Cyberlaw and Digital Rights

Legal Methods and Legal Systems

Submitted by:

Aryan Khatarkar

BA-LLB (B)

2024-2029

Submitted to:

Prof. Ranjeet Mathew Jacob

 Alliance School of Law

Alliance University, Bengaluru

Date of Submission:

19/11/2024
 TABLE OF CONTENTS

1. INTRODUCTION
2. RESEARCH QUESTIONS
3. SCOPE AND LIMITATIONS
4. METHODOLOGY
5. CASE LAWS
6. CHAPTER 1
7. CHAPTER 2
8. CONCLUSION
9. REFERENCE
 INTRODUCTION

1.1 Overview of Cyberlaw and Digital Rights

This covers laws regulating the Internet, cyberspace, and digital technologies. A bracketing from
data protection and privacy rights to cybersecurity, intellectual property, e-commerce, digital
contracts, cybercrime, and censorship of online content. With the rapid development of internet
technologies, they are clamoring for a new generation of laws that synthesize the diffusion of this
technology with considerations for the personal, private, and public interests that any nascent
technology brings with it.

Digital rights represent the rights of individuals within the digital realm and serve to safeguard
and advance personal freedoms and liberty in the digital world. Digital rights typically
encompass some or all of the following: privacy and confidentiality; the right to free speech and
expression on the internet; the right to access digital resources, including internet connection and
open data; the right to be forgotten or to have one's digital footprint erased.
Digital inclusion and digital equality mean fair access to and control over digital technologies.
The convergence between Cyberlaw and Digital Rights has taken on greater importance as
individuals and organizations operate in increasingly complex networked digital spaces where
information crosses borders and digital interactions influence their personal and business lives.

1.2 Importance of the Topic in the Digital Age

With a vast array of services provided mainly on the internet, this digital era has redefined
interactions in the universe, affecting our communication, work, and socialization. Changes of
this magnitude present serious challenges to law and ethics, thus putting cyberlaw and digital
rights on the forefront of the research agenda. Such observation leads to claims about the
contemporary importance of the subject.
Data Privacy and Security: To date, the rise in digital services provided by e-commerce and
social media has transformed personal data collecting on a larger scale, with data privacy and
cybersecurity concerns becoming superlative issues. The increased incidences of data breaches,
identity theft, and surveillance invoke the question of how much protection do existing legal
provisions afford individuals with regard to their private information.
Globalization of the Internet: Because the Internet is global, the legal arrangements must
transcend national boundaries. Laws regulating online conduct, digital content, and cybercrimes
often contradict, thus leading to issues of jurisdiction and difficulties in enforcing digital rights
between nations.

Freedom of Speech and Censorship: Now the internet provides more avenues for free speech, but
this comes with problems of online censorship, hate speech, and misinformation. The
fundamental concern in this area of digital rights is being able to balance the right to express an
opinion freely against combating some forms of harm (like cyberbullying and defamation).

Regulation of Emerging Technologies: The new technologies present . legal questions

concerning data ownership and regulation which require frameworks that protect individual
rights while facilitating innovation.

Digital Divide: The gap that exists between the population that has and does not have access to
technology affects the digital inclusion, an important precursor to equitable access to education,
work, and civic participation.
Changing Nature of Work: There is growing concern about workers' right, gig economy
regulation, and data protection for freelancers as jobs shift increasingly online.

RESEARCH QUESTIONS

What problems do contemporary cyber law and digital rights face in the light of the
advancing technology?
How have international treaties and national laws evolved to address emerging issues in
cybercrime, data privacy, and digital freedom?
 SCOPE AND LIMITATIONS

