ANALYSING THE ROLE OF INTERNATIONAL ARRANGEMENTS IN SHAPING TECHNOLOGY LAW
By Manvi Sharma, Intern at Seth Associates
Keywords-Cyberlaw, cybersecurity, Artificial intelligence, data protection , privacy , GDPR, technology transfer, digital rights
INTRODUCTION
With innovation and advancement in technology, businesses have become transborder and often involve more than one jurisdiction. The creation, use, distribution of Intellectual property based works is a global phenomenon engaging the entire world as both consumers and (possibly) contributors. However, this global engagement can be abused through malicious use of such innovations resulting in increased cybercrime, and cyberterrorism. This engenders legal conundrums such as determining the ownership and origin of a technology, standardized framework of rules and regulations, establishing liability of a tech-related intermediaries/users and crucially, asserting jurisdiction in IP disputes over such malefactors.
To address these multifaceted issues, international treaties and agreements play a pivotal role by providing structured framework and standardized norms that regulate the use, development and dissemination of technology across borders. This article delves into the impact of such international instruments in various aspects, including the harmonization of technology standards, data privacy, cybersecurity, trade and technology transfer, environmental impact, and human rights.[1]
Hereinbelow, are key international treaties and agreements and explain how they impact the technology law in diverse domains.
HARMONIZATION OF STANDARDS
The international agreements and treaties promotes global cooperation and reduces legal uncertainties by facilitating the harmonization of technology standards. Some prominent treaties and agreements which harmonize the principles of technology law are as follows:
IP RELATED ARRANGEMENTS
- Trade Related Aspects of Intellectual Property Rights (TRIPS) Agreement –
TRIPS agreement is administered by WTO, which establishes minimum standards for the availability, scope, and use of seven forms of intellectual property: copyrights, trademarks, geographical indications, industrial designs, patents, layout designs for integrated circuits, and undisclosed information (trade secrets) that all WTO member countries must implement. It spells out permissible limitations and exceptions in order to balance the interests of intellectual property with interests in other areas, such as public health and economic development. This framework ensures a certain level of consistency in IP laws across different jurisdictions and affects how technology is developed, protected and disseminated worldwide[2]
- The International Telecommunication Regulations (ITRs)
ITRs facilitates international connectivity in communication networks overseen by the International Telecommunication Union (ITU), these regulations establish standards for international telecommunications, impacting technology deployment and management across countries. It allocates global radio spectrum and satellite orbits, develop the technical standards that ensure networks and technologies connect seamlessly, and work to improve access to digital technologies in underserved communities worldwide[3]. These regulations establish general principles which relate to the provision and operation of international telecommunication services offered to the public as well as to the underlying international telecommunication transport means used to provide such services. They also set rules applicable to administrations[4].
DATA PRIVACY AND PROTECTION
The evolution of technology necessitates robust data privacy and protection measures. International agreements play a critical role in standardizing these laws.
- The General Data Protection Regulation (GDPR):
Primarily an EU regulation, the GDPR has a global impact, influencing data protection standards worldwide and prompting non-EU countries to align their regulations with GDPR principles to facilitate trade and data transfer. GDPR establishes the protection of natural persons in relation to the processing of personal data is a fundamental right. GDPR sets standards for how personal data of EU citizens should be collected, processed and stored. It mandates that organisations must be transparent about their data processing activities and accountable for compliance. Its extraterritorial scope has influenced global technology practices and standards as all the organizations handling EU citizens’ data, regardless of location must comply with GDPR[5]. This law has led India to draft its own data protection laws, such as the Personal Data Protection Bill, influenced by GDPR principles.[6]
- The Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (Convention 108):
Convention 108 is the first binding international instrument which protects the individual against abuses which may accompany the collection and processing of personal data and which seeks to regulate at the same time the trans frontier flow of personal data.
Through its preamble, the primary aim of this convention is to:
- Consider that it is desirable to extend the safeguards for everyone’s rights and
fundamental freedoms, and in particular the right to the respect for privacy, taking account of the increasing flow across frontiers of personal data undergoing automatic processing;
- Reaffirm at the same time their commitment to freedom of information regardless of
frontiers;
- And, recognise that it is necessary to reconcile the fundamental values of the respect for privacy and the free flow of information between people.
In addition to providing guarantees in relation to the collection and processing of personal data, in Article 6 – ‘Special categories of data’, outlaws the processing of “sensitive” data on a person’s race, politics, health, religion, sexual life, criminal record, etc., in the absence of proper legal safeguards. The Convention also enshrines the individual’s right to know that information is stored on him or her and, if necessary, to have it corrected.[7]
CYBERSECURITY
Addressing cybersecurity threats requires international cooperation, and treaties provide frameworks for such collaboration.
