Professional Documents
Culture Documents
themselves what about them is communicated to others Confidentiality is an organizations right to determine what will be communicated about commercially held info. e.g. sales data
Given conflict, to what extent are individuals/societys interests best served by allowing limits to data/info access?
2
Gvts have different legal instruments relating to different aspects of privacy e.g. defamation, copyright, tresspass, etc. Individual privacy space is defended by law in many countries and is a compromise between the needs of an individual and the needs of society for information
Current Kenyan Constitution does not have a separate
section on privacy but aspects are included in the protection of fundamental rights and freedoms of the individual but adds subject to such limitations of that protection as are contained in those provisions, being limitations designed to ensure that the enjoyment of those rights and freedoms by any individual does not prejudice the rights and freedoms of others or the public interest. (Chap. 5, Sec. 70 of the Constitution of Kenya)
3
the individual, which includes the right not to have: information relating to their family or private affairs unnecessarily required or revealed and the privacy of their communications infringed (Chap. 5, Sec. 43)
However, most Gvts have an interest in invading privacy than in protecting it:
It cannot be emphasized too strongly that the incentives
for the government and the bureaucracy are in the direction of invading, or at least ignoring or neglecting, privacy interests rather than protecting them. Most measures that are perceived as necessary to cope with a societal problem involve surveillance through data collection. Flaherty, D. (1989), Protecting Privacy in Surveillance Societies, The University of North Carolina Press.
4
one individual and another, between different sections of society & between countries THEN important concern is what the data is used for rather than the data itself
Whatever the privacy debate in a country or society, privacy protection is important & is likely to become more so as society becomes more informatized 2 important privacy issues:
Fair use. The requirement to seek an individuals permission
before passing the data on to others e.g. to be used in support of an organizations business mission
5
benefits or opportunities on the basis of certain data values. Some are inevitable and acceptable, e.g. point scoring system for credit provision. However, the same system can be used to keep out trouble makers! THEN the issue becomes: whose definition of trouble maker
Many Gvts have responded to the challenge on privacy with a myriad of legislative provisions, e.g.
Data Protection Act 1998, 1998 Chapter 29 UK Laws,
http://www.hmso.gov.uk/acts/acts1998/19980029.htm Directive 95/46/EC of the EU on the protection of individuals with regard to the processing of personal data and on the free movement of such data, http://www.privacy.org/pi/intl_orgs/ec/eudp.html
6
Finnish Governments No. 565 Act on the Protection of Privacy and Data Security in Telecommunications
http://www.mintc.fi/www/sivut/suomi/tele/saadokset/teleco m/norms/1999_565.htm
Software development investment not adequately protected in many countries (cf hardware developments are usually adequately covered by patent law) However, innovation & technology transfer can be stifled by draconian protection Trade secrets (ways of working, plans and interactions), patents and copyright legislation attempt to balance these 2 tensions
8
(a) Trade secrets or confidence Trade secrets (ideas & methods of implementation) protected via the law of confidentiality. Includes both HW & SW Protection created where there is a direct contractual obligation e.g. confidentiality obligations in employment contracts are enforceable in law If obligations not defined, may be necessary to determine degree of good faith in any disclosure, e.g. use of knowledge acquired in previous employment in a competitor firm once employment ceases With increasing outsourcing, using contracts to define specific confidentiality obligations is advised.