Global Cyberlaw Standards: In particular, it is specifically required that governments and other
agencies work together for the purpose of arriving at joint, transboundary, cyberlaw benchmark
standards for jurisdictional, enforcement, and digital rights problems. This will enable
corporations to fulfil legislative requirements in a variety of jurisdictions, and apply similar
sanctions across the globe.Ethical Guidelines for Emerging Technologies: There is a prerequest
to the development of stronger ethical guidelines and regulatory roads in the use of such
emerging technologies—e.g, AI, automation and Blockchain. These models must be built upon
the basis of responsibility, transparency and human rights respect.
Expansion of Digital Workers' Rights: As the gig economy continues to expand, there must be a
forward movement in the form of a comprehensive legal answer to the human rights of digital
workers. It is true, e.g., with respect to the law establishing systems of fair remuneration, job
security and privacy for digital platform workers.
Strengthening Data Privacy: Nevertheless, there remains a need to procure an increased number
of countries adopt legislation, such as GDPR, that offer robust data protection and privacy rights
to their populations. In particular, there is a need to impose more strict data privacy rules for
international data transfers and corporations.
Research on Cross-Border Cybercrime Enforcement: To explore the issues of the law-
enforcement agencies' collaborative investigations of cross-border cybercrime, further research is
required. International agreements should be tightened up regarding the treatment of issues that
stem from the borderless character of the internet and the lack of visibility in cyberspace hackers.
Addressing the Digital Divide: In terms of both digital literacy and low cost access to technology
in areas of deprivation and rurality, government and technology companies need to be
collaborating. Policy makers should not overlook the multidimensionality of digital inclusion
including social concepts such as race, income and education.
Focus on Human Rights in Cyberspace: If other research is going to be conducted, it must also
be concerned with human rights issues online, such as privacy, freedom of expression and digital
citizenship. There is also a demand to look into how digitally exploitative and abusive groups
should be protected.

Methodology

Case studies: This involves some in-depth case studies in relation to legal cases on issues like
landmark decisions in relation to online privacy.
Comparative Analysis: As a case in point, a study of the comparison of the different countries'
restrictions on cyberlaw and their digital rights protection by the size of the region. for example,
EU, USA, and some parts of Asia.
Surveys and Interviews: The main data source will be collected through self-administered
questionnaires and interviews with cyberlaw experts, technology professionals, as well as digital
rights activists. This will bring out their points of view on digital rights and the existing situation.
Legal Analysis: The historical examination of the validity and applicability of already existing
laws and regulations (a few examples include GDPR, CFAA, or the Digital Millennium
Copyright Act) that refer to the present-day issues of digital rights will be conducted.
Policy Recommendations: The research and the related practices will help the new
recommendations to improve legal frameworks and policies on cyberlaw and digital rights with a
focus on inclusivity, fairness, and human safety.

CASE LAWS

1. The Google Spain v. AEPD decided by the Court of Justice of the

European Union (CJEU) in 2014,
Background:
In particular, Mario Costeja González (Spanish nationality) asserted that Google must not allow
access to the link to the 1998 newspaper article describing his financial distress, which is on
Google search results when the name of this applicant is searched. He argued, for example, that
the article, while still true at the moment, was obsolete and damaging to his credibility. The
Spanish Data Protection Agency (AEPD) side with Gonzalez and requested Google to halt
hyperlinking.

Decision:
As the CJEU has defined, the user may legitimately request the erasure of the data in the search
result engine under specific conditions such as as “the information is obsolete, it is not relevant,
or it is no longer important. Nevertheless, the right to be forgotten was not unconditional and
must be reconciled with the public's right to information and freedom of expression.
That landmark decision set a framework for online privacy awareness in the digital era, under
which people are given and have some control over their online footprint, notably outdated or
irrelevant personal data. It also posed questions regarding the function of search engines, the
reach of digital rights, and the extent to which various jurisdictions accommodate privacy in
relation to public interest.

1. The 2018 Facebook-Cambridge Analytica data breach scandal is

perhaps one of the most public data breaches of the last several years
and illustrated the weaknesses in the collection, storage and
leveraging of personal data for commercial and political gain.

Background:
Cambridge Analytica, a political research company, extracted personal information from more
than 87 million Facebook users without their notice. Data was also obtained, by using a quiz app,
through a personality test. Nevertheless, the app also captured info from users' friends, thus
opening Cambridge Analytica to access vast amounts of private data. Data for which this method
was later shown to be used for targeting political advertising during the 2016 US Presidential
Election and the referendum on the UK's exit from the European Union (Brexit).

Impact and Legal Consequences:

That scandal set in motion discussion about data privacy, informed consent, and good use of
personal information. It generated regulatory investigations into multiple countries worldwide,
such as the U.S. Federal Trade Commission (FTC), the European Union (under the GDPR), and
the UK's Information Commissioner's Office (ICO). In 2019, Facebook was also penalized $5
billion by the FTC for infringement of privacy laws and inadequate security of user data. The
scandal also prompted increased calls for tighter restrictions on social media companies as well
as data brokers.
This case highlights the strong privacy threat that is often embedded in data collection processes
and the necessity for strong laws to secure people's personal data from misuse.

