All individuals and corporations that use and produce personal data are nodes in communication networks. These tend to form communities in practice. Zhang (2014) established that such community networks have the characteristics of complex adaptive systems (hereinafter CANSs for Complex Adaptive Networked Systems). Laws that address the behavior of individuals in such communities cannot but concurrrently influence the behaviors of the communities-as-a-whole (or CANSs) that these individuals participate in.
Many community networks form naturally and behave naturally, autonomously as it were. As a matter of fact, CANS behaviors show surprising similarities all over the spectrum, from the meteorological weather to the political climate (see for instance Zhang and Schmidt (2015)). Important forms of such behaviors are identified as critical transitions. The occurrence of a hurricane may just like a revolutionary demonstration mark a critical transition in a CANS’s behavior. Like the hurricane Katrina does have a name but cannot be punished or be held legally responsible for the havoc it caused can a Tahrir Square demonstration be named, yet not be held legally responsible for the political results it sparked.
Our first working hypothesis is then this: only individuals can be addressed when regulating CANSs. CANSs may have names, but they do not have legal identity or autonomy – the network cannot be held responsible for its apparent aggregate behavior, only the individuals that contribute to the emergent behavior can. [In this working hypothesis we opt for taking Coase’s main proposition seriously, namely that individuals and grouped individuals (in firms) are different in meaningful ways for both law and economics. Economists have been proposing that both individuals and firms choose rationally and thus need not be distinguished (a suggestion that Coase did demolish – perhaps more convincing in theory than effective in practice, as current mainstream economics seems to demonstrate). On the other hand, legislators have been ordaining that legal persons are responsible and liable, just like individuals – which always seems, in practical legal dispute, to result in arguments with and about individual representatives.]
Our second working hypothesis follows. It is almost a platitude. From a legal perspective, CANS behaviors are emergent. The law matters, but the law cannot address such behaviors directly, as the law only addresses responsible individuals. [Legal scholars that project legal fictions onto reality may complain that the law also addresses legal persons (corporations and the like). They would be right, of course. Still, our focus is on the individual, initially at least. It may well turn out to be helpful that understanding corporations and the other legal persons that we know to qualify as a special kind of CANSs – CANSs that we have legally designed and legally defined ourselves.]
From there, our third working hypothesis follows equally easily: for regulating the behavior of CANSs effectively, legal scholarship needs to be informed about complexity, about the best theories on CANS behavior, theories that claim to help understand in general how individual behaviors contribute to critical transitions in the behavior of CANSs (or may prevent them from occurring). We think that the current financial system is a point in case. Despite all efforts of Basel regulations and Supervisory Authorities, the existing networks wherein individual traders (and traders’ moralities — see Stiglitz (2012)) are trapped do prevent the changes that are quite generally considered necessary.
This suggests our fourth working hypothesis. The complex networked system of personal-data users is difficult to regulate effecively. Both in the EU and in China will individuals sell their souls to Google, Facebook and app providers (or to their Chinese functional siblings), in order to get access to their services. Personal-data users form a CANS that proves difficult to regulate. The networks of individual traders form a CANS (the Financial system) that proves difficult to regulate too. Our fourth working hypothesis is shamelessly inductive: all CANSs are difficult to regulate.
Our current work investigates whether these working hypotheses are useful, and whether CANS-theory can be useful to legal regulators that aim for the behaviors of CANSs.
Stiglitz, J. (2012). The price of inequality. Penguin UK.
Zhang, K. (2014). Can Chinese Legislation on In- formational Privacy Benefit from European Ex- perience?, Volume 2014-1 of dotLegal Publishing Dissertation Series. dotLegal Publishing.
Zhang, K. and A. H. Schmidt (2015). Thinking of data protection law’s subject matter as a complex adaptive system: A heuristic display. Computer Law & Security Review XXX, 1–20.