Dr. Lukas Feiler, SSCP
I am an attorney at the international law firm Baker & McKenzie, specializing in cyberlaw and intellectual property law.
I also hold a teaching position for "European and International Privacy Law" at the University of Vienna Law School and for "IT Compliance" at the University of Applied Sciences Wiener Neustadt.
In my free time and in my capacity as a
Stanford-Vienna Transatlantic Technology Law Forum (TTLF) Fellow and
Research Fellow at The Europe Center (TEC), at the Freeman Spogli Institute for International Studies at Stanford University, I continue to do
comparative legal research in the area of EU and U.S. cyberlaw & policy.
I received my law degree from the University of Vienna
in July 2008, a Systems Security Certified Practitioner (SSCP) certification
in March 2009 and my Ph.D. in law from the University of Vienna in May 2011.
Previously, I worked as an associate at Wolf Theiss Attorneys at Law and before that at the
European Center for E-Commerce and Internet Law, serving as Vice Director.
Additionally, I worked (remotely) as an application developer and system administrator for
Empowered Media, New York, NY and did some
technical as well as legal consulting for NEA, a software company based in Vienna.
I have also interned with the European Commission, DG Information Society & Media, Unit A.3: "Internet; Network and Information Security",
spent a semester at Santa Clara University studying U.S. information technology law,
worked as a software developer at Fiaxon Ltd, Leeds, UK and
taught TCP/IP networking and PHP & MySQL application development at the SAE Institute Vienna.
Somewhere in between I still find some time to continue the development of my
open source projects, most notably
PEAR XML_Query2XML which currently has more than 30,000 downloads.
Please feel free to contact me by writing to
2014-11-03: An article I wrote about the ECJ's decision in BestWater International v. Mebes (C-348/13) was published in the newspaper Die Presse
In this landmark case, the ECJ held that the dynamic embedding of content hosted on a third-party website does not constitute an interference with the third party's copyrights.
2014-10-31: Today, I gave a guest lecture on telecommunications law and net neutrality at the University of Vienna School of Law
This lecture was part of the general business law class. The presentation slides are now available online.
2014-10-29: My article on secure data disposal requirements was published in the law journal Medien und Recht
This article describes mandatory steps in the personal data disposal process and also discusses the lack of regulation for unstructured non-electronic data such as court files.
2014-10-28: An interview I gave about the effectiveness of government surveillance was printed in the newspaper Der Standard
In this interview, I in particular critized that the statistics published by the Austrian government do not distinguish between lawful interceptions provided by Internet access providers and those provided by web 2.0 companies.
2014-10-27: The presentation slides of the lecture on telecommunications law and net neutrality I gave today at the University of Vienna School of Law are now online
This lecture was part of the class Basics of Technology Law I.
2014-10-24: An interview I gave about the new e-book price regulation was published on Futurezone.at
I discuss in particular the legal uncertainties created by this new amendment of the Book Price Regulation Act.
2014-10-23: An interview I gave about about the data protection-implications of many Internet giants' attempts to enter in the payment processing and traditional banking business was published in the newspaper Die Presse
I argue that one of the key market differentiators will be data protection and data security.
2014-10-23: An interview I gave about data protection in the banking business was published in the newspaper Wirtschaftsblatt
Whether companies like Facebook or Twitter will establish themselves in the payment processing market will depend on how they address data protection concerns.
2014-10-17: An interview I gave about the effects of extending the Book Price Regulation Act to cover e-books was published in the magazine E-MEDIA
In this interview, I discuss in particular the legal uncertainties created by this new amendment.
2014-10-07: Today, an interview I gave about the court-ordered blocking of movie4k.to was published by Bloomberg BNA
In this interview, I gave an overview of the current legal situation regarding website blocking injunctions in Austria.
2014-10-06: Today, I gave a lecture on internal compliance investigations at Business Circle
The lecture focused on the data protection pitfalls of internal investigations.
2014-10-02: An interview I gave about employee data protection in the context of corporate takeovers was published in the newspaper Die Presse
Can employee data be transferred to the buyer before closing of the corporate transaction? What rights does the works council have? Is there a way to get around works council involvement?
2014-10-02: An interview I gave about corporate transactions and employee data protection was published in the newspaper Wirtschaftsblatt
In this interview, I discuss how employee data can be transferre to a (potential) buyer while maintaining full compliance with data protection law.
2014-09-29: An article I co-authored about the seizure of unfairly obtained profits was published in the newspaper Der Standard
In particular, our article discusses the first-ever attempt of the Austrian telecoms regulator to seize profits made by a telecoms operator by violating telecommunications law.
2014-09-26: An interview I gave the upcoming regulation of e-Book prices in Austria was published in the newspaper Die Presse
In this interview, I expressed my doubts that such a statutorily mandated cartel would withhold scrutiny under EU law.
2014-09-25: An interview I gave about the risks of regulating e-Book prices in Austria was published on futurezone.at
In this interview, I discussed the risks of a new e-Book price regulation.
2014-09-23: An interview I gave about digital copyright law and the re-use of photos posted on Twitter was published on futurezone.at
In this interview, I explain why posting a photo on Facebook that somebody else posted on Twitter constitutes copyright infringement.
2014-09-16: Today, I gave a lecture on IT Compliance and Data Protection at the Academy for Law, Taxes, and Business (ARS)
This lecture was part of the Academy for Compliance Management at ARS.
2014-08-19: An interview I gave about IMEI-based blocking of stolen mobile phones was published on derStandard.at
In this interview, I described why law enforcement would not need access to any IMEI register in order for an IMEI-based blocking to be implemented.
