disabilities and other vulnerable groups.
  16. Right to the protection of workers in technological environments.
  17. Right to sustainable technological development.
  18. Right to the protection of consumers and users in digital environments.
  19. Right to digital asylum
  20. Right to participate in public affairs.
  21. Right to effective protection in digital conflicts.
[22]

Undoubtedly these are all important questions in today’s digital world and the list is thus a valuable one. Yet, as we can easily see, some issues on it are hardly confined to the Internet. We could and should consider these topics of importance in the discussion of the modern digital society. The role of independent organizations of experts – and citizens – is crucial in this debate. The expression «watchdog» is particularly appropriate here if we think of the drafting process.

[23]

It is another issue entirely, however, to determine what kind of regulation we need or can benefit from. The crux of the issue was captured in Professor Hans Peter Bull’s assessment of the German citizens’ initiative on fundamental rights when he pointed out that a digital or only supposedly digital right is in many instances a right that has been accepted as a more general human right in other contexts. Enacting regulation specifically for digital contexts may cause difficulties when it comes to interpretation.

[24]

In his assessment, Professor Bull concluded that we will do quite well with traditional fundamental rights. There may of course be some need to adapt them to the age of information networks in which we find ourselves. This position can be endorsed except, at least, where information security is concerned. We must remember that although the protection of personal data was enshrined – thanks to professor Spiros Simitis22 – as a fundamental right in the European Charter, the Charter was the result of a long period of drafting and was enacted at a time when for the most part security fell outside the scope of European regulation. We already had data protection, but we did not have data security.

[25]

It is rather another matter that we increasingly need general doctrines of infrastructure law and in that connection of surveillance law as well. This is a natural step forward in modern regulation; not only the question of digital rights.

4.

Conclusion ^

[26]

In fact, we should discuss the need for a new legislative theory. How can we create more communicative legislation in which digital right charters could give added value to the traditional legislation? And how can we reach the goal of regulatory fitness at the same time?23 The discussion of digital rights may lead us in a different direction if we only want to add to the number of fundamental rights. It is difficult to accept a way forward in which we would create a dichotomous system of regulation – digital and other rights – in which, as occurs today, the weighing of fundamental rights against one another would be relegated to individual cases. This would run counter to the basic idea of democracy that the law should be simple in the eyes of the citizens. Similarly, a massive addition of digital fundamental rights to our present legislation would drastically change the value chain. Seeing law transformed into an arena in which fundamental rights would constantly being weighed against one another would undermine our belief that legislation can provide a straightforward answer to the basic question of what is right.

[27]

It is a different matter entirely, as I see it, that research on Legal Informatics and the work of various watchdog organizations enables us to maintain a list of important digital rights and to compare this list to the frames of reference of the law in force. It is one of the natural tasks of Legal Informatics in a changing society and a society requiring ever-better professional skills of the lawyer.

5.

References ^

Alexy, Robert Theorie der Grundrechte, Suhrkamp 1986.

Alexy, Robert A Theory of Constitutional Rights, Oxford University Press, 2009.

Bauza Reilly, Marcelo (ed) El Derecho de las TIC en Iberoamérica, La Ley Uruguay, Thomson Reuters 2019.

Blume, Peter Smart Data Protection pp. 175–189 in Scandinavian Studies in Law vol 65. Jure 2018.

Bull, Hans-Peter Grundrechte für Europa. Eine rechtspolitische Initiative zur Einhegung des Internets: symbolische Politik oder effektive Rechtsetzung? Recht und Politik 1/2017 pp. 9–25.

Ferrajoli, Luigi Fundamental Rights. International Journal for the Semiotics of Law – Revue Internationale de Sémiotique Juridique 14 (1), 2001, pp. 1–33.

Hartzog, Woodrow Privacy’s Blueprint. The Battle to control the design of new technologies. Harvard University Press, Cambridge Massachusetts 2018.

Katsh, EthanRabinovich-Einy, Orna Digital Justice and the Internet of Disputes Oxford University Press 2017.

Modèer, Kjell-Åke Optimal Legal Cultures in 5 FRN Globalization and Modernities 1999, pp. 121.

Reins, Leonie (ed) Regulating New Technologies in Uncertain Times, Asser press 2019.

Saarenpää, Ahti Derechos Digitales in Bauza (ed) El Derecho de las TIC en Iberoamérica, 2019, pp. 291–326.

Saarenpää, Ahti, Wiatrowski, Aleksander (eds) Society Trapped in the Network. Does it have a Future? University of Lapland, Rovaniemi 2016 or available at: http://urn.fi/URN:ISBN:978–952–484–917–3.

