Not Hardcoding but Softcoding Data Protection
DOI:
https://doi.org/10.26116/techreg.2021.002Keywords:
GDPR, privacy by design, data protection by design and default, security by design, privacy engineering, techno-regulation, compliance by design, legal protection by design, softcodeAbstract
The delegation of decisions to machines has revived the debate on whether and how technology should and can embed fundamental legal values within its design. While these debates have predominantly been occurring within the philosophical and legal communities, the computer science community has been eager to provide tools to overcome some challenges that arise from ‘hardwiring’ law into code. What emerged is the formation of different approaches to code that adapts to legal parameters. Within this article, we discuss the translational, system-related, and moral issues raised by implementing legal principles in software. While our findings focus on data protection law, they apply to the interlinking of code and law across legal domains. These issues point towards the need to rethink our current approach to design-oriented regulation and to prefer ‘soft’ implementations, where decision parameters are decoupled from program code and can be inspected and modified by users, over ‘hard’ approaches, where decisions are taken by opaque pieces of program code.
Downloads
Downloads
Published
Issue
Section
License
Copyright (c) 2021 Aurelia Tamò-Larrieux, Simon Mayer, Zaïra Zihlmann
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.