Completed Projects:

Group-based communication services such as Telegram, WhatsApp and Facebook groups increasingly sit between private messaging and public platforms. In a new study in response to a request of the Dutch Authority for Consumers and Markets (ACM), the ILP Lab examines under what conditions these hybrid, group-based hosting services qualify as “online platforms” under the Digital… Read more

Ransomware is a form of cybercrime in which data are encrypted or copied and a ransom is demanded in exchange for restoring access or preventing publication. In the Netherlands, Project Melissa brings together the Public Prosecution Service, the police cybercrime team, the National Cyber Security Centre (NCSC), Cyberveilig Nederland and private cybersecurity firms. Within this… Read more

This policy paper analyses the practical functioning of Article 3 of the CDSM Directive, which grants research organisations (ROs) and cultural heritage institutions (CHIs) a mandatory exception permitting text-and-data mining (TDM) for scientific research. Using doctrinal analysis and qualitative interviews with ROs, CHIs, publishers, and experts, the study evaluates how the exception operates in practice… Read more

This policy brief examines the practice of e-lending with a focus on public libraries. Currently, public libraries face legal uncertainty regarding the legality of lending e-books due to copyright issues and the implementation of the public lending right. This policy brief aims to further provide recommendations on how to improve legal certainty on public e-lending at EU level.

Algorithms have a lot of impact on our lives. But we often know little about they way they work. The Dutch Ministry of Justice and Security engaged the ILP Lab to perform a study on transparency with regard to automated decision making. Student researchers used a case study on dating apps to review to what… Read more

The ILP Lab is partnering with the DSA observatory and the data rights agency AWO to investigate the proposed requirement for online intermediaries to distinguish ‘harmful’ and ‘illegal’ content on their services. In the proposal for a Digital Services Act (COM/2020/825 final), the European Commission amongst other things urges providers of intermediary services to take… Read more

End-to-end encryption is applied in various communication services. It provides secure communications and affords its users privacy. However, encryption also makes it difficult for law enforcement to detect and investigate the distribution of images of child sexual abuse via these services. Recently, various policymakers, including the Dutch government, have proposed to restrict encryption in chat… Read more

The ILP Lab, together with EDRI, is  critically revisiting the question of data retention. Are the ongoing aspirations to reintroduce a data retention obligation in the EU remain in violation of EU law as long as the strict necessity of data retention is unproved and no genuinely targeted retention obligation is considered ? In light… Read more

In collaboration with the Dutch Consumer Organisation the ILP lab is conducting research into the processing of children’s personal data on social media platforms. According to the GDPR, platforms must offer ‘specific protection’ to children with regard to the processing of their personal data (recital 38 GDPR). The question is whether this is really actually done. Another… Read more

Whilst the importance of preserving websites and web content is recognized already for long time by organizations like UNESCO (2003 Charter on the Preservation of Digital Heritage) and the EU (EC Recommendation 2011/711/EU), not all EU Member States have legislation in place that allows national heritage institutions to harvest and archive the web. The ILP… Read more