Papers by Halefom H . Abraha
Industrial Law Journal
The potential harms of such practices are both deep and diffuse. 6 Yet many of these harms-from h... more The potential harms of such practices are both deep and diffuse. 6 Yet many of these harms-from health and safety violations to privacy invasions-are age-old issues in the labour context, and are consequently dealt with under various existing laws. 7 Meanwhile, the personal data processing operations which underpin most algorithmic management tools are largely dealt with under data protection law. 8 A comprehensive review of the legal implications of algorithmic management recently concluded that while there are 'significant gaps in the legal protection', there are also various 'current laws [which] are potentially effective' and 'important steps… should be taken to ensure that these laws are better known'. 9 That employers are struggling to understand and apply the law on algorithmic management is clear from the Department for Digital, Culture, Media & Sport (DCMS)'s recent call for views on reforming data protection law. 10 Two examples are particularly telling. The first relates to the obligation for data controllers to carry out a data protection impact assessment (DPIA) prior to processing which is 'likely to result in a high risk to the rights and freedoms of natural persons'. 11 Article 36 GDPR requires data controllers to 'consult the Commissioner prior to processing' where a DPIA indicates that processing would result in an unmitigable high risk to the rights and interests of the data subjects. Few controllers deem such consultation to be necessary: as of December 6 W. Christl, 'Digitale Überwachung und Kontrolle am Arbeitsplatz' https://crackedlabs. org/daten-arbeitsplatz/info accessed
International Data Privacy Law
The distinct challenges of data processing at work have led to long-standing calls for sectorspec... more The distinct challenges of data processing at work have led to long-standing calls for sectorspecific regulation. This leaves the European legislature with a dilemma. While the distinct features of employee data processing give rise to novel issues that cannot adequately be addressed by an omnibus data protection regime, a combination of legal, political, and constitutional factors have hindered efforts towards adopting harmonized employment-specific legislation at the EU level. The 'opening clause' in Article 88 General Data Protection Regulation (GDPR) aims to square this circle. It aims to ensure adequate and consistent protection of employees while also promoting regulatory diversity, respecting national peculiarities, and protecting Member State autonomy. This article examines whether the opening clause has delivered on its promises. It argues that while the compromise has delivered on some of its promises in promoting diverse and innovative regulatory approaches, it also runs counter to the fundamental objectives of the GDPR itself by creating further fragmentation, legal uncertainty, and inconsistent implementation, interpretation, and enforcement of data protection rules.
Social Science Research Network, 2020
European Union, Jan 28, 2021
On 10 September 2020, the European Commission presented a proposal (COM(2020) 568 final) on the t... more On 10 September 2020, the European Commission presented a proposal (COM(2020) 568 final) on the temporary derogation from Articles 5(1) and 6 of the e-Privacy Directive, which protect the confidentiality of communications and traffic data. This proposal is targeted at ensuring the continuation of voluntary practices conducted by providers of ‘number-independent interpersonal communications services’ for the detection, reporting and removal of child sexual abuse material online after the European Electronic Communications Code has entered into force at the end of December 2020. The European Parliament’s Committee on Civil Liberties, Justice and Home Affairs (LIBE) raised concerns over the proposal’s potential impact on the human and fundamental rights of the users of those services, and requested that the European Parliamentary Research Service (EPRS) carry out a targeted impact assessment to this end, in the absence of a European Commission impact assessment accompanying this proposal. The assessment finds that while the EU has the competence to adopt the proposed regulation per Article 5 of the Treaty on European Union, the impact of such practices on human and fundamental rights has not been adequately addressed. It should provide a clear legal basis for these practices, along with effective remedies for users. Some technologies covered by the proposed regulation have a disproportionate impact, and thus require additional safeguards unavailable in the proposal in its current form
Information & Communications Technology Law, 2017
ABSTRACT This article examines the current internet content regulatory regime in Ethiopia from th... more ABSTRACT This article examines the current internet content regulatory regime in Ethiopia from the perspectives of the extensively discussed and broadly accepted regulatory models namely statutory regulation, self-regulation, and co-regulation. It argues that although statutory regulation has been a potentially useful tool of regulation in Ethiopia, self-regulation and co-regulation models appear to be neither practised nor feasible in the Ethiopian context. A closer look at the regulatory patterns in the last decade – and emerging initiatives – suggest that a hybrid of five regulatory models namely statutory regulation, informal regulation, gatekeeping, self-censorship, and regulation through ‘Social Media Army’ are currently common in Ethiopia. This article then weighs sustainability and propriety of these approaches pursued by the Ethiopian government in regulating internet content.