2014-08-05: An interview I gave about blocking of copyright-infringing websites was published in the newspaper Kurier
In this interview, I discuss the inherent uncertainties of blocking (potentially) coypright-infringing website.
2014-07-31: An interview I gave about the legality under anti-trust law of online distribution restrictions was published in the print edition of today's Die Presse
In this interview, I emphasize the negative impact of the current legal uncertainty in this area.
2014-07-31: An interview I gave about the legality of blocking access to the copyright-infringing website ThePirateBay was published on NEWS.at
I argue in this interview that only a statistical analysis of the content provided by ThePirateBay will allow a determination of whether a blocking is permissible
2014-07-30: Today, I gave an interview to futurezone.at about the question of whether the blocking of the website ThePirateBay is legally permissible
I argue in this interview that, ultimately, this is a question that needs to be decided by a court.
2014-07-25: An interview I gave to E-MEDIA about the limits of the private copying exception and private copying levies was published today
In this interview, I discussed how legal and technological developments have practically eliminated the private copying exception, thereby also eliminating the legal grounds for private copying levies.
2014-07-24: My article on manufacturer-imposed online distribution restrictions was published in the print edition of Wirtschaftsblatt
The article describes why it is largely impermissible under anti-trust law for manufacturers to impose online distribution restrictions on their dealers.
2014-07-10: An interview I gave to DataGuidance about the Austrian Constitutional Court's annulment of traffic data retention was published today in DataGuidance's Privacy This Week
In this interview, I discussed in particular the remaining billing-related traffic data retention obligations.
2014-07-07: An interview I gave to Bloomberg BNA (Bureau Of National Affairs) about the annullment of Austria's data retention laws was published today at BNA.com
In this interview, I discuss the effects of the Austrian Supreme Court's decision.
2014-06-30: Today, an interview I gave on the anullment of Austria's implementation of the Data Retention Directive was published by DerStandard.at
In this interview, I also discuss quick freeze as well as the limits of communications surveillance under the Criminal Procedure Act.
2014-06-15: This week's interview I gave to the newspaper Die Presse on copyright levies was also quoted in the newspaper Der Standard
The newspaper Der Standard focused on my conclusion that a copyright levy for hard discs is not really reasonable in the age of cloud computing.
2014-06-14: Today, I gave a guest lecture on EU Data Protection Law at the University of Vienna Law School
The lecture was part of the German-language LL.M. European and International Business Law at the University of Vienna Law School.
2014-06-12: An interview I gave on the pending ECJ case Copydan vs. Nokia (C-463/12) and the effects on copyright levies for hard disks in Austria was published in Die Presse and Wirtschaftsblatt
In this interview, I explained why copyright levies, as currently demanded by collection societies, would ultimately require to pay for private copies twice.
2014-05-15: An article I co-authored about copyright levies on computer hard discs and smartphone data storage media was published by the legal journal Österreichische Blätter für gewerblichen Rechtsschutz und Urheberrecht (ÖBl)
In this article, we present a detailed argument why a copyright levy on hard discs, as currently litigated in Austria, is not compatible with EU law.
2014-04-22: My article on the ECJ's decision that website blocking injunctions are permissible under EU law was published in the magazine c't
This article provides in-depth legal as well as technical analysis of the ECJ's ruling on the blocking of kino.to (C-314/12).
2014-04-14: An article I co-authored about the private copying levy for hard disks and why the ECJ's ACI Adam decision (C-435/12) overrules previous Austrian court cases was published in the print edition of Der Standard
This articles describes why the ECJ's ACI Adam decision is a real game changer in the debate about private copying levies.
2014-04-11: My interviews about the ECJ's ACI Adam decision (C-435/12) and its impact on private copying levies for hard disks was published in the print editions of Der Standard, Die Presse, Kurier, and Wirtschaftsblatt
In these interviews, I describe why the ECJ's decision has made private copying levies for hard disks obsolete.
2014-04-10: My interview about the ECJ's ACI Adam decision and its impact on private copying levies for hard disks was published on DiePresse.com
The ECJ's ruling in ACI Adam has, in effect, made private copying levies for hard disks obsolete.
2014-04-10: An interview I gave about the ECJ's decision in ACI Adam (C-435/12) and its impact on the legality of Internet downloads was published on futurezone.at
With this decision, the ECJ has finally put to rest the question whether the private copying exemption only applies if the source material is legal.
2014-04-10: Today, my interview about private copying levies for hard disks and the ECJ's decision in the case ACI Adam (C-435/12) was published on futurezone.at
This ECJ decision is a game changer for the ongoing debate on private copying levies for hard disks.
2014-04-10: At today's Security Forum 2014, I am giving a presentation on the data protection challenges of internal compliance investigations
The Security Forum 2014 is hosted by the Campus Hagenberg, University of Applied Sciences Upper Austria.
2014-04-10: I gave an interview about the economic impact of the invalidation of the EU Data Retention Directive; it was published in today's print edition of Die Presse
In this interview, I argue that the invalidation of the Data Retention Directive results in a clear economic location advantage for the EU.
2014-04-09: An interview I gave about the invalidation of the EU Data Retention Directive was published in today's print edition of Die Presse
In this interview, I discuss why it is unlikely that the EU legislator will pass another data retention directive.
2014-04-05: Yesterday, I gave a lecture on data protection law at the Vienna University of Technology
The presentation slides are now available.
2014-03-30: An article I co-authored on "Big Data under Austrian Data Protection Law" was published in the World Data Protection Report
This English-language article lays out the legal framework for Big Data in Austria.
2014-03-28: Today, I gave a lecture on Telecommunications Law and Net Neutrality at the Vienna University of Technology
In the course of this presentation, I discussed Net Neutrality as well as the ECJ's new ruling on website blocking injunctions.
