One of the key hurdles in creating the law of privacy has been the disagreement of what constitutes an invasion of privacy and it is generally accepted that this is further dependant upon cultural, and other, perspectives. Karen McCullagh, in ‘Protecting “privacy” through control of “personal” data collection: A flawed approach’ acknowledges the absence of key definitions with regards to privacy, seeks to identify whether or not the term privacy is synonymous with the term personal (UK Data Protection Act 1998), and adopts empirical research to assist in determining this. McCullagh’s findings and discussion is important in demonstrating that an agreement upon a common ground of the invasion of privacy seems to exist.

Continuing on the theme of definition within privacy, Dan Ritchie in ‘Is it possible to define “privacies” within the law? Reflections on the “securitisation” debate and the interception of communications’, considers privacy within the context of surveillance and the interception of communications. The definition of privacy is reviewed with an emphasis on informational privacy, providing an interesting account on how the public perception of what is private can differ in context of modern technology. Richie puts forward his own questions that should be addressed to further the debate on privacy, and in so doing proposes that individual approval or disapproval is the crux of personal feelings of privacy.

Issues affecting children are generally high on most agendas and privacy is no different. In her paper Emmanuelle Bartoli performs a comparative analysis of the provisions in place to protect children’s personal information online within the EU and USA, and highlights several difficulties, challenges and loopholes within legislation.

In their paper, Cannataci and Mifsud Bonnici consider how a minimalist approach to law-making was the foundation of bad policy and bad law that left the UK’s data protection Commissioner virtually toothless and under-resourced for many years until the recent moves to grant him wider powers in 2008 and 2009. They evaluate the soaring number losses of personal data in the UK in the context of such constraints and then move on to examine whether the new Coroners and Justice Bill 2009 would remedy the situation or is simply more evidence that the UK has not entirely escaped from problems of bad policy and bad law in the field of data protection. Their paper includes summary tables documenting nearly a hundred different cases of losses of personal data across the world which the authors have researched during the period 2007–2009.

Within our Current Developments section Sophie Stalla-Bourdillon revisits European Directive 2000/31/EC and the Communications Decency Act and the Digital Millennium Copyright Act within the context of Children’s Privacy – a timely intervention given 2008 developments and reports on children and the Internet. Bourdillion questions whether self-regulation or co-regulation form the basis of future regulation and subsequently how that regulation should take place with regards to standards setting, monitoring and enforcement.

As with all BILETA conferences parallel sessions are the norm and this edition has also captured papers from some of the other sessions. Technology to combat crime and technology to assist in crime was another significant theme of the conference. David Wall delivering the second of the conference keynotes (not included in this edition) mapped out the conceptual origins of cybercrime in social science fiction genres enabling him to explore the relationship between rhetoric and reality in the production of knowledge about it. Clare Sullivan in her conference proper ‘Is identity theft really theft?’ tackles this increasingly worrying problem. While figures show cybercrime increasing year on year by up to 10% indications are that identity theft may be declining. The credit crunch of 2008/9 may see an end to this decline and Sullivan considers the key question of what is identity. In conceptualising identity the author asserts that identity is emerging as a new distinct, legal concept. Spanning the crime and privacy debate is spam. In ‘“Spam, spam, spam, spam … Lovely spam!” Why is Bluespam different?’, Eleni Kosta, Peggy Valcke and David Stevens of the Interdisciplinary Centre for Law & ICT (ICRI) at the Katholieke Uni-versiteit Leuven consider how technological progress, has created new types of spamming, including Bluespam, the action of sending spam to Bluetooth-enabled devices, such as mobile phones, personal digital assistants (PDAs) or laptop computers. Although, at first sight, it would seem that Bluespam should be considered as any other kind of spam and would therefore fall under the ambit of Article 13 of the ePrivacy Directive, closer examination enables the authors to question this assumption and conclude that Bluespam may not be covered by the ePrivacy directive. They speculate that the scope of the regulation on unsolicited communications needs to be broadened in order to cover networks like Bluetooth, or indeed new regulations covering the sending of unsolicited Bluetooth messages should be enacted. In a timely intervention Wiebke Abel in ‘Agents, Trojans and tags: The next generation of investigators’ considers the issues in and around the use of technology by the investigatory and enforcement agencies as a strategy to more effectively combat cybercrime and the increase in crimes committed using computer technology. In a statement issued in 2008, the Council of the European Union has recommended that member states should undertake clandestine remote searches of computers of suspects, if provided for under national law. Such powers will no doubt to significant challenges.

