Reverse Engineering Informational Privacy Law

56 Pages Posted: 10 Feb 2012 Last revised: 13 Mar 2014

See all articles by Michael Birnhack

Michael Birnhack

Tel Aviv University - Buchmann Faculty of Law

Date Written: February 10, 2012


Is technology-neutral legislation possible? Technological neutrality in legislation is often praised for its flexibility and ability to apply to future technologies. Yet, time and again we realize that even if the law did not name any technology, it was nevertheless based on an image of a particular technology. When new technologies appear, they expose the underlying technological mindset of the existing law. This article suggests that we read technology-related laws so to uncover their hidden technological mindset so that we can better understand the law and prepare for the future. Reverse Engineering the law is an interpretive mode, tailored to uncover the technological layer of the law.

After locating the discussion within the paradigm of law & technology, I unpack the meaning of technology-neutral legislation: I point to three possible justifications thereof: flexibility, innovation and harmonization. The article then suggests an initial typology that offers a range of legislative choices, richer rather than a binary all-or-nothing choice, and explains the methodology of reverse engineering the law.

The next step is to challenge the claim for neutrality in the context of informational privacy. Proposals to amend the law are on the tables of policy-makers in the United States and in the EU. I focus on the current global engine of data protection law, the EU 1995 Data Protection Directive. The reverse engineering of the Directive indicates that it is more technological-neutral than we might have expected from an instrument that was composed in the early 1990s based on laws from the early 1970s. Nevertheless, the close reading reveals the underlying technological mindset and assumptions. I conclude that pure technologically neutral legislation is, to a great extent, a myth.

Keywords: privacy, information, technology, data protection, EU Directive, FTC, Privacy by Design, right to be forgotten

Suggested Citation

Birnhack, Michael D., Reverse Engineering Informational Privacy Law (February 10, 2012). 15 Yale J. L. & Tech. 24 (2012), Available at SSRN: or

Michael D. Birnhack (Contact Author)

Tel Aviv University - Buchmann Faculty of Law ( email )

Ramat Aviv
Tel Aviv, 69978
+972-3-640-6623 (Phone)

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Abstract Views
PlumX Metrics