An adaptive cyber risk management guide from MIT scientist and Johns Hopkins professor Gregory Falco and "Cyber Czar" Eric Rosenbach Cyberattacks continue to grow in number, intensity, and sophistication. While attackers persistently adapt, business leaders have suffered from employing the same cyber risk management strategies for decades. Organizations must learn how to move past temporary solutions and invest in long-term resiliency measures to thrive in the future cyber economy. Confronting Cyber Risk: An Embedded Endurance Strategy for Cybersecurity is a practical leadership guidebook outlining a new strategy for improving organizational cybersecurity and mitigating cyber risk. Veteran cybersecurity experts Falco and Rosenbach introduce the Embedded Endurance strategy as a systems-level approach to cyber risk management which addresses interdependent components of organizational risk and prepares organizations for the inevitability of cyber threats over the long-term. Using real world examples from SolarWinds to the Colonial Pipeline attack, the authors extend beyond hardware and software to provide a thoughtful ten-step process for organizations to address the simultaneous operational, reputational, and litigation risks common to cyberattacks. They conclude with helpful "cryptograms" from the future, in which business leaders are confronted with the next generation of cyber risk challenges. Clear and informative, Confronting Cyber Risk provides CEOs and cyber newcomers alike with concrete guidance on how to implement a cutting-edge strategy to mitigate an organization's overall risk to malicious cyberattacks in an evolving cyber risk landscape.

Artificial Intelligence (AI) has become omnipresent in today's business environment: from chatbots to healthcare services to various ways of creating useful information. While AI has been increasingly used to optimize various creative and innovative processes, the integration of AI into products, services, and other operational procedures raises significant concerns across virtually all areas of intellectual property (IP) law. While AI has drawn extensive attention from IP experts globally, this is the first book providing a broad and comprehensive picture from the perspectives of the very nature of AI technology, its commercial implications, its interaction with different kinds of IP, IP administration, software and data, its social and economic impact on the innovation policy, and ultimately AI's eligibility as a legal entity.

Biobanks are critical infrastructure for medical research but they are also the subject of considerable ethical and legal uncertainty. Given that biobanks process large quantities of genomic data, questions have emerged as to how genetic privacy should be protected. What types of genetic privacy rights and rights holders should be protected and to what extent? Since 25th May 2018 the General Data Protection Regulation (GDPR) has applied and now occupies a key position in the European legal framework for the regulation of biobanking. This book takes an in-depth look at the function, problems, and opportunities presented by European data protection law under the GDPR as a framework for the protection of genetic privacy in biobanking in Europe. Hallinan argues that the substantive framework presented by the GDPR already offers an admirable base-line level of protection for the range of genetic privacy rights engaged by biobanking. The book further argues that, whilst numerous problems with this standard of protection are indeed identifiable, the GDPR offers the flexibility to accommodate solutions to these problems, as well as the procedural mechanisms to realise these solutions.

Two of the most important developments of this new century are the emergence of cloud computing and big data. However, the uncertainties surrounding the failure of cloud service providers to clearly assert ownership rights over data and databases during cloud computing transactions and big data services have been perceived as imposing legal risks and transaction costs. This lack of clear ownership rights is also seen as slowing down the capacity of the Internet market to thrive. Click-through agreements drafted on a take-it-or-leave-it basis govern the current state of the art, and they do not allow much room for negotiation. The novel contribution of this book proffers a new contractual model advocating the extension of the negotiation capabilities of cloud customers, thus enabling an automated and machine-readable framework, orchestrated by a cloud broker. Cloud computing and big data are constantly evolving and transforming into new paradigms where cloud brokers are predicted to play a vital role as innovation intermediaries adding extra value to the entire life cycle. This evolution will alleviate the legal uncertainties in society by means of embedding legal requirements in the user interface and related computer systems or its code. This book situates the theories of law and economics and behavioral law and economics in the context of cloud computing and takes database rights and ownership rights of data as prime examples to represent the problem of collecting, outsourcing, and sharing data and databases on a global scale. It does this by highlighting the legal constraints concerning ownership rights of data and databases and proposes finding a solution outside the boundaries and limitations of the law. By allowing cloud brokers to establish themselves in the market as entities coordinating and actively engaging in the negotiation of service-level agreements (SLAs), individual customers as well as small and medium-sized enterprises could efficiently and effortlessly choose a cloud provider that best suits their needs. This approach, which the author calls "plan-like architectures," endeavors to create a more trustworthy cloud computing environment and to yield radical new results for the development of the cloud computing and big data markets.

