Presentation by Yeseul Kim at APRICOT 2018 on Tuesday, 27 February 2018.

1. Policy and Technical Solutions
for Online Cross-Border Legal
Problems in Asia
Yeseul Kim
Master’s in Science and Technology Policy
Korea Advanced Institute of Science and Technology
Feb 25, 2018 APRICOT

2. Data Protection Laws of the World

3. Rapid Increase in Cross-border Data Transactions
(E-commerce, Cross-border Contents, SNS)
• Nepal – Australia Case (2017) : Nude photos of a Nepalese woman
were posted online by a Nepalese man who lived (lives) in Australia.
Nepal CERT was struggling to find legal/technical solutions and
remedies to the harms done to the woman.
• Korea – China IoT Cameras
• US – China IoT Cameras
• Increasing volume of E-Commerce and Online Commercial
Transactions
• Increasing Hacking attempts to cryptocurrency exchanges around the
world (Japan, S. Korea…)

4. Areas of Law to be impacted – Almost every
part
• Criminal Law : Financial loss due to the server hackings
(Cryptocurrency exchanges, bank servers in Malaysia, hacking
attempts on the core infrastructures, e.g. nuclear power plant
servers)
• Civil Law: Libel, Harassment, Child Protection
• Copyright Law
• Intellectual Property Law (Creative Commons Law)

5. Past Cases in Europe and North America
• LIRCA vs. the U.S. : Yahoo finally complied with the order of French
court.
• Google, Inc. v. Equustek Solutions, Inc., 2017 WL 5000834 (N.D. Cal.
November 2, 2017) : Google took down the search result from their
website, not only in Canada, but also worldwide Google website – the
role and liability of the Internet Service Providers (ISPs)
• EU GDPR finally impacts companies domiciled outside the EU territory
(Extraterritoriality started to be coded into laws)

6. Possible Legal solutions
• Takedown request and order is the current most-sought-after solutions for
online contents related lawsuits
• IoT Devices Manufacturers – WTO commerce Laws (Rules of Origin,
Regulation on manufactured imports) : The US has banned the import of
Chinese IoT Products
• Cross-border Arbitrations, but with high costs
• Each government and national courts are now gearing up to tame the
cyberspace, but without the concerted efforts of the regional leaders,
policy makers and technicians, only the complexities within the cyberspace
will increase. (Too many independent research organizations and
institutions at this moment.)

7. Cores of Cross-Border Arbitration
• Cross Border Litigation : contact a foreign lawyer, travel costs of the
parties, translation costs usually outweigh the benefits from the
lawsuit.
• Choice of Law and Conflict of Law : How can we guarantee the
coordinated efforts to mitigate the cyber conflicts without
compromising the legal plurality?
• An action in respect of the same defamation can only be brought
once and if the court accepts jurisdiction, will consider the total loss
to reputation alleged by the claimant.

8. Challenges from IoT, Blockchain, E-commerce
and evolving International Law
• Transnational Transaction of Information (Encrypted Information –
Bank account, bio info, etc)
• IoT Devices – Case of Chinese IoT Products : Report cases on ‘being
watched’ by imported Home cameras in South Korea
• Street cameras in the U.S. (and also in many other countries),
imported from China.
• Blockchain Technology and cryptocurrencies, which will enable
internationalized service

9. Current Legal and Policy Development
• UN GGE – only applicable to the nations (based on the tradition of the
public international law which only acknowledge nations as the subject of
the law)
• Hague International Private Law is now under development (Hague
Conference on Private International Law – The World Organization for
Cross border Co-operation in Civil and Commercial Matters)
• However, unlike European regions where GCSC, Internet related legal
harmonization efforts, researches into law, and coordination of efforts
have been extensively conducted, Asian countries are still lacking in the
legal harmonization and cooperative efforts to fight against all these
cybercrimes.