Saarenpää, Ahti, Sztobryn, Karolina (eds) Lawyers in the Media Society. University of Lodz and University of Lapland. Rovaniemi 2016 or available at: http://urn.fi/URN:ISBN:978–952–484–917–3.

Simitis, Spiros Privacy-An Endless Debate? pp 1989–2005 available at: https://scholarship.law.berkeley.edu/cgi/viewcontent.cgi?article=1061&context=californialawreview.

Talus, Anu From simply sharing the cage to living together reconciling the right of public access to documents with the protection of personal data in the European legal framework, Unigrafia Helsinki 2019.

Webster, Frank Theories of the Information Society, fourth edition 2014, Routledge UK.

Weitzenboeck, Emily M. ... and still we are left wanting: Malta’s White Paper on digital rights, Computer Law & security 29 (2013) pp. 293–295.

  1. 1 Cfr. Reins (ed) Regulating New Technologies in Uncertain Times pp.7–11.
  2. 2 Far too often – even in legal training – the importance of standards and certifications is overlooked. The legal literature primarily paints a picture of decisions being arrived at on a case-by-case basis.
  3. 3 Bypass appeals were introduced in Finland later than in many other countries, not being allowed in the Supreme Court until 2011 and in the Supreme Administrative Court until 2014.
  4. 4 About the role of legal culture see especially MODÉER 1999.
  5. 5 See Saarenpää Legal Informatics Today – The View from the University of Lapland pp 10 in Saarenpää – Sztobryn Lawyers in the Media Society.
  6. 6 The UN Human Rights Committee considered in 2016 access to information networks to be a human right. Likewise, in 2015 the European Parliament issued a resolution asserting that access to the Internet should be a human right. Here we see in practice endorsement of the idea, noted above, of how important the Internet is as an information infrastructure and of the status of an individual’s digital rights as one of the basic pillars of the digital constitutional state.
  7. 7 See for example Blume Smart data protection, passim.
  8. 8 Lloyd Information Technology Law, Eight Edition 2017, passim.
  9. 9 HagueLoader Digital Democracy. Discourse and Decision Making in the Information Age (1999).
  10. 10 See, e.g. Webster Theories of the Information Society, 4th Edition (2014). Professor Webster took part in the Network Society research project which I headed but he left the legal assessment to us law researchers.
  11. 11 https://www.derechosdigitales.org.
  12. 12 mita.gov.mt/en/News/Documents/1_34533%20MITC%20White%20Paper%20Doc%20A4%20web%20final.pdf. The later history of this white paper was however not so simple. See for example Weitzenboeck. and still we are left wanting: Malta’s White Paper on digital rights, Computer Law & security 29 (2013) 293-29.
  13. 13 More in https://edri.org/about.
  14. 14 Today, «digital right» is also defined in EU terminology: human rights in the digital era. See https://iate.europa.eu/search/standard/result/1576071175693/1.
  15. 15 For a long time, the view prevailed in Finland that lower courts were not empowered to investigate the constitutionality of the provisions being applied. Progress has been made to the point where lower courts can, and should, make such assessments where necessary.
  16. 16 Ferrajoli Fundamental Rights, International Journal for the Semiotics of Law – Revue Internationale de Sémiotique Juridique 14 (1):1–33 (2001). The paper is only one of an extensive list of Professor Ferrajoli’s publications.
  17. 17 See especially Alexy. «A Theory of Constitutional Rights» 2009 and Alexy Constitutional Rights and Proportionality, Revus 22/2014.
  18. 18 Recital 72 of the Directive and article 85 of the GDPR.
  19. 19 In her doctoral thesis in Finland Anu Talus analysed both cases in details, her main theoretical tools being the ideas of Ronald Dworkin and Robert Alexy. See Talus From simply sharing the cage to living together: reconciling the right of public access to documents with the protection of personal data in the European legal framework (2019), passim.
  20. 20 I have to point out that the opinion of the Advocate General in the Google Spain case is puzzling in its one-sided emphasis on freedom of speech; from the point of view of legal certainty, it is nothing short of worrisome.
  21. 21 See http://digitalrightsbarcelona.org/la-carta/?lang=en.
  22. 22 See more Simitis Privacy - An Endless Debate? P.1992.
  23. 23 See more about REFIT, The European Commission’s regulatory fitness and performance programme. Available at: https://ec.europa.eu/info/law/law-making-process/evaluating-and-improving-existing-laws/refit-making-eu-law-simpler-and-less-costly_en.