| News | Blog | Legal freedom or legal mush – Which law applies to the internet?

Legal freedom or legal mush – Which law applies to the internet?

Digital content is ubiquitous, and the legal systems of states are local. Conflict of laws is usually the legal solution, but it does not always wholly fit. Comprehensive and functional comparative law can be the methodological key to this problem.


In a world of data and in the age of digitalisation, the law has a problem: state regulations are (necessarily) local and in any case bound to a national territory, while data in the cloud and through networking are (potentially) ubiquitous. The internet is not a lawless space, but it is also not a space of law, especially not the space of (only) one law.

Therefore, the legal systems of about 200 states are potentially applicable to data and internet matters – and if you add the states with federal legal systems, the number is even higher.

The fact that a case has references to several legal systems cannot, of course, shake a lawyer. This fact has been familiar to us since people from different legal systems have been in contact with each other, i.e. since time immemorial (or shortly thereafter).

Three approaches to solving conflict situations

There are three approaches to solving this problem: One is to seal oneself off as a society and avoid situations of collision already at the actual level. One develops universal legal rules. Or one regulates the relationship between the different legal systems.

Compartmentalisation is the simplest solution. It follows quite naturally from the principle of sovereignty as the basic rule of international law and is, so to speak, the “default option” of information conflict law. However, it corresponds neither to the needs of a mobile world society nor to a globally networked economy.
A universal right would be the most beautiful solution. However, it is not within reach and, in view of the cultural differences and diversity on our planet, perhaps not even desirable.
The third approach is that of coordination of legal systems or their application. In jurisprudence, this is called a conflict of laws. Here it becomes confusing and cumbersome. In view of the practical unsuitability of the other two solutions, however, there is no alternative to the coordination of legal systems.

Adaptation of the conflict of laws for digital matters

Today’s modern conflict of laws has developed over the past 200 years. In the interplay of the world’s legal systems, rules have developed for many factual constellations which the states and legal systems accept mutually and reciprocally.

Conflict of laws is based on the idea of the closest or most appropriate link (genuine link). The legal system with the greatest proximity to the facts of the case should be able to decide on them. There are different connecting factors for this and for different constellations: Choice of law, territoriality, place of market, and nationality.

Of course, conflict of laws is not universal law but has developed (and continues to develop) in coordination with the legal systems. The concept of sovereignty is not alien to conflict-of-laws law but is present throughout in the form of the reservation of public policy.

Conceptually, however, the traditional conflict of laws is overstretched because of the ubiquity of digital data. It is calculated to find a solution to an exceptional reference to more than one legal order. However, it is not intended for the case that all legal systems are (potentially) applicable to all cases. In relation to digital matters, moreover, not only are these general boundary conditions of conflict of laws problematic, but there is also a lack of general global agreement on a conflict of laws for data and information in general:

Because it is tied back to a state and thus local law, conflict of laws is always located in space. This is fundamentally not suitable for digital ubiquity. Here, the law can (so far) only resort to makeshift connections. For example, the seat of the parties concerned is used, or a marketplace or one is obliged to store the data at a certain place (data localisation). It would also be conceivable to refer to the nationality (personal protection principle, “citizen data protection”) or the “origin” of the data.

Conflict of laws only works if real phenomena are categorised in a comparable way, such as people living together in a family (marriage), the possibility of disposing of goods (ownership, possession) or acts of infringement (offence). In the case of data, however, there is no such canonisation, because they differ fundamentally in terms of whether they are intangible goods at all, whether data disclosures and data uses are subject to consent and whether these are relationships under contract law or tort law.

Due to the insufficient fit of conflict-of-law approaches for cross-border digital matters, states then often access these matters unilaterally. This is done by means of administrative regulations, for which territoriality is then decisive according to the principles of international administrative law. Or they invoke public policy by declaring data (sovereignty) to be a paramount legal right (informational self-determination, “digital sovereignty”).

Approaches for a “real” data conflict law

The question thus arises as to how a “genuine” data conflict of laws can look and function:

So far, we mainly see the use of political and economic power to impose one’s own legal ideas on other legal systems in order to eliminate divergent regulations or to make their own legal system apply. An economic lever can be the actual possession of or control over digital infrastructures, such as social networks, clouds and also technical standards (internet). The European Union uses an economic policy lever with the data protection law institute of the adequacy decision, which above all encourages economically weaker states to bring their data protection law into line with the European model (Brussels Effect). The Chinese “New Silk Road” may also be working in this direction (Beijing Effect).

With the development of a “data law”, the medium- and long-term goal of legal policy will be the development of an original data conflict law. However, as described above, the development of national data law systems is still lacking, as is their comparability.

The lack of comparability and thus the impossibility of a simple conflict-of-laws link can be replaced by a comparison of data law regimes (term based on Teubner and Fischer-Lescano). For this purpose, legal systems are compared with each other as a whole and functionally. In doing so, not only individual substantive legal norms are considered, but also procedural rules and enforcement possibilities. A practical example of such a holistic approach is the European Commission’s data protection adequacy decisions. In terms of methodology, functional comparative law is applied to a conflict of laws.

The blog posts published by bidt reflect the views of the authors; they do not reflect the position of the Institute as a whole.