Information & Communications Technology Law, 2020
Several initiatives are underway to address the jurisdictional and conflicts-of-law challenges tr... more Several initiatives are underway to address the jurisdictional and conflicts-of-law challenges triggered by the ubiquity of cloud data storage. By introducing a new approach for international cooperation through the Clarifying Lawful Overseas Use of Data Act (CLOUD Act), the United States of America (US) leads the cross-border data access reform agenda. The US approach deserves closer scrutiny, given its impact in shaping international standards that govern law enforcement access to cloud data, as well as its influence on other impending reform initiatives. While a number of blogs and reports have been written about the CLOUD Act, a comprehensive academic analysis appears to be lacking. This article addresses this gap by examining the extraterritorial reach of the US government's law enforcement powers, and conversely the powers of foreign governments to obtain data held by US-based service providers. Most importantly, this article scrutinises the adequacy of the substantive and procedural safeguards stipulated under the CLOUD Act.
Mizan Law Review, 2015
The current information age requires intellectual property laws to catch up with and proactively ... more The current information age requires intellectual property laws to catch up with and proactively regulate unfolding technological realities. The dynamic advances in the domain of the Internet have thus necessitated corresponding changes in Ethiopia's intellectual property legal regime including copyright laws in relation with computer programs, databases, online service provision and Digital Rights Management systems (DRMs). New issues are also steadily arising owing to the increasing commercialization of the Internet in relation with the quest for the presence of trade names in cyberspace and protection from similar or confusingly similar trade names. Likewise, the applicability of patent laws to the digital environment and the patentability of software-related inventions are contentious. This article briefly deals with these issues. Also addressed in this article are issues relating to Ethiopia's roles in the global Internet governance ecosystem, and the extent to which Ethiopian legal education is catching up with the unprecedented changes wrought by the advent of the Internet.
Mizan Law Review, 2015
Whilst Ethiopia has telephone services since 1894 − not long after its invention−, the history of... more Whilst Ethiopia has telephone services since 1894 − not long after its invention−, the history of the Internet in Ethiopia is less than two decades old. The prototype Internet with limited accessibility was introduced only in 1997, and broadband Internet was not widely deployed until recently. This slow pace in the proliferation of the Internet has delayed the legislative responses of the country to the brave new worlds of the Internet. Despite a few laws currently in operation namely the cybercrime and telecom fraud offence laws, most areas of the online environment needs the attention of the Ethiopian legislature. Nonetheless, there are few draft cyber laws that are in the pipeline. This article briefly reviews major legislative developments in telecoms, cybercrime, privacy, e-commerce and the new media. It sketches legislative responses of the Ethiopian legislature to the advent of the Internet by outlining major sources of Internet law and their defining features. The article further considers the salient features of the major draft pieces of cyber legislation that await enactment.
Int. J. Law Inf. Technol., 2021
With the ubiquity of cloud computing, criminal investigations today—including exclusively domesti... more With the ubiquity of cloud computing, criminal investigations today—including exclusively domestic ones—often require access to data across borders. However, the traditional system of cross-border legal cooperation—the Mutual Legal Assistance system—is ill-suited to this development. There is a growing consensus that this system is unsustainable and needs to be reformed or replaced with new alternatives. That is where the consensus ends, however. Despite the shared understanding of the problem and repeated calls for reform or replacement of the traditional system, there is little agreement on what these reforms or alternative approaches should look like. What one can witness instead is the proliferation of uncoordinated initiatives that could lead to further jurisdictional conflict and legal uncertainty. The purpose of the present contribution is to map and examine these various initiatives based on the approaches they follow in addressing the challenges in obtaining electronic evid...
European Parliament Think Tank, 2021
On 10 September 2020, the European Commission presented a proposal, which aims at ensuring the co... more On 10 September 2020, the European Commission presented a proposal, which aims at ensuring the continuation of voluntary practices conducted by providers of ‘number-independent interpersonal communications services’ for the detection, reporting and removal of child sexual abuse material online after the European Electronic Communications Code has entered into force at the end of December 2020. This EPRS targeted substitute impact assessment finds that while the EU has the competence to adopt the Proposed Regulation per Article 5 of the TEU, the impact of such practices on human and fundamental rights has not been adequately addressed. It should provide a clear legal basis for these practices, along with effective remedies for users. Some technologies covered by the Proposed Regulation have a disproportionate impact, and thus require additional safeguards unavailable in the proposal in its current form.
