1 ics 417: ict and society 4.3 ict and legal issues

22
1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

Upload: laureen-skinner

Post on 25-Dec-2015

223 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: 1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

1

ICS 417: ICT and Society

4.3 ICT and Legal Issues

Page 2: 1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

2

4.3.1 Confidentiality & Privacy

There is conflicting tension between privacy and accessibility of info Privacy is an individual’s right to

determine for themselves what about them is communicated to others

Confidentiality is an organization’s right to determine what will be communicated about commercially held info. e.g. sales data

Given conflict, to what extent are individual’s/society’s interests best served by allowing limits to data/info access?

Page 3: 1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

3

Gvts have different legal instruments relating

to different aspects of privacy e.g. defamation, copyright, trespass, etc.

Individual privacy space is defended by law in many countries and is a compromise between the needs of an individual and the needs of society for information Current Kenyan Constitution does not have

a separate section on privacy but aspects are included in the protection of fundamental rights and freedoms of the individual but adds “… subject to such limitations of that protection as are contained in those provisions, being limitations designed to ensure that the enjoyment of those rights and freedoms by any individual does not prejudice the rights and freedoms of others or the public interest.” (Chap. 5, Sec. 70 of the Constitution of Kenya)

Page 4: 1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

4

Draft Constitution has a specific section on the

privacy of the individual, which includes the right not to have:

information relating to their family or private affairs unnecessarily required or revealed and

the privacy of their communications infringed (Chap. 5, Sec. 43)

However, most Gvts have an interest in invading privacy than in protecting it: “It cannot be emphasized too strongly that the

incentives for the government and the bureaucracy are in the direction of invading, or at least ignoring or neglecting, privacy interests rather than protecting them. Most measures that are perceived as “necessary” to cope with a societal problem involve surveillance through data collection”. Flaherty, D. (1989), Protecting Privacy in Surveillance Societies, The University of North Carolina Press.

Page 5: 1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

5

Concept of privacy is context specific:

Variations wrt to what is “private” information exist between one individual and another, between different sections of society & between countries

THEN important concern is what the data is used for rather than the data itself

Whatever the privacy debate in a country or society, privacy protection is important & is likely to become more so as society becomes more informatized

2 important privacy issues: Fair use. The requirement to seek an

individual’s permission before passing the data on to others e.g. to be used in support of an organization’s business mission

Page 6: 1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

6

Gate keeping. The restricted access to

services, privileges, benefits or opportunities on the basis of certain data values. Some are inevitable and acceptable, e.g. point scoring system for credit provision. However, the same system can be used to keep out “trouble makers”! THEN the issue becomes: whose definition of trouble maker

Many Gvts have responded to the challenge on privacy with a myriad of legislative provisions, e.g. Data Protection Act 1998, 1998 Chapter 29

UK Laws, http://www.hmso.gov.uk/acts/acts1998/19980029.htm

Directive 95/46/EC of the EU on the protection of individuals with regard to the processing of personal data and on the free movement of such data, http://www.privacy.org/pi/intl_orgs/ec/eudp.html

Page 7: 1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

7

Finnish Government’s No. 565 Act on the

Protection of Privacy and Data Security in Telecommunications

http://www.mintc.fi/www/sivut/suomi/tele/saadokset/telecom/norms/1999_565.htm

Internet Privacy Law by Timothy J. Walton,

http://www.netatty.com/privacy/privacy.html Kenya?

Page 8: 1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

8

4.3.2 Copyright & Software Protection

Software development investment not adequately protected in many countries (cf hardware developments are usually adequately covered by patent law)

However, innovation & technology transfer can be stifled by draconian protection

Trade secrets (ways of working, plans and interactions), patents and copyright legislation attempt to balance these 2 tensions

Page 9: 1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

9

(a) Trade secrets or confidence Trade secrets (ideas & methods of

implementation) protected via the law of confidentiality. Includes both HW & SW

Protection created where there is a direct contractual obligation e.g. confidentiality obligations in employment contracts are enforceable in law

If obligations not defined, may be necessary to determine degree of good faith in any disclosure, e.g. use of knowledge acquired in previous employment in a competitor firm once employment ceases

With increasing outsourcing, using contracts to define specific confidentiality obligations is advised.

Page 10: 1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

10

(b) Copyright Protects copying the expression of an

idea (protects software) Most acts recognize SW as “literary”

work. Thus prohibit copying, issuing of copies, performing/showing/playing the work in public, adapting, etc.

Most acts permit certain actions (“fair dealing”), e.g. use for research, private study, criticism, review, news reporting, taking back-ups, etc.

SW license issued to permit actions forbidden by copyright (see example of SW license agreement)

Damages for contravening copyright usually a notional cost of license fee, e.g. 10% royalty

Page 11: 1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

11

Weaknesses/challenges:

Does not protect underlying idea (protects its expression: in source code and documentation).

What is the legality of reverse engineering? What is the position of “look and feel” of software?

