The Terms Which Are Important for Lawyers - Assignment Example

Summary Information technology – applying and manipulating information. Information is considered as a “property” since it is valuable and the law takes every valuable thing as a property. It is being used for performing the functions that humans used to do, and those that we cannot do. Civil law – resolving disputes between individuals or groups of individuals. It is for those crimes in which the whole community would be offended. Legal Concepts: Person – entity that has rights and can work. Can be natural (human) or artificial (corporation). Thing – subject of rights and duties. Right – a liberty of an individual which the law defends. Duty – a person has a right when another owes him a duty. Obligation – when people are in a relationship of entitlement and consequent task. Liability – when an individual is responsible for a task or entitlement. Property – legal property is subject of rights; real property is land; personal property is every other type of property including agreements, patents and similar stuff. Ownership – when an individual has complete authority over something. Possession – when an individual has physical authority over something, he intends to use that authority, it can be seen that he has possession. Criminal law – concerns the punishment of acts which can be seen as offending against the society as a whole. Principles: the act is not termed as guilt unless the intent was guilty; criminal act = actus reus (“guilty act”) involves an intention in carrying out a criminal act; mental element of crime = mens rea (“guilty mind”). Criminal act leads to prosecution of the criminal offences. Criminal defences – possible in the case when an individual can provide evidence of his not intending to perform the act. Such can be when there is a mistake, insanity, intoxication or compulsion while performing the act. Criminal offences may include: theft and fraud. The law of tort – tort means wrong. The law is for an action for damages (money compensation), to compensate the sufferers due to another’s actions. In case of no damages there is an injunction. Several of the crimes cause wrong or harm and so can be called torts. The tort of negligence – negligence consists of a duty of care, and the damage which is suffered as a consequence of violation of that duty. Contract law – contract is a legally enforceable agreement. When a party does not comply with terms of contract they breach the contract. Two types of terms in contracts = warranties and conditions. Normally the remedy is to be compensation as money and this is called damages. Only parties to a contract can sue upon it. Intellectual Property – legal rights that protect creative works, inventions and commercial goodwill. Consist of: copyright, patents, trademarks, law of confidence, passing off, design rights, semiconductor regulations. Copyright Law – protects publishers following a technological advance. Provides owners with special rights to publish, perform, broadcast, adapt or copy the whole or a major portion of a creation, for a particular period of time. It protects just the expression of an idea and not the idea itself. Patent Law – gives the owner the exclusive right in an invention (such as a new type of computer hardware); this means that the owner has a monopoly in this creation for long. To obtain a patent the creation has to be new; has to involve an original step; has the capability of being applied industrially; So computer programs can be protected by patent indirectly if they are part of an application which includes other elements patentable in their own right. Law of Confidence – Is concerned with the protection of trade secrets, secrets of personal nature and secrets concerning the government of the country. Protects ideas before they are sufficiently developed to enable copyrighting or patenting. Can prevent a person divulging information given on a clear or implied appreciation that it is not supposed to be revealed to anyone else. This law protects ideas while copyright law only protects expression of ideas. A breach of the law of confidence would involve: the data must be having the quality of confidence; an obligation of confidence had been imposed; the data must have been used unlawfully and the other party had been injured. Testing for quality of confidence would involve: if the data is released the owner of the information would be harmed or the people would be advantaged; the owner should know for sure that the information is not already in public domain; the usages and practices of the industries where that data can be used must be considered when judging the data. If someone who has the information is not told about it being confidential he will use it freely. Law of confidence is not effective against the third parties who may have received the data. Employee rights – a worker can use the data he has from his former job unless it includes some secret or he had an agreement of not disclosing the information. Computer programmers can use their skills they have learnt unless it is something unique or they have an agreement not to disclose or reuse it. Hackers are under criminal law as well as law of confidence. They are not supposed to use any information they get access to due to hacking otherwise they would be breaching the law of confidence. Remedies for law of confidence: one is