Who owns the data?

13

October

2022

5/5 (1)

Data is used to support and shape business strategy. In addition, it can strengthen various business processes. It is therefore logical that more and more companies see value in obtaining and analysing data. They must be protected as we would any major asset. But who actually owns this collected data, the subject about whom the information is collected, the company generating the data, the person collecting the data or the person processing the data? What rights does this include?

Copyright

A database, as stated in Art. 1(2) Database Dir. (96/9/EC), is a collection of independent works, data, or other materials arranged in a systematic or methodical manner and individually accessible through electronic or other means. It is important to note that this does not refer to the individual components of the dataset, but to the protection of the entire database. A database may be protected by copyright, as by the selection or arrangement of their contents they constitute the author’s own intellectual creation and are therefore original. The author, who created the base, shall have the exclusive rights to reproduction, distribution, communication and adaptation.

Database rights

Since 1996, a guideline has already been made which can protect a database, which is not protected by copyright, against extraction and/or re-utilization from insubstantial parts of the dataset. This guideline is called the Sui Generis Right, Art. 7(1) Ddir (96/9/EC). Instead of authorship, this guideline examines the extent to which, in a qualitative or quantitative sense, there is a substantial investment in the field of obtaining, verifying and presenting the data. In the case BHB/William Hill (2004, case C-203/02) it was clarified what is meant by substantial investment and the concept of whole/substantial part. The BHB organization conducts horse racing in Great Britain and has a database on this. William Hill offers off-course bookings using two websites that display a small portion of the database’s content. The case concerned the possible infringement of BHB’s rights by William Hill posting and using the information obtained from the BHB database on the William Hill websites. Ultimately, the Supreme Court’s ruling is that substantial investment does not cover the resources used to create materials that make up the contents of a database. In this context, this means that the drawing up of a horse list by BHB was not seen as the creation of a database but as the data itself. But a by-product of its main activity, organizing horse racing. It was further explained that there is lawful use of a database as long as the cumulative effect of repeatedly retrieving/reusing data cannot largely reconstruct the content or may prejudice the copyright holder.

Consequences

Due to the elaboration of the EU database directives, the scale and scope of database protection under the EU database directives are more limited than expected, especially for sole-source databases. In addition, calling on a database can be complicated because the explanation of the concept ‘substantial investment’ is interpreted in a limited way and finding out in which part of a database a company has invested a lot is difficult. How do you think international law will change as a result of emerging technologies?

Reference

F.C. Folmer, ‘Arrest British Horseracing Board/William Hill: het einde van de spin-offtheorie in het databankrecht?’, NtER 2005-3/4, p.

Please rate this

Facial recognition: from great new technology to even larger concerns

24

September

2020

No ratings yet. Facial recognition technology has been around since the mid-1960s and has seen tremendous growth over the years. Applications can be found anywhere; tagging photos on social media, biometric locks, surveillance; the list is endless. While many of these may seem harmless and appear to facilitate efficiency for everyday tasks, scepticism on the technology has gained a greater foothold in past years. As the technology is achieving greater accuracy, privacy is becoming an increased concern. Some governments have set up permanent surveillance systems, collecting incredible amounts of data on citizens. While these systems are often claimed to provide safety on the streets, many are concerned about potential other uses of the data collected.

Worldwide, only a very limited number of countries have nation-wide bans in place: Belgium and Luxembourg. All other countries have no to very limited regulations regarding facial technology that should perhaps be reassessed. With America experiencing most of the uproar against the technology, action groups gained their first victory in 2019; San Francisco was the first American city to ban the private use of facial recognition technology. Now, a year and around ten additional city-wide bans later, the overall paradigm seems to be shifting even further.  Recently, Portland was the first city in the US to completely ban facial recognition technology for both private and governmental use. This seems to have sparked more discussion on the regulations that should be in place regarding the technology.

Studies have found concerning indications of the effects of facial recognition in everyday settings. For example, Andrejevic & Selwyn (2019) present social challenges facial recognition can have in schools. It is found that upon integration of the technology, the nature of schools can become oppressive, authoritarian and divisive. Additionally, the technology is being mass deployed in law enforcement, without any scientific evidence that suspects can be better identified. In fact, it is imposing stronger biases on law enforcement as the technology fosters a false sense of security. These are only some of the examples that have been found now that facial technology is being integrated.