2014-03-28: The interview I gave on the ECJ's website blocking injunction ruling was also published in the print editions of Die Presse and Wirtschaftsblatt
In this interview, I discuss the consequences of the ECJ's website blocking injunction ruling.
2014-03-27: An interview I gave on today's ruling of the ECJ, holding that website blocking injunctions are permissible under EU law, was published on DiePresse.com
In this interview, I explain why the ECJ's ruling on the blocking of kino.to (C-314/12) is a real game-changer.
2014-03-13: Today, I gave a lecture on IT Compliance and Data Protection at the Academy for Law, Taxes, and Business (ARS)
This lecture was part of the Academy for Compliance Management at ARS.
2014-03-03: My article "Bitcoin: Virtual Money in a Legal Vacuum" was published today in the newpaper Die Presse
The article discusses the legal regulatory framework of Bitcoin, in particular the VAT and income tax implications.
2014-01-31: An article on Big Data that I co-authored was published in the Austrian journal Medien und Recht
This article discusses the limits for Big Data under Austrian data protection law.
2014-01-24: DiePresse.com published an article today that I co-authored: Misguided Private Copying Levy for Hard Disks
This article discusses the rather misguided recent decision by the Austrian Supreme Court according to which a private copying levy for hard disks was, in principle, permissible under Austrian law (case no. 4 Ob 138/13t).
2013-12-09: Today, I gave a lecture on "Data Protection Law and International Corporate Practice" at the Danube University Krems
This lecture was part of the General Management MBA TU/DU and the General Management MBA EIPOS.
2013-11-08: The Yearbook Data Protection Law and E-Government is out, including a chapter I wrote: "Data Protection-Related Challenges During Internal Compliance Investigations"
In this book chapter I discuss the legal requirements for internal compliance investigations under Austrian data protection law, including associated requirements under Austrian employment law.
2013-11-03: The Yearbook Human Rights 2012/2013 is out, including a chapter I wrote: "Social Media - The Democratization of the Fourth Estate"
In this book chapter I discuss the effects of decentralized non market based production of journalistic content.
2013-10-15: Today, I gave a lecture on "Telecommunications Law and Net Neutrality" at the Law Faculty of the University of Vienna
This lecture was part of the class Basics of Technology Law I.
2013-07-15: The updated edition of the book The New Corporate Crime Law (Das neue Unternehmensstrafrecht) was published, containing chapters I co-authored on computer crime law, data protection law, and copyright law
The three chapters provide a succinct summary of the corporate legal risks under computer crime law, data protection law, and copyright law.
2013-06-22: Today, I gave a lecture on EU Data Protection Law to the students of the European and International Business Law LL.M. at the University of Vienna
In this lecture, I provided an overview of EU data protection law taking into account the proposed new General Data Protection Regulation.
2013-07-10: An interview I gave on big data was published by "Öffentliche Sicherheit", a magazine of the Austrian ministry of the interior
In this interview I discussed in particular the increased security requirements for big data applications.
2013-06-12: An interview I gave about big data and data protection was published today in the print edition of Der Standard
In this interview, I discussed the legal limits of Big Data under Austrian data protection law.
2013-06-06: Today, I gave a presentation on "The Legal Risks of Big Data" at (ISC)2 Austria Chapter Meeting
In my talk, I discussed the legal risks of Big Data in particular as relates to data protection law.
2013-05-21: Today, my article "Upon Request, Google Must Protect Reputation" was published in the print edition of the Austrian newspaper Die Presse
In this article, I discuss the German Federal Court of Justice's decision upholding an injunction against Google for allegedly defamatory search keywords suggested by the autocomplete feature of Google Search (case no. VI ZR 269/12).
2013-04-17: Today, I gave a presentation on "Big Data - Big Liability?" at the Security Forum 2013 at the Campus Hagenberg, University of Applied Sciences Upper Austria
In this presentation, I tried to address some of the myths surrounding Big Data as well as the real legal challenges under Austrian data protection law.
2013-03-28: An article I wrote on the European Commission's proposal for a Cybersecurity Directive was published at SearchSecurity.de
The article describes the drastic new changes that would be introduced by the Cybersecurity Directive (aka the Network and Information Security Directive, or NIS Directive) in the field of Critical Infrastructure Protection (CIP).
2013-03-07: Today, I gave a lecture on "Data Protection" at the Danube University Krems
In this lecture, I discussed the fundamentals of data protection compliance.
2013-02-27: Today, I gave an interview on the Campus Radio of the University of Vienna on privacy and online bullying
The interview was part of the program "Subjektiv-Objektiv"
2013-02-13: The article "The Right to Private Copying is Dead" that I co-authored was published today in the print edition of the Austrian newspaper Der Standard
In this article we describe why, for all practical purposes, the right to private copying is dead and argue that the introduction of a copyright levy on hard disks, as currently planned by the Austrian Ministry of Justice, would require a resurrection of the right to private copying.
2013-02-04: An article I co-authored on "Sharing a Link on Facebook Can Make Criminally Liable" was published today in the print edition of the Austrian newspaper Die Presse
This article discusses the risks associated with sharing a link on Facebook along with preview pictures.
2013-01-09: My article "High Noon in the Fight for Technology Licenses" was published today in the print edition of the Austrian newspaper Der Standard
This article that I co-authored with one of my colleagues discusses RAND licenses for standard-essential patents and the implications the case Microsoft v. Motorola pending before the U.S. District Court for the Western District of Washington (docket no. 10-CV-1823) may have in the EU.
