Tobias MahlerUniversity of Oslo · Faculty of Law
Tobias Mahler
PhD
About
47
Publications
11,329
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
371
Citations
Publications
Publications (47)
This chapter discusses whether on-going EU policymaking on AI is relevant for Artificial General Intelligence (AGI) and what it would mean to potentially regulate it in the future. AGI is typically contrasted with narrow Artificial Intelligence (AI), which excels only within a specific given context. Although many researchers are working on AGI, th...
This paper addresses the interplay between robots, cybersecurity, and safety from a European legal perspective, a topic under-explored by current technical and legal literature. The legal framework, together with technical standards, is a necessary parameter for the production and deployment of robots. However, European law does not regulate robots...
The European Union is currently discussing a reform of its intermediary liability rules with its recently proposedDigital Services Act. The existing rules in the e-Commerce Directive (Directive 2000/31/EC) offer a safe harbourfrom liability for certain intermediary functions that are central to the functioning of the internet. A safe harbour for in...
This study offers a legal analysis of the “intermediary service providers of non-hosting nature”. It analyses the technological and legal evolution around non-hosting intermediary services and the way the existing legal framework for such services could be upgraded in the forthcoming Digital Services Act. The liability privilege is one of the most...
This paper explores ethical and legal implications arising from the intertwinement of cloud services, healthcare, and robotics in recent developments towards increasing reliance on cloud-based services for healthcare robots. It closes an existing gap in the literature by highlighting the distinctive ethical and legal concerns associated with the in...
The following article evaluates two models for providing purchasers of online digital content, including cloud computing services, with visual notice of contract terms and data collection practises. Visualisation of contract terms and privacy policies has the potential to provide cloud consumers with an improved means of understanding the contract...
This paper presents an integrated method for risk and compliance assessment and its evaluation in a case study. The sophistication with which modern business is carried out and the unprecedented access to a global market means that businesses are exposed to diverse regulatory requirements in and across jurisdictions. Compliance with such requiremen...
This article presents a structured and systematic approach for identifying and modelling compliance risks. The sophistication with which modern business is carried out and the unprecedented access to a global market means that businesses are exposed to increasing and diverse regulatory requirements in and across jurisdictions. Compliance with such...
Many new generic top-level domains (gTLDs) are currently being added to the internet’s domain name system. It is, therefore,
important to ask how we should conceptualize the legal aspects of this expansion. This article focuses on the legal position
acquired by a successful applicant for a new gTLD. It examines several possible concepts and propose...
Current implementations of electronic identity in Europe are rather diverse; they include state-driven identity management frameworks as well as private sector frameworks and different forms of public-private collaborations. This diversity may represent a major challenge for the deployment of information society services addressed towards the Europ...
Data protection legislation was originally defined for a context where personal information is mostly stored on centralized servers with limited con- nectivity or openness to 3rd party access. Currently, servers are connected to the Internet, where large amounts of personal information are continuously being ex- changed as part of application trans...
Data protection legislation was originally defined for a context where personal information is mostly stored on centralized servers with limited connectivity and openness to 3rd party access. Currently, servers are connected to the Internet, where a large amount of personal information is continuously being exchanged as part of application transact...
Two or more parties typically establish a business relationship using a contract, but a large gap still exists between the provisions of contracts produced by lawyers and the details of computer security and performance addressed by technologists. Some contractual clauses address legal issues that technology can manage as well - the TrustCoM framew...
We present a conceptual framework for trust management in which we clarify the notion of trust and highlight a number of strongly related notions. We consider trust relations between any two of a various set of actors, in- cluding organizations, computer systems, human individuals and machines. Trust management is relevant in contexts in which trus...
Today, we are expected to remember a different user name and password for almost every organisation or domain we want to access on the Internet. Identity management seeks to solve this problem by making digital identities transferable across organisational boundaries. The basic idea is that the participating organisations will set up a collaboratio...