This book presents a collection of state-of-the-art approaches to utilizing machine learning, formal knowledge bases and rule sets, and semantic reasoning to detect attacks on communication networks, including IoT infrastructures, to automate malicious code detection, to efficiently predict cyberattacks in enterprises, to identify malicious URLs and DGA-generated domain names, and to improve the security of mHealth wearables. This book details how analyzing the likelihood of vulnerability exploitation using machine learning classifiers can offer an alternative to traditional penetration testing solutions. In addition, the book describes a range of techniques that support data aggregation and data fusion to automate data-driven analytics in cyberthreat intelligence, allowing complex and previously unknown cyberthreats to be identified and classified, and countermeasures to be incorporated in novel incident response and intrusion detection mechanisms.

Greift die Bundesnetzagentur regulierend in das Marktgeschehen nach dem TKG ein, betrifft dies regelmassig nicht nur den Regulierungsadressaten, sondern auch andere zugangsberechtigte Netzbetreiber und Diensteanbieter. Dementsprechend ist der Drittschutz im Rahmen der Marktregulierung ein Feld, das seit einigen Jahren vermehrt Gegenstand gerichtlicher AEusserungen gewesen ist. Zusatzlich aufgeladen wird diese Thematik durch die richtlinienrechtliche Vorsteuerung. Im Fokus dieser Untersuchung steht die Ermittlung des drittschutzenden Gehalts der Marktregulierungsnormen sowie eine systematisierende Einteilung der drittschutzenden Regelungen. Behandelt werden neben uberkommenen Kriterien zur Bestimmung drittschutzender Normen auch Ansatze zur Bewaltigung multipolarer Konfliktlagen und Richtlinienvorgaben.

This book provides a comparison and practical guide for academics, students, and the business community of the current data protection laws in selected Asia Pacific countries (Australia, India, Indonesia, Japan Malaysia, Singapore, Thailand) and the European Union. The book shows how over the past three decades the range of economic, political, and social activities that have moved to the internet has increased significantly. This technological transformation has resulted in the collection of personal data, its use and storage across international boundaries at a rate that governments have been unable to keep pace. The book highlights challenges and potential solutions related to data protection issues arising from cross-border problems in which personal data is being considered as intellectual property, within transnational contracts and in anti-trust law. The book also discusses the emerging challenges in protecting personal data and promoting cyber security. The book provides a deeper understanding of the legal risks and frameworks associated with data protection law for local, regional and global academics, students, businesses, industries, legal profession and individuals.

The book provides a detailed overview and analysis of important EU Internet regulatory challenges currently found in various key fields of law directly linked to the Internet such as information technology, consumer protection, personal data, e-commerce and copyright law. In addition, it aims to shed light on the content and importance of various pending legislative proposals in these fields, and of the Court of Justice of the European Union's recent case law in connection with solving the different problems encountered. The book focuses on challenging legal questions that have not been sufficiently analyzed, while also presenting original thinking in connection with the regulation of emerging legal questions. As such, it offers an excellent reference tool for researchers, policymakers, judges, practitioners and law students with a special interest in EU Internet law and regulation.

