View
217
Download
0
Embed Size (px)
Citation preview
Foundations of IT
Legal Issues and IT – Social Needs?
2
Intended Learning Outcomes
Through engaging in self-study, preparation and learning activities you will:
Be aware of some UK statutes related to the IT industry and users of IT
Be aware of some illustrative case law regarding the Use of IT
Be increasingly aware of some copyright and trademark issues connected with IT
3
Reality Check!
There are higher degrees that focus on IT / computing law, thus this session can only hint at the issues and the legislation.
As IT develops and changes the law tries to change but it can be slightly out-of-step
4
Activity 1 – Knowledge
Discuss with a partner and record the things you know are ‘illegal’ or breaches of some form of contract
Record the legislation you are aware of that impinges on IT and IT users
5
Main Statutes in English Law - 1 Computer Misuse Act 1990
Copyright Act 1956
Copyright (Computer Software) Amendment Act 1985
Copyright, Designs & Patents Act 1988
Disability Discrimination Act 1995 & 2005
6
Main Statutes in English Law - 2 Data Protection Act(s) 1984 & 1998
Interception of Communications Act 1985
Regulation of Investigatory Powers Act 2000
Protection of Children Act 1978
Various Trademarks Act 1994
7
Data Protection
Legislation regarding data protection is also found in other countries:
France Germany Sweden USA
Singapore Hong Kong Australia?
8
Data Protection
Data Protection Act 1984– This had limited scope – in the main it
related to processes that required individuals, companies and organisations to register that they held data.
9
Activity 2 - Register
When do you feel it would be necessary for an individual, an organisation or a business to register (as previously required ) or notify (as currently required) under the terms of Data Protection?
10
Activity 2 - Register
It is probable that you will have to register if you are dealing with Personal data
Personal data means data which relate to a living individual who can be identified from those data or from those data and other information which is in the possession of, or is likely to come into the possession of, the data controller.
http://www.informationcommissioner.gov.uk/
11
Data Protection
Data Protection Act 1998
defines dataprotection principles.
12
Data Protection
8
enforceable principles of
good practice
13
Data Protection
fairly and lawfully processed;
1
14
Data Protection
processed for limited purposes;
2
15
Data Protection
adequate, relevant and not excessive;
3
16
Data Protection
accurate;
4
17
Data Protection
not kept longer than necessary;
5
18
Data Protection
processed in accordance with the data subject's rights;
6
19
Data Protection
secure;
7
20
Data Protection
not transferred to countries without adequate protection.
8
21
Data Protection
Personal data covers both facts and
opinions about the individual.
22
Data Protection
Data processing, the definition is far wider than previously accepted.
Incorporates the concepts of
'obtaining', ‘holding' and 'disclosing'.
23
Computer Misuse Act 1990 The so called ‘basic offence’ under this Act
states that it is a criminal offencecriminal offence to obtain unauthorized access to computer material.
Unauthorised access includes "browsing" or "probing”.
It implies that the individual knows that in gaining access he/she is gaining unauthorised access.
24
Computer Misuse Act 1990
This raises three questions:
What constitutes access?
What constitutes authorised access?
How is it possible to make a judgement about any individual’s degree of ‘intent’?
25
Activity 3 – Access etc…
Spend a few minutes discussing what you believe may constitute ‘access’
What is your understanding of ‘intent’
Do you consider there to be a difference between ‘obtaining’ and ‘processing’
26
Case Scenarios A“Mike” went to a locksmith to purchase some equipment. He had formerly worked as a sales assistant at the business. The transaction was entered on a PC. While the PC was left unattended Mike keyed in a code that provided a 70% discount thus reducing the cost of the equipment from some £700 to £200. When the business realised what happened “Mike” was arrested and charged with an offence under Computer Misuse Act.
How did the case progress?
27
Case Scenarios A
The Judge dismissed the case because he held the narrow view that the phrasing in the legislation about access, required one PC to be used to obtain access to a ‘program or data held on another on another computercomputer’.
28
Case Scenarios - BAn electrical contractor’s office has recently installed a network.
The PCs are used by administrative staff. During a lunch break one of the company electricians sits at a PC and views unacceptable material on the web.
A member of the administrative staff returns from lunch break to find disturbing images on the PC.
In what circumstances might there be an offence?
29
Case Scenarios - B
Unauthorised access will only be an offence when the user is aware that access is unauthorised!
Actions: The Electrical Contractor needs to get all employeesall employees to sign an ‘Acceptable Use’ policy.
This should ensure that the employees appreciate who has authorised access and that if they do not any access will be deemed to be unauthorised
30
Case Scenarios - CA computer ‘hacker’ admitted to gaining unauthorised access to several computer systems on several occasions. The hacker’s defence suggested that the hacker was addicted to hacking.
Is there any intent involved in the hacker’s actions?
31
Case Scenarios - CThe defence argued that as this was an addiction there was no intent because the hacker was acting as a result of a compulsion.
The judge directed the jury that this would not be a proper defence against the charges.
The jury acquitted the defendant – Juries are not allowed to provide reasons for their decision.
32
Copyright and Trademarks
Copyright Act 1956
Copyright (Computer Software) Amendment Act 1985
EC directive on the Legal Protection of Programs….
Copyright (Computer Programs) Regulations 1992
33
Copyright and Trademarks
Copyright can be applied to software but also can be applied to any information recorded in electronic format such as e-mail, multimedia and web pages
Piecemeal approach to technology
1956 Act extended protection to TV and radio broadcasts
34
Copyright and Trademarks
Copyright lasts for the lifetime of the author and continues for 70 years after the author’s death
Copyright applies to three forms of ‘property’
35
Activity - Copyright
What do you think are the three forms of property?
Literary, dramatic, musical or artistic works
Sound recordings, films, broadcasts or cable programmes
Typographical arrangement of a published work
36
Copyright
The 1988 Act states that a literary work would include “ a computer program”
Where does a computer program end and a film begin? (e.g. Toy Story )
Issues of digital sampling (sound)?
Issues of digital photos
Back up copies?
37
Trademarks
Trademarks Act 1994 defines a trademark as:
– …any sign capable of being represented graphically…(it may include) words (including personal names) designs, letters, numerals & packaging
38
Activity - Trademarks
What elements of a domain name would it be appropriate to register as a trademark?
What is cyber-squatting?
What EU IT law and directives are there? http://www.paemen.com/
39
Activity – Sources of information
Use Google – search http://www.google.co.uk
Use Google Scholar – http://www.scholar.google.com/
Check Library – search http://www.library.soton.ac.uk/
Lloyd, I. J., (2000) Information Technology Law (3rd Ed.) Butterworths
Hedley, S., and Aplin, T. Blackstone’s Statutes on IT and e-Commerce Oxford University Press