9
(b) Copyright Protects copying the expression of an idea (protects software) Most acts recognize SW as literary work. Thus prohibit copying, issuing of copies, performing/showing/playing the work in public, adapting, etc. Most acts permit certain actions (fair dealing), e.g. use for research, private study, criticism, review, news reporting, taking back-ups, etc. SW license issued to permit actions forbidden by copyright (see example of SW license agreement) Damages for contravening copyright usually a notional cost of license fee, e.g. 10% royalty
10
Weaknesses/challenges:
Does not protect underlying idea (protects its expression: in
source code and documentation). What is the legality of reverse engineering? What is the position of look and feel of software? What is the position of object code? Not intelligible to human beings, it therefore falls outside the definition of "copy" in a Copyright Act
which it was acquired, plus a backup computer if the primary is inoperative; reproduced for safekeeping or backup purposes; customized, adapted, or combined with other computer software, provided that derivative software incorporating any of the delivered, restricted computer software shall be subject to same restrictions set forth herein; disclosed to and reproduced for use by support service suppliers or their subcontractors, subject to the same restrictions set forth in the Contract; used or copied for use on or transferred to a replacement computer; and subject to audit by the Supplier to verify compliance with the License Agreements
12
Suppliers prior written consent, except as otherwise provided for in an assignment clause transfer, sell, lease, rent, charge or otherwise deal in or encumber the Source Code nor use the same on behalf of or the benefit of any other party, unless such is within the overall scope of the project expand access to the Source Code to those of its employees, agents, contractors, or subcontractors who neither have a need to know nor are directly engaged in the maintenance and/or enhancement of the programs
registered with a Gvt authority protect against use of a trademark or a sign similar to it, at least in connection with the same or similar goods for which trademark was registered protect against use of trade name by another enterprise, if likely to mislead the public 14
6.4 Patents
Used to protect inventions Generally, in order for an invention to be patented, patent laws require that it must: be new, involve an inventive step (nonobvious), be industrially applicable Can patent process or product Patent is issued by Gvt authority, gives patentee (owner of patent) exclusive rights, has a territory & is for specified term of years Patent protection means anyone who wishes to exploit the invention must obtain the authorization of the patentee, otherwise prosecution (patent given on first to file basis) Patented invention may be exploited without patentees authority, e.g. in the public interest by or on behalf of the Gvt or after expiry of term 15
therefore attempt to protect their investment e.g. by having pressure groups (funded by SW developers) dedicated to reduce the extent of piracy High costs, especially for poor countries Detection of breach. How do you detect illegal copies? SW external raids and audits by lobby groups? 16
legitimate SW user have? Should they be able to copy e.g. for backups; to decompile or to adapt to meet certain requirements that are not commercial in nature; etc. How much piracy to allow! Piracy represents locking in of customers it might therefore have long-term benefits
obtain Use free/open source software (F/OSS) Draw up a relevant legislation Make SW users aware of the law and legal implications of piracy 17
How do you protect disclosure for an employee who resigns/leaves in middle of a major SW development project? How do we deal with new crimes (cyber crime) associated with new ICT innovations? e.g. altering a program to perform a fraudulent act, time bombs in programs, etc.
18
employment? Employer as per Copyright Act, 2001, subject to any agreement between the parties SW developed by consultant/contractor in course of consultancy assignment? - Employer as per Copyright Act, 2001, subject to any agreement between the parties SW developed using rapid prototyping or CASE tools?
How do we deal with issues of jurisdiction? How do you insure against ICT crimes?
Note: ICT can be used to prevent, detect and prosecute crimes e.g. audit trails, cashless systems reduces cash crimes (& creates other types of crimes), knowledge-based systems that can warn of potential criminals, systems that support crime protection, detection, & prosecution, etc.
19
SW treated as literary works under the Copyright Act, 2001 Confers copyright to employer or customer subject to any agreement between the parties Term of CR is 50 years after the end of the year in which the author dies Allows copies to correct errors, make back-up, testing for suitability, or other purposes not prohibited under SW license agreement Limited capacity (AGs chambers and judiciary) for SW copyright Require separate legislation for SW? 20
Used UK patent law until 1989 Now under Industrial Property Act, 2001 (KIPI) Patent right granted to:
person(s) with earliest application filing date
employer or person who commissioned the work for
invention made in in execution of a commission or of employment contract, in the absence of contractual provisions to the contrary employee or person commissioned to do the work for invention made without any relation to an employment or service contract
Rights extended only to acts done for industrial or commercial purposes and not acts for scientific research Patent expires after 20 yrs from date of filing Patent may be exploited in public interest 21
Global copyright agenda dominated by powerful Western interest groups (esp. MNEs)
laws (e.g. TRIPS agreement on trade-
CR protected SW has high license costs, is inflexible, does not create necessary human capacity transfer, etc. no solution for LDCs. Solutions? Evaluate options, including:
getting exemptions to copyright laws? differential pricing for LDCs? open licenses, esp. for education sectors? switching to F/OSS?
22