The conference again brought forward a large number of intellectual property based papers. Intellectual property law continues to be a dominant preoccupation for information technology lawyers. This is not surprising given that the cultural impact of intellectual property has been stoked, and in part driven by developments in technology. Copyright’s origin in the Statute of Anne’s preamble states ‘An Act for the encouragement of learning, by vesting the copies of printed books in the authors or purchasers.’ The Act, at first limited to printed materials, was introduced to deal with the challenges of the printing press, so beginning a close relationship between copyright and technology. In ‘Technology and the cultural appropriation of music’, Richard Jones considers the interplay of music, technology and intellectual property. The paper considers how developments in information technology can now be used to offset the expansion of copyright. After reviewing some of these developments, particularly the Creative Commons, and considering evidence now analysed from a Europe-wide survey of musicians and publishers completed in 2008, the paper concludes that these fixes, rooted in intellectual property, unfortunately offer little by way of solution. Technological solutions not so closely tied to intellectual property may offer more appropriate and workable solutions. Continuing the intellectual property–technology link Hasina Haque in ‘Decentralised P2P technology: Can the unruly be ruled?’ returns to an issue that has dominated intellectual property this century, the role of the Internet, peer to peer file sharing systems, digital rights management (DRM) and secondary infringement. Courts in the USA have added a third theory, namely, inducement theory into the genre of secondary infringement. The article examines the prospect of implementing inducement theory into the UK context. After examining the legal issues, the paper suggests that instead of adding a new theory into the domain of secondary infringement the challenge of decentralised peer to peer (P2P) technology should be addressed through technology by way of device protection. Our third intellectual property paper is by Neal Geach, ‘The future of copyright in the age of convergence: Is a new approach needed for the new media world?’ The author considers the new Audiovisual Media Services Directive that aims to provide the regulatory framework for television without frontiers. Geach concludes that while convergent technologies have created opportunities for the media industry it has also created threats in that the same technology is also being used to infringe the copyright of content producers on a far greater scale. The conclusion then is that the Audiovisual Media Services Directive’s biggest weakness may be in not addressing the link between converged media platforms and the potential for increased copyright infringement. Finally in this section a paper on computer contracts. Computer contracting is a complex and often challenging area for lawyers, the complexity in part arising from the interface of contract with intellectual property. Here Ruth Atkins considers the extent to which permitted acts under copyright law can be varied by contractual arrangement and conversely, the manner in which proprietary interests can override contrary stipulations expressed in a contractual agreement.

The Conference would not have been complete without some examination of the broader challenges of regulating cyberspace. It was in the mid 1990s when academics first ventured into the murky waters of cyber-paternalism or cyber-liberalism. In his book Andrew Murray in The Regulation of Cyberspace: Control in the Online Environment (2007)¹ argues that the debate is now more complex, the regulation of cyberspace is not simply the imposition through a top-down system from regulator to regulatee, a number of actors and elements come into play. Cyberspace according to Murray is not a static regulatory universe into which an intervention would be made, ‘cyberspace is a challenge, because in cyberspace, it is not always clear who the regulators are.’ There may be competition between nation states or in some examples in the dynamic world of cyberspace, regulatees can become regulators.

We hope you enjoy this special BILETA 2008 edition of the International Review and we hope you will be better able now to appreciate the challenges ‘new’ technology is posing to ‘old’ or established legal concepts. May we take this opportunity of thanking Michael Bromby and Ken Russell for all their help in selecting authors, to the large number of anonymous referees who provided immensely helpful feedback and of course to the long suffering authors who had to cope with our numerous and varied requests.

Over the 12 months since March 2007, it is clear that data protection has reached a new level in the psyche of the individual citizen and that, increasingly, the public are turning to lawyers seeking redress from some actual or perceived breach of their rights and of their privacy; nor, however, is this a purely British problem. Obviously from a legal perspective much of the pressure for data protection has been driven by European Community Directives, they in turn being a necessary implementation of a Council of Europe recommendation on privacy. Having had the opportunity over the last few years to conduct a project for a client looking at implementation of the Data Protection Directive over 16 of the EU member states, and having had for interest and general information needed to consider the rules in many of the others, the only thing that can be said is that it is possible for 25+ countries to take a single text and turn it into national law in 25+ different ways; indeed, other than the Data Protection principles with which you will all be familiar, the national systems have little in common. For a business person there would seem to be irrefutable logic in trying to implement these types of regimes in a more consistent and coherent system. I am far from convinced that the system I would choose would be the UK one, and equally I doubt that our business community would thank us for the German system, although Germans seem to find that wholly acceptable to them.

As someone who travels a great deal on business according to my family and colleagues (and who ‘occasionally is out of the office’ according to me!), it has been a very fascinating exercise to watch how public and political perception to data protection and privacy has shifted in the last 10 years.

Although the original Data Protection Act in the UK was 1984, it was really only with the 1998 Act that data protection ever raised a murmur in the public consciousness. Outwith Europe, data protection and privacy as we understand it was confined to some of the Commonwealth and, in a very specific regard to celebrities in California who needed protected...