The difficulty of legislating on technology is one of the unique side-effects of living in the 21st century. Considering the potential risks in leaving technology unregulated, there is a need for the law to fill in the growing gaps. Essentially, the only way to effectively regulate technology is not by crafting blanket policies which cannot subsume unprecedented inventions, but by constantly interacting with technology and identifying in real time, the legal implications of new inventions. Here, some of the gaps between law and technology are identified as well as the overall need to effectively regulate smart technology in particular.
Every day, technology builds the future out of our world, one fascinating invention at a time. Traditionally, because of the rapidity of technological advancement, legislating on technology has always been tricky business. Every legal system in the world has at one point or the other struggled with finding the right answer to a question which its laws preceding the age of the internet could not anticipate. Ordinarily falling behind most of the modern world in law reform, Nigeria finds itself with the need to play catch up with global policies on technology, particularly smart technology. This is not just because national development in any case is hinged on the growth of a country’s legal system but also because of the subsuming nature of the internet ecosystem which allows technology produced anywhere to often be accessible around the world.
The legal implications of importing smart technology into a regulatory vacuum are incalculable. We have no prescribed framework for answering the inevitable legal questions in previously uncharted territory. Every day infringements and violations of privacy on social media go unanswered. Software theft is costing programmers a fortune and apps that obtain access to specific functions in our mobile phones have become more popular (an example for this is the phone app ‘True Caller’ which automatically uploads the names and numbers in the phone books of its users, third parties from whom consent is not obtained). Before long, we’ll have to face the more terrifying implications of the international commercialization of Artificial Intelligence Robots and other things like 3D gun printing. While accepting that this difficulty is not peculiar to Nigeria but is merely a side effect of the revolutionary 21st century; it is also important to acknowledge that our current legislations are less suitable than most to tackle the inherent problems with smart technology.
With ground breaking innovations such as the Internet of Things (IoT), smart cars, smart homes and even smart cities -which in particular are becoming quite popular in Asia- foreign jurisdictions have put a lot of effort into reforming laws to reflect the advancements in technology. Driverless cars have been approved for road operation in four states of the US and the District of Columbia. One of the largest transportation companies in the world, Uber has recently announced plans to partner with Mercedes and include driverless cars in their fleet. As the arrival of driverless cars on the consumer market will revolutionize road transportation, we will in the near future be forced to determine questions of law arising from the extent of liability that will be attached to the owners of these cars in cases of tort and criminal law.
One might suggest prohibitive legislation but that would, in essence, mean doing nothing. We’d be cut out of the future if we choose not to align ourselves with technology. The World Wide Web constantly blurs the lines between cultures and continents, the world is slowly transferring its base of operations to the internet and whether or not we choose to regulate, smart technology is already part of the human experience and every day these new technologies flood the Nigerian market.
The operation of drones for example, for a variety of purposes ranging from videography to security and even as a recreational activity is quickly becoming popular among the more tech savvy Nigerians. With high tech specifications, modern drones (which can easily be purchased, even off the internet) have the ability to hover over specified locations to record, transmit and store both audio and visual data. Even though the Guidelines on Data Protection 2013 (one of the policies made by the National Information Technology Development Agency (NITDA)) contains extensive provisions on the collection and use of personal data; were we to attempt an application of these guidelines to drone technology, we would immediately fall into the lacuna created by the absence of drone registration regulation. Without legislation that adequately covers the identification and registration of drones, there is no way of holding their owners financially and ethically responsible whenever injuries, violation of privacy or even property damage occurs. Such legal dilemmas will multiply with ever increasing frequency as smart technologies fan out into an ever expanding range of objects.
