Belén Arribas is a TMT and Commercial Lawyer. As an Independent Legal Counsel and consultant, she has an extensive track record in Digital, Corporate, Commercial and Data Privacy Law, IP and Compliance, including cutting-edge sectors like Blockchain, Artificial Intelligence, Internet of Things, Big Data, Cybersecurity, inter alia.
She is President of the International Federation of Computer Associations (IFCLA), founded in December 1986 to promote international collaboration and exchange of information in computer law, and Vice President of ENATIC, the Digital Law Association for Digital Transformation. Belén Arribas was a board member of the Barcelona Bar Association’s Digital Transformation Board, and the first-ever Spanish female lawyer to be appointed to the Board of Directors of the International Technology Law Association (ITechLaw).
In 2020, Belén was recognized by ‘Best Lawyers’ as one of the most influential leaders in Information Technology and Privacy & Data Protection.
You are an avid advocate for digital transformation in law. Why is it crucial to sculpt a more digital law system?
I would rather say that it is important to build robust digital law systems. We do have digital regulations almost worldwide. It is a myth that there is no law governing the Internet; even in the case of Metaverse, terms and conditions apply. Either the Panama, California or Hong Kong laws are set as governing laws, and different courts and tribunals are set for dispute resolution. The matter is how fit these local laws and jurisdictions are to this new context where every interaction is transnational, globalized and omnimodal.
How should digital transformation in law be addressed, then?
Within the private and the public sectors, there are different speeds in digital transformation, and significant differences depending on geography, geopolitics and the tradition of the rule of law (or the lack of it). The legal profession, the judiciary and the legal ecosystem as a whole must cope with and tackle social and economic transformations such as disruption.
Which role plays data privacy in this digital leap?
A very crucial one, indeed. The General Data Protection Regulation (GDPR) is the first-ever regulation with an effect beyond the European Union boundaries; it is aimed to apply to companies worldwide offering their services to citizens based in the EU. Some scholars pointed out that GDPR will not suffice in the long run to tackle the issues that the metaverse shall pose. They propose to first enact a General Directive on Data Privacy with overarching principles, and then specific technology-related privacy laws.
What could be at stake if data privacy is not ensured in the new law system?
Confidentiality and privacy of users will be at risk, especially if we are going forward with these immersive environments where not only personal but all kinds of data related to our interactions with the virtual will be shared. Informed consent as up until now will not be enough, and specific consent to share and to give away all kinds of data will be essential.
Could you name a good example of digital legal practice?
Law firms are increasingly becoming more digitally transformed. It is not a matter of size or sophistication but of mindset and vision. Tools used by law firms include document automation, e-signature, AI tools, cloud storage, client-firm collaboration tools, and legal research platforms. Digital transformation will allow for increased efficiencies, greater communication, automation of repetitive tasks, increased security of data, accessibility for all staff and overall cost savings to the law firm. What is missing now is a digitally-transformed administration of justice.
We are witnessing a scenario in which emerging technologies are driving potential implications in the way digital society is evolving. Living online may take new forms impacting the way we work, learn, and interact, and being connected may lead to more common hybrid experiences on a daily basis. How is technology transforming the way we interact specifically with the legal system?
From blockchain and smart contracts to the metaverse, disruptive technologies are challenging the legal system. Remember the quote by law professor and academic Lawrence Lessig, ‘Code is law’. Nowadays, and in order to counterbalance this trend, a movement of certain practitioners is calling for an increased or reinforced rule of law in our societies. Another trend coming from the need to regulate the metaverse is the so-called ‘binary legislation’ –a future legislation meant to regulate both virtual and natural realities, their interaction and the consequences of it for each context.
Our children will live (or are already living) in all the immersive digital environments that are being envisioned and discussed this week at the Mobile World Congress, and will become intensive users of today’s Internet. Why is it fundamental to create a safe digital society for children and to ensure their digital rights?
As any other vulnerable group, children should be given special protection and safeguards. Newly enacted digital rights are key. There are several proposals coming from the EU, the Spanish government and other international instances. Adherence to and awareness of such principles are crucial. Stakeholders must comply with them and the public must know and exercise them. Privacy, again, shall be a must.
How should privacy issues, digital identity conflicts or harassment be prevented?
There is consensus that we must shift from the paradigm of anonymity to one of identification in the use of Internet 3.0. Projects in the public sphere such as the European Blockchain Services Infrastructure (EBSI) and many others coming from private initiatives are currently underway. The future use of the so-called identity wallets shall allow citizens to identify themselves properly but only to the necessary extent, that is, only sharing the data they need to in a given context. Blockchain and other DLT techs are instrumental to that.
Lately, there has been a wide-open debate about the darkest side of technology. How can we ensure a more reliable tech, and what role do you think public and private actors can play to raise trust in ICT, especially for our kids?
Public powers are currently entrusted with the enactment of laws and regulations that arrive much later than the socioeconomic reality that they intend to regulate. In the last decade we have been witnessing an increased participation of private players in the law-making process, starting from self regulation to codes of practice and including direct participation of industry players in the sandbox systems, for instance. Administrations need to learn from the industry, and the industry needs to adhere to certain rules and principles, ethics included. In the protection of minors, this is especially relevant as they, as digital natives, trust technology in a very natural, non-critical way. Therefore, we advocate for a ‘new deal’ like the passing of the Charter of Digital Rights, which by the way the Spanish government is proposing and to which we hope there will be as many adhesions as possible.