2012-12-10: My article on the digital copyright aspects of the Austrian Copyright Amendment Act of 2013 (UrhG-Novelle 2013) was published today in the print edition of the Austrian newspaper Die Presse
In this article that I co-authored with one of my colleagues, we discuss the rightholders' new right to information vis-a-vis Internet access providers as well as the planned copyright levy on computer hard drives.
2012-12-04: Today, at a Deloitte Cyber Security Event, I gave a presentation on the Legal Challenges of Data Loss Prevention
In my talk, I discussed in particular the new legal challenges BYOD brings to Data Loss Prevention.
2012-12-01: My switch from my previous employer to the international law firm Baker & McKenzie did not go unnoticed
The article in the online edition of the Austrian newspaper Die Presse has some background about the switch I made together with an attorney from my old firm.
2012-11-22: Today, presented my TTLF Working "Paper Website Blocking Injunctions under EU and U.S. Copyright Law" at the Economic and Social Research Council (ESRC) Workshop "What digital Future?"
The workshop was organized by the University of Vienna's Media Governance and Industries Research Group.
2012-11-13: Today, I gave a lecture on "Telecommunications Law and Net Neutrality" at the Law Faculty of the University of Vienna
This lecture was part of the class Basics of Technology Law I.
2012-10-12: Today, I gave a lecture on "Data Protection as a Challenge for Corporations" at the Danube University Krems
In this lecture, I discussed with students how corporations should best address the challenge of data protection compliance.
2012-10-10: Today, I gave a presentation on "Security Breaches: Legal Remedies Before and After an Emergency" at the Erste Bank Security Symposium
In this presentation, I discussed security breaches and their legal ramifications for banks.
2012-09-26: Today, I gave a lecturer at the ARS seminar "IT Compliance - Fully Compliant Use of Information Technology in the Enterprise"
In this lecture which I gave together with Roland Marko, a senior associate at Wolf Theiss, all major aspects of IT Compliance were covered, in particular outsourcing and data protection compliance.
2012-09-25: Today, I gave a presentation on "Duties to Provide Cyber Security and Appropriately React to Security Breaches" as part of the Marsh Austria event "Cyber Risks - The Underestimated Threat"
I gave this presentation together with Kurt Retter, a partner at Wolf Theiss.
2012-09-17: An interview I gave about data protection and the right to be forgotten was published today at futurezone.at
In this interivew, I discuss in particular the application of the right to be forgotten to personal data published on the Internet.
2012-09-17: My article "Birth of the First-Download Doctrine-The Application of the First-Sale Doctrine to Internet Downloads under EU and US Copyright Law" was published in the Journal of Internet Law
In this article I describe how the landmark decision by European Court of Justice in Usedsoft V. Oracle (C-128/11) effectively extended the first-sale doctrine to encompass a new First-Download Doctrine.
2012-08-06: My article "ECJ Grants Second Chance to Obtain Preferred .eu Domain" was published today in the print edition of the Austrian newspaper Die Presse
In this article that I co-authored with one of my colleagues, we discuss the ECJ's decision in Pie Optiek SPRL v. Bureau Gevers SA, Case C-376/11, where the Court held that U.S. copanies could not circumvent the establishment requirements set out in the .eu regulations.
2012-07-30: The Austrian Constitutional Court cited a book chapter I wrote in 2007 on the electronic surveillance powers of the police
I had argued that Section 53(3a) of the Austrian Security Policy Act would have to be construed in a particular narrow fashion to be constitutional. The Austrian Constitutional Court, citing the book chapter that I wrote, followed my reasoning and construed the provision as I had suggested.
2012-07-11: An article I co-authored, "The Legal Limits of Keyword Advertising" was published today in Recht.Extrajournal.Net Dossier
The article discusses in particulare the recent ECJ judgment in Case C-523/10 that effectively allows right holders to engage in forum shopping.
2012-07-03: An interview I gave about data breach notification under EU law was published in the July print edition of the Security Management Magazine
In the interview, I describe the data breach notification requirements under the draft of the EU General Data Protection Regulation and what they mean for businesses in practice.
2012-06-27: An article I co-authored, "New Domain Names Complicate Trademark Protection" was published today in the print edition of Der Standard
The article discusses the challenges for trademark holders posed by the introduction of the new generic top-level-domains (gTLDs) by ICANN.
2012-06-19: Today, I gave a lecture on "Data Protection and ISP Liability from an International Perspective" at the Danube University Krems
In this lecture, the students and I discussed the foundations and most recent developments in two areas of the law highly critical for any (online) business.
2012-06-05: An article I co-authored was published in the German computer magazine c't: "No Copyright Protection for Programming Languages"
The article discusses the judgment of the European Court of Justice in the case of SAS Institute Inc. v World Programming Ltd., Case C-406/10 and its wider applications.
2012-06-04: Today and on June 1, 2012, I gave a lecture on "European E-Commerce and Telecommunications Law" at the Santa Clara University Summer School in Vienna
In this lecture, the students and I discussed in particular issues such as website blocking injunctions and traffic data retention.
2012-05-12: My comment on the the recent Austrian Supreme Court case 17 Ob 22/11a ("wetter.tv") was published in the Austrian law journal ÖBl
In this comment that I co-authored with one of my colleagues, we discuss the Austrian Supreme Court's judgment in case 17 Ob 22/11a where it was held that the owner of the domain wetter.at does not necessarily have exclusive rights to advertising services using the term "wetter.at".
2012-05-08: Today, an interview I gave about the most important changes to be introduced by the new General Data Protection Regulation of the EU was published on Computing.co.uk
In particular, it will be interesting to see whether the right to data portability and the right to be forgotten will be further watered down in the legislative process.