This book builds an empirical basis towards creating broader prevention and intervention programs in curbing digital piracy. It addresses the psychosocial, cultural and criminological factors associated with digital piracy to construct more efficient problem-solving mechanisms. Digital piracy including online piracy involves illegal copying of copyrighted materials. This practice costs the software industry, entertainment industry, and governments billions of dollars every year. Reports of the World Intellectual Property Organization (WIPO) and Business Software Alliance (BSA) view piracy largely in the light of economic factors; the assumption being that only those who cannot afford legitimate copies of software, music, and movies indulge in it. Drawing on research and theories from various disciplines like psychology, sociology, criminology, and law, the authors have designed an empirical study to understand the contribution of psychological, cultural and criminological factors to digital piracy. The chapters include data from India and China, which continue to be on the Special 301 report priority watch list of the WIPO, and Serbia, which has been on the watch list 4 times. They examine the role of self-control, self-efficacy, perceived punishment severity, awareness about digital piracy, peer influence, neutralization techniques, novelty seeking, pro-industry factors and other socio-demographic factors in predicting digital piracy. This book addresses a large readership, comprising academics and researchers in psychology, criminology and criminal justice, law and intellectual property rights, social sciences, and IT, as well as policymakers, to better understand and deal with the phenomenon of digital piracy.

In its first and second editions, Tomorrow's Lawyers became an international bestseller, widely read and cited by practitioners and students. The third edition focuses on the law and lawyers in the 2020s. For Richard Susskind, the future of legal service is neither Grisham nor Rumpole. Instead, he predicts a world of online courts, AI-based global legal businesses, disruptive legal technologies, liberalized markets, commoditization, alternative sourcing, simulated practice on the metaverse, and many new legal jobs. This volume is a definitive and updated introduction to this future - for aspiring lawyers, and for all who want to modernize and upgrade our legal and justice systems. It offers practical guidance for everyone intending to build careers and businesses in law. Written in an era of greater technological advance than humanity has ever witnessed, this work is a call to arms: it challenges those who feel that the law and lawyers are somehow immune from technological advance; it draws attention to the unaffordability and inaccessibility of legal service, for businesses and citizens alike; it invites the next generation of lawyers to harness the power of technology in improving and even overhauling the way in which legal and court service is currently provided. Tomorrow's Lawyers identifies new opportunities for lawyers, new ways of helping clients and the community. It enjoins its readers to become involved in building the systems that will replace outmoded forms of legal work. It argues that it is both a privilege and an obligation for tomorrow's lawyers to embrace and bring about change. A must-read for legal undergraduates, aspiring and young lawyers, senior practitioners, leaders in law firms and legal businesses, law professors and law teachers.

Die Auswirkungen der Digitalisierung auf das strafprozessuale Beweisrecht sind im digitalen Zeitalter von besonderer Bedeutung. Die Autorin analysiert die Probleme, die mit der zunehmenden Einfuhrung digitaler Beweismittel einhergehen und arbeitet diese unter Vergleich der bestehenden Regelungen auf. Informationstechnisch liegt der Fokus auf der Bewertung der Beweis- und Manipulationssicherheit, sowie der Darstellung der zunehmenden Rolle der IT-Forensik. Letztlich kommt sie zu dem Ergebnis, dass die spezifischen Beweisprobleme nur unter Berucksichtigung der Doppelnatur digitaler Beweise aufzuklaren sind.

This is a unique interdisciplinary exploration of the contemporary phenomenon of online medicine purchasing. In this research, Sugiura provides a criminological understanding of the sale of online medicines as well as the traditional illegal markets. Crucially, the practice is investigated from the perspective of web users, moving beyond the headlines and warning campaigns to contextualise the provision of medicines online, to describe this practice and subjective accounts of purchasing medicines from the Web. Drawing together established deviance theories, Respectable Deviance and Purchasing Medicine Online considers the construction of online medicine purchasing, the justifications presented to challenge how it is labelled, and how the behaviour is managed to show how the framing of risks and deviance is challenged online. Offering a much-needed a critical overview of the UK healthcare regulatory system, Sugiura also analyses literature, data and policy documents originating from different countries highlighting that the geographical locations of participants in web forums, online surveys and non-face-to-face interviews cannot always be verified. With broad implications for regulation and safety surrounding medicines online, this innovative and timely study contributes to current online healthcare debates and broadens our understanding of cybercrime. It will be of particular interest to scholars of cybercrime and those interested in the changing nature of deviance.