- The Budapest Convention on Cybercrime:
Primarily known as Council of Europe Convention on Cybercrime, the Budapest Convention is the first international treaty to explicitly address internet cybercrime. It harmonizes national laws, improves investigative techniques, and enhances cooperation among nations. It is a framework that permits hundreds of practitioners from Parties to share experience and create relationships that facilitate cooperation[8]. The main objective of this Convention, through its preamble is:
- Recognising the value of fostering co-operation with the other States parties;
- Convinced of the need to pursue, as a matter of priority, a common criminal policy aimed at the protection of society against cybercrime, inter alia, by adopting appropriate legislation and fostering international co-operation;
- Recognising the need for co-operation between States and private industry in combating cybercrime and the need to protect legitimate interests in the use and development of information technologies;
Some of the significant cyber offences that the Budapest Convention addresses include illegal access, data interference, illegal interception, misuse of devices, system interference, cyber fraud, cyber forgery, offences in child pornography, and offences concerning neighbouring rights and copyright.
Although, the Convention is European, it is endorsed by 64 countries including Canada, Japan, the Philippines, South Africa, the United States, and others through Mutual Legal Assistance Treaty (MLAT)
ARTIFICIAL INTELLIGENCE
- European Union’s Act on Artificial Intelligence
The European Union’s AI Act is a comprehensive regulatory framework designed to oversee AI technologies, ensuring they are safe, transparent, and respect fundamental rights. It adopts a risk-based approach, categorising AI applications into unacceptable, high, limited, and minimal risk levels. Unacceptable risks, such as social scoring, and manipulative AI are prohibited. High-risk AI systems, such as those used in biometric identification and critical infrastructure, are subject to stringent requirements including data governance, documentation, transparency, human oversight, and robustness. The Act also establishes a framework for market surveillance to ensure compliance, promotes innovation through regulatory sandboxes, and creates a European Artificial Intelligence Board to oversee its implementation and enforcement. This balanced approach aims to foster AI innovation while protecting citizens’ rights and safety.[9]
- OECD AI Principles
The OECD Principles on Artificial Intelligence aim to foster innovative and trustworthy AI while respecting human rights and democratic values. These principles emphasize that AI should promote inclusive growth, sustainable development, and well-being, ensuring that AI benefits both people and the planet. AI systems should uphold human-centred values such as fairness, non-discrimination, and equality, adhering to the rule of law and democratic principles. Transparency and explainability are crucial, with users and stakeholders needing clear information about AI systems and their decision-making processes.[10] AI must also be robust, secure, and safe throughout its lifecycle, with measures for traceability, auditability, and accountability. Finally, developers and operators of AI systems are accountable for ensuring these principles are upheld, contributing to public trust and the positive impact of AI on society.[11]
TRADE AND TECHNOLOGY TRANSFERS
International trade agreements include provisions affecting technology transfer and intellectual property rights, influencing technology development and distribution.
- The Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP):
The Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP), also known as TPP11 or TPP-11, is a trade agreement between Australia, Brunei, Canada, Chile, Japan, Malaysia, Mexico, New Zealand, Peru, Singapore, and Vietnam. This trade agreement contains specific provisions on e-commerce, intellectual property, and digital trade that shape the technology landscape in member countries.[12]
The main objective of CPTPP, through its PREAMBLE is to Establish a predictable legal and commercial framework for trade and investment through mutually advantageous rules; Facilitate regional trade by promoting efficient and transparent customs procedures that reduce costs and ensure predictability for their importers and exporters etc.
In respect to technology landscape, it provides for enforcement and protection of intellectual property rights in Chapter 18, provides for the provisions under Chapter 14 for Electronic Commerce to promote consumer confidence in electronic commerce and of avoiding unnecessary barriers to its use and development.
It also provides for the provisions to avoid any technical restrictions on Information and communications technology products in Annex 8-B under chapter 8 and also provides for no restrictions to be imposed by any of the parties on Import and Export of commercial crypto graphed goods under Article 2.10(4).
ENVIRONMENTAL IMPACT AND SUSTAINABLE DEVELOPMENT
International environmental agreements address the impact of technology on the environment and promote sustainable development.
- The Paris Agreement:
The Paris Agreement is a legally binding international treaty on climate change. It provides a framework for financial, technical and capacity building support to those countries who need it. In article 10, The Paris Agreement speaks of the vision of fully realizing technology development and transfer for both improving resilience to climate change and reducing GHG emissions. It establishes a technology framework to provide overarching guidance to the well-functioning Technology Mechanism.[13] This climate accord influences technology law by encouraging the development and deployment of green technologies and setting targets for reducing carbon emissions with the provisions for the same under Article 11. Through article 18, it provides for establishment of The Subsidiary Body for Scientific and Technological Advice (SBSTA) for technological capacity building of developing and least developed countries in respect of green technology as well as advising guidelines for improving standards of national communication and emission inventories with its role prescribed under Article 9 and 10.
HUMAN RIGHTS AND DIGITAL RIGHTS
International human rights treaties shape technology law concerning digital rights and freedoms.