2012-05-07: My article "How Copyright Holders Could Enforce Their Rights Online" was published today in the print edition of Die Presse
In this article that I co-authored with one of my colleagues, we discuss the current legal situation in Austria as regards copyright holder's possibilities to identify infringers using traffic data retaied by Internet access providers.
2012-04-26: Today, I gave Lecture on "Copyright Law and Information Technology in Practice" as part of the class "Advanced Aspects of IT-Law" at the Vienna University of Technology
In this guest lecture, I discussed how information technology may often facilitate copyright infringement while on the other hand providing new ways of enforcing it, e.g., in the form of website blocking injunctions.
2012-04-20: Today, I gave Lecture on "Telecommunications Law - From Net Neutrality to Traffic Data Retention" as part of the class "European Technology Law" at the Vienna University of Technology
In this guest lecture, I particularly discussed how Austrian law regulates hot issues such as net neutrality, data retention, and operator liability.
2012-04-18: My article "Third-Party Facebook Postings Can Come at a High Price" was published today in the print edition of Der Standard
In this article, I describe why Facebook may be liabile for copyright infringing postings made on their Facebook wall by third parties.
2012-04-18: Today, I gave a presentation on "Security Breaches: Legal Emergency Measures for Affected Corporations" at the Security Forum 2012 of the Campus Hagenberg - the presentation slides are now available
In this presentation, I discribe not only the breach notification obligations under Austrian law but also the new legal possibilities of tracking down a hacker that were created by the implementation of the Data Retention Directive.
2012-04-17: My paper "Website Blocking Injunctions under EU and U.S. Copyright Law" was published today as Working Paper No. 13 of the Stanford-Vienna Transatlantic Technology Law Forum (TTLF) Working Paper Series
In this paper, I comparatively analyze the legal possiblity of obtaining a website blocking injunction under EU Information Society Directive article 8(3) and section 512(j) of the U.S. Copyright Act.
2012-03-26: My article on the European Court of Justice's decision in SCF v. Marco Del Corso, C-135/10, has been published in the Austrian newspaper Die Presse
In this case, the ECJ held that a phonograms broadcast by radio in a dental practice was not a communication to the public as regards the phonograms. In the article, that I co-authored, the effects of this decision on Austrian law are discussed.
2012-03-23: An interview I gave about the conflict between the EU's new General Data Protection Regulation and the U.S. Patriot Act was published by the UK magazine "Computing"
In this interview, I highlight why international corporations may violate EU data protection law if they chose to comply with U.S. anti-terrorism laws.
2012-03-07: My article "Website Blocking Injunctions are Reality even without ACTA" was published in today's print edition of Der Standard
In this article (which is written in German), I describe why website blocking injunctions have already become a reality in Europe.
2012-02-08: My article on the European Commission's Proposal for a General Data Protection Regulation was published in the law journal Medien und Recht International (MR-Int)
In this article, I discuss the changes the new proposal would bring in comparison with the current Data Protection Directive; the article also points out where the official proposal was weakened when compared to the draft that was leaked in December 2011.
2012-01-31: Today, I gave a presentation on "Legal Challenges in the Area of Critical Information Infrastructure Protection"
The presentation was given at the 8th annual Security Day at the St. Pölten University of Applied Sciences.
2012-01-25: My interview about the enforcement actions against megaupload.com was published on futurezone.at
In the interview, I discuss the legal risks megaupload.com's users are facing after megaupload.com's servers have been seized by the FBI due to claims of copyright infringement.
2012-01-18: My article "Merchants Face Liability for Hacked Electronic Gift Certificates" was published today in the Austrian newspaper Der Standard.
In this article, I discuss the legal risks merchans are facing if they fail to properly secure electronic gift certificates.
2012-01-18: An interview I gave about about website blocking injunctions, the Stop Online Piracy Act, and the PROTECT IP Act was published today in the Austrian newspaper Kurier - it is also available on futurezone.at
I argue that the weak social concensus on whether to enforce copyright law online is indicative of a more general discontent with copyright law itself.
2012-01-16: My article "Internet Law: Separate Contractual Rules Needed for Twitter Followers" was published today in the Austrian newspaper Die Presse.
In this article, I describe why employers would be well advised to include contractual language in all employement contracts to address the issue of who owns an employee-operated twitter account after the employee leaves the company.
2011-11-23: My article "False Facebook Friends Can Be Illegal" was published today in the Austrian newspaper Der Standard.
In this article, I discuss the legal risks for companies that use faked Facebook accounts for marketing purposes.
2011-11-21: My article "Video Games: Sanctions Against Hasty Sellers" was published today in the Austrian newspaper Die Presse.
In this article, I describe why hastey video game sellers face sanctions under copyright law, irrespective of the first sale doctrine.
2011-11-11: Today, I gave a presentation on "Cyber Crime and Its Legal Consequences for Affected Corporations" at the IT-Security Community Xchange (IT-SeCX) 2011
In this presentation, I discussed the basics of Austrian computer crime law, liability for security breaches, and mandatory data breach notification.
2011-11-03: My book "Information Security Law in the EU and the U.S." was finally published by the publishing house Springer.
In this book which is based on my Ph.D thesis, I present an analysis and risk-based assessment of the current state of information security law (aka cyber security law) in the EU and the U.S.
2011-10-06: My article "Better One Time Than 27 Times" on the applicability of data protection laws in the EU was published in "Wirtschaft & Recht", a supplement to the newspaper Der Standard
In this article, I discuss why non-EU web service providers might have to comply with the data protection laws of all 27 Member States when employing new web technologies.
2011-09-29: Today, I gave an interview on cyber crime law which was broadcast on ORF 2 in "Zeit im Bild" at 13:00 and 19:30.
