REPHRAIN Masterclass: Law & Regulation and Online Harms

On 3 March, REPHRAIN conducted an online masterclass on the topic of Law & Regulation and Online Harms.

The masterclass was hosted by the members behind the REPHRAIN Policy and Regulation strand and the SURVEY project, each covering some of the challenges and strategies in their specialist area, per the below agenda (presentations linked below).

10.00-10.30am A global SURVEY on Regulatory Initiatives to Protect Citizens Online
Madeline Carr
The internet is an integral part of everyday life for most of us. Increasingly we do online more and more activities that were analogue not so long ago, such as communicating with relatives and friends, finding information, doing our shopping and groceries, viewing entertainment and more. However, as the internet continues to grow and transform our lives, often for the better, people are increasingly exposed to, and suffer from, multiple ‘online harms’ every day. These developments are quickly catching the attention of governments around the world, which have pursued different initiatives to tackle these harms based on their regulatory frameworks – and more recently started to propose legal reform in areas which are perceived as outdated or ineffective. The underpinning of governmental responses to these phenomena is the need to protect citizens online (PCO).This session will discuss the rationale of the SURVEY project (what we are doing and why), touching upon its main constituent elements, including:

  • The kinds of online harms and jurisdictions covered by SURVEY;
  • The extent to which certain government initiatives to address a given harm (e.g. child abuse content, terrorist content) may compound other harms (e.g. privacy intrusion, curtailment of freedom of speech);
  • The relevance of SURVEY for policy-making, law-making and subsequent research.
10.30-11.00am

EU GDPR vs UK GDPR: The Implications of Brexit for UK Data Protection Laws
Asma Vranaki
Since the UK has formally left the European Union, there are key differences between their data protection law regimes. It is crucial for multi-disciplinary projects engaging with data protection and privacy to be aware of such differences and consider their implications when designing, developing and conducting their projects as well as writing project outputs. Crucially, where appropriate, researchers need to reflect on whether their project engages with European data protection laws (e.g. EU GDPR) or UK data protection laws (e.g. UK GDPR and UK DPA 2018) and clarify this in their outputs.

To help researchers with this important task, this session will delve into several dimensions including:

  • The current state of play in UK data protection laws;
  • The differences between European and UK data protection laws, such as the UK GDPR and the EU GDPR;
  • The status of the UK as a ‘third-country,’ its ramifications for data flows between the UK and other jurisdictions (e.g. the US) and the current UK-EU ‘adequacy decision’ that legalises UK-EU data flows;
  • The implications of the UK government’s proposed data law reform proposals on several matters including anonymisation and the UK-EU ‘adequacy decision.’
11.00-11.30am Alongside but separate: Lessons from interdisciplinary research on privacy-enhancing technologies (PETs)
Jose Tomas Llanos
PET development is an interdisciplinary endeavour which requires the involvement of data scientists, software engineers, lawyers, interface designers and potentially many other members of vastly different fields. However, interdisciplinary collaboration does not occur magically by assembling a team of scholars with different backgrounds and compelling them to talk and work together. A discipline’s prior convictions on how to attain a project goal, and a diverging kind of reasoning between researchers of different fields can prevent effective communication, debate, and decision-making, ultimately undermining the project’s outcome. In extreme cases, scheduling issues may doom the project from the outset.Drawing on the experience of the Privacy-Aware Cloud Ecosystems (PACE) project, this session will address a number of challenges in interdisciplinary research, including:

  • Project planning and scheduling;
  • Different understanding of the same concepts and terms (e.g. privacy, personal data, individual control) across fields;
  • Communication, frustration, ‘siloed’ collaboration;
  • Some proposals as to the way forward.

Please direct any queries regarding this event to rephrain-centre@bristol.ac.uk – thank you to all for their contributions!