10. Recent Legal Development and Online
Archives
• Internet & Jurisdiction (Based in France)
• DiploFoundation
• GCSC – Global Cyber Council
• Harvard Cyber Law Center, Stanford Cyber Law Center…
• Journals : Computer and Law
• International Conferences on Cross-border legal problems (IGF)
• 2018 IGF and Beyond
• Law firm websites : www.dlapiperdataprotection.com
• www.itgovernance.co.uk/cybersecurity-standards

11. Legal Solutions – Jurisdictional Problem
• Rules on Jurisdiction : not International law, but part of the domestic
laws of civil procedure in each national legal system
• Rules of Jurisdiction, choice of law, enforcement: conflicts of laws or
international private law
• EU – Regional Harmonization of the related laws through Brussels
Regulation
• Cooperation in civil matters now have cross-border implications.
• Rules of choice of law in contracts (Rome 1) and torts (Rome II)

12. Tort Law and Jurisdiction
• Defamation Case – Trademark Infringement on a website of a mark
registered in several jurisdictions, computer virus is spreading through the
servers, malicious code injection, etc.
• 1) The place where the Tort was Committed
• 2) The Place where the damage occurred
• Effect Doctrine (The destination Approach)
• 1. Accessibility
• 2. Targeting
• 3. The Origin Approach

13. Tort Law and Jurisdiction – Online
Harassment Case
• In the UK
- UK domiciliary – a defendant or plaintiff domiciled elsewhere in the EU: Brussels
Regulation
- UK domiciliary – non-EU domiciliary or European Economic Area state : English Common
Law
• -> the claimant can sue at his choice in either place
• If a tort is committed through the provision of information, is this the place where the
information is generated or accumulated, the place of uploading of the information, or
the place of downloading, as this is the place where the information is accessed and
read?
• The place where the info provider is physically located, legally established, the place
where the server hosting the information is located
• The place where the tort was committed -> The place where the damage occurred

14. Tort Law and Jurisdiction
1) Dow Jones v. Gutnick : Locating the place of a tort
2) Shevill Case – ECJ
• If the damage has been spread over several Member states, the claimant could sue in each and
every jurisdiction in which he or she had suffered harm, but only for the damage suffered in
that particular jurisdiction.
• English Common Law Rules – Multi-state defamation actions : The claimant can sue for
dafamation in each and every jurisdiction where the statement has been downloaded.
• In the EU, a defendant can sue in each and every jurisdiction, where the immediate damage has
occurred, in an action for tort.
3) Grokster peer-to-peer filesharing case – the US Federal District Court in California
• Can preside its jurisdiction to decide a copyright infringement suit against Sharman Networks Ltd,
the owners of Grokster/KaZaa, which was headquartered in Australia and incorporated in the
PacifiC Island of Vanuatu.
• -> There was evidence that the Kazaa software had been downloaded 143 million times globally
and 20 million times in the US

15. Contending Philosophies – Clash of
Civilization?
• Privacy and Free Speech (Freedom of Expression and Freedom of
Speech)
• Privacy from EU Perspective
• Privacy from the U.S. Perspective
• -> Disputes arise even from different courts
• -> New International Norms required?
• Thus, the increased efforts among CSIRT – Law Enforcement
Institutions – Policy Makers at the international level is a must to
make the Internet connected and still make the place safe and
sociable.

16. Initiatives in Asia Pacific Region
• New Delhi and Wuzen Internet Conferences
• APrIGF, APNIC, APRICOT and the national legal institutions are all playing an
important role here.
• Yet, still the Asian countries lack behind in harmonizing the necessary laws
and responding the newly emerging cross-border legal problems
• Initiatives in making Asian version of Internet & Jurisdiction
• Online Dispute Resolution (Regional Courts) for Online Disputes
• Technical Solutions such as AI for detecting illegal online contents and
automatic takedown of the contents can also be developed and employed

17. References
• Understanding Cybercrime : Phenomena, Challenges and Legal Response.
ITU., 2012.
• Nicholas Tsagourias et al. Research Handbook on International Law and
Cyberspace.
• James Saunders and Paul Carlyle.,(2016) Brexit Analysis Bulletin – Contracts
and E-Commerce., Shphered+ Wedderburn.
• Lilian Edwards and Charlotte Waelde. (2009) Law and the Internet., Hart
Publishing.
• Hogan Lovells.,Ltd. (2016) Asia Pacific – Data Protection and Cybersecurity
Guides
• Asia Pacific Arbitration Report
• Global Arbitration Review