Faculty of Education, Social Sciences and Law

School of Law

Dr Subhajit Basu FRSA

Associate Professor in Information Technology Law (Cyberlaw)

I am an Associate Professor in Information Technology Law where I teach and research on the regulation of the internet, including issues relating to privacy, data protection, freedom of expression and also e-commerce. 

I aim to explore the challenges that the Internet has created in transforming our lives, especially in the area of governance and in our legal framework. I am Deputy Director of Law and Emerging Technologies Research Group.

Understanding and making sense of the increasing amount of “data” that is out there is central to my research. “Big data” has the ability to control our lives and I am particularly interested in how we can better inform and empower consumers. I am also keen to examine how we can update our legal framework so as to protect privacy and equip the public with the knowledge needed to make informed choices.

  • Fellow of the Royal Society for the Encouragement of Arts, Manufactures and Commerce
  • Research Fellow of African Centre for Cyberlaw and Cybercrime Prevention (ACCP)
  • Advisor to Centre for Law and Technology (Nepal)
  • Member of Advisory Board Centre for Cyber Victim Counselling and Vice-Chair of British, Irish Law Education and Technology Association (BILETA)
  • Fellow of the Higher Education Academy.


  • 2009 School of Law from Queen’s University Belfast.
  • 2003 Ph.D. research at Liverpool John Moores University (on Taxation of E-commerce.
  • 1998 Called to the Bar (1998) and worked as Solicitor and Advocate specialising in Corporate Law in India.

I have been a visiting Scholar at the Dickinson School of Law, Penn State University. I am visiting Professor of National University of Law, (NLU) India and SGT University, India.

I am the Deputy Editor of International Review of Law Computers and Technology (IRLCT). I also sit on the Editorial Boards of five journals: European Journal of Law and Technology (EJLT); International Journal of Innovation in the Digital Economy, Economic and Administrative Series of the Annals of the University of Bucharest; Global Business and Management Research: An International Journal; Electronic Journal of e-Government (EJEG).

I am currently working on and involved in the following externally funded research projects.

  • Co-Investigator: CRITiCaL - Combatting cRiminals In The Cloud (EPSRC) June 2015 - May 2020. In this project, we seek to understand the different types of crime that can happen in the Cloud, build systems that will allow the detection of this criminal behaviour and enable the use of digital evidence to lead to successful prosecution of Cloud crime perpetrators.

  • Co-Investigator: ‘Review of Legislation and Policy Guidance Relating to Adult Social Care’ (funded by Commissioner of Older People Northern Ireland and Government of Northern Ireland, 2014-2015). The full report for the COPNI can be downloaded here.http://www.copni.org/images/documents/COPNI_Report_-_03_June_2015.pdf

  • Co-Investigator: “International Justice for Older Adults - Crossing Barriers as well as Borders” (funded by Borchard Foundation Center on Law and Aging, USA (2011-2013). Inter-disciplinary research on the need for better integration of health and social care (comparative and international perspectives) and rights and responsibilities of older adults and families.

  • Legal Expert and co-investigator on European Commission funded “HuWY”. The project aims to support young people’s eParticipation in policies about the Internet and its governance, through a distributed discussion (2009-2010).

  • Partner on European Commission funded Legal Framework for the Information Society (LEFIS) project on IT and Legal Education (2004) and LEFIS APTICE Thematic Network (2007). The project was responsible for developing, implementing and consolidating a cross-national teaching and research infrastructure which adequately responds to the needs and problems raised by the information and knowledge society.

Research Interests

The focus of my research and writing is on “emerging technologies”, especially in the context of the “regulation of cyberspace”. My focus is on the regulatory challenges brought about by the development, use and omnipresence of such technologies. Specifically, I explore how online activities and behaviour can be regulated and how we can provide protection for those using the internet. 

As a “realist”, I care about the opportunities created by these technologies, in particular ensuring an effective adaptive regulatory framework. I continuously question the political and economic power that technologies offer – a power that can be seized and bought and sold. Who will own these technologies? Who will control them? Who will be ethically responsible for their application and use?