injunction. However, if the information has been made available to the public already there is no use of an injunction. In this case damages would be available against the accountable if the owner has been injured in any way. Law relating to designs – appropriate for protecting the design of items such as an ergonomic mouse. Copyright, Designs and Patents Act 1988 – owner of the copyrighted work is given exclusive rights to copy the work, to publish the copies of that creation to the public (which includes renting copies of sound tapes, movies, and computer programs to the public), to execute, display or show the creation in public, to display or comprise it in some cable program service, to adapt the creation or do any of these relative to a variation. Infringement would be when someone performs a restricted or unauthorised act. Remedies for copyright infringement – injunction (court order), damages (assessed as the estimated loss), additional damages (damage apart from financial loss; for example in reputation), criminal penalties (for secondary infringement). Copyright for computer works exist only if the work is original and recorded. Computer programs are not to be copied, duplicated to public which includes rental, or made into an adaptation. Copying means duplicating a creation in any matter kind, including electronic storage. Making an adaptation of a work includes translating it. Copyright (Computer Programs) Regulations 1992 – gives the right to decompile, the claim to create back-up copies, the claim to reproduce or adjust for reasons of defect removal. However, decompiling would not be allowed in the case when the developer may use the information for creating a competing work. Non-literal copying - involves duplication of a substantial part of the program without permission. The code is different but the program is more or less similar to another. Three step test for non-literal copyright infringement: abstraction (identifying non-literal elements); filtration (separation of protectable expression from non-protectable material); comparison (a determination of whether the defendant has copied a substantial part of the protected expression). Electronic publishing – sale, rental or lending of a work stored on a physical carrier (disk, CDROM), communication by network (WWW) and broadcast (Prestel, CEEFAX). Internet is NOT a public domain; there are copyrights there as well. Software Copyright Law – should not copy non-literal sections of computer programs, screen names, menus, database framework, etc. Prepare, date and keep preparatory materials for software development. Insert deliberate mistakes or redundant code. Workers are not supposed to use any data from their former workplace which might be confidential. Software engineers should be cautious particularly if they have worked on a similar program previously. Should remember the fact that copyright is also about decompiling. Software contract – contract for the supply of software (either bespoke or off the shelf). Can be licence agreements. Software is normally obtained through a licence. Sale and Supply of Goods Act (1994) – software is not a “good” therefore it cannot apply here. Hardware and media is goods. The Supply of Goods and Services Act 1982 – software is not a good thus does not apply to this act. However, when a programmer would be employed for writing a program the act would be applicable since that would be a service. It also covers the supply of expert systems. According to this act the supplier must perform the service using proper care plus talent. In the absence of an agreed time for completion, the supplier has to perform the service in a practical duration. Unless the contract fixes the payment, the supplier will be paid a reasonable amount. Breach of contract – for a breach the remedy depends on the kind of contract. There are two kinds of contracts: conditions and warranties. For the former, the injured side has the right to cancel the agreement and claim damages. For warranties, the injured party can only claim damages and not cancel the contract. Exemption clause excludes or restricts the liability of a party who is in breach of contract. The two types are exclusion clauses (give total liberty) and limitation clauses (limits liability to a specified amount). Liability limitation: through this act the degree to which liability can be limited is decreased. Business liability for fatality or injury cannot be excluded or limited in any way. Bespoke Software – when appropriate software is not available off-the-shelf for some functions. In this case the buyer usually obtains an exclusive licence for the software. The licence would be for a particular time. Payment is termed as licence fee. Specification includes a detailed description of the tasks the software will perform, where the software will run and the speed at which the software will carry out the operations required. It is good if the contract allows for changes in specifications during the production process. There may be bugs in the software which can be found only after it has been used; the company would have to fix it till the warranty period. Shrink wrap licensing – contract is on the packaging. Shrink-wrap licence purports to be a direct contract between the software producer and the consumer, quite separate from the contract of sale between the dealer and customer. It is a unique form of contract. A