University of Groningen, The Netherlands

Professor Joe Cannataci



Project Co-ordinating Person


Professor Joe Cannataci studied law at the University of Malta and the University of Oslo. He later qualified in the UK as a Chartered Information Technology Professional and also holds Chartered Fellowship of the British Computer Society. He received a Doctor of Laws degree (LLD) from the University of Malta in 1986 with a thesis on privacy and data protection law published by the Norwegian University Press in 1987. Joe was T54 Project Director at the Norwegian Research Center for Computers and Law during 1986-1987 before he joined the Department of Public Law at the Faculty of Law of the University of Malta, where in 1988 he established the Law & IT Research Unit (LITRU). In 2006 he was appointed Professor of Law at the University of Central Lancashire (UCLAN) in the United Kingdom. Between 2006 and 2007 he was Head of Lancashire Law School and from 2007-to 2011 he was Director of the Centre for Law, Information & Converging Technologies at UCLAN. In 2011 he was appointed Head of the Department of Information Policy & Governance at the Faculty of Media & Knowledge Sciences of the University of Malta and also Chair of European Information Policy & Technology Law within the Faculty of Law at the University of Groningen. He is addiitonally Adjunct Professor at the Security Research Centre, School of Computer and Security Science at Edith Cowan University Australia .


In 2010 Joe was External Consultant for the Impact Assessment of policy options for data protection law in Europe contracted by the European Commission to GHK International. During 2010, he was also Expert Consultant engaged by Council of Europe’s Consultative Committee (T-PD) and Directorate for Legal Affairs and Human Rights to review provisions of the European Data Protection Convention and Recommendation (R(87)15 on police use of personal data.

He has written books and articles on data protection law, liability for expert systems, legal aspects of medical informatics, copyright in computer software and co-authored various papers and textbook chapters on self-regulation and the Internet, the EU Constitution and data protection, on-line dispute resolution, data retention and police data.

Joe is a member of the Executive of the British & Irish Law, Education & Technology Association (BILETA), the International Advisory Board of the International Review of Law, Computers & Technology, the Editorial Board of the Masaryk University Journal of Law and Technology and  the Comitato Scientifico della "Rivista di Diritto, Economia e Gestione delle Nuove Tecnologie".


In 2005 he was decorated by the Republic of France and elevated to Officier dans l’ordre des palmes académiques His pioneering role in the development of technology law and especially privacy law was cited as one of the main reasons for his being made the recipient of such an honour as was his contribution to the development of European information policy. In 1993 Joe was Rapporteur on the use of personal data for Police Purposes to the Project Group on Data Protection of the Council of Europe. He was Chairman of several Committees of Experts of the Council of Europe:  MedialLex (1994),  the Working Party on Data Protection in Insurance (1994-1997), Working Party on Data Protection in New technologies (1995-2000), the Committee of Experts on Data Protection (1996-98) and Vice-Chairman of the Group of Specialists on the impact of New Communications Technologies on Fundamental Rights & Democratic Values (1999-2001).


While Joe has been in academic life without a break since 1986, he has also maintained first a part-time presence as an IT lawyer  involved in international practice in the B2B legal aspects of new technologies including drafting and negotiating  IT Project contracts, hardware and software, sales and licensing contracts and various IP-related issues including source code agreements. He is currently a UDRP Panelist of the Czech Arbitration Court where, utilizing On-line Dispute Resolution (ODR) methodologies, he was amongst the first “on-line judges” to deliver decisions in disputes on .eu Top Level Domain names 





Recent publications include:

  • CANNATACI, J.A., From the NSA to the IMP: Deserving and Dodging Legal Safeguards  (ISA 2010)
  • CANNATACI, J.A., Squaring the circle of smart surveillance and privacy,  Fourth International Conference on Digital Society, 2010, ISBN 978-0-7695-3953-9/10 DOI 10.1109/ICDS.2010.55, 323-328
  • CANNATACI, J.A. & MIFSUD BONNICI, J. P., The end of the purpose-specification principle in data protection? International Review of Law, Computers and Technology, Routledge, 2010, UK ISSN: 1364-6885 (electronic) 1360-0869 (paper) Vol. 24, No.1, March 2010  pp 1-17, DOI: 10.1080/13600861003637693
  • CANNATACI, J.A., Privacy, Technology Law and religions across cultures (2009) Journal of Information Law & Technology, 2009 Issue 1
  • CANNATACI, J.A., Privacy pitfalls for E-government: recent developments in the UK, chapter in Marleen Haase, Christine Leitner, Josef Makolm, Romand Traumuller (eds)  Taking the e-Government Agenda Forward: Meeting the Challenges of Digital Governance, Justice and Public Sector Information, Austrian Computer Society, April 2009, ISBN: 978-3-85403-253-3
  • CANNATACI, J.A. & MIFSUD BONNICI, J.P. (2009) The UK Data Protection Fiasco 2007-2008: Moving on from bad policy and bad law? International Review of Law, Computers and Technology March-July 2009, Routledge, Taylor & Francis, UK ISSN: 1364-6885 (electronic) 1360-0869 (paper) Vol 23 Nos.1-2, pp 47-76 DOI: 10.1080/13600860902876378
  • CANNATACI, J.A., Lex Personalitatis and Technology-driven Law, (2008), SCRIPTed Volume 5, Issue 1, April 2008, pp 1-6,