My research provokes and challenges established conventions around regulation. I am interested in all aspects of regulation of cyberspace and contribute to the important policy debate around privacy, freedom of expression and innovation. In today’s world most creative expression takes place on Twitter and Facebook but are they liable for their users’ online activities? Should they be legally responsible for what their users do and say?

Themes in my recent scholarship include: online privacy and protection for the individual – how should we develop the regulatory environment? How do we ensure a balance between privacy, freedom on the one hand and surveillance and security in the other? Liability of the intermediaries for regulation of undesirable online content including hate speech, the regulation of digital property and content; freedom of expression and privacy; taxation of e-commerce; consumer protection issues in e-commerce. In addition I have explored the growth of online criminal identities and how technology has provided a much more efficient tool for crime to occur including cyber-harassment, cyberstalking, trolling and financial frauds such as phishing.

One aspect of my research is about “empowering people” to give some of the control back to people/users. For past few years, I have been working extensively on “data protection” issues from Health (e-health) / technology / regulation / privacy perspectives. My co-authored “Privacy and Healthcare Data: ‘Choice of Control’ to ‘Choice’ and ‘Control’?” (Ashgate, 2016) book aims to open up the debate of how data could help medical research. The book also aims to shape and inform policy and to prevent one specific party – government or industry from exerting too much control. We are developing our research to find answers to the question of how to balance individual privacy interests and community interests in the exploitation of healthcare data in light of progress that has been made in e-Health across the world.

I am author of the critically acclaimed book “Global Perspectives on E-Commerce Taxation Law (Ashgate, 2008). The book proposed the most effective mean for collection of consumption taxes which is technically feasible, efficient, and cost-effective. It examined the volatile and rapidly changing intersection of e-commerce and tax law, particularly it focused on how to ensure the effective collection of consumption taxes with respect to the cross-border supply of digital goods and services.

One of the core principles of academia is our willingness to contribute our services to the local, national, and international efforts to improve global understanding and the lives and well-being of our students and the worlds in which they will live. I am fully committed to this principle. I try to share my research and service with as many people as possible.


I teach in the areas of Information and Technology Law, E-commerce Law, Cybercrime, Intellectual Property Law.

I am also the Programme Manager for LLM Business programmes.

PhD Supervision

I am happy to supervise PhD students in the general areas of my research interests.

Key Publications


  • Basu S, Munns C, Privacy and Healthcare Data: Choice of Control to Choice and Control (Routledge Ashgate, 2015)

    Author URL [www.routledge.com]

    In order for the information society to realise its full potential, personal data has to be disclosed, used and often shared. This book explores the disclosure and sharing of data within the area of healthcare. Including an overview of how health information is currently managed, the authors argue that with changes in modern society, the idea of personal relationships with a local GP who solely holds and controls your health records is becoming rapidly outdated. The authors aim to encourage and empower patients to make informed choices about sharing their health data. They do this by developing a three-stage theoretical model for change to the roles of the NHS and the individual. The study generates debate to stimulate and inspire new models and policy, and to provoke new visions for the sharing of healthcare data. Such discussion is framed through an exploration of the changing concept of 'privacy' and 'patient control' in healthcare information management. The volume draws on best practices from Europe and the USA and combines these to form a suggested vision for the UK as an early adopter of change. The volume will be essential reading for academics in the field of privacy and data protection, as well as healthcare and informatics professionals across different jurisdictions.