contract requires three elements; offer (the display of the licence on the packaging), consideration (the licensee is paying a fee to use the software) and acceptance (breaking open the package). Software is sometimes written independently and marketed via a publishing house; the publisher usually pays a royalty fee to the author. Software crisis – causes: vague specifications, poor communication between developer and customer, not much information collected, maintenance of software is difficult. Solutions: formalisation of software production, procedures for automated mathematical proofs of program correctness, sophisticated products to assist in the creation, software engineering should encompass new methods for review of software development. Liability for Computer Aided Mistakes – depends on: whether there is an agreement; the nature of the software; whether the mistake occurred due to error in a computer program; whether the person who used the software had enough training. Remedies can be contract law, law of negligence, negligent misstatement, product liability (Consumer Protection Act 1987). Negligence: imposes liability on a person who has acted carelessly. To sue in negligence there should be a responsibility of care outstanding to the wronged group, an infringement of that duty of care, and a consequential loss. These are the limitations of the law. If a program is licensed by a publisher, the program author may be liable in negligence even though he is not a party to the licence agreement. A person suffering loss through the negligence of a hardware manufacturer will have a claim in negligence against the manufacturer even though the contract of sale exists with a dealer. If the advice generated by an expert system is incorrect, the developers of the system may be liable in negligent misstatement to the recipient of the advice. Consumer Protection Act 1987 – product liability imposes a liability on the producer of a defective product. CPA defends consumers from damaged or flawed goods which may result in harm to individuals or assets. CPA applies to hardware. Exemption Clauses – two types are exclusion (total exclusion) and limitation (limits liability). Unfair Contract Terms Act 1977 – limits exemption of liability. Software contracts apply. Philosophy: critically evaluates suppositions and arguments. Result is that we decide whether we have a good reason to hold that belief and continue with it or not. Moral philosophy: concerns values, ideas of right and wrong, good and bad, what should be done and what not. It is not practical. But it can reject a set of beliefs if it is internally inconsistent, based on wrong factual supposition. However, moral philosophy can be applied indirectly. Concerns values in organised social life and also private relations. Will not solve practical problems by telling you what to do. However, it is able to disprove some suggestions and show up some confusion. Professional ethics – issues of right and wrong and good and bad as applied to the behaviour of individuals within a particular profession. Western ethical thought: from Socrates and Aristotle. Later from John Locke, Immanuel Kant, John Stuart Mill. Their reasoning is that moral principles are universal and applicable even in secular context. Ethical theories – like scientific theories, in such that they define terms, organise ideas and facilitate problem solving. Utilitarianism – seeks to produce the most utility. Ignores personal character of moral obligation. Act utilitarianism: an action is right if it is useful for promoting happiness; here only those who are majorly affected through the action are considered. Rule utilitarianism: maintains that a behavioural rule is morally right if the consequences of adopting that rule are more favourable than unfavourable to everyone. Intuitionism - proposes a number of self-evident principles of right action: promoting the happiness of people refraining from harm to other people treating people justly telling the truth keeping promises showing gratitude promoting ones own happiness maintaining and promoting ones own self-respect However, principles are not completely self-evident. Principles may conflict. Duty ethics - contends that there are duties which should be performed (such as treating people fairly); Rights ethics - contends that all individuals have moral rights, and that violating these is unacceptable. Were mainly formulated by Locke. Categorical imperatives – three parts, Kantian ethics: Act as if you are legislating for everyone; act such that you behave with people always as ends and never just as means; act like you are a part of a region of ends. There are still problems with resolving conflicts. Virtue ethics - discriminates between acts of good character (virtues) and acts of bad character (vices). Actions supporting the former are right and those supporting vices are wrong. Therefore, this is mainly about personal ethics. Is not concrete enough neither rigorous so is not applied easily in a professional context. Steps for ethical problem solving: Identify the major role players and stakeholders Identify the factual issues Identify the conceptual issues Identify the moral issues Older professions, like medicine and law, have got much time to establish their ethics. This is not the case with computing; it is a new profession. Functions of an ethical code: Professionalisation: Occupational