Search and Surveillance Review

The Search and Surveillance Act 2012 controls how government agencies, including the Police, search people or property and how they use various surveillance technology and devices. Even though the legislation is relatively new, given the rapid developments in technology and the difficult balancing act between Police powers and human rights the Law Commission has conducted a review and sought submissions”><a href=”″></a&gt;


NZ Law Awards 2017

At the Zone Law table – finalists for IP Specialist Firm of the Year

Lawyers Replaced by Computers? Not quite yet…

I enjoyed participating in the debate yesterday at LawFest 2017

Graham Kohler QC and I argued against the entirely misconceived proposition: “That legal perfection will be achieved when lawyers are replaced with computers”.

For my part, I relied on Elon Musk’s warning that “artificial intelligence is our biggest existential threat” and suggested that the pursuit of justice requires a careful balance between moral and ethical values and interests and that it cannot be reduced to simple binary choices. Instead, I contended that the law represents and embodies well-established social norms and values and mediates between science and society.

I concluded by saying that the bottom line is pretty stark: if we replace lawyers we replace humanity itself!

These are important issues which we are going to have to grapple with sooner rather than later.

Hyperlinks May Infringe Copyright

The Court of Justice of the European Union has cast doubt on the relatively orthodox view that a hyperlink on a website that links to copyrighted material does not constitute an infringement of copyright.

In GS Media BV  v  Sanoma  Media Netherlands BV, Playboy  Enterprises  International  Inc., Britt  Geertruida  Dekker the ECJ held as follows:

“…. where  it  is  established  that  such  a  person  knew  or  ought  to  have  known  that  the hyperlink  he  posted  provides  access  to  a  work  illegally  published,  for  example  owing  to  the  fact that  he  was  notified  thereof  by  the  copyright  holders,  the  provision  of  that  link  constitutes  a ‘communication  to  the  public’.  The  same  applies  if  that  link  allows  users  to  circumvent  the restrictive  measures  taken  by  the  site  where  the  protected  work  is  posted  in  order  to  restrict  the public’s  access  to its  own subscribers. “

Arguably, this is an example of a court recognizing that in the online world copyright can be undermined directly and indirectly and that those parties who knowingly and for commercial gain procure or facilitate infringement by others should be held to account.

A copy of the Court’s recent press release is available at:

Bench and Bar Dinner

At the New Zealand Bar Association’s Bench and Bar dinner in Auckland on 9 June with Fiona McLeod SC (President of the Australian Law Council) Kathryn Beck (President of the New Zealand Law Society) and Patrick O’Sullivan (President of the Australian Bar Association).


New Zealand Law Society · Cyber Law Conference – April 2016 – Clive Elliott QC

The “Internet of Things” represents a real paradigm shift:

The internet of things is here. Few revolutionary technologies have created new value pools, displaced incumbents, changed lives, liquefied industries, andmade a trillion dollar economic impact. That is, until the internet of things (IoT) sprang to life.1

Technology research company Gartner predicts, that by 2020 there will be 26 billion smart interconnected devices in the world. Each object and individual will have a unique identifier. This enables data to be transmitted automatically over a network but without necessarily requiring any human to human or human to computer involvement.

The World Intellectual Property Organisation (WIPO) points out2 that the area of wearable technology includes new innovative areas such as wearable computers or devices; augmented reality (AR); and virtual reality (VR), all of which is manifested in a new trend known as the ‘quantified self’; described by Deloitte as a ‘mass niche’ sector that generated approximately $3 billion in 2014 alone. Accordingly, it is no longer a technical curiosity, but big business.

In its draft Data Protection Regulation, the EU commission has proposed a number of measures to address this phenomenon including a much greater emphasis on privacy, ensuring that privacy by default exists by providing for minimal accessibility of personal data; stressing the need for consent when personal information is involved, providing more comprehensive guidelines on data collection for profiling purposes; ensuring tighter enforcement and providing significant monetary sanctions for breach. All of these are important topics in their own right.

Significant issues remain to be resolved. These include multijurisdictional issues and conflicts between public and private interests. The US Internet Society has produced a discussion document to facilitate informed debate amongst stakeholders. The paper describes the principle issue as follows:

One set of issues surrounds crossborder data flows, which occur when IoT devices collect data about people in one jurisdiction and transmit it to another jurisdiction with different data protection laws for processing. Further, data collected by IoT devices is sometimes susceptible to misuse, potentially causing discriminatory outcomes for some users. Other legal issues with IoT devices include the conflict between law enforcement surveillance and civil rights; data retention and destruction policies; and legal liability for unintended uses, security breaches or privacy lapses.3

Importantly, regardless of the purpose or source of the particular device, one thing in common is that most include some form of cloud service and all have some form of mobile application to access or control the device remotely.

Hewlett-Packard has commented on the rather troubling statistic that 70% of relevant devices contain vulnerabilities involving password security, permissions and encryption. To date, a number of situations have arisen where Internet connected devices have been used for improper purposes; whether in cars, medical devices or children’s toys or TVs.

In February 2015 the U.S.-based privacy group, the Electronic Privacy Information Center (EPIC), asked the Federal Trade Commission to investigate Samsung’s practice of collecting and using customers’ private communications.4 This occurred when interactive voice commands using voice to text recognition software were retained and transmitted by Samsung. EPIC contended that the practice breached the US Electronic Communications Privacy Act, which prohibits the “interception and disclosure of wire, oral, or electronic communications.”

This complaint illustrates the rather graphic disconnect between increasingly smart devices and consumers who are not aware of the capabilities of the technology and are not sufficiently tech savvy to adequately protect their own interests.

Those who are more technically minded will know that one way to defend against IoT attacks is to adequately segment networks. However, this requires the creation of a number of different networks; in other words, having separate networks for IoT devices, personal computers and mobile devices and work-related workstations and servers. Other relatively straightforward precautions include changing the connected device password immediately upon purchase and then regularly changing the password. However, while most users know that it makes sense to change passwords regularly not everyone is fastidious in doing so.

This is just a quick snapshot of some of the issues that we are going to have to grapple with in our session today. We propose to investigate what the IoT means, how it works in day-to-day life (both today and in the foreseeable future) and how in the future it is likely to impact on society and our wider social and legal norms.


1       Sri Solur GM Wearables and IoT HPE. The internet of things and wearables: Driving the next phase of personal computing: 487618cdd630. Referred to in the 2015 Hewlett-Packard Enterprise study “Internet of Things Research Study”

2       The Brave New World of Wearable Technology: What Implications for IP? Emma Poole, Executive Research Officer, WIPO, June 2014.

3       The Internet of Things (IoT): An Overview – Understanding the Issues and Challenges of a More Connected World, 15 October 2015











Instant Apps

Google plans to merge webpages and apps

With Instant Apps, Google Aims to Make the Web and Apps One