Welche rechtlichen Grenzen sollen bei der Mitwirkung von Kindern und Jugendlichen in den Medien gelten? Diese Frage ist nicht nur Gegenstand einer gesamtgesellschaftlichen Diskussion, sondern bewegt spatestens seit den "Caroline"-Urteilen auch die juristische Welt. Die Autorin erlautert nicht nur die rechtlichen Grundlagen fur minderjahrige Akteure in Medien und sozialen Netzwerken, sondern zeigt auch die vorhandenen Schutzlucken auf. Anhand konkreter Massnahmen empfiehlt Sie, die aktuelle Rechtslage zu reformieren, um dem verfassungsrechtlich garantierten Schutz Minderjahriger, aber auch der Meinungs- und Pressefreiheit, gerecht zu werden.

This book describes how non-profit organisations (NPOs) communicate what they constitute, signal success and display sustainability in order to convince stakeholders to provide essential resources. Reports on intellectual capital offer a worthwhile approach. Based on empirical research, the book highlights the essential resources for NPOs and on the demand imposed on organisations, as well as the dependencies of those resources and demands. This insight helps NPOs to provide necessary information while keeping the disclosure to a minimum and thus not giving away possible competitive advantages. Further, the status-quo of IC disclosure in Germany is presented and a theoretical framework for the motivation for NPOs to disclose information on their IC is presented. Researchers will find these findings a solid foundation for further research. Finally, a framework for the disclosure of intellectual capital is provided to support practitioners.

Surveillance of citizens is a clear manifestation of government power. The act of surveillance is generally deemed acceptable in a democratic society where it is necessary to protect the interests of the nation and where the power is exercised non-arbitrarily and in accordance with the law. Surveillance and the Law analyses the core features of surveillance that create stark challenges for transparency and accountability by examining the relationship between language, power, and surveillance. It identifies a number of features of surveillance law, surveillance language, and the distribution of power that perpetuate the existing surveillance paradigm. Using case studies from the US, the UK, and Ireland, it assesses the techniques used to maintain the status quo of continued surveillance expansion. These jurisdictions are selected for their similarities, but also for their key constitutional distinctions, which influence how power is distributed and restrained in the different systems. Though the book maintains that the classic principles of transparency and accountability remain the best means available to limit the arbitrary exercise of government power, it evaluates how these principles could be better realised in order to restore power to the people and to maintain an appropriate balance between government intrusion and the right to privacy. By identifying the common tactics used in the expansion of surveillance around the globe, this book will appeal to students and scholars interested in privacy law, human rights, information technology law, and surveillance studies.

Now in its second edition, this work contains a collection of sample agreements, presenting annotated contracts from the digital media sector in typical formats used by the industry. It includes agreements for wireless apps, digital downloads, user generated content, social networks, and cloud content. The work goes beyond traditional precedents by giving practical, business-minded commentary and background information to assist both readers intending to draft their own documents and those looking for hands-on guidance when reviewing standard form documents received from other parties. Its commercially-grounded approach will be of value to business affairs teams, entrepreneurs and start-ups in the digital media space as well as legal professionals working in private practice or in-house. Its primary jurisdictional focus is the UK but its scope is international with extensive comparative law comments and practical cross-border guidance for our connected online world. This sector-specialist guide is now supported by an accompanying website with agreements available to download and edit, as well as additional supporting material in the text itself .