In particular, I point out that Austrian computer crime law does not per se criminalize hacking which is a significant deficiency of the current legal situation.
2011-09-25: My article "Outages of Critical Information Infrastructure under EU and U.S. Law - Transparency versus Secrecy" was published in the Journal of Internet Law.
The article discusses the legal situation as well as the policy arguments advanced in the EU and the U.S. in the ongoing debate about whether outages of Critical Information Infrastructure should be kept secret or should be subject to mandatory public disclosure.
2011-08-20: An interview I gave about EU data protection law and the "right to be forgotten" will appear in tomorrow's New York Times.
The so-called "right to be forgotten" is currently the subject of intense discussions in EU data protection policy circles.
2011-08-08: An interview I gave about the legal situation parents face when they post photos of their kids on social networking platforms was published on futurezone.at
The article provides a discussion of some of the legal issues parents face when they want to share photos of their kids online.
2011-07-22: An interview I gave about Austrian computer crime law and its application to "hacker groups" such as Anonymous or LulzSec was published on futurezone.at
The article provides an overview of the most relevant provisions of Austrian computer crime law.
2011-07-18: My article "3D-Druck und die Rechte Dritter" was published in today's print edition of Die Presse
The article discusses potential intellectual property rights violations of 3D printing.
2011-06-16: My article "Die Einführung der Vorratsdatenspeicherung in Österreich" was published in Medien und Recht 3/2011
The article discusses the transposition of the Data Retention Directive in Austria.
2011-04-13: My thesis "Information Security Law in the EU and the U.S. - A Risk-Based Assessment of Regulatory Policies" was accepted for inclusion in the Working Paper Series of the Stanford-Vienna Transatlantic Technology Law Forum.
The thesis identifies, analyses, and comparatively assesses regulatory policies in EU and U.S. law which address information security.
2011-04-03: XML_Query2XML v1.7.2 was released!
This release allows you define your own prefixes.
2011-03-26: My paper "Separation of Ownership and the Authorization to Use Personal Computers: Unintended Effects of EU and US Law on IT Security" got published in Vol. 27, Issue 1 of the Santa Clara Computer and High Technology Law Journal.
In this paper, I discuss how EU and US law increasingly separate the concepts of ownership and authorization as regards personal computers; I argue that this separation is detrimental to computer security.
2011-03-21: My presentation slides for today's talk on Malicious Software at Parhamer High School are now online
In my talk I discussed how malware compromises computers and how it behaves once it has obtained control over a computer.
2001-01-30: The Yearbook Human Rights 2011 is out, including a chapter I wrote: Impairment of the Freedom of Expression by Internet Censorship in China and Iran.
In this book chapter, I discuss the technical aspects of Internet consorship and the limits set by international human rights law as well as WTO law.
2010-12-20: My paper "The Legality of the Data Retention Directive in Light of the Fundamental Rights to Privacy and Data Protection" was published in the European Journal of Law and Technology
This article discusses the EU Data Retention Directive's interference with the fundamental rights to privacy and data protection as protected under the Charter of Fundamental Rights of the EU.
2010-12-15: My paper "Urheberrechtliche Ansprüche auf die Sperrung von Websites durch Access-Provider" was published in Medien und Recht
This article discusses to what extent Austrian copyright law empowers copyright holders to force Internet access providers to block access to infringing web sites.
2010-11-01: My article "Facebook vor österreichischen Gerichten?" was published in OUTPUT
This article discusses the possibility of suing Facebook in an Austrian court which may, to a significant extent, apply Austrian law
2010-09-28: Read my interview about Facebook published in the print edition of Kurier
In this interview, I discuss the leagal issues of defamatory postings as well as the issue of jurisdiction for potential lawsuits against Facebook.
2010-09-01: My article "Jailbreaking - Der Ausbruch aus restriktiven Geschäftsmodellen" was published in OUTPUT
This article discusses the copyright and anti-trust-related legal issues of jailbreaking an iPhone or iPad.
2010-07-15: My article "Data Privacy - Unterschiede in EU und USA" was published in OUTPUT
This article discusses the fundamental differences in data privacy law in the EU and the U.S.
2010-06-01: My article "Identity Theft - Rechtlicher Rahmen" was published in OUTPUT
This article discusses the legal framework in which impersonation fraud (aka "identity theft") occurs in the EU and the U.S.
2010-04-29: My article "New Approaches to Network and Information Security Regulation: The EU Telecoms Package" was published in Computer Law Review International (CRi)
This article discusses the new notification regimes for Data Security Breaches and Network Security Breaches.
2009-12-04: Materials from my guest lecture on cryptography are now online
On December 4th, I was given the opportunity to hold a guest lecture at the my old high school (Bundesrealgymnasium Wien 9) on cryptography.
2009-11-06: Read my interview about the transposition of the EU Data Retention Directive in Austria and Germany, Pressetext Austria, 6 November 2009
In the interview, I talk about the legality of the EU Data Retention Directive with regard to fundamental rights and the possible ramifications of a case still pending before the German Constitutional Court (BVerfG).
2009-10-27: Read my interview about identity theft and data protection online, derStandard.at, 26 October 2009
This article discusses identity theft, data protection online and the myth of the Internet as a legal vacuum.
2009-10-05: My article "Data Breach Notification nach österreichischem Recht" was published in Medien und Recht
This article discusses Data Breach Notification with a special focus on the Austrian law.
2009-09-15: My article "Meinungsäußerung: Online anonym" was published in OUTPUT
This article discusses the protection of anonymous free speech online.