CHAPTER -1

What problems do contemporary cyber law and digital rights face in the light of the
advancing technology?

Today's cyber law and digital rights are burdened with a number of challenges that stem from
technological development. Some of the key problems include:

1. Rapid Technological Advancement

Problem: However, the pace of regulation of emerging technologies is progressing at a teensy bit
faster rate than the rate of development of the technology itself, with this issue discussed in
conjunction with the examples of artificial intelligence (AI), blockchain, and the Internet of
Things (IoT). Cyber laws often lag significantly behind technological developments resulting in
legal gaps.
Impact: This may lead to the creation of legal frameworks not well-suited to deal with problems
related, for instance, to that of data-ownership, to the ethical application of AI, to the law of
decentralized systems such as blockchain, etc.

2. Data Privacy and Security

Problem: With the increase in the amount of personal data being collected by companies,
governments, and tech companies, there is anxiety about privacy violations, leaks of data, and
surveillance. Liability is not uniform around the world even with regulations such as the GDPR
in Europe.
Impact: Privacy can be violated and current law is not strong enough to stop continuing sales,
theft, and unauthorized surveillance even at the international level.

3. Global Jurisdictional Issues

Problem: The internet is frontier of strategic openness, whereas national and regional legal norms
are limiting the extent of this frontier. Lawmaking of conducts in cyberspace, digital content and
cybercrimes are often at odds with each other, thus making transboundary enforcement difficult.
Impact: Interstate jurisdictional litigation arises in cases of offences covered by more than one
state and international cooperation may be hindered by differences in legislation and approach to
regulation.
4. Intellectual Property and Content Ownership
Problem: Given that user-generated content, social media platforms, and digital platforms have
created conditions for the exercise of intellectual property rights (IPR), the enforcement of IP has
become intricate.
Impact: Discussions of copyright infringement, fair use, and the balancing of perspectives of
creators and platform owners, are, for the most part, fuzzy. There exists a platform problem on
services such as YouTube and Facebook, namely, how to maintain free speech while assuring IP
right protection.

5. Freedom of Expression vs. Censorship

Problem: Not only it provides on the internet a capacity for free expression, but also the ability to
disseminate such harmful information as hate speech, disinformation, and cyberbullying. At
present governments and corporations are seeking to learn which techniques best enable
regulation of inappropriate content without restriction of free speech.
Impact: LA Lex/regulation which tries to keep users away from harmful content (e.g.,
defamation, cyberbullying) can be seen as overreach and censorship once again but that raises
the freedom of expression and liability questions of the tech companies on what they should do
with the contents.

6. Ethical Use of Emerging Technologies

Problem: Examples of ethical issues raised by technologies such as AI and automation include
algorithmic bias, responsibility in decision making and effects on employment and social
inequality.
Impact: Without any ethical regulations and without any law, the applications of these
technologies have the potential to increase the danger of discrimination becoming more
widespread, social inequality and even violation of the human rights.

7. Digital Divide and Inclusion

Problem: This information divide along the superhighway of the information age between
persons in possession of modern information technologies and persons lacking them grows to
become a significant issue further exacerbated by social and economic factors that include
income level, location, and school education.
Impact: The dynamic evolution of cybercrime poses different challenges to law enforcement
since criminals abuse technology weaknesses and legal systems are not always able to respond to
speed and complexity of the cybercrime.

8. Workers' Rights in the Digital Economy

Problem: As the gig economy and digital labor platforms have ushered in new realities, legal
ambiguities have arisen in the areas of worker rights, worker protections, and data security.
Many workers in these sectors lack traditional labor protections.
Impact: Challenges associated with fair payment, data privacy, and classification of workers as
independent contractors (as opposed to employees) continue to be prominent legal issues in the
digital economy.

9. Lack of International Consensus

Problem: However, as digital rights remain somewhat ambiguous on some of them, such as
privacy rules, freedom of expression and data protection, the regulatory landscape is patchwork
and inconsistent.
Impact: Digital rights approaches vary significantly across countries and regions so global
compliance and enforcement for international companies and consumers can become
complicated.

CHAPTER 2

How have international treaties and national laws evolved to address emerging issues in
cybercrime, data privacy, and digital freedom?

The development of international treaties and national legislation in response to new challenges
in cybercrime, data protection and digital freedom has been influenced by rapid technological
developments, globalisation and a need for more security, human rights, and the digital
economy. A brief summary of the development of the legislation in those industries, etc.