  • Basu S, Global Perspectives on E-Commerce Taxation Law, Markets and the Law (Ashgate, 2007), 1-344

    Author URL [works.bepress.com]

    It is trite, but true, that taxation of e-commerce is a major concern for international agencies and tax authorities worldwide. In its most advanced form e-commerce allows unidentified purchasers to pay obscure vendors, in ‘electronic cash,’ for products that are often goods, services, and licenses all rolled into one. A payee may be no more than a computer that can take up `residence’ anywhere at the drop of a hat; national boundaries are of no consequence whatsoever. The book looks at the implications of the growth of e-commerce for domestic and international tax systems. It covers a wide array of activities such as discussions on the basic principles that govern direct and indirect taxes, overview of the technological changes that have brought about e-commerce, a concise explanation of how and what happens when e-commerce is conducted, examination of the ways in which businesses are using the new technology in conducting their everyday activities, discussion of the application of existing tax principles to e-commerce, exploration of questions and problems raised by applying tax rules that evolved before e-commerce, and observations and suggestions for a variety of approaches to international tax problems resulting from e-commerce and the associated benefits and problems, since the implications of e-commerce vary from industry to industry, it focus on the broader issues. This book also analyses a number of fast-moving trends in the behaviour of national taxation authorities, web-based companies, certain low-tax (or no-tax) jurisdictions, and international organizations that have significant bearing on the future development of the taxation of e-commerce principally influence of economic organisations like OECD, WTO and EU, in particular the influential OECD ongoing study and the latest and most up to date development in OECD and European Community. It examines how US domestic and international tax rules are being interpreted and adopted in the effort to accommodate e-commerce. How VAT rules in EU countries and other jurisdictions are being restructured. It looks into the issues of revenue loss, specifically into the danger of revenue loss for developing countries. The book also offer solutions and future trends in this field.

Journal articles

  • Munns C, Basu S, ‘The NHS information revolution: 'choice of control' to 'choice' and 'control’, International Review of Law, Computers and Technology, 27.1-2 (2013), 124-160
    DOI: 10.1080/13600869.2013.764132

    This paper provides a novel and critical analysis of the necessary and important balance between 'individual privacy' and 'collective transparency'. We suggest that the onset of the Information Revolution has created a dilemma for the National Health Service (NHS) in terms of how it addresses its obligation to use information to improve best practice in healthcare for society ('collective transparency') whilst also keeping sensitive personal information confidential ('individual privacy'). There is clearly a need to consider both whether the NHS is balancing this critically important informational relationship and whether its approach is fit for purpose. We argue that the NHS's 'proxy-individual' information guardian role could inadvertently mask individuals' intended roles, effectively circumventing autonomy-based laws by limiting the power of individuals to be autonomous. In this article we have identified three issues-first the prevailing 'Mindset' (the 'M') of 'privacy', which is viewed as individualistic, resulting in an overpowering concept of confidentiality; second, the quality and control of Information (the first 'I'); and third, the concept of innovation (the second 'i'), which is being used as a 'solution' rather than a vehicle for transparency. Indeed, transparency is our target of 'best practice,' and we suggest that individual privacy and collective transparency are best embedded within a complementary privacy framework that offers a better fit than the current split of control between the roles of the NHS and the roles of the individual. It is suggested that when facilitated by transparency, 'control' and 'privacy' form a continuum, aligning through the desire for choice. Therefore, the choice of control could facilitate control and choice. Together, they could replace the concept of privacy by empowering 'informed patients' to support the NHS's 'No decision about me, without me' pledge. © 2013 Copyright Taylor and Francis Group, LLC.

  • Basu S, ‘Stalking the Stranger in Web 2.0: A Contemporary Regulatory Analysis’, European Journal of Law and Technology, 3.2 (2012), 1-36

    Author URL [ejlt.org]

    In this article, a virtual, community-based concept of regulation is developed to regulate cyberstalking in Web 2.0. Such a concept offers a novel approach based on three elements fundamental to the discussion of regulation of cyberstalking: (1) the differences between physical stalking and cyberstalking; (2) the character of a virtual community and the effects of social interactions; and (3) the scope of experience and reality. This formulation is based on an expansive view of regulation and “normativity” of a virtual community. The author advocates the formation of codes of conduct based on the “rights and responsibilities” discourse, termed here as “protocols,” which reflect optimal sociological conceptions. The philosophical underpinning of protocols recognises the value of community, essentially the connection between individuals and their community. As such, these protocols will assist in the formation of private laws that are practical and acceptable within the virtual community. The aim of this concept of regulation is to ensure that cyberspace remains a lawful and socially useful space.