Addis Ababa University Press, 2020
As Internet use and digitalisation continue to grow in Africa, cross-border access to electronic ... more As Internet use and digitalisation continue to grow in Africa, cross-border access to electronic evidence (such as emails, files and text messages) plays an indispensable role in ensuring public safety, security and the rule of law in Africa. Given the fact that a vast majority of data about citizens/residents of Africa today is stored, managed and processed by US-based technology companies, it has become difficult-at times impossible-for African governments to effectively investigate and prosecute domestic crimes without the assistance of these foreign companies. Considering this reality, this article seeks to answer three interrelated questions: how do African law enforcement authorities access data of residents/citizens in Africa held by US companies for legitimate criminal investigations? How-and to what extent-can African countries benefit from the cross-border data access reform initiatives emerging in Europe and the US? How should African stakeholders approach the Internet's increasing cross-border legal challenges? This article argues that despite the intense debates and proliferation of reform initiatives elsewhere, the issue of cross-border data access is yet to draw the attention of African policymakers, academia and other stakeholders. It also demonstrates that neither the existing system used to obtain digital evidence held by US technology companies nor the emerging global initiatives to modernise this system will address African interests and concerns. This article then makes the case that it is high time for the African Union (AU), its Member States and other stakeholders to explore alternative approaches to cross-border data access and suggests some possible ways forward.
Information & Communications Technology Law, 2020
Several initiatives are underway to address the jurisdictional and conflicts-of-law challenges tr... more Several initiatives are underway to address the jurisdictional and conflicts-of-law challenges triggered by the ubiquity of cloud data storage. By introducing a new approach for international cooperation through the Clarifying Lawful Overseas Use of Data Act (CLOUD Act), the United States of America (US) leads the cross-border data access reform agenda. The US approach deserves closer scrutiny, given its impact in shaping international standards that govern law enforcement access to cloud data, as well as its influence on other impending reform initiatives. While a number of blogs and reports have been written about the CLOUD Act, a comprehensive academic analysis appears to be lacking. This article addresses this gap by examining the extraterritorial
reach of the US government’s law enforcement powers, and conversely the powers of foreign governments to obtain data held by US-based service providers. Most importantly, this article scrutinises the adequacy of the substantive and procedural safeguards stipulated under the CLOUD Act.
Cross-Border Data Forum, 2020
How do African law enforcement authorities access African data held by US companies for the purpo... more How do African law enforcement authorities access African data held by US companies for the purpose of legitimate criminal investigations? How―and to what extent― can African countries benefit from the cross-border data access reform initiatives emerging in Europe and the US? How should African stakeholders approach the internet’s increasing cross-border legal challenges?
International Data Privacy Law (IDPL)), 2019
The recently adopted Clarifying Lawful Overseas Use of Data (CLOUD) Act is a response to the chal... more The recently adopted Clarifying Lawful Overseas Use of Data (CLOUD) Act is a response to the challenges the USA and foreign law enforcement authorities have been facing in their efforts to access electronic evidence stored beyond their territorial jurisdictions. This article briefly analyses the Act against its stated policy objectives that it seeks to achieve. The analysis focuses on the adequacy of privacy protections provided under the Act, potential conflicts of law, the problems with bypassing mutual legal assistance systems, and the global implications of the Act.
This article examines the current internet content regulatory regime
in Ethiopia from the perspec... more This article examines the current internet content regulatory regime
in Ethiopia from the perspectives of the extensively discussed and
broadly accepted regulatory models namely statutory regulation,
self-regulation, and co-regulation. It argues that although statutory
regulation has been a potentially useful tool of regulation in
Ethiopia, self-regulation and co-regulation models appear to be
neither practised nor feasible in the Ethiopian context. A closer
look at the regulatory patterns in the last decade – and emerging
initiatives – suggest that a hybrid of five regulatory models
namely statutory regulation, informal regulation, gatekeeping, selfcensorship,
and regulation through ‘Social Media Army’ are
currently common in Ethiopia. This article then weighs
sustainability and propriety of these approaches pursued by the
Ethiopian government in regulating internet content.