2009-09-09: Security Breach Notification: Informationspflichten bei der Verletzung der Sicherheit personenbezogener Daten, in Feiler/Raschhofer (Hrsg), Innovation und internationale Rechtspraxis(2009), WUV
Discusses Security Breach Notification with a special focus on the EU telecoms package.
2009-05-15: My article "Data Mining als Anti-Terror-Maßnahme" was published in OUTPUT
This article discusses the proportionality and suitability of data mining as a tool for fighting terrorism.
2009-03-08: XML_Query2XML v1.7.1 was released!
This release brings performance enhancements due to refactoring of internal classes and an improved caching implementation.
2009-02-17: Read my interview about the ECJ's ruling on the legality of the EU Data Retention Directive, print edition of Die Presse, 17. February 2009
The ECJ found the Data Retention Directive to be within the competences of the European Community.
2009-02-06: My article "Freedom of Information: Recht auf Transparenz" was published in OUTPUT
This article discusses the state of Freedom of Information in the EU and Austria.
2009-02-02: Zankl (Hrsg), "Auf dem Weg zum Überwachungsstaat?" (2009) is now available in book stores!!
I co-authored this book :-)
2008-09-04: My article "Personenbezogene Daten: Data Breach Notification" was published in OUTPUT
This article discusses the purpose of Data Breach Notification Laws.
2008-07-07: My seminar paper "The Data Retention Directive" was published on rechtsprobleme.at
This paper discusses the legality of the Data Retention Directive (2006/24/EC) with regard to European fundamental rights and the competences of the EC.
2008-07-02: My article "Offene Formate: Eine rechtliche Notwendigkeit" was published in OUTPUT
This article (written in German) describes circumstances under which European antitrust law might require the support for standardized document formats.
2008-05-16: My presentation slides for yesterday's talk "Open Source and Copyright Law" at the Vienna Linuxwochen 2008 are now online.
After having given a talk on computer crime law at the Linuxwochen in 2006 and on the EU Data Retention Directive in 2007, it was finally Copyright Law's turn in 2008 :-)
2008-05-12: My article "XML_Query2XML. Mit PHP von SQL zu XML" was published in PHPSolutions Magazine
This article (written in German) provides a tutorial for how to most effectively use my PEAR package XML_Query2XML.
2008-05-07: My article "Online-Vertrag: Abschluss nur nach Extra-Mail-Bestätigung?" was published in OUTPUT
This article discusses a legislative proposal by the Austrian Parliament that if implemented, would not only fail to achieve its objective but would also pose serious limits on today's e-commerce.
2008-05-02: XML_Query2XML v1.7.0 was released!
this release adds support for PEAR Net_LDAP2, implements 'limit' and 'offset' options for the MDB2 and DB drivers, improves the logging functionality and consolidates the unit tests
2008-04-22: Read my interview on e-contract formation published in the print edition of Die Presse, 22. April 2008
The Austrian Parliament discussed mandatory confirmation mails for e-contract formation.
2008-03-20: XML_Query2XML downloaded 10.000 times!
The PEAR package XML_Query2XML has now more than 10.000 downloads :-)
2008-03-14: live on Radio ORANGE: discussing government hacking, the new police powers (Section 53 Sicherheitspolizeigesetz) and the data retention directive
live on Radio ORANGE/Netwatcher together with Dr. Lennart Binder (the defense attorney in Austria's first government hacking case) and Dr. Kurt Einzinger, Secretary General of Internet Service Providers Austria (ISPA).
2008-02-29: live on Radio ORANGE: discussing secret surveillance without judicial oversight
live on Radio ORANGE/Netwatcher together with Alexander Zach, member of the Austrian Parliament: discussing secret surveillance without judicial oversight and the new German Federal Constitutional Court's ruling on the constitutional right to confidentiality and integrity of one's computer system
2008-02-10: a new version of the lukasfeiler.com-bigqmail.patch is now available
the combined patch now contains the outgoingips patch and a dns patch to better handle DNS responses larger than 512 bytes
2008-01-06: XML_Query2XML v1.6.0 was released
this stable release introduces no changes since 1.6.0RC1
2008-01-02: XML_Query2XML v1.6.0RC1 was released
This release candidate adds LDAP support and implements an open driver architecture
2007-10-07: XML_Query2XML v1.5.0 was released
no changes since 1.5.0RC1
2007-09-30: XML_Query2XML v1.5.0RC1 was released
This release candidate improves performance by at least 30%
2007-09-03: XML_Query2XML v1.4.0 was released
This release adds support for PDO - thereby supporting SQLite 3
2007-08-26: XML_Query2XML v1.3.0 was released
This release provides enhanced support for CDATA sections, binary data (via base64 encoding) and dynamic XML element names.
2007-08-07: My article "Second Hand Software: Geschäfte mit Risiko" was published in OUTPUT
This article describes the first-sale doctrine as it applies to Austrian copyright law.
2007-07-25: IBM developerWorks published an article on my PEAR package XML_Query2XML: "Turn SQL into XML with PHP - Easily convert the results of a database query into an XML document"
The article was written by Vikram Vaswani.
