This summer issue of SCRIPTed marks the second issue of the seventeenth volume of our journal. It comes at a time of much uncertainty in the world due to the current COVID-19 pandemic, and we thank all of those working to keep us safe. In this issue we are delighted to present five fully peer-reviewed articles, as well as a collection of book reviews, analysis pieces, and case comments.
The first paper of this issue by Andrew Cormack addresses the paradox of personal data and security breaches in light of the GDPR. Andrew addresses the principles of purpose limitation and necessity, and how meeting these principles can balance the protection of personal data with the need to detect possible security breaches and maintain data security. Andrew concludes that the paradox does not exist in practice, and that security breach detection, when properly performed, should reassure data subjects, data controllers and regulators with the level of care it requires.
The second article in this issue by Silvia De Conca discusses whether owners of smart-speakers can be considered “joint-controllers” under GDPR, and how this interacts with the household exemption. Silvia argues that owners of smart speakers should be exempt from liability under GDPR, despite the definition of joint-controllers being one that could be stretched to include them, due to the asymmetrical positions of the owners, and the companies that produce and run smart-speakers, such as Amazon and Google. The paper provides a number of interesting insights into the relationship between data, house guests, and smart speakers.
The third article by Dara Hallinan and Raphaël Gellert, addresses the concept of “information” in respect of data protection, arguing that the lack of consideration in defining the term “information” has led to a problematic understanding when looked at in respect of GDPR. The authors discuss the two ways in which information is perceived under the regulation, and how the differences affect the effectiveness of data protection in Europe.
The fourth article by Pauline Kuss and Ronald Leenes discusses the societal impact of emotionally-intelligent conversational agents, such as Google Duplex, and how regulation is insufficient as it stands in addressing the issues such agents present. Pauline and Ronald suggest that these agents can be employed by individuals, which results in shifting privacy concerns unconsidered by existing privacy legislation, as well as addressing the ethical concerns of integrating these technologies in every-day life.
The final article by Jaap-Henk Hoepman and Bert-Jaap Koops considers the protections afforded to digital storage for things that historically would have been afforded high protections in the home, such as photos and videos. The authors sketch a digital architecture for offering “home” protection to digital storage spaces and argue for legal protections that equate this.
Also in this issue is a case comment from Matteo Mancinella discussing the adidas trademark case concerning its three stripe logo. We are also proud to present Abeba Birhane’s analysis piece on the algorithmic colonisation of Africa.
We finish this issue with three excellent book reviews that are sure to add to your reading lists.