Ethical issues arising from Virtual Reality have also recently become trending topics in the global discourse on law and technology. There are concerns regarding the limitations of human fantasies in simulations using VR headsets such as The Oculus Rift, Jaunt, HTC Vive, One Plus, Sony PlayStation VR etc. most of which are near release or currently available in the Nigerian tech market. More recently, ‘The Nether’ a play showing in select theatres across the United States depicts the main character using advanced virtual reality software to create an environment where adults are able to molest and kill young children. While this gruesome simulation has not yet been developed in real life, we currently have the technology to create it and if left unregulated, the threat of its commercialization is imminent. Should limits be placed on certain VR simulations if the majority deems them immoral, illegal, or heinous? As technology shapes the future, we are called to determine how to apply our laws to even the most remote of situations.
In a way, it is not surprising that the prospect of smart technology regulation has been met with radio silence from the normally voluble world of legal scholarship. The traditional methods of regulation – i.e. crafting blanket policies to cover all possible scenarios- have proven insufficient to manage the risks associated with smart technology. Cutting into this sloppy curve is the Neolithic condition of our IT laws and the legislative laxity that characterizes our legal system.
In 2007, the National Information Technology Development Agency Act was passed, establishing the Agency. The agency is charged with among other things, the building up of a regulatory framework for Information Technology and related matters in Nigeria. Following, the National ICT policy of 2012 was made and also a number of regulations including the Guidelines on Data Protection of 2013. These regulations, along with older legislation on Telecommunications and Intellectual Property -such as the Nigerian Communications Commission Act Cap N97 LFN 2004, the Copyright Act Cap C28 LFN 2004, the Trademarks Act Cap T13 LFN 2004 and the Patents and Designs Act Cap P2 LFN 2004- make up most of our local laws on Information Technology. None of these laws have been through enough reform to incorporate the special needs of smart technology and even though some of their provisions can be applied to the internet on the most basic of levels, the whole still goes widely unregulated.
Apart from dealing with the lack of applicable laws, there is also the hazard of applying vintage laws to current situations where some remote applicability can be construed. The Internet offers room for fair use of copyrighted material and this flexibility has given much more visibility to film makers and writers who often use Social Media as a medium of expression than exclusive copyrighting of literary work (as under the Copyright Act) could have provided.
The pressing need for law reform has recently delved into the world of criminal law. Following the 2015 San Bernardino attacks in California, USA, a federal magistrate judge at the request of the FBI ordered Apple to create a new software to bypass the security protocols and unlock an iPhone 5c recovered after the terrorist attack which left fourteen people dead. The order called ‘In the Matter of the Search of an Apple iPhone Seized During the Execution of a Search Warrant on a Black Lexus IS300, California License Plate 35KGD203’ was issued on Feb. 19, 2016 under the All Writs Act of 1789
Apple declined this order stating that it would set a dangerous precedent and jeopardise the privacy of millions of its users around the World and their insistence on protecting their civil liability on user privacy in a criminal case was heavily criticised. The FBI managed to unlock the phone with the aid of an undisclosed third party and the order was withdrawn but by that time, a new gap between law and technology had been exposed, one that is still the subject of ongoing deliberation across the world.
The need for a viable solution to bridge the growing gap between innovation and regulation cannot be ignored. The recommendations below are however not intended to provide a complete blueprint on smart technology regulatory regimes but rather to start a conversation on how best to manage the vacuity created by rapidly emerging smart technology.
Suggested therefore is the creation of a Department on Privacy, Technology and the Law within NITDA. Its primary role would be to turn government’s attention to the legal questions created by new technologies and the unique legal responses that these technologies will require. This Department will be tasked with carefully analysing the legal implications of technological innovations and will have to carry out this task in a timely fashion so that at every point, extant law will reflect the realities of the Internet Ecosystem. Ideally, the department would partner with recognized IT institutions and smart technology experts at both the national and international levels -perhaps through PPPs. The reports and findings of this department will form the bedrock for policy making and will be sufficient material to adequately aid NITDA in regulating technology development.
As stated above, the option outlined is not a complete blueprint but rather an attempt to start a conversation on regulation. Regardless, it is important that we all turn our minds to this matter, private individuals and governments alike. We are entering an era where we will rely upon technology to perform an ever-increasing variety of tasks and the sooner regulation catches up with innovation, the safer we all would be.