Foundations of IT

Legal Issues and IT – Social Needs?

2

Intended Learning Outcomes

Through engaging in self-study, preparation and learning activities you will:

Be aware of some UK statutes related to the IT industry and users of IT

Be aware of some illustrative case law regarding the Use of IT

Be increasingly aware of some copyright and trademark issues connected with IT

3

Reality Check!

There are higher degrees that focus on IT / computing law, thus this session can only hint at the issues and the legislation.

As IT develops and changes the law tries to change but it can be slightly out-of-step

4

Activity 1 – Knowledge

Discuss with a partner and record the things you know are ‘illegal’ or breaches of some form of contract

Record the legislation you are aware of that impinges on IT and IT users

5

Main Statutes in English Law - 1 Computer Misuse Act 1990

Copyright Act 1956

Copyright (Computer Software) Amendment Act 1985

Copyright, Designs & Patents Act 1988

Disability Discrimination Act 1995 & 2005

6

Main Statutes in English Law - 2 Data Protection Act(s) 1984 & 1998

Interception of Communications Act 1985

Regulation of Investigatory Powers Act 2000

Protection of Children Act 1978

Various Trademarks Act 1994

7

Data Protection

Legislation regarding data protection is also found in other countries:

France Germany Sweden USA

Singapore Hong Kong Australia?

8

Data Protection

Data Protection Act 1984– This had limited scope – in the main it

related to processes that required individuals, companies and organisations to register that they held data.

9

Activity 2 - Register

When do you feel it would be necessary for an individual, an organisation or a business to register (as previously required ) or notify (as currently required) under the terms of Data Protection?

10

Activity 2 - Register

It is probable that you will have to register if you are dealing with Personal data

Personal data means data which relate to a living individual who can be identified from those data or from those data and other information which is in the possession of, or is likely to come into the possession of, the data controller.

http://www.informationcommissioner.gov.uk/

11

Data Protection

Data Protection Act 1998

defines dataprotection principles.

12

Data Protection

8

enforceable principles of

good practice

13

Data Protection

fairly and lawfully processed;

1

14

Data Protection

processed for limited purposes;

2

15

Data Protection

adequate, relevant and not excessive;

3

16

Data Protection

accurate;

4

17

Data Protection

not kept longer than necessary;

5

18

Data Protection

processed in accordance with the data subject's rights;

6

19

Data Protection

secure;

7

20

Data Protection

not transferred to countries without adequate protection.

8

21

Data Protection

Personal data covers both facts and

opinions about the individual.

22

Data Protection

Data processing, the definition is far wider than previously accepted.

Incorporates the concepts of

'obtaining', ‘holding' and 'disclosing'.

23

Computer Misuse Act 1990 The so called ‘basic offence’ under this Act

states that it is a criminal offencecriminal offence to obtain unauthorized access to computer material.

Unauthorised access includes "browsing" or "probing”.

It implies that the individual knows that in gaining access he/she is gaining unauthorised access.

24

Computer Misuse Act 1990

This raises three questions:

What constitutes access?

What constitutes authorised access?

How is it possible to make a judgement about any individual’s degree of ‘intent’?

25

Activity 3 – Access etc…

Spend a few minutes discussing what you believe may constitute ‘access’

What is your understanding of ‘intent’

Do you consider there to be a difference between ‘obtaining’ and ‘processing’

26

Case Scenarios A“Mike” went to a locksmith to purchase some equipment. He had formerly worked as a sales assistant at the business. The transaction was entered on a PC. While the PC was left unattended Mike keyed in a code that provided a 70% discount thus reducing the cost of the equipment from some £700 to £200. When the business realised what happened “Mike” was arrested and charged with an offence under Computer Misuse Act.

How did the case progress?

27

Case Scenarios A

The Judge dismissed the case because he held the narrow view that the phrasing in the legislation about access, required one PC to be used to obtain access to a ‘program or data held on another on another computercomputer’.

28

Case Scenarios - BAn electrical contractor’s office has recently installed a network.

The PCs are used by administrative staff. During a lunch break one of the company electricians sits at a PC and views unacceptable material on the web.

A member of the administrative staff returns from lunch break to find disturbing images on the PC.

In what circumstances might there be an offence?

29

Case Scenarios - B

Unauthorised access will only be an offence when the user is aware that access is unauthorised!

Actions: The Electrical Contractor needs to get all employeesall employees to sign an ‘Acceptable Use’ policy.

This should ensure that the employees appreciate who has authorised access and that if they do not any access will be deemed to be unauthorised

30

Case Scenarios - CA computer ‘hacker’ admitted to gaining unauthorised access to several computer systems on several occasions. The hacker’s defence suggested that the hacker was addicted to hacking.

Is there any intent involved in the hacker’s actions?

31

Case Scenarios - CThe defence argued that as this was an addiction there was no intent because the hacker was acting as a result of a compulsion.

The judge directed the jury that this would not be a proper defence against the charges.

The jury acquitted the defendant – Juries are not allowed to provide reasons for their decision.

32

Copyright and Trademarks

Copyright Act 1956

Copyright (Computer Software) Amendment Act 1985

EC directive on the Legal Protection of Programs….

Copyright (Computer Programs) Regulations 1992

33

Copyright and Trademarks

Copyright can be applied to software but also can be applied to any information recorded in electronic format such as e-mail, multimedia and web pages

Piecemeal approach to technology

1956 Act extended protection to TV and radio broadcasts

34

Copyright and Trademarks

Copyright lasts for the lifetime of the author and continues for 70 years after the author’s death

Copyright applies to three forms of ‘property’

35

Activity - Copyright

What do you think are the three forms of property?

Literary, dramatic, musical or artistic works

Sound recordings, films, broadcasts or cable programmes

Typographical arrangement of a published work

36

Copyright

The 1988 Act states that a literary work would include “ a computer program”

Where does a computer program end and a film begin? (e.g. Toy Story )

Issues of digital sampling (sound)?

Issues of digital photos

Back up copies?

37

Trademarks

Trademarks Act 1994 defines a trademark as:

– …any sign capable of being represented graphically…(it may include) words (including personal names) designs, letters, numerals & packaging

38

Activity - Trademarks

What elements of a domain name would it be appropriate to register as a trademark?

What is cyber-squatting?

What EU IT law and directives are there? http://www.paemen.com/

39

Activity – Sources of information

Use Google – search http://www.google.co.uk

Use Google Scholar – http://www.scholar.google.com/

Check Library – search http://www.library.soton.ac.uk/

Lloyd, I. J., (2000) Information Technology Law (3rd Ed.) Butterworths

Hedley, S., and Aplin, T. Blackstone’s Statutes on IT and e-Commerce Oxford University Press