Information Technology Law (ninth edition)
Ian J. Lloyd


To misquote Homer Simpson, ‘they have [law] on computers now’ (Season 9 – episode 14 for anybody who is interested).


IT law is not, of course, a distinct jurisprudential concept. Instead, it is more of a catalogue heading which collates how the rapidly changing world of IT is dealt with by the various component parts of the often lumbering behemoth of our legal system.

This book breaks those component parts into broad headings of privacy, anonymity and data protection (Part I); computer-related crime (Part II); intellectual property issues (Part III); and e-commerce (Part IV). Lloyd then sets about showing how traditional legal theory in each area has wrestled with the unique problems caused by having to deal with a target which is both ever moving and accelerating at an increasing rate.

Logical chapter headings and indexing make this an easy book to navigate. Despite the author’s obvious expertise in, and enthusiasm for, the subject, he makes no assumptions about the technical or legal experience of the reader. Everything is clearly explained in a very accessible style.  

The sections dealing with data protection take a bit of getting through, but if anybody has ever written a ‘page turner’ about the basics of data protection law I have yet to read it.

The key revisions of this (the 9th) edition are listed as including the GDPR and Data Protection Act 2018; the rise of online fraud; discussions and commentary around digital operators such as Yahoo, Google and Facebook; legislation dealing with revenge pornography; and governance and regulation of the internet and cryptocurrencies.

One slight problem with this edition, acknowledged by the author, is that the updated manuscript was submitted in September 2019, since which time we have of course formally exited the EU, an institution which has kept an almost paranoid level of control over member states’ regulation of IT within the single market. It remains to be seen how much the post-transition-period UK landscape will resemble the one carefully mapped by this book.

My copy of the book did have a number of typographical errors in Part I. Occasional paragraphs were seemingly incomplete, while others were repeated. This was disappointing to see from such a respected publisher as the OUP.  

In addition, some of the other text feels as if it may not have been updated for the latest edition (or perhaps even for the last few editions). For example, in Chapter 10.9 (damage to data) there is a comment that ‘a more recent trend involves the use of “ransomware”’ (which so far as I know is now more of a longstanding problem that a ‘recent trend’), and Chapter 8.7 (air passenger data) comments that ‘the 2007 [Passenger Name Record] agreement seems likely to be no less controversial than its predecessors’. Presumably, after 13 years, it must be known whether or not it was.

Notwithstanding these small niggles, as an academic analysis this book will no doubt remain a valuable source for students who need to understand what kind of unique problems IT has created as it has evolved, and how UK, EU and common law has addressed those problems.

We can only wonder what technological marvels will exist by the time the next edition is due, and what further unique mischiefs the law will have to address as a result.

Sean Gordon is a senior solicitor and compliance manager at Brewer Wallace Solicitors, Hull