groups adopt ethical codes in order to demonstrate that they deserve to be called a profession. A code of ethics holds the profession accountable to the public. Protection of group interests: Professions use codes of conduct to restrict the activities of non-members which leads to a monopoly. Etiquette and inspiration: codes of ethics define the standards of courtesy and professional behaviour; also inspire members of a profession to act suitably. Education: Codes of ethics explicitly state what behaviour is acceptable Enforcement: ethical codes can be used for discipline, in the case when some violation of the standards of profession has been performed. Principles, ideals and rules: ethical codes define principles which serve to be the grounds for certain obligations; they express ideals that may not be always strictly followed; they may have a certain set of rules for concrete circumstances. Rights: the ethical codes define the obligations and responsibilities of the professional and also signify the rights of members plus the obligation of the professional group to its members. Ethics and the computing professional: Several professional computing groups have tried to devise an ethical code for their members. Computing professionals seek to obtain the same rank as that of lawyers and medics but they are more like engineers since they: are employed and not self-employed; work in teams; are distant from the effects of their work; do not have a single professional body. They have obligations to society, employers, clients and other professionals and professional groups. Ethical Problems: Computers change the relations between individuals: physical contact is not required in data communication. Computer professionals have power: they can access financial, military and medical information. There is a likelihood of such power being abused. Nature of electrical information: Computers allow rapid processing, communication, copying and printing of intellectual property. Leads to new ethical issues of copyright, plagiarism, piracy, eavesdropping and invasion of privacy. Society is vulnerable to the actions of computer professionals: The general public do not understand the dangers of projects under the control of computer professionals. Clients at the mercy of computer professionals: Many clients have no understanding of how their computer systems work. The process of costing a software projects is poorly understood. Advantages of ethical codes – define a common standard of behaviour, so clients know what to expect; codes can support a refusal to behave unethically, so even ‘obvious’ rules have their uses. Disadvantages of ethical codes – codes can give contradictory advice; may give rise to complacency; draw attention away from major ethical issues towards immediate issues; suggest a dichotomy between ethical decision making in personal life and in professional life. Due to information technology the privacy of people, organisations, and governments can be easily invaded. Information in databases can be utilised. There should be a balance between respect for individual privacy and freedom of information. Dataveillance – is the surveillance of personal data. Computers can be used for real time surveillance. Personal surveillance can be used as a weapon in the fight against crime but could also provide a basis for coercion or blackmail Three aspects of privacy: Information in ones own possession: is protected from observation and the probable tampering. Data in computer systems can prove to be vulnerable. Information in the possession of others: there is a possibility of the information being misused. The person whose data it is may not know about the contents of the information. A person may be prejudiced without knowing that their information had been used. For such issues there is the Data Protection Act 1998. Transborder data flows (TDF): when information is transmitted from a computer in one country to that of another country. TDF should be strictly regulated, but certain economies of certain countries allow for trading of information. The Data Protection Act 1998 – 1998 act replaced the 1984 act. Obligates the persons who save and utilise any personal information and provides access rights to individuals. Extends to manual data files plus electronic too. This Act aims for the protection of the basic claims plus the liberties of natural people, specifically their claim to confidentiality regarding the dealing with the personal data. Data is information that: Undergoes processing through some equipment which operates mechanically Is stored intending to be processed is stored as part of a pertinent filing mechanism; forms a record of the health or education of an individual or is kept by a Local Authority for housing or social security purposes Data controller – the person who is responsible (alone or with people) for determining the reasons for which plus the way in which the personal information would be used or dealt with. Data Processor – an individual who deals with the personal information in place of the data controller. He can be an individual apart from a worker of the data controller. Data subject – a person concerned with the personal information. Personal data – information about a living person whom it is possible to identify using that information or from that plus other data which the data controller may have. It also consists of any