2007-06-22: An article I co-authored "Vorratsdatenspeicherung - Kommt der Überwachungsstaat?" was published in Anwalt Aktuell
The article describes the EU Data Retention Directive and its implementation in Austria
2007-06-06: Watch my interview on Okto.TV regarding the EU Data Retnetion Directive
Recorded May 31 2007; German only
2007-06-03: Listen to my radio interview on Radio Orange regarding the EU Data Retnetion Directive
Recorded May 31 2007; German only
2007-06-02: Additional information about my lecture on the EU Data Retention Directive ("Überwachungsstaat vs Bürgerrechte") is now available
The directive itself, an extensive analysis by the european center for e-commerce and internet law, related movies, documentaries and more
2007-05-31: The presentation slides used for today's talk about the EU Data Retention Directive ("Überwachungsstaat vs Bürgerrechte") are now available
More information to follow
2007-05-26: XML_Query2XML v1.2.1 was released
This release makes it easier to dump all contents of a database to XML
2007-05-26: a new version of the lukasfeiler.com-bigqmail.patch is now available
the make commands that need to be run were missing
2007-05-01: Visit my talk at the Vienna LinuxWeeks 31. May 2007, discussing the EU Data Retention Directive ("Überwachungsstaat vs Bürgerrechte")
The EU Data Retention Directive as well as its Austrian implementation will be subject to this talk. Ways to circumvent the new surveillance measures will also be covered (e.g. EFF's Tor).
2007-04-22: lukasfeiler.com-bigqmail-20070421.patch now also available via www.qmail.org
It's a new version of a combined patch for carrier-grade qmail mail server installations and includes netqmail-1.05-tls-smtpauth, the validrcptto.cdb patch, the big-concurrency.patch, the doublebounce-trim.patch and the big-ext-todo patch (EXTTODO patch and big-todo patch)
2007-04-15: XML_Query2XML v1.2.0 was released
This release adds the capability to handle data sources that use another character encoding than ISO-8859-1; it is now also possible to use to use another XML encoding than UTF-8 (e.g. ISO-8859-1)
2007-04-06: lukasfeiler.com-bigqmail-20070406.patch is now available
It's a combined patch for carrier-grade qmail mail server installations and includes netqmail-1.05-tls-smtpauth, the validrcptto.cdb patch, the big-concurrency.patch, the doublebounce-trim.patch and the big-ext-todo patch (EXTTODO patch and big-todo patch)
2007-03-16: My article "Botnets: Spamming, Phishing und DDoS Attacks im großen Stil" was published in Anwalt Aktuell
Explains why botmasters might not be criminally liable in Austria
2007-02-03: XML_Query2XML v1.1.0 was released
I am proud to announce the second stable release of XML_Query2XML: it is now possible to integrate other XML data sources
2007-01-19: Threat Update: Man-in-the-Middle Attacks
Discusses the nature of and the criminal liability for Man-in-the-Middle (MITM) Attacks
2006-12-04: XML_Query2XML v1.0.0 was released
I am proud to announce the first stable release of XML_Query2XML
2006-11-04: XML_Query2XML v0.8.0 was released
Due to security considerations this release does not use eval() anymore
2006-11-01: My article "Zur Sinnhaftigkeit der europäischen Data Retention Richtlinie" was published in OUTPUT
(output is an Austrian magazine for business & IT)
2006-10-14: XML_Query2XML v0.7.0 was released
This release adds support for the database abstraction library ADOdb
2006-10-08: Threat Update: Social Engineering
Discusses the criminal liability for social engineering in Austria
2006-09-28: XML_Query2XML v0.6.1 was released
This release fixes a minor bug with PHP5 prior to 5.1.0
2006-07-29: My article "Haften Hersteller oder Händler für Sicherheitslücken in Standardsoftware?" was published in OUTPUT
(output is an Austrian magazine for business & IT)
2006-06-15: Tor - A technical analysis EFF's onion router
This article (written in German) shows why Tor makes the EU data retention directive useless
2006-06-14: Threat Update: Botnets - in depth legal and technical analysis
Think of a hacker building a network of 10,000+ compromised machines ...
2006-06-02: new section: Articles
The new sections also includes regularly published Informations Securty Threat Updates
2006-06-01: Linuxwochen - Hacking und Computerstrafrecht: presentation slides online
Today I gave a talk at the Linuxwochen in Vienna on computer crime law - presentation slides and some additional information are now available
2006-04-23: XML_Query2XML v0.6.0 released as official PEAR package
XML_Query2XML finally got accepted as an official PEAR package! See also http://pear.php.net/package/XML_Query2XML
2006-04-12: list of great IT security articles added to Favorite (IT-)Books
all are available online: includes some papers from phrack, the famous Empirical Study of the Reliability of UNIX Utilities, a couple of Spafford articles and lots more
2006-04-09: lukasfeiler.com-qmail v0.1.1 released
includes new patch for Clam AV v0.88.1
2006-04-09: 18 information security standards addedd to Favorite (IT-)Books
ISO/IEC 27001, 17799, German BSI standards, NIST publications; the common criteria and the orange book are still to follow
2006-04-08: new seminar paper on cybercrime
Zur strafrechtlichen Beurteilung von IT-Sicherheitsluecken
2006-04-01: lukasfeiler.com-qmail released
qmail with TLS and SMTP auth & Courier-IMAP/POP3 & MySQL & Clam AV & SpamAssassin - all with virtual domain support
2006-03-19: new section "New York, NY" was added
it contains a Google Map Mashup and two posters
2006-03-17: Query2XML v0.5.1 released
full PEAR coding convention complience
2006-03-14: Query2XML v0.5.0 released
new exception handling, MDB2 support and new unit tests
§ 25 MedienG
This piece of Austrian legislation requires a maintainer of a web site
to publish his name and inhabitance. I believe that this takes away a very
important aspect of free speech
on the Internet: anonymity. The Supreme Court of the United States ruled 1995 in
McIntyre v. Ohio Elections Commission that anonymity is an aspect of the freedom of
speech protected by the First Amendment. Unfortunately Austrian and European courts
do not consider anonymity to be protected under Article 10 ECHR ("Freedom of expression").
In case you do not know how to run the Unix command whois lukasfeiler.com: my name is Lukas Feiler and I live in Vienna, Austria.