  • Basu S, ‘Privacy Protection: A Tale of Two Cultures’, Masaryk University Journal of Law and Technology, 6.1 (2012), 1-34

    The paper provides a novel and critical analysis of privacy as an instrumental notion within social and cultural contexts. The argument suggests there is much utility in a novel multiple-perspective approach to the study of privacy in a socio-legal context. It questions our assumptions about privacy by looking to a differing privacy culture - that of the India. It examines the Indian perception of privacy based on India's cultural values and offers an explanation for why India's concept of privacy is beyond the often dominated public-private dichotomy and why it has implicitly or explicitly affected the agenda for privacy theory by placing some issues in the limelight while leaving others backstage. The importance of the argument is due to its critical assessment of the current European approach (from the EC, ECJ and ECHR) where privacy is regarded as an inalienable right with a concrete psychological foundation. I argue that privacy interests are far more extensive and deeper than the European definition which can at best capture only some of the issues which require elucidation when we litigate over privacy.

  • Basu S, Duffy J, Pearson K, ‘Older people and legal advice – the need for joined up and creative approaches’, Journal of Social Welfare and Family Law, 34.1 (2012), 31-37
    DOI: 10.1080/09649069.2012.675463, Repository URL: http://eprints.whiterose.ac.uk/74421/

    This paper reports the findings from research conducted with older people in Northern Ireland which investigated whether their needs for legal information and advice were being met. One of the unique aspects of the research involved investigating the potential of the internet as a possible source for advising older people in relation to legal problems. The findings suggest that on-line legal information may frequently assist older people in identifying potential answers to their legal questions, but may not be an adequate substitute for personal communication and advice. The research also highlights the need for professionals to work together to meet the needs of older persons for legal advice and to safeguard their interests. Such “joined up” approaches are particularly important, for example, at the point of dementia diagnosis, where information sharing between health and social care professionals may significantly promote the legal and welfare interests of the older person at a vulnerable point in their lives. This paper therefore turns to work by university-based legal clinics in the United States, such as the Elder law Clinic at Pennsylvania State University, where social work or health care professionals, lawyers and law students collaborate to support older people in their search for resolution of legal problems.

  • Basu S, Duffy J, ‘Providing Legal Information and Advice to Older People: as much a question of accessibility as affordability’, European Journal of Law and Technology, 1.3 (2010), 1-32
    Repository URL: http://eprints.whiterose.ac.uk/43779/

    No continent has as high a proportion of older people as Europe. In this paper, we report the findings of an empirical project examining the legal advice needs of older people. An important element of the project also sought information about the capacity of the internet for meeting the legal advice needs of older people. Overall our findings broadly indicate considerable failings in legal information provision for older people from more traditional advice sources. Whilst we have uncovered some examples of individualised good practice,our research in the main revealed an alarming sense of fear, mistrust, uncertainty and ambivalence among older people towards accessing legal advice. The research was funded by the Changing Ageing Partnership (CAP). We believe our findings have broad implications and applicability across Europe.

  • Basu S, ‘Implementing E-Commerce Tax Policy’, British Tax Review 2004, 46-69


  • Basu S, Jones R, ‘Regulating Cyberstalking’, in Crimes of the Internet, ed. by Schmalleger F and Pittaro M, 1 (USA: Prentice Hall, 2008), 1, 141-165

Media Contact Areas

  • Regulation of Cyberspace
  • Data Protection
  • Privacy and Freedom of Expression Issues related to Social Networking Sites
  • Big Data
  • Cybercrime
  • Digital Divide
  • Regulation of emerging Technologies
  • E-commerce: Data Protection, Consumer Protection, Taxation, Trust 

© Copyright Leeds 2016