Information Technology Law: The law and Society
By Andrew Murray
Oxford: Oxford University Press, 2013. 602 pp (incl index). ISBN 978-0-19-966151-0. £37.99.
Cite as: E Linklater, “Book Review: Information Technology Law: The law and Society”, (2014) 11:2 SCRIPTed 200 http://script-ed.org/?p=1549
© Emma Linklater 2014. This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. Please click on the link to read the terms and conditions.
To describe a book, or a university course, or a practice area as coming under the umbrella of “information technology law” (IT law) is notably deceptive in its simplicity: this swarming assemblage of topics, each warranting a stand-alone title to themselves, is not easy to contrive in an inclusive manner. Indeed, the nature of “information technology” itself means that it is exothermic, subject to constant growth and exposure to the wrath of regulation either in legal, societal or scientific form. While it is clear that technology law is an appealing subject for students due to its proximity to the everyday, this approachability can be misleading. Although one may find it easy to identify with the subjects at hand, perhaps even seeing personal experiences within the case studies handled, it is hard to escape from the fact that the real trick in coming up with a worthy contribution to the field is in finding an inextricable and convincing theme to connect the varied subjects of study. Producing a work that comprehensively covers everything involved in information technology is of little value; what use is being encyclopaedic in print form when the very technologies you are discussing are switching and swapping in the day to day? Indeed, in such fast flowing subject areas, perhaps more so than with other works, the true value comes from finding the connecting thread and producing an arrangement of the issues faced in a generalised, yet precise, context.
The author confidently approaches the vast substance of IT law through the lens of “society”. For those familiar with Murray’s work, certain parts of the text closely resemble his earlier work in The Regulation of Cyberspace, however the discussion has been recast to focus more clearly on the interaction between the “information society” and the law. This is Murray’s connecting thread.
As one might expect, the quality of the substance of the book cannot be faulted. The author’s prominent background in the field and the fact that the book is already in its second edition already gives this indication, but it is the sheer diversity of the subject matter covered that signals the quality contribution of this book. Each part, and indeed each chapter, looks at a seemingly unique subject, however Murray ties these together by consistently asking the same questions: how has the law developed and been used in its traditional context?; how has it been, or how can it be cross-applied?; what problems can be inferred from society-led or policy-based discussions, either by projection or based on case law? Steadily, he lays down how the digital environment has been used, is being used and should be used as framed by regulation and by society.
The book is divided into seven parts, with each part then being further sub-divided into individual chapters. The first part serves as an introduction, covering the principal historical (and technical) background to the Internet, outlining what we should understand as a move towards an increasingly “bits-based” society. Within this part of the book already central issues come to the fore – the importance of the question of network neutrality for example, and the clear signposting of the trials of digitisation which challenge the way we can and may want to act. Parts II – VI then proceed into addressing the various legal challenges that are emerging within the traditional regulatory woodwork. Needless to say, all the current headline topics are included: privacy and data protection, e-commerce and online transactions (although quite surprisingly any reference to Bitcoin is missing), as well as intellectual property law in all its incarnations. The parts, and the chapters within these parts, are separable and can be read individually. This divisibility is important as it facilitates use by IT law courses, which may dip in and out of the book, each using the sections within it in a slightly different way.
As point for reflection, it can be noted that the core chapters frame the social aspect of technology differently depending on the topic considered. For example, the chapters contained in Part I “Governance in the Information Society”, relating to speech, networking, defamation and so forth, enable a much clearer demonstration of how behaviours when using technology are dealt with in regulation than say Chapters 10 or 12, on software or databases, where the focus is more upon how technology influences the limits of behaviour and forces new (rather than amended) regulation. This noted, the approach to each subject is as consistent as can be, and the detailed tracking of the regulatory and technological turbulence throughout each chapter reinforces the point that what we can take as a given today may not be so tomorrow. In particular, Chapters 6, 7, 18 and 19 (covering cyber-speech, social networking, electronic payments and data protection) worked well to reinforce the trial-and-error nature of the adjustments to be made, and that the impacts of technology may not have easy fixes if the same outcome as for traditional rules is desired.
The concluding part of the book is, perhaps unsurprisingly, less of a conclusion and more of a look to the future. Chapter 22 provides us with one of the most interesting perspectives in the book: the prediction that web 3.0 will signify a further step in the progression of the Internet. Murray provides that what started out as consumerism in the passive sense, which then moved towards user-generated content and democracy, will take a next step in the direction of “personalisation and user selectivity”. However, if the jump from web 1.0 to web 2.0 was incremental in nature, whereby the law took a more cautionary step to “law 1.5” (despite the technology leap being observable), what does web 3.0 mean for the law? In pondering this, Murray predicts that this next step for the web means the law must also take a step up to “law 2.0” to deal with machines which are less mechanical and more social by nature.
Throughout the book, the issues are well-defined and contextualised sufficiently so as to enable a broad audience. Although clearly a textbook in layout and style (with highlights, case studies, example text boxes, further reading lists and test questions at the end of each chapter), the content is presented in an open manner so as to warrant further discussion rather than setting in stone the remit of the law in this area. Of course, this is for a large part due to the uncertainty of future developments in the area, but is also in part due to the author’s first-person narrative; an easy tone which allows us to gauge his own perspective. For example, he is from a self-declared Apple household, and knows well the payoffs made between consumer choice, privacy and security when opting for a closed ecosystem. This candidness moves the text far from being an exam-primer style of book and complements the subject matter, although for the present reviewer the switch from first to third person is somewhat out of canter (if willing to reveal insights into his household purchasing habits why not reveal himself as the author of The Regulation of Cyberspace when discussing what “Murray believes”?).
As to readership, the book has a clear United Kingdom (UK) focus, being designed primarily with LLM or honours students in mind. However the author does not hesitate to discuss case law emanating from the European Union or United States, primarily where the subject at hand has yet to be discussed in the UK political or legal realm. Some may contend that decisions in other legal systems can provide little relevant insight into future developments in the UK. However, a cross-jurisdictional approach is warranted, not only because of the general trend towards Europeanisation (globalisation?), but in the forward thinking value of looking further afield for good (or bad) examples to support principles of regulation, rather than dealing with problems only as they arise in a singular jurisdiction.
As noted above, the declared difficulty in this area is that what was up to date at the time of printing risks being out of date rather quickly. Even since this print edition, the Court of Justice of the European Union has been notably active in many of the areas covered. When reading it is no stretch to imagine course designs already having to reference selected chapters with additional obligatory reading of rulings such as Svensson, Pinckney, Google Spain and Nintendo as post-scripts to the chapters. In this respect, use of the Oxford University Press Online Resource Centre could assist in keeping the content updated with online and audio add-ons, although none seem to have been added since publication. While this reviewer is in no doubt that print books are alive and kicking in the digital age, the sheer speed of turnover in IT (and IT law) does leave one to wonder whether e-textbooks with progressive author updates might, in the long run, be prudent for this subject area. Thankfully though, that’s another debate entirely.
Doctoral Candidate, Department of Law, European University Institute (Florence).