What does computable law mean for the autonomy, authority, and legitimacy of the legal system? Are we witnessing a shift from Rule of Law to a new Rule of Technology? Should we even build these things in the first place? This unique volume collects original papers by a group of leading international scholars to address some of the fascinating questions raised by the encroachment of Artificial Intelligence (AI) into more aspects of legal process, administration, and culture. Weighing near-term benefits against the longer-term, and potentially path-dependent, implications of replacing human legal authority with computational systems, this volume pushes back against the more uncritical accounts of AI in law and the eagerness of scholars, governments, and LegalTech developers, to overlook the more fundamental - and perhaps 'bigger picture' - ramifications of computable law. With contributions by Simon Deakin, Christopher Markou, Mireille Hildebrandt, Roger Brownsword, Sylvie Delacroix, Lyria Bennet Moses, Ryan Abbott, Jennifer Cobbe, Lily Hands, John Morison, Alex Sarch, and Dilan Thampapillai, as well as a foreword from Frank Pasquale.

This brand new title brings together the different streams of the transfer landscape and outlines the separate legal rules all in one accessible place. Data transfers (under data protection legal rules) are one of the most discussed areas of data protection, and are currently undergoing mass change. Following on from Brexit, professionals now have more than one set of transfer rules to comply with, including: - New Adequacy Decision - New Standard Contracts - Forthcoming UK Contracts - Consultation on future laws

'Cyber Crime: Law and Practice', now in its second edition, tackles the fast-growing topic of cyber crime and covers a wide range of issues from electronic fraud, data, interception of communications, cyber stalking, online theft and intellectual property to more involved topics like malicious communications and the rules of evidence relating to cyber-crimes and computers. The second edition contains updated information on: New Offences under the Computer Misuse Act 1990, Investigatory Powers Act 2016, Data Protection Act 2018 and GDPR, and new CPS guidance on prosecution of offences relating to social media. Using detailed case studies, examples and statutory extracts the author explains all aspects of cyber crime and computer crime. 'Cyber Crime: Law and Practice' provides a practical, easy-to-follow guide for practitioners in the field, as well as those in law enforcement and academia.

Much debate has been given as to whether computer security is improved through the full disclosure of security vulnerabilities versus keeping the problems private and unspoken. Although there is still tension between those who feel strongly about the subject, a middle ground of responsible disclosure seems to have emerged. Unfortunately, just as we've moved into an era with more responsible disclosure, it would seem that a market has emerged for security vulnerabilities and zero day exploits. Disclosure of Security Vulnerabilities: Legal and Ethical Issues considers both the ethical and legal issues involved with the disclosure of vulnerabilities and explores the ways in which law might respond to these challenges.

This book critiques the contemporary recourse to transparency in law and policy. This is, ostensibly, the information age. At the heart of the societal shift toward digitalisation is the call for transparency and the liberalisation of information and data. Yet, with the recent rise of concerns such as 'fake news', post-truth and misinformation, where the policy responses to all these phenomena has been a petition for even greater transparency, it becomes imperative to critically reflect on what this dominant idea means, whom it serves, and what the effects are of its power. In response, this book provides the first sustained critique of the concept of transparency in law and policy. It offers a concise overview of transparency in law and policy around the world, and critiques how this concept works discursively to delimit other forms of governance, other ways of knowing and other realities. It draws on the work of Michel Foucault on discourse, archaeology and genealogy, together with later Foucaultian scholars, including Gayatri Chakravorty Spivak and Judith Butler, as a theoretical framework for challenging and thinking anew the history and understanding of what has become one of the most popular buzzwords of 21st century law and governance. At the intersection of law and governance, this book will be of considerable interest to those working in these fields; but also to those engaged in other interdisciplinary areas, including society and technology, the digital humanities, technology laws and policy, global law and policy, as well as the surveillance society.