expression of opinion about that person plus whatever intentions the data controller may have towards him. Processing means getting, storing or preserving information, or performing any operations on information. Data controllers are required to register with the commissioner for which they have to provide with a report of whatever individual information that would undergo processing; an explanation of why they would process the data; details about the recipients to whom the data controller may reveal the data; and the areas where the data controller would transfer the data. Data protection principles – according to these principles the personal information should be: handled in a reasonable and legal style; it is not to be processed unless one of these has happened: the data subject has consented; processing is required; the controller has a lawful obligation to process the data; the data has to be processed for lawful requests that the controller pursues. The consent can be implied except for when the information is personalised or sensitive (consists of racial origins, political opinions, sex life), where there is a requirement of explicit consent. taken only for particular and legal reasons. enough, pertinent plus not more than is required. precise and recent; the data controller is responsible for making sure that the data is accurate. not saved for a longer duration than for when it is necessary; the liberties of the data subject under the Act are to be followed and the personal data has to be processed accordingly. securely kept. Unlawful or illegal processing is not to be done. The data controller should select such a processor who can be relied upon. Personal data is not supposed to be transferred to any region outside of EU until and unless permission has been granted by the data subject. Rights of data subject: Right of subject access; they should be informed, on payment of a fee, about the data that has been collected about them, why it has been gathered and who would be checking it out Rights to prevent processing; a person can serve a written notice on a Data Controller requiring them not to process data that can cause them (or others) damage or distress. He has the right to ask the data controller not to use their information for marketing. He has the right to want the relevant people do not use his information for making decisions that affect them purely by automatic means. Rights of rectification and erasure; data subjects have the right to get their inaccurate data rectified or erased. Anyone else who had had received the wrong data would be notified of its rectification. Right to compensation; an individual who suffers damage or distress can obtain compensation unless the data controller proves that he had been careful. In the case of using data journalistic and such purposes, there is only compensation for distress. Exemptions from the Act: in the case when the personal data has been used for national security reasons; for journalistic and artistic reasons; for that person’s family affairs. Exemptions from the first principle and subject access provision: possible when personal data is processed for recognition of offence or anxiety/trial of criminals, or evaluation or gathering of taxes. Data Protection Act 1998 – applies to data held on manual file systems requires that the data controllers tell the persons when they process information about them in certain situations requires that the data controllers to make sure that the third parties who are given the data are reliable enough restricts automated decision making Regulation of Investigatory Powers Act (RIPA) – Interception of communications data; Surveillance; Encryption. ISPs have to be maintaining an “interception” capacity which would permit the government to catch hold of any kind of exchange if they think that the interception would prove to: be required for keeping the national security; assist in the prevention or detection of very offending crime, protects the UK’s fiscal affairs or help the UK’s compliance with intercontinental shared help contracts. This is for certain ISPs only and a warrant is required. RIPA allows the enforcement agencies to ask for the delivery of keys that are required for decrypting text. If they do not comply they commit a criminal offence. In the case when the keyholder does not provide with the password, because he has lost it, he has to prove this fact. Human Rights Act 1998 – anyone who is charged with a criminal offence would be thought to be innocent until there is evidence that would prove them guilty; everyone has the liberty of respecting his personal and family life, his domestics plus the people he has exchanges with. Due to computers there are now new kinds of crimes such as hacking and viruses. Types of computer misuse are: fraud, theft, hacking and viruses. Theft means the loss that occurs to employers because of theft of information or software. Normally, this is not direct loss. Computer misuse Erasure or falsification of data or programs to gain a financial or other advantage; means fraud or theft. getting unlawful admission to a computer; hacking and unlawful using of an employer’s computer by a worker. Hackers breaking into a computer often do not intend to destroy the system. Eavesdropping on a computer; means using some equipment for picking up radiation emissions from a computer screen. Taking information without