When Law Meets Technology: Interdisciplinary Privacy Aspects

The law intervenes to regulate social, economic and technological phenomena; faced with contrasting interests and values, it needs to decide which ones should prevail and which ones instead succumb. Privacy law has the delicate task of understanding if and upon what conditions and procedures personal data may be processed – and to what extent one can control its own data: right to be left alone versus right to know. The rapid evolution of technology has set new and substantial challenges to the legislator: passing from paper to bits has actually enormously amplified the potential consequences of data mishandling. Regulating a phenomenon requires first of all to understand it fully. Law and ICT have traditionally constituted two quite separate and impermeable areas, speaking different languages, addressing different issues and following different reasoning paths. Last but not least: ICT is global, while the law is national or at least regional. In the Information Society this separation between the two disciplines appears no longer rational. Privacy now strongly needs to be addressed from an interdisciplinary perspective, set between fast-moving ICT and trailing legal provisions: finding a common understanding and generating synergies between law and technology is of basic importance. What should the role of the law be? Preventing misbehaviour by threatening a sanction or acting as an enabler, by actively supporting the development and use of safer, privacy-compatible technologies? EU Member State legislation sometimes imposes very strict rules to protect privacy and foresees severe sanctions. However, control is necessarily limited and while several data controllers perceive the regulation as bulky and of limited effectiveness, especially with reference to certain problems, such as spamming, only a limited number of data mishandlings are punished. Should law always lag behind ICT or act preventively by setting a basic framework which may flexibly adapt to the future? A big issue in technology law concerns the trade-off between the need for certainty and stability of the law and the urge to keep the pace with an extremely rapid technological evolution. An overview over European and international data protection rules will be provided. The need for further action in both areas, laws and information technologies, will be presented.