1. Cybercrime

International Treaties: International Treaties:

Council of Europe's Budapest Convention (2001): This was the first international agreement to
address cybercrime and provide a framework for transboundary legal cooperation. It covers
computer, network, and computer‐based crimes such as hacking and fraud, child abuse, cyber‐
terrorism and so forth. Despite, despite, such countries as that, Russia, and China have declined
to join the wave for political and sovereign reasons.

UN Cybercrime Initiative: The United Nations has tried to deal with the problem of cybercrime
by, for example, the UN GGE (Group of Governmental Experts) on Cybersecurity and a draft
UN Cybercrime Treaty (currently under discussion) that will seek to establish a global legal
framework addressing cybersecurity and cybercrime cooperation.

National Laws: National Laws:

United States: The Computer Fraud and Abuse Act (CFAA), amended in 1986 and again several
times, makes it illegal to access computer systems and data without the authorization. The
Identity Theft Enforcement and Restitution Act (2008) enhanced sentencing of cybercrime.

European Union: Article 2 of the Directive on attacks against information systems (2013) also
stipulates that EU Member States shall impose a criminal sanction for cyber crimes. 2020 saw
the enactment of the EU Cybersecurity Act, which established the European Union Agency for
Cybersecurity (ENISA) with a mandate to strengthen cybersecurity within the EU.

China: Cybersecurity Law 2017 subjects the internet governance to critical controls and data
security obligations, including the requirement of data localization, mandatory cybersecurity
reviews and the control of online content.
Challenges: Cross-border enforcement remains a significant issue in cybercrime law.
Jurisdictional issues, inconsitent national laws and internet anonymity give the legal process a
hard time in doing justice to cybercriminals. There remains an urgent need for increased
international cooperation and legal standardization.

2. Data Privacy

International Treaties: International Treaties:

OECD Privacy Guidelines (1980): These guidelines provided an early framework for data
protection and privacy across countries, focusing on principles such as notice, consent, and the
right to access and correct personal data.

EU-US Privacy Shield (2016): This agreement is being drafted as an illustration, so as to allow
transatlantic transfer of personal data, but with due consideration for privacy and security. It was
a substitute to the Safe Harbor Agreement which, in 2015, was also declared null and void by the
EU Court of Justice.

General Data Protection Regulation (GDPR): Although it is no longer a treaty, the General Data
Protection Regulation, (GDPR) enacted 2018 by the European Union has become the de facto
global standard for data protection. It imposes some of the most severe controls on data
collection and processing, storage, and transfer and provides the greatest number of rights to
citizens on their personal data. The Data Privacy and Security Convention also provides stringent
civil and criminal penalties for violations and as a result countries around the world have been
updating their data protection statutes.

National Laws: National Laws:

United States: USA is also characterized by a sectoral focus in legislation concerning data
privacy (e.g. HIPAA (Health Insurance Portability and Accountability Act) and COPPA
(Children's Online Privacy Protection Act). Nevertheless, there is no general federal regulation of
personal information (although it is starting to appear in some state regulation) such as the
California Consumer Privacy Act (CCPA).

Brazil: The Lei Geral de Proteção de Dados (LGPD), modelled on the GDPR, came into effect in
2018, granting Brazilian citizens, among others, broad data protection rights, including the right
to know, to delete and to update personal data.

India: Personal data protection bill (PDPB), also based on GDPR, is still under discussion. That
bill intends to make Indian citizens more capable of controlling their own information (e.g., the
right to consent, and data portability).

Challenges: Data privacy laws vary significantly from jurisdiction to jurisdiction, thus complying
poses a particular challenge for multinational enterprises. In particular, emerging from the
infancy of AI and big data analytics, are new boundaries on consent and transparency in data
application.
3. Digital Freedom

International Treaties: International Treaties:

Although not immediately at stake in the digital space, freedom of expression as guaranteed by
Article 19 of the UDHR is arguably the most controversial topic within the debate on digital
freedom.

UN Internet Governance Initiatives: The United Nations Human Rights Council (UNCHR) has
adopted resolutions (Resolution 20/8 on freedom of expression and the right to privacy in
cyberspace, but for instance) as illustrations of the position that freedom of expression and the
right to privacy are of paramount importance in the digital age.

Freedom Online Coalition: A consortium of countries banded together to retain and promote
human rights on the internet and online, in particular, freedom of speech and Internet access.