physical removal; there is a problem since information cannot be termed as a physical thing, so it cannot be stolen. If this problem is dealt with, the law of theft would have to be altered. For this there is the law of confidence and the patents and copyright law that solves some of the problem. Unauthorised borrowing of computer material; Denial of access to authorised users; for example access to the computer or access to some specific information. unlawful utilization of computer time/ services; it is possible that the authorised users use it for unauthorised uses. malevolent or irresponsible distortion or removal of information or programs; this may lead to capital loss, environmental loss or even loss of life. Computer Fraud – serious offence. Types of computer fraud (Audit Commission) – admission of an unofficial command (input fraud); Alteration of input data (data fraud); Suppression of data (output fraud); Program fraud. Fraud offences: Obtaining property by deception; this cannot apply to computer offence since in this the person is deceiving the computer and not a human. Conspiracy to defraud; can be for computer fraud since there is no requirement of proving the deception. Attempts; for this a person has to have done such an act which can be said to be more than simply preparatory for committing that fraud. Fraud as theft. Applying the offence of theft to computer fraud normally presents no problems, excepting our reservations about permanently depriving Software piracy – Auditing programs can automate the detection of illegally copied software on computer networks. Legislation applicable to software piracy – Copyright, Designs and Patents Act 1988; Forgery and Counterfeiting Act 1981; Trade Descriptions Act 1968. Forgery and Counterfeiting Act 1981; a disc, tape or other recording medium may be a false instrument’ Trade Descriptions Act 1968; intended to protect consumers from buying inferior goods, e.g. copied software which is being sold as the genuine article. Hacking – accessing computer without permission. When a hacker takes the information from a computer and stores it in his computer he is holding personal information and this is a criminal offence. Viruses – programs to damage the operation of the host system. There are: Parasitic virus: there is a change in execution flow and the virus performs first. Stealth viruses. The Computer Misuse Act 1990 Unlawful admission to computer data; this offence allows for deterring hackers since it does not need a proof of having the intention to commit crime. unlawful admission with the intention of committing or facilitating further crimes; this is more serious than the above since there is an intent of performing a wrong act. unlawful alteration of computer data; this can include: unlawful removal of information, spreading virus infected program, unlawful adding virus to the system, unlawful adding of a password to make the system inaccessible by others. Improving computer security: the staff provided with computing tasks should be trained sufficiently. access has to be restricted and controlled. Simple, basic controls can help in preventing risks Audit departments can advise and help in the designing of security measures There is a requirement of computer-literate auditors Offences under theft acts – Obtaining property by deception; Conspiracy to defraud; Attempts to fraud; Fraud as theft; Erasure or falsification of data or programs to gain a financial or other advantage; Hacking; unlawful admission with the intention of committing or facilitating further crimes. Technological change and social change evolve together. Argument for computerisation – will increase demand by creating new products or reducing costs while improving quality. Increased demand would increase output, increase employment, increase profits. Introduction of IT also causes job losses which can be compensated for by retraining. Current evidence indicates that the huge investment made in computer technology has not paid off. Computer software problems: can be difficult for using; usually help in marginal work; people do not wish to mechanise certain tasks; software can produce error. Application of computer technology does not always result in productivity gains. Due to IT there is a shift of people working from primary sector to secondary to tertiary. Manual work is decreasing while ancillary is increasing. Lifetime working hours decrease. Women are disproportionately affected by the exploitation of IT in the services sector of the economy. IT affects the quality of work, and also the quantity of work (like taylorism and deskilling). Taylorism: results in production systems in which individual jobs are simple and relatively unskilled. Performance monitoring is seen as a means of identifying time thieves; employees who take too many breaks or leave work early. Monitoring: may not enhance yield since it may lead to there being a stress, environment of mistrust, more absenteeism, increased turnover. Deskilling; leads to a lowering of employee motivation; work becoming monotonous and dispiriting. Telecommuting offers benefits and disadvantages; the growth in home-working has not been as rapid as expected. Teleworking is a new form of work practice, which enables the decentralisation of office work. Effects of teleworking on family life are complicated. Exploiting IT to the full requires new ways of thinking, working and