Schafer, Burkhard

Michelon, Claudio

Danidou, Ioanna

2017-06-22T14:18:31Z

2017-06-22T14:18:31Z

2017-07-06

This thesis aims to address several issues emerging in the new digital world. Using Trusted Computing as the paradigmatic example of regulation though code that tries to address the cyber security problem that occurs, where the freedom of the user to reconfigure her machine is restricted in exchange for greater, yet not perfect, security. Trusted Computing is a technology that while it aims to protect the user, and the integrity of her machine and her privacy against third party users, it discloses more of her information to trusted third parties, exposing her to security risks in case of compromising occurring to that third party. It also intends to create a decentralized, bottom up solution to security where security follows along the arcs of an emergent “network of trust”, and if that was viable, to achieve a form of code based regulation. Through the analysis attempted in this thesis, we laid the groundwork for a refined assessment, considering the problems that Trusted Computing Initiative (TCI) faces and that are based in the intentional, systematic but sometimes misunderstood and miscommunicated difference (which as we reveal results directly in certain design choices for TC) between the conception of trust in informatics (“techno-trust”) and the common sociological concept of it. To reap the benefits of TCI and create the dynamic “network of trust”, we need the sociological concept of trust sharing the fundamental characteristics of transitivity and holism which are absent from techno-trust. This gives rise to our next visited problems which are: if TC shifts the power from the customer to the TC provider, who takes on roles previously reserved for the nation state, then how in a democratic state can users trust those that make the rules? The answer lies partly in constitutional and human rights law and we drill into those functions of TC that makes the TCI provider comparable to state-like and ask what minimal legal guarantees need to be in place to accept, trustingly, this shift of power. Secondly, traditional liberal contract law reduces complex social relations to binary exchange relations, which are not transitive and disrupt rather than create networks. Contract law, as we argue, plays a central role for the way in which the TC provider interacts with his customers and this thesis contributes in speculating of a contract law that does not result in atomism, rather “brings in” potentially affected third parties and results in holistic networks. In the same vein, this thesis looks mainly at specific ways in which law can correct or redefine the implicit and democratically not validated shift of power from customer to TC providers while enhancing the social environment and its social trust within which TC must operate.

http://hdl.handle.net/1842/22077

en

The University of Edinburgh

Danidou, Yianna (2007). Legal Implications of Trusted Computing. Paper presented at the Proceedings of the 22nd British and Irish Law, Education and Technology Association (BILETA), Hertfordshire, UK.

Danidou, Yianna, & Schafer, Burkhard. (2009). In Law We Trust? Trusted Computing and Legal Responsibility for Internet Security. In D. Gritzalis & J. Lopez (Eds.), Emerging Challenges for Security, Privacy and Trust (Vol. 297, pp. 399-409): Springer Boston.

Danidou, Yianna, & Schafer, Burkhard. (2011). "Trust me, I'm a computer" – Trusted Computing and the law between liability and responsibility. Information & Communications Technology Law, 20(3), pp. 185-199. doi: 10.1080/13600834.2011.603962

Danidou, Yianna, & Schafer, Burkhard. (2011). Legal Environments for Digital Trust: Trustmark, Trusted Computing and the Issue of Legal Liability. Paper presented at the LSPI, Nicosia, September 19 – 22, Nicosia.

Danidou, Yianna, & Schafer, Burkhard. (2011). Trusted Computing and the Digital Crime Scene. Digital Evidence & Elec. Signature L. Rev., 8 pp. 111 - 123.

Danidou, Yianna, & Schafer, Burkhard. (2011). Legal environments for Digital trust: Trustmark, Trusted Computing and the issue of Legal liability. Journal of Milton campos School of law, 23, pp. 197-220.

Danidou, Yianna, & Schafer, Burkhard. (2012). Legal Environments for Digital Trust: Trustmarks, Trusted Computing and the Issue of Legal Liability. Journal of International Commercial Law and Technology, 7(3).

Trusted Computing

trust networks

reliance liability

digital evidence

digital crime scene

cybercrime

Trusted computing or trust in computing? Legislating for trust networks

Thesis or Dissertation

Doctoral

PhD Doctor of Philosophy