What is the position of object code? Not intelligible to human beings, it therefore falls outside the definition of "copy" in a Copyright Act

Other SW protection measures (esp. security): Hardware locks Randomizing blocks in source code to disguise

its logic Compiling SW to ensure source code not

available Low prices to make illegal copies less attractive

Page 12: 1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

12

SW license agreement may allow SW to be:

used or copied for use on or with the primary computer for which it was acquired, plus a backup computer if the primary is inoperative;

reproduced for safekeeping or backup purposes;

customized, adapted, or combined with other computer software, provided that derivative software incorporating any of the delivered, restricted computer software shall be subject to same restrictions set forth herein;

disclosed to and reproduced for use by support service suppliers or their subcontractors, subject to the same restrictions set forth in the Contract;

used or copied for use on or transferred to a replacement computer; and

subject to audit by the Supplier to verify compliance with the License Agreements

Page 13: 1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

13

SW license agreement may disallow SW

to: assign or otherwise transfer voluntarily

without the Supplier’s prior written consent, except as otherwise provided for in an assignment clause

transfer, sell, lease, rent, charge or otherwise deal in or encumber the Source Code nor use the same on behalf of or the benefit of any other party, unless such is within the overall scope of the project

expand access to the Source Code to those of its employees, agents, contractors, or subcontractors who neither have a need to know nor are directly engaged in the maintenance and/or enhancement of the programs

See ACM case – touches on issues of confidentiality and copyright

Page 14: 1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

14

4.3.3 Trademarks & Trade Names

Trademark is any sign or combination of signs, capable of distinguishing the goods and services of one undertaking from those of other undertakings

Tradename is the name or designation which identifies an enterprise

Most laws: require trademarks & trade names be registered with a

Gvt authority protect against use of a trademark or a sign similar to it,

at least in connection with the same or similar goods for which trademark was registered e.g. the case between Uniliver PIC that manufactures Blue Band & Bidco Oil Industries that manufactures Gold Band. Uniliver accused Bidco of using its registered trademark Blue Band, packaging with the same shape, colour, configuration, design and general appearance, and generally confusing the minds of the public into thinking Gold Band was manufactured by Uniliver (DN 17.02.2004)

protect against use of trade name by another enterprise, if likely to mislead the public

Page 15: 1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

15

4.3.4 Patents Used to protect inventions Generally, in order for an invention to be

patented, patent laws require that it must: be new, involve an inventive step (non-

obvious), be industrially applicable Can patent process or product Patent is issued by Gvt authority, gives

patentee (owner of patent) exclusive rights, has a territory & is for specified term of years

Patent protection means anyone who wishes to exploit the invention must obtain the authorization of the patentee, otherwise prosecution (patent given on first to file basis)

Patented invention may be exploited without patentee’s authority, e.g. in the public interest by or on behalf of the Gvt or after expiry of term

Page 16: 1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

16

4.3.5 Software Piracy No legal distinction between breach of

copyright of mass-market SW product & bespoke SW – but concerns are different

Usually refers to clearly detectable copying of commercially available SW

What are the issues? Huge investment cost. SW houses will

therefore attempt to protect their investment e.g. by having pressure groups (funded by SW developers) dedicated to reduce the extent of piracy

High costs, especially for poor countries Detection of breach. How do you detect

illegal copies? SW external raids and audits by lobby groups?

Page 17: 1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

17

Rights of user. What rights should the legitimate SW user have? Should they be able to copy e.g. for backups; to “decompile” or to adapt to meet certain requirements that are not commercial in nature; etc.

How much piracy to allow! Piracy represents locking in of customers – it might therefore have long-term benefits

How can we address the problem of piracy? Simplify licensing rules Make site licenses cheaper and easier to

obtain Use free/open source software (F/OSS) Draw up a relevant legislation Make SW users aware of the law and legal

implications of piracy

Page 18: 1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

18

4.3.6 Other Legal Issues Issues over copyright ownership rights in

systems development: SW development by an employee in course of the

employment? – Employer as per Copyright Act, 2001, subject to any agreement between the parties

SW developed by consultant/contractor in course of consultancy assignment? - Employer as per Copyright Act, 2001, subject to any agreement between the parties

SW developed using rapid prototyping or CASE tools?

How do you protect disclosure for an employee who resigns/leaves in middle of a major SW development project?

How do we deal with new crimes (cyber crime) associated with new ICT innovations? e.g. altering a program to perform a fraudulent act, time bombs in programs, etc.

Page 19: 1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

19

How do we deal with issues of jurisdiction?

How do you insure against ICT crimes?

Note: ICT can be used to prevent, detect and prosecute crimes e.g. audit trails, cashless systems reduces cash crimes (& creates other types of crimes), knowledge-based systems that can warn of potential criminals, systems that support crime protection, detection, & prosecution, etc.

Page 20: 1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

20

4.3.7 Copyright in Kenya? SW treated as “literary works” under the

Copyright Act, 2001 Confers copyright to employer or

customer subject to any agreement between the parties

Term of CR is 50 years after the end of the year in which the author dies

Allows copies to correct errors, make back-up, testing for suitability, or other purposes not prohibited under SW license agreement

Limited capacity (AG’s chambers and judiciary) for SW copyright

Require separate legislation for SW?

Page 21: 1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

21

4.3.8 Patenting in Kenya? Used UK patent law until 1989 Now under Industrial Property Act, 2001 (KIPI) Patent right granted to:

person(s) with earliest application filing date employer or person who commissioned the

work for invention made in in execution of a commission or of employment contract, in the absence of contractual provisions to the contrary

employee or person commissioned to do the work for invention made without any relation to an employment or service contract

Rights extended only to acts done for industrial or commercial purposes and not acts for scientific research

Patent expires after 20 yrs from date of filing Patent may be exploited in public interest…

Page 22: 1 ICS 417: ICT and Society 4.3 ICT and Legal Issues

22

4.3.9 What next for SW? Global copyright agenda dominated by

powerful Western interest groups (esp. MNEs) laws (e.g. TRIPS – agreement on trade-

related IP) marginalize LDCs CR protected SW has high license costs, is

inflexible, does not create necessary human capacity transfer, etc. – no solution for LDCs.

Solutions? Evaluate options, including: getting exemptions to copyright laws? differential pricing for LDCs? open licenses, esp. for education sectors? switching to F/OSS? you setting up business enterprises to

produce software to compete with that from the “West”