At the 111th Annual Conference of the Society of Legal Scholars, I’ve presented two papers in the Intellectual Property and Cyber Law sessions. Respectively:
- On 1st September 2020 15-16:30 UK time – Panel “New Developments in IntellectualProperty Law” (IP session)
With Prof. Cristiana Sappa (IESEG), we’ll present “The Internet of Things at the intersection of dataprotection and trade secrets. Non-conventional paths tocounter data appropriation and empower consumers“
The Internet of Things (IoT) has heralded a never-before-seen quantity of high-quality data. This includes both personal and non-personal data. Factual and legal control over IoT data gives companies unparalleled power to influence consumers, policy makers, and the other stakeholders of the IoT’s supply chain. The combination of analytics algorithms, the data goldmine structure and the output of data processes are regularly kept secret by businesses. Leveraging this portfolio of big data and trade secrets, IoT companies put in place practices that can negatively affect consumers, who are often unaware of them due to technical and legal secrecy. ‘Technical’ secrecy results from the opacity of the algorithms that underpin the IoT, especially when AI-enabled. ‘Legal’ secrecy, in turn, come from a combination of trade secrets and strategic contract management that keep IoT data practices secret. This begs the central research question of this article: how can consumers be empowered to counter IoT data appropriation?
Traditional consumer protection approaches, epitomised by the Consumer Rights Directive, are focused on pre-contractual duties to inform consumers. Their benefit to IoT consumers is limited by their reflecting a text-based paradigm, whereby information must be legible. This is not fit for the IoT, where displays tend to disappear and information is provided in audio or video formats. Consumer laws are drafted on the assumption of information asymmetries in business-to-consumer contracts, but they fail to account for the power imbalances that permeate IoT transactions. These power imbalances are exacerbated by control over a wealth of user data and corresponding granular knowledge of consumers’ vulnerabilities, behaviors, and biases. This knowledge can be used to impose opaque practices on consumers; among these, IoT data appropriation by means of trade secrets plays a key role.
Therefore, an emergent concern is whether the law provides tools that effectively safeguard consumers’ interests, in particular by ensuring substantial transparency as to the actual use of their personal data. How can this can be guaranteed, and the consumer empowered in a post-interface world of profoundly imbalanced relationships? The answer cannot be found solely within the trade secrets’ regime: data protection needs to be considered.
This article focuses on the trade secrets exceptions of legitimate interest and freedom of information, and on the General Data Protection Regulation (GDPR)’s rights to access, data portability, information, and not to be subject to solely automated decisions. We put forward that trade secrets’ exceptions and GDPR rights re-balance the interests of consumers vis-à-vis big IoT players such as Amazon. We propose a holistic approach that empowers consumers by countering data appropriation, thus redistributing data control.
2. On Thursday 3rd September 2020 at 15:15-16:45 UK time, Panel “Privacy at the Edges” (Cyber Law session)
I’ll present “The Internet of Personalised Things. IoT-Powered Consumer Manipulation as an Unfair Commercial Practice“ has been accepted for presentation at the 111th Annual Conference of the Society of Legal Scholars (you can still register!). The conference is organised by the University of Exeter under the leadership of Professor Rebecca Probert. It will take place on 1-4 September 2020 and, for the first time in the SLS‘s herstory, it will be entirely virtual (which brings the registration fee down!)
Personalisation is one of the key befits of the Internet of Things (IoT). IoT traders can combine data from multiple sources and access consumers’ most private spaces. At the same time, these traders retain control over their smart devices (‘Things’) throughout their lifecycles.
Thanks to this combination of deep knowledge of the consumer and control over the Thing, IoT traders can personalise products, services, prices, and even the terms of service that regulation the business-to-consumer relationship. The problem is that personalisation can lead to consumer manipulation and even discrimination – such detrimental effects can be referred to as the ‘Internet of Personalised Things’.
Situational data and information about consumers’ biases and vulnerabilities allow IoT traders to influence consumers’ decision-making in surreptitious ways. This can go from instilling the desire to purchase useless or even dangerous Things, to the exclusion of BAME people from certain job ads, through to electoral manipulation.
My paper will critically assess whether unfair trading laws – and in particular the Unfair Commercial Practices Directive as amended in 2020 – are fit for purpose and can provide a successful strategy to re-empower consumers, thus re-building trust in the IoT.
It is suggested that, despite some shortcomings, this regime can be invoked by consumer to counter IoT-powered manipulation, especially as the Directive provides special protections for vulnerable consumers and against traders’ undue influence impairing consumer freedom of choice.
The Directive does have some limitations but this should not come as a surprise. Being a neoliberal instrument aimed at pursuing a perfectly competitive single market, it cannot provide an entirely satisfactory response to an issue that capitalism itself created, namely the problem of manipulated needs as discovered by Marx.
You can still register here