Based on these reasons, I would personally urge all governments to strongly consider limiting the use of facial recognition technology on a large scale. While it is constantly developing and admittedly convenient in many scenarios, the actual scientific benefits for many applications are yet to be proven. Additionally, many risks have been identified that, while perhaps contained, for now, could start showing its effects at any time.

What do you think? Should facial recognition be better regulated worldwide? Do the applications outweigh the potential risks?

https://www.bloomberg.com/quicktake/facial-recognition#:~:text=Facial%20recognition%20technology%20was%20first,intelligence%20agencies%20and%20the%20military.

https://www.theguardian.com/technology/2019/jul/29/what-is-facial-recognition-and-how-sinister-is-it

https://www.wired.com/story/portlands-face-recognition-ban-twist-smart-cities/

https://www.forbes.com/sites/tomtaulli/2020/06/13/facial-recognition-bans-what-do-they-mean-for-ai-artificial-intelligence/#6c6aacca46ee

https://www-nature-com.eur.idm.oclc.org/articles/d41586-019-02514-7

https://www.visualcapitalist.com/facial-recognition-world-map/#:~:text=Belgium%20and%20Luxembourg%20are%20two,use%20of%20facial%20recognition%20technology

Andrejevic, M. & Selwyn, N. (2019). Facial recognition technology in schools: critical questions and concerns. Learning, Media and Technology 45(2), pp. 115-128.

Please rate this

The Globalisation of Data

16

October

2017

No ratings yet. After having read the news article ‘Supreme court will hear U.S.-Microsoft battle over email’ on the website of USA today, I started wondering about the question whether data should be location-bound or not (USA Today, 2017).

Using this ‘battle’ as example, I would like to discuss the topic of globalization of data and share my thoughts on it in this blog. But firstly, let me give a brief summary of the U.S vs. Microsoft case: The FBI requested to see email stored by Microsoft for an investigation. However, Microsoft claims that the FBI does not have the authority to request that, since the email are stored on a database in Ireland and therefore are not on American soil. Both Microsoft and the U.S. government have been ruled in favour by different judges, so now the upper court is going to take on the case and make a final ruling.

There are three different viewpoints regarding this case:
(1) People who believe the supreme court should rule in favour of the U.S government.
(2) People who believe the supreme court should rule in favour of Microsoft.
(3) People who believe the supreme court should not have taken on this case at all.

So, why do these groups believe they are right and the others are not?

The first group says that it is the government’s responsibility to investigate and prosecute crimes and to fend off terrorism and other kinds of threats to national security. By not being able to get a hold of those emails, this group believes the government won’t be able to do this and thus is it a threat to national security and public safety. They claim that this will make it easy for terrorist to avoid the US government, because they simply need to make sure their messages are stored in databases which are not located in the US (Reuters, 2017).

The second group claims that if the US government will be able to receive information about non-US citizens which is stored outside the US, this can also be done by other countries to US citizens. Also, they believe that this would interfere with the privacy of citizens and that countries should respect each other’s sovereignty (Bloomberg, 2017).

The third group believes that courts cannot come up with a suitable ruling for this case based on the current legislation. They claim that congress should first come up with new legislation that is more suitable for the time we live in, since the current legislation on this topic is still from the time of the floppy disc (USA Today, 2017).

Personally, I think that data should be location bound to the country where it is stored due to privacy reasons and that governments should work together to ward off terrorism. Meaning that this kind of information only gets shared when both countries agree that it is relevant for the investigation, instead of the US government being able to retrieve all information stored by American companies. Especially since these American companies, like Google and Microsoft, are active in so many countries and possess so much information about citizens of those countries. What about you? What are your thoughts on this topic?

Hurley, L. (2017, October 16). U.S. Supreme Court decide major Microsoft email privacy fight. Retrieved October 16, 2017, from reuters.com: https://www.reuters.com/article/us-usa-court-microsoft/u-s-supreme-court-to-decide-major-microsoft-email-privacy-fight-idUSKBN1CL20U

Stohr, G. (2017, October 16). Microsoft Email-Access Fight with U.S. Gets Top Court Review. Retrieved October 16, 2017, from Bloomberg.com: https://www.bloomberg.com/news/articles/2017-10-16/microsoft-email-access-fight-with-u-s-gets-supreme-court-review

Wolf, R. (2017, October 16). Supreme Court will hear U.S.-Microsoft battle over emails. Retrieved October 16, 2017, from usatoday.com: https://www.usatoday.com/story/news/politics/2017/10/16/supreme-court-hear-u-s-microsoft-battle-over-emails/761346001/

 

Please rate this