- The International Covenant on Civil and Political Rights (ICCPR):
Article 17 of ICCPR deals with the Right to privacy provides as follows:
“17(1) No one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence, nor to unlawful attacks on his honour and reputation.
17(2). Everyone has the right to the protection of the law against such interference or attacks”.[14]
These provisions related to freedom of expression and privacy are increasingly interpreted in the context of digital technologies and online activities.
- The United Nations Guiding Principles on Business and Human Rights (UNGPs):
The United Nations Guiding Principles on Business and Human Rights (UNGPs) offer a principled and pragmatic approach for ensuring that the world’s technological advances are grounded in respect and dignity for all.[15] These principles influence technology companies by providing a framework for addressing human rights impacts in their operations, including issues related to surveillance, data protection, and digital rights.
CONCLUSION
In conclusion, International treaties and agreements significantly shape technology law by setting standards, promoting cooperation, and addressing global challenges related to technology. Understanding and adapting to the dynamic nature of technology within the context of international cooperation is imperative to ensure that the benefits of technological progress are realized while mitigating potential risks and ethical concerns. As the interconnectedness of nations continues to foster rapid innovation and adoption of new technologies, the efficacy of international treaties and agreements in providing a framework for harmonizing legal standards and addressing cross-border implications is crucial. Furthermore, the evolving nature of technology and its intersection with legal frameworks necessitates ongoing collaboration to promote innovation, protect individual rights, and uphold shared values on a global scale.
REFERENCES
WEB ARTICLES:
- Article on International law and cybercrime. https://www.geeksforgeeks.org/international-agreements-treaties-cyber-law/
- Article by LexisNexis on cyber law. [1] https://www.lexisnexis.in/blogs/cyber-law-in-india/
OFFICIAL DOCUMENTATION:
- World Trade Organisation ‘Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS)’, signed on April 15th 1994, https://www.wto.org/english/docs_e/legal_e/27-trips.pdf
- International Telecommunication Union ‘International Telecommunication Regulations (ITRs)’, came into force on July 1st 1988, [1] https://www.itu.int/dms_pub/itu-t/oth/3F/01/T3F010000010001PDFE.pdf
- Official Journal of the European Union ‘General Data Protection Regulation (GDPR)’; 2016, REGULATION (EU) 2016/ 679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL – of 27 April 2016 – on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/ 46/ EC (General Data Protection Regulation) (europa.eu)
- Official Journal of the European Union ‘Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (Convention 108)’, Released on January 1st 1981 https://rm.coe.int/1680078b37
- Official Journal of the European Union ‘Convention on Cybercrime – Budapest Convention on Cybercrime’, Released on November 23rd 2001; https://rm.coe.int/1680081561
- Institute for International Law and Justice, NYU ‘Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP)’, 2018; https://www.iilj.org/wp-content/uploads/2018/03/CPTPP-consolidated.pdf
- UNFCC, ‘Paris Agreement’, Released on December 12th 2015; https://unfccc.int/sites/default/files/english_paris_agreement.pdf
- Office of the United Nations High Commissioner for Human Rights, ‘International Covenant on Civil and Political Rights (ICCPR)’, came into force on March 23rd 1976; https://www.ohchr.org/sites/default/files/ccpr.pdf
- Office of the United Nations High Commissioner for Human Rights ‘United Nations Guiding Principles on Business and Human Rights (UNGPs)’, endorsed on June 16th 2011; https://www.ohchr.org/sites/default/files/ccpr.pdf
[1] https://www.lexisnexis.in/blogs/cyber-law-in-india/
[2]Microsoft Word – aa Compilation of TRIPS and Conventions – English.doc (wto.org)
[3] https://www.itu.int/en/about/Pages/default.aspx#gsc.tab=0
[4] https://www.itu.int/dms_pub/itu-t/oth/3F/01/T3F010000010001PDFE.pdf
[5] https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679
[6] https://gdpr.eu/what-is-gdpr/
[7] https://rm.coe.int/1680078b37
[8] https://www.coe.int/en/web/cybercrime/the-budapest-convention
[9] https://artificialintelligenceact.eu/high-level-summary/
[10] https://www.fsmb.org/siteassets/artificial-intelligence/pdfs/oecd-recommendation-on-ai-en.pdf
[11] https://oecd.ai/en/ai-principles
[12] https://www.dfat.gov.au/trade/agreements/in-force/cptpp/comprehensive-and-progressive-agreement-for-trans-pacific-partnership
[13] https://unfccc.int/process-and-meetings/the-paris-agreement#:~:text=Technology,the%20well%2Dfunctioning%20Technology%20Mechanism.
[14] https://www.ohchr.org/en/instruments-mechanisms/instruments/international-covenant-civil-and-political-rights
[15] https://www.ohchr.org/sites/default/files/Documents/Issues/Business/B-Tech/introduction-ungp-age-technology.pdf