Aaron Ceross

Aaron Ceross is a Research Associate at Rjiksuniversiteit Groningen. He completed his LLB in Law and International Relations at the University of Malta in 2007. He further completed the Graduate Diploma in Law in London at Holborn College in 2009. Mr. Ceross also has some business and IT consulting experience, working as a junior consultant with a boutique firm in London, UK.






Jeanne Pia Mifsud Bonnici

Dr Jeanne Pia Mifsud Bonnici is a Rosalind Franklin Fellow and holds the chair in European Technology Law and Human Rights at the Department of European and Economic Law at the Faculty of Law of the University of Groningen, The Netherlands. She holds two doctorates in law (LL.D - University of Malta, 1995 and PhD - University of Groningen, 2007) as well as a Masters in Cognitive Science (University of Birmingham, 1996). Dr. Mifsud Bonnici has carried out extensive research on the role of self-regulation in the regulation of activities on the Internet and has authored a book on “Self-regulation in Cyberspace (TM Asser Press, 2008). In this study she examined the interaction between state regulation and private regulation in the regulation of Internet activities. For over 14 years she has researched and written on different aspects of data protection law and privacy especially issues relating to healthcare, medical information and police data.


•    MIFSUD BONNICI, J.P., Self-regulation in Cyberspace, T.M.C. Asser Press: The Hague, 2008

•    CANNATACI, J. & MIFSUD BONNICI, J.P., The end of the purpose-specification principle in data protection? International Review of Law, Computers and Technology, March 2010, Vol. 24, Nos. 1, 101-117 

•    CANNATACI, J. & MIFSUD BONNICI, J.P., The UK 2007 Data Protection Fiasco: Moving On From Bad Policy And Bad Law. International Review of Law, Computers and Technology, March-July 2009, Vol. 23, Nos. 1-2, 47-76

•    MIFSUD BONNICI, J.P. & CHOONG K.A., Access to the health records of deceased patients: Why the law is in need of review. Computer Law & Security Review, 2009, Vol.25, No.2, 155-164

•    CANNATACI, J. & MIFSUD BONNICI, J.P., Weaving the mesh: finding remedies in Cyberspace. International Review of Law, Computers and Technology, March 2007, Vol. 21, no.1, 59-78

•    MIFSUD BONNICI, J.P., Recent EU developments on data protection…in the name of Islam or ‘combating terrorism. Information and Communications Technology Law, June 2007, Vol.16 No. 2, 161-175 – Jeanne Pia Mifsud Bonnici

•    CANNATACI, J., CARUANA, M. & MIFSUD BONNICI, J.P., R(87) 15: A slow death? In ‘Monitoring, Supervision and Information Technology’ Erasmus University Press, Rotterdam, 2006, pp.27-49

•    CANNATACI, J. & MIFSUD BONNICI, J.P., Can self-regulation satisfy the transnational requisite of Internet Regulation?  In Legal Issues in Electronic Commerce, Captus Press, Canada, 2005

•    MIFSUD BONNICI, J.P. & de vey MESTDAGH, C.N.J., Right Vision, Wrong Expectations: The European Union and Self-Regulation of Harmful Internet Content. Information and Communications Technology Law, June 2005, vol. 14, no. 2, pp.133-150

•    CANNATACI, J. & MIFSUD BONNICI, J.P., Data Protection Comes of Age: The Data Protection Clauses in the European Constitutional Treaty. Information and Communications Technology Law, March 2005, vol. 14, no. 1, pp. 5-15

•    MIFSUD BONNICI, J.P. & de vey MESTDAGH, C.N.J., Tracing the sources of non-state actor regulation: the setting of global technical standards in cyberspace as an example.  In ‘From Government to Governance: The Growing Impact of Non-State Actors on the International and European Legal System’, T.M.C. Asser Institute, The Hague, 2004



Project Coordinator
Professor Joe Cannataci
University of Groningen

Info Box
Start date: May 2010
End date: April 2013
Grant agreement No.: 244643
EU Contribution: 2,599,570 Euros

This website is hosted by the Institute of Computer Science
The views expressed in this website are the sole responsibility of the author and do not necessarily reflect the views of the
European Commission.
FP7-SSH-2009-A | Work program topic addressed: SSH-2009-3.2.1. - Changes in consumption and consumer markets
© 2010 - 2012 CONSENT | Webmaster | Based on phpRS | Administration