Today, we are expected to remember a different user name and password for almost every organisation or domain we want to access on the Internet. Identity management seeks to solve this problem by making digital identities transferable across organisational boundaries. The basic idea is that the participating organisations will set up a collaboratio...
This paper discusses the state of the art of contractual risk management, i.e. the use of risk management in the context of contract drafting. The paper reviews and evaluates a number of existing approaches to contractual risk management and legal risk management.
The interdisciplinary nature of security risks requires an integrated analysis, where legal aspects play an important role. We propose a method for legal risk management which can be utilized to identify, evaluate and treat legal and security risks. This method is based on existing security risk analysis methods, and makes use of graphical modellin...
What is legal risk? This category of risk is often mentioned in the context of enterprise risk management and financial risk management. Legal risk also is a central concept in legal risk management. However, the definitions given for legal risk differ widely, and no generally accepted notion of legal risk seems to exist. The objectives of this pap...
Reputation systems can be used to provide relevant information about others when we interact with persons we do not know. However, reputation systems are challenged by concerns about privacy and data quality. This paper assesses how data protection law affects the design and the operation of reputation systems.
This chapter gives an introduction to the CORAS approach for model-based security risk analysis. It presents a guided walkthrough of the CORAS risk analysis process based on examples from risk analysis of security, trust and legal issues in a collaborative engineering virtual organisation. CORAS makes use of structured brainstorming to identify ris...
This chapter gives an introduction to the CORAS approach for model-based security risk analysis. It presents a guided walkthrough of the CORAS risk analysis process based on examples from risk analysis of security, trust and legal issues in a collaborative engineering virtual organisation. CORAS makes use of structured brainstorming to identify ris...
The increasing demand for business collaborations over the internet (eBusiness) requires prospective partners to set up their cooperation in a timely fashion, without loosing time with negotiating complicated legal contracts. On the other hand, if problems arise, collaborators will want to fall back on a contractual framework that adequately addres...
Establishing and operating a virtual organization implies a number of challenges from many different perspectives, including
socio-economic, organizational, legal and computational issues. This paper focuses on the legal aspects with a particular
view on legal risks with respect to intellectual property rights. A risk analysis with respect to legal...
The purpose of this paper is to analyse the legal and other barriers to the formation and development of clusters of small and medium-sized enterprises (“SMEs”) using practical case studies from across the European Union to draw out common issues at various stages of the cluster development.
The paper makes two main contributions: (1) It presents experiences from using the CORAS language for security threat modelling
to specify legal risk scenarios. These experiences are summarised in the form of requirements to a more expressive language
providing specific support for the legal domain. (2) Its second main contribution is to present id...
The Trustcom project is developing a framework for trust, security and contract management in dynamic virtual organizations (VO). The core contribution of the Trustcom framework is its ability to define a contractual agreement between VO members at a business level and have it specified, monitored and updated at a technical, operational level withi...
The paper makes two main contributions: (1) It presents experiences from using the CORAS language for security threat modelling to specify legal risk scenarios. These experiences are summarised in the form of requirements to a more expressive language providing specific support for the legal domain. (2) Its second main contribution is to present id...
The Trustcom project is developing a framework for trust, security and contract management in dynamic virtual organizations (VO). The core contribution of the Trustcom framework is its ability to define a contractual agreement between VO members at a business level and have it specified, monitored and updated at a technical, operational level withi...
Report to the European Commission DG INFSO & Media, produed by the FP6 TrustCom project
Report to the European Commission DG INFSO & Media, resulting from the FP6 TrustCom project
Report to the European Commission DG INFSO & Media, supported by the FP6 TrustCom project
Report to the European Commission DG INFSO & Media, supported by the FP6 TrustCom project
Report to the European Commission DG INFSO & Media, resulting from the FP6 TrustCom project
Report to the European Commission DG INFSO & Media, resulting from the FP6 TrustCom project
Report to the European Commission DG INFSO & Media, resulting from the FP6 TrustCom project