The current information age requires intellectual property laws to catch up with and proactively ... more The current information age requires intellectual property laws to catch up with and proactively regulate unfolding technological realities. The dynamic advances in the domain of the Internet have thus necessitated corresponding changes in Ethiopia's intellectual property legal regime including copyright laws in relation with computer programs, databases, online service provision and Digital Rights Management systems (DRMs). New issues are also steadily arising owing to the increasing commercialization of the Internet in relation with the quest for the presence of trade names in cyberspace and protection from similar or confusingly similar trade names. Likewise, the applicability of patent laws to the digital environment and the patentability of software-related inventions are contentious. This article briefly deals with these issues. Also addressed in this article are issues relating to Ethiopia's roles in the global Internet governance ecosystem, and the extent to which Ethiopian legal education is catching up with the unprecedented changes wrought by the advent of the Internet.
Whilst Ethiopia has telephone services since 1894 − not long after its invention−, the history of... more Whilst Ethiopia has telephone services since 1894 − not long after its invention−, the history of the Internet in Ethiopia is less than two decades old. The prototype Internet with limited accessibility was introduced only in 1997, and broadband Internet was not widely deployed until recently. This slow pace in the proliferation of the Internet has delayed the legislative responses of the country to the brave new worlds of the Internet. Despite a few laws currently in operation namely the cybercrime and telecom fraud offence laws, most areas of the online environment needs the attention of the Ethiopian legislature. Nonetheless, there are few draft cyber laws that are in the pipeline. This article briefly reviews major legislative developments in telecoms, cybercrime, privacy, e-commerce and the new media. It sketches legislative responses of the Ethiopian legislature to the advent of the Internet by outlining major sources of Internet law and their defining features. The article further considers the salient features of the major draft pieces of cyber legislation that await enactment.
Like many other countries, Ethiopia has embraced ICTs and ICT-based services as key enablers for ... more Like many other countries, Ethiopia has embraced ICTs and ICT-based services as key enablers for social and economic development. Various additional efforts to significantly increase internet connectivity speeds and access are underway. Greater bandwidth will not only mean faster and better internet access, as it can also facilitate faster and better means of launching cyber-attacks and more opportunities for criminals to exploit naïve users. This article will attempt to explore the efforts and initiatives being made by the government in fighting cybercrime from three cyberspace governance perspectives: cyber security-related policies and strategies, legislative frameworks, and institutional arrangements. Additionally, recommendations will be provided on what plans and measures the government can implement in pursuit of a safer and secure Ethiopia.
Uploads
Papers by Halefom H . Abraha
reach of the US government’s law enforcement powers, and conversely the powers of foreign governments to obtain data held by US-based service providers. Most importantly, this article scrutinises the adequacy of the substantive and procedural safeguards stipulated under the CLOUD Act.
in Ethiopia from the perspectives of the extensively discussed and
broadly accepted regulatory models namely statutory regulation,
self-regulation, and co-regulation. It argues that although statutory
regulation has been a potentially useful tool of regulation in
Ethiopia, self-regulation and co-regulation models appear to be
neither practised nor feasible in the Ethiopian context. A closer
look at the regulatory patterns in the last decade – and emerging
initiatives – suggest that a hybrid of five regulatory models
namely statutory regulation, informal regulation, gatekeeping, selfcensorship,
and regulation through ‘Social Media Army’ are
currently common in Ethiopia. This article then weighs
sustainability and propriety of these approaches pursued by the
Ethiopian government in regulating internet content.
reach of the US government’s law enforcement powers, and conversely the powers of foreign governments to obtain data held by US-based service providers. Most importantly, this article scrutinises the adequacy of the substantive and procedural safeguards stipulated under the CLOUD Act.
in Ethiopia from the perspectives of the extensively discussed and
broadly accepted regulatory models namely statutory regulation,
self-regulation, and co-regulation. It argues that although statutory
regulation has been a potentially useful tool of regulation in
Ethiopia, self-regulation and co-regulation models appear to be
neither practised nor feasible in the Ethiopian context. A closer
look at the regulatory patterns in the last decade – and emerging
initiatives – suggest that a hybrid of five regulatory models
namely statutory regulation, informal regulation, gatekeeping, selfcensorship,
and regulation through ‘Social Media Army’ are
currently common in Ethiopia. This article then weighs
sustainability and propriety of these approaches pursued by the
Ethiopian government in regulating internet content.