(2021) 18:1 SCRIPTed 1–98

Issue DOI: 10.2966/scrip.180121

Cover image

  • Laggan Dam, Scottish Highlands
    Alp Kagan Yalcin



  • Biomedical Data Identifiability in Canada and the European Union: From Risk Qualification to Risk Quantification?
    Alexander Bernier and Bartha Knoppers, pp. 4-56
    Full text PDF

    Data identifiability standards in Canada and the European Union rely on the same concepts to distinguish personal data from non-personal data. However, courts have interpreted the substantive content of such metrics divergently. Interpretive ambiguities can create challenges in determining whether data has been successfully anonymised in one jurisdiction, and whether it would also be considered anonymised in another. These difficulties arise from the law’s assessment of re-identification risk in reliance on qualitative tests of ‘serious risk’ or ‘reasonable likelihood’ as subjectively appreciated by adjudicators. We propose the use of maximum re-identification risk thresholds and quantitative methodologies to assess data identifiability and data anonymisation relative to measurable standards. We propose that separate legislation be adopted to address data-related practices that do not relate to demonstrably identifiable data, such as algorithmic profiling. This would ensure that regulators do not expand the jurisprudential conception of identifiable data purposively to capture such practices.

    Keywords: General Data Protection Regulation, data protection law, health data, information philosophy, privacy law, risk quantification

  • Legal Algorithms and Solutionism: Reflections on Two Recidivism Scores
    Marc Mölders, pp. 57-82
    Full text PDF

    Algorithms have entered courts, e.g. via scores assessing recidivism. At first sight, recent applications appear to be clear cases of solutionism, i.e. attempts at fixing social problems with technological solutions. Deploying thematic analysis on assessments of two of the most prominent and widespread examples of recidivism scores, COMPAS and the PSA, casts doubt on this notion. Crucial problems – as different as “fairness” (COMPAS) and “proper application” (PSA) – are not tackled in a technological manner but rather by installing conversations. It shows that even technorationalists never see the technological solution in isolation but are actively searching for flanking social methods thereby accounting for problems that cannot be eased technologically. Furthermore, we witness social scientists called upon as active parts of such engineering.

    Keywords: algorithms, fairness, pretrial, recidivism, risk assessment, solutionism


  • NISD2: A Common Framework for Information Sharing Among Network Defenders
    Andrew Cormack, pp. 83-98
    Full text PDF

    Sharing information about vulnerabilities and attacks is essential to defend information systems against threats such as malware, phishing and unauthorised access. By identifying this information sharing as a legitimate interest of data controllers, and highlighting the public interests that it serves, the draft Network and Information Security Directive provides a framework to encourage European participation in global information sharing, benefitting all users of the Internet.

    Keywords: data protection, incident response, information sharing, NIS Directive, security