managing. Successful information management requires the development of skills in planning, configuring and operating IT-based systems. Advantages of socio-technical system: Workers have more control over quality; if things go wrong, workers have a greater appreciation of the whole system and can give a flexible response Advantages of email: Interest and research in virtual communities; geographical closeness not required used by disadvantaged and marginal groups (e.g. the homeless) for social and political change Disadvantages of email: reduced human contact, open to misinterpretation flame wars can also be used to strengthen unacceptable groups Spring Semester 2006-2007 1. a) Give four examples of Intellectual Property Rights, and describe briefly the rights that are conferred by each one. Copyright. Through the copyright law a person can make sure that he derives any monetary benefits from his ideas and invention and that he can control the way his creation would be used. He would have the rights to do anything with his creation for a particular time period. Patents. Patents would allow a person to have exclusive rights in his invention. The rights would be granted to him by the state for a certain time period in exchange for a disclosure of his creation. Law of confidence. The Law of Confidence is there for the protection of confidential information from being illegitimately used by any third party. This law would be there for making sure that a person’s ideas are safe till the creation has been developed enough for patenting and copyrighting. Trademarks. Trademark protection confers on a person to the right to prevent others from using a name that is similar to that of his. b) MicroSolutions are a software consultancy, and have written data mining and data visualisation programs. One of their clients, an oil company, uses software from Geosoft for mapping seismic exploration. The oil company wants to incorporate additional proprietary information into the maps that Geosoft’s package produces, but Geosoft do not provide either an interface or any data about their file structure. MicroSolutions decompiles part of Geosoft’s package to get this information, and writes an interface. Geosoft sues MicroSolutions for breach of copyright. What legislation is relevant? Design Right, under the Copyright, Designs and Patents Act 1988. c) You are the judge in the case – what is your verdict? Give detailed reasoning based on your interpretation of the legislation mentioned in part (b) above. According to the Copyright, Designs and Patents Act 1988 any creation is protected from being copied or used without prior permission from the owner. However, the decompilation of programs is allowed if the program formed would not be a competing product. In this case MicroSolutions decompiled Geosoft’s package for obtaining the information which Geosoft had not wanted share. They formed a program which could compete with the original one since it would be having more functions. Geosoft rightly sued MicroSolutions. Since MicroSolutions had breached the laws it had to be penalized for it. MicroSolutions can be fined for the damages. 2. a) Does the Sale and Supply of Goods Act 1994 apply to software? Justify your answer The Sale and Supply of Goods Act 1994 applies only to “goods” and software cannot be termed as a good. Therefore, this act cannot apply to software. Copyright is a “thing in action”, the reason why software cannot be termed as a good. b) The Supply of Goods and Services Act 1982 introduces three implied terms into contracts. Name two of the implied terms. All of the implied terms include the word ‘reasonable’. For each of your two implied terms, what is your interpretation of ‘reasonable’? “The supplier, if acting in the course of business, must carry out the service with reasonable care and skill” – Supply of Goods and Services Act 1982. Here the word reasonable means that the supplier should pay proper attention to his work such that there are no problems. “In the absence of an agreed time for completion, the supplier will carry out the service in reasonable time”. Here the word reasonable means that the supplier has to conduct the service in whatever time would be most appropriate. c) You are the owner of a moderate size retail business, and decide that the key to further growth is to set up an internet store, for which you need bespoke software. You decide that you cannot afford to employ a well-established software house to develop the software for you, so you employ a small local software house that has only been established for two years but has produced some innovative solutions. What are the risks i. before the software is completed and Before the software is completed there can be certain risks like the deadline of the software. This means that the software house does not complete the software by the time limit. It can also be that the software house does not make an appropriate product or does not work according to the specifications provided. ii. after the software is installed? How might you minimise the effect of these risks on your business? There can be the risk of there being bugs in the software. The contract should be overseen by a member of the BCS. He would see to it that the specifications required are being met with and would supervise the project, which would allow for proper finishing of the software, that is, according to the requirements. 