National Laws: National Laws:

United States: Freedom of Speech is one of the rights protected by the First Amendment to the
Constitution, and thus in the digital world. However, challenges associated with content
regulation, personal online abuse and misinformation have led to legal and ethical questions
regarding respecting freedom and deterring harm to an individual.

European Union: These Fundamental Rights of European Union citizens are determined to be for
digital freedoms, e.g. However, to protect these rights, there has been a movement to combat
circumvention, which has resulted in the protection of the right to information, right of
expression, or right to privacy. European regulations, established in 2020, relevant to digital
services act (dsa) and digital markets act (dma) concern the regulation of powerful online,
content moderation, competition, and transparency of platform companies.

China: Due to Cybersecurity Law and policies of Great Firewall, online information has been
significantly restricted, including politicization, that is, censoring foreign press and social media,
which is totally opposed to the Western notion of digital freedom.

Challenges: The tension between digital freedom and its management in the online environment
is complex. Control over negative content (hate speech, disinformation) is a dilemma
governments have to contend with, as on the one hand this represents a freedom of expression to
lose. Internet access is typically heavily restricted in authoritarian states, in terms of illegal
digital freedom.

Key Challenges in the Evolution of Laws:

Speed of Technological Change: Because of the lags in legislative action in response to

advances, like AI and cryptocurrencies, there exist regulatory gaps.
Global Fragmentation: Variation of laws/domestic legislation across countries more specifically
with respect to data privacy and the internet governance, complicating factor and issue for the
multinational enterprises.

Balancing Rights: In many cases, states have to balance between data privacy, cybercrime and
free speech and the consequences are relevant for human rights issues.

Historical Context and Evolution of Cyberlaw

With the rapid advancement of digital technologies driven mainly by the internet, cyberlaw has
seen a metamorphosis: cyberspace's growth, the expansion of global digital communication, and
the digitization of commerce and daily life have brought new alloys of nuance in legal
frameworks and challenges.
This is the Pre-Internet Era: Although laws governing communication, commerce, and
intellectual property were by then widely accepted, many basic laws were deemed deficient in
dealing with new challenges posed by the internet-e.g., anonymity, cross-border transactions.
Early Legal Responses to Cyberspace:
In the 1990s, cybercrime laws began to arise that were directed at hacking and fraud occurring in
cyberspace.
Breaches of intellectual property such as digital piracy and copyright infringement encouraged
the introduction of legal regimes such as the Digital Millennium Copyright Act (DMCA).
By 1998, the EU Directive and similar provisions in the United States and other countries started
to take effect.
The Rise of Data Privacy and Security Laws:
The General Data Protection Regulation (GDPR) in the European Union will be the landmark
legislation addressing digital rights and data privacy when it became effective in 2018.
The U.S. has yet to create such expansive legislation against harassment or discrimination in the
digital space. Thus far, only a few states have enacted rules reflecting clear and coherent
approaches.

CONCLUSION

Cyberspace regulations and protection of digital rights have become imperative in dealing with
legal issues that arise from the advancement of technology and digitalization of society. In this
context, it can be noted that there are complex issues such as data protection, international
conflicts on jurisdictional enforcement, IP protection related issues, and the moral
responsibilities of technology that require dynamic regulatory mechanisms to assure the rights of
the people while encouraging creativity. Moreover the issues of the digital divide, the gig
economy and cynicism towards censorship conflict which must be addressed as a matter of
policy for international engagement only serve to heighten the complexity of the regulatory
framework.
 REFERENCE

Legal Texts and Statutes

General Data Protection Regulation (GDPR) (EU, 2018)
Digital Millennium Copyright Act (DMCA) (USA, 1998)
Computer Fraud and Abuse Act (CFAA) (USA, 1986)
EU Cybersecurity Act (2020)
China’s Cybersecurity Law (2017)
California Consumer Privacy Act (CCPA) (USA, 2018)
Lei Geral de Proteção de Dados (LGPD) (Brazil, 2018)
Personal Data Protection Bill (PDPB) (India, under discussion)

Scholarly Articles and Books

Anderson, R. (2020). Security Engineering: A Guide to Building Dependable Distributed
Systems (3rd ed.). Wiley.
Bennett, C. J. (2018). The Privacy Advocates: Resisting the Spread of Surveillance (2nd ed.).
MIT Press.
www.freedomonlinecoalition.com

Online Resources and Case Law

Google Spain v. AEPD (2014)
Facebook-Cambridge Analytica Case (FTC, 2019)
www.freedomonlinecoalition.com