Providing a scholarly analysis of how to govern and make the right kinds of laws for cyberspace, in this work, Professor Reed investigates the vast majority of cyberspace users who wish to act lawfully and asks whether the current state of law in cyberspace makes it possible for them to do so. If not, why not, and what is the cure?
In this book, Professor Reed puts forward a new model for cyberspace laws which focuses on human actions rather than the technology used. Arguing that, in cyberspace, law works primarily through voluntary obedience rather than fear of enforcement, Professor Reed explains his thoughtful and controversial new viewpoint as to how cyberspace laws should be devised and re-opens the debate as to the value of law for regulating cyberspace and how best to influence the behaviour of cyberspace actors. The only text to comprehensively analyse European cyberspace lawmaking, this book provides a new perspective to the debate about the proper shape and scope of internet laws.

Do copyright laws directly cause people to create works they otherwise wouldn't create? Do those laws directly put substantial amounts of money into authors' pockets? Does culture depend on copyright? Are copyright laws a key driver of competitiveness and of the knowledge economy?
These are the key questions William Patry addresses in How to Fix Copyright. We all share the goals of increasing creative works, ensuring authors can make a decent living, furthering culture and competitiveness and ensuring that knowledge is widely shared, but what role does copyright law actually play in making these things come true in the real world? Simply believing in lofty goals isn't enough. If we want our goals to come true, we must go beyond believing in them; we must ensure they come true, through empirical testing and adjustment.
Patry argues that laws must be consistent with prevailing markets and technologies because technologies play a large (although not exclusive) role in creating consumer demand; markets then satisfy that demand. Patry discusses how copyright laws arose out of eighteenth-century markets and technology, the most important characteristic of which was artificial scarcity. Artificial scarcity was created by the existence of a small number gatekeepers, by relatively high barriers to entry, and by analog limitations on copying.
Markets and technologies change, in a symbiotic way, Patry asserts. New technologies create new demand, requiring new business models. The new markets created by the Internet and digital tools are the greatest ever: Barriers to entry are low, costs of production and distribution are low, the reach is global, and large sums of money can be made off of a multitude of small transactions. Along with these new technologies and markets comes the democratization of creation; digital abundance is replacing analog artificial scarcity.
The task of policymakers is to remake our copyright laws to fit our times: our copyright laws, based on the eighteenth century concept of physical copies, gatekeepers, and artificial scarcity, must be replaced with laws based on access not ownership of physical goods, creation by the masses and not by the few, and global rather than regional markets. Patry's view is that of a traditionalist who believes in the goals of copyright but insists that laws must match the times rather than fight against the present and the future.

Is the Internet erasing national borders? Will the future of the Net be set by Internet engineers, rogue programmers, the United Nations, or powerful countries? Who's really in control of what's happening on the Net? In this provocative new book, Jack Goldsmith and Tim Wu tell the fascinating story of the Internet's challenge to governmental rule in the 1990s, and the ensuing battles with governments around the world.

It's a book about the fate of one idea - that the Internet might liberate us forever from government, borders, and even our physical selves. We learn of Google's struggles with the French government and Yahoo's capitulation to the Chinese regime; of how the European Union sets privacy standards on the Net for the entire world; and of eBay's struggles with fraud and how it slowly learned to trust the FBI.

In a decade of events the original vision is uprooted, as governments time and time again assert their power to direct the future of the Internet. The destiny of the Internet over the next decades, argue Goldsmith and Wu, will reflect the interests of powerful nations and the conflicts within and between them. While acknowledging the many attractions of the earliest visions of the Internet, the authors describe the new order, and speaking to both its surprising virtues and unavoidable vices.

Far from destroying the Internet, the experience of the last decade has lead to a quiet rediscovery of some of the oldest functions and justifications for territorial government. While territorial governments have unavoidable problems, it has proven hard to replace what legitimacy governments have, and harder yet to replace the system of rule of law that controls the unchecked evils of anarchy. While the Net will change some of the ways that territorial states govern, it will not diminish the oldest and most fundamental roles of government and challenges of governance.

Well written and filled with fascinating examples, including colorful portraits of many key players in Internet history, this is a work that is bound to stir heated debate in the cyberspace and globalization communities.