Information Technology Law: The law and Society

By Andrew Murray

Oxford: Oxford University Press, 2013. 602
pp (incl index). ISBN

Cite as: E Linklater, “Book Review: Information Technology Law: The law and Society”, (2014) 11:2 SCRIPTed 200

Download PDF
DOI: 10.2966/scrip.110214.200

©  Emma Linklater 2014. This work is licensed under a Creative
Commons Attribution-NonCommercial-ShareAlike 4.0 International
. Please click on the link to read the terms and

To describe a book, or a university course, or a practice
area as coming under the umbrella of “information technology law” (IT law)
is notably deceptive in its simplicity: this swarming assemblage of topics,
each warranting a stand-alone title to themselves, is not easy to contrive
in an inclusive manner. Indeed, the nature of “information technology”
itself means that it is exothermic, subject to constant growth and exposure
to the wrath of regulation either in legal, societal or scientific form.
While it is clear that technology law is an appealing subject for students
due to its proximity to the everyday, this approachability can be
misleading. Although one may find it easy to identify with the subjects at
hand, perhaps even seeing personal experiences within the case studies
handled, it is hard to escape from the fact that the real trick in coming
up with a worthy contribution to the field is in finding an inextricable
and convincing theme to connect the varied subjects of study. Producing a
work that comprehensively covers everything involved in information
technology is of little value; what use is being encyclopaedic in print
form when the very technologies you are discussing are switching and
swapping in the day to day? Indeed, in such fast flowing subject areas,
perhaps more so than with other works, the true value comes from finding
the connecting thread and producing an arrangement of the issues faced in a
generalised, yet precise, context.

The author confidently approaches the vast substance of IT
law through the lens of “society”. For those familiar with Murray’s work,
certain parts of the text closely resemble his earlier work in The
Regulation of Cyberspace, however the discussion has been recast to focus
more clearly on the interaction between the “information society” and the
law. This is Murray’s connecting thread.

As one might expect, the quality of the substance of the book
cannot be faulted. The author’s prominent background in the field and the
fact that the book is already in its second edition already gives this
indication, but it is the sheer diversity of the subject matter covered
that signals the quality contribution of this book. Each part, and indeed
each chapter, looks at a seemingly unique subject, however Murray ties
these together by consistently asking the same questions: how has the law
developed and been used in its traditional context?; how has it been, or
how can it be cross-applied?; what problems can be inferred from
society-led or policy-based discussions, either by projection or based on
case law? Steadily, he lays down how the digital environment has been used,
is being used and should be used as framed by regulation and by

The book is divided into seven parts, with each part then
being further sub-divided into individual chapters. The first part serves
as an introduction, covering the principal historical (and technical)
background to the Internet, outlining what we should understand as a move
towards an increasingly “bits-based” society. Within this part of the book
already central issues come to the fore – the importance of the question of
network neutrality for example, and the clear signposting of the trials of
digitisation which challenge the way we can and may want to act. Parts II –
VI then proceed into addressing the various legal challenges that are
emerging within the traditional regulatory woodwork. Needless to say, all
the current headline topics are included: privacy and data protection,
e-commerce and online transactions (although quite surprisingly any
reference to Bitcoin is missing), as well as intellectual property law in
all its incarnations. The parts, and the chapters within these parts, are
separable and can be read individually. This divisibility is important as
it facilitates use by IT law courses, which may dip in and out of the book,
each using the sections within it in a slightly different way.

As point for reflection, it can be noted that the core
chapters frame the social aspect of technology differently depending on the
topic considered. For example, the chapters contained in Part I “Governance
in the Information Society”, relating to speech, networking, defamation and
so forth, enable a much clearer demonstration of how behaviours when using
technology are dealt with in regulation than say Chapters 10 or 12, on
software or databases, where the focus is more upon how technology
influences the limits of behaviour and forces new (rather than amended)
regulation. This noted, the approach to each subject is as consistent as
can be, and the detailed tracking of the regulatory and technological
turbulence throughout each chapter reinforces the point that what we can
take as a given today may not be so tomorrow. In particular, Chapters 6, 7,
18 and 19 (covering cyber-speech, social networking, electronic payments
and data protection) worked well to reinforce the trial-and-error nature of
the adjustments to be made, and that the impacts of technology may not have
easy fixes if the same outcome as for traditional rules is desired.

The concluding part of the book is, perhaps unsurprisingly,
less of a conclusion and more of a look to the future. Chapter 22 provides
us with one of the most interesting perspectives in the book: the
prediction that web 3.0 will signify a further step in the progression of
the Internet. Murray provides that what started out as consumerism in the
passive sense, which then moved towards user-generated content and
democracy, will take a next step in the direction of “personalisation and
user selectivity”. However, if the jump from web 1.0 to web 2.0 was
incremental in nature, whereby the law took a more cautionary step to “law
1.5” (despite the technology leap being observable), what does web 3.0 mean
for the law? In pondering this, Murray predicts that this next step for the
web means the law must also take a step up to “law 2.0” to deal with
machines which are less mechanical and more social by nature.

Throughout the book, the issues are well-defined and
contextualised sufficiently so as to enable a broad audience. Although
clearly a textbook in layout and style (with highlights, case studies,
example text boxes, further reading lists and test questions at the end of
each chapter), the content is presented in an open manner so as to warrant
further discussion rather than setting in stone the remit of the law in
this area. Of course, this is for a large part due to the uncertainty of
future developments in the area, but is also in part due to the author’s
first-person narrative; an easy tone which allows us to gauge his own
perspective. For example, he is from a self-declared Apple household, and
knows well the payoffs made between consumer choice, privacy and security
when opting for a closed ecosystem. This candidness moves the text far from
being an exam-primer style of book and complements the subject matter,
although for the present reviewer the switch from first to third person is
somewhat out of canter (if willing to reveal insights into his household
purchasing habits why not reveal himself as the author of The Regulation of
Cyberspace when discussing what “Murray believes”?).

As to readership, the book has a clear United Kingdom (UK)
focus, being designed primarily with LLM or honours students in mind.
However the author does not hesitate to discuss case law emanating from the
European Union or United States, primarily where the subject at hand has
yet to be discussed in the UK political or legal realm. Some may contend
that decisions in other legal systems can provide little relevant insight
into future developments in the UK. However, a cross-jurisdictional
approach is warranted, not only because of the general trend towards
Europeanisation (globalisation?), but in the forward thinking value of
looking further afield for good (or bad) examples to support principles of
regulation, rather than dealing with problems only as they arise in a
singular jurisdiction.

As noted above, the declared difficulty in this area is that
what was up to date at the time of printing risks being out of date rather
quickly. Even since this print edition, the Court of Justice of the
European Union has been notably active in many of the areas covered. When
reading it is no stretch to imagine course designs already having to
reference selected chapters with additional obligatory reading of rulings
such as Svensson, Pinckney, Google Spain and Nintendo as post-scripts to
the chapters. In this respect, use of the Oxford University Press Online
Resource Centre could assist in keeping the content updated with online and
audio add-ons, although none seem to have been added since publication.
While this reviewer is in no doubt that print books are alive and kicking
in the digital age, the sheer speed of turnover in IT (and IT law) does
leave one to wonder whether e-textbooks with progressive author updates
might, in the long run, be prudent for this subject area. Thankfully
though, that’s another debate entirely.

Emma Linklater

Doctoral Candidate, Department of Law, European University
Institute (Florence).

Book Review: Information Technology Law: The Law and Society