3. a) There are eight Data Protection Principles – briefly describe six of them. Data Protection Principles govern the use of personal information. There are eight principles in all, six of which are mentioned below. According to the Data Protection Principles, the personal data: should be dealt with in a just and reasonable style; before the data is being processed there has to be satisfaction of one of these: the data subject; there has to be processing for the presentation of any agreement in which the data subject is involved; there has to be processing for compliance with a lawful commitment to of whose subject is the data controller; there has to be processing so as to defend the important interests of the data subject. When it is the situation of private information there has to be approval from data subject. Obtained for particular plus legal reasons; it would not be more dealt with in any such way which is not compatible with the particular reason(s). Sufficient, pertinent and not unwarranted; and not excessive regarding the reason or reasons for which they are processed. Precise and current; the latter is applicable wherever necessary. Not saved any longer than is required; that is, for the particular reason or reasons. Securely kept; suitable scientific and organisational instrument shall be taken in opposition to illegal or illicit dealing out of personal information and in contradiction of unintentional loss or damage of, or damage to, personal information. b) You are the Secretary of the local Historical Society, which has not been very well organised. You decide that the programme of meetings could be made more exciting if you knew what interested the members, so you propose to produce a database containing the member’s names and addresses, gender, how old they are, and what subjects they are interested in. The Chairman of the Society asks you if the Data Protection Act 1998 will apply. In your response, say briefly how ‘Data’ is defined by the Act, and why the Act would apply to your database. The Act defines “data” as any information which would be processed using equipment that operates mechanically as a reaction to commands given for the specified reason, that which is saved with having the intent of it being processed through such equipment, or that which is stored as a section of a pertinent filing method. Personal data is information about a person who is alive and which the data controller has. In this case the Act would be applicable since a database would be formed about the members’ particulars. The information about the members would be owned by the data controller and would be processed through the database. c) You are a Data Controller under the terms of the Data Protection Act 1998. What information must the data controller provide to the Information Commissioner? A data controller has to first of all register with the Information Commissioner. He has to provide with his name plus the address along with a general report of what personal information would be processed. 4. a) The Audit Commission listed four types of computer fraud – give one example of each of these. Input data forms Cinema tickets Audit rolls from cash till Salami fraud b) The Computer Misuse Act 1990 created three new offences. One of these is ‘unauthorised access with intent to commit or facilitate further offences’. What is meant by the phrase ‘to commit or facilitate further offences’? It means that a person has already gained “unauthorised access”, which is an offence, and is planning to “commit” or “facilitate” further crimes. This means that he may use the data, which he obtained through unauthorised access, to perform other unlawful actions or to use that data to help in the offences he wants to happen. c) The phrase ‘with intent’, or a similar phrase, frequently appears in English legislation. Discuss why, giving an example that is not connected with computers. It is very much possible that a person commits an act which is not acceptable according to the prevailing legislations, but he does not know about it, or he does not have a bad intention behind the act. Therefore, there has to be a proof that the person performed the act “with intent” of committing a fraud. An example may be that a person has not paid the tax for some time. This could be without intent. It could be that there were personal issues because of which he could not pay, and that he had not really intended to defraud or go against the customs. d) What are the other two new offences created by the Computer Misuse Act 1990? Give an example of each. Unauthorised access to computer material. For example, when a hacker gets into a computer and makes it perform such actions that would allow him to gain “unauthorised access” to the information stored in the computer. Unlawful alteration of computer data. For example, when an individual modifies the system of the computer or performs an action such that it results in modifying the content stored on the computer. This may include spreading a virus in the computer with the intent of destroying the data or making it inaccessible. Spring Semester 2007-2008 1. You are a freelance software developer and have written a set of programs for smart phones which use photographs taken by the phone to identify buildings, using a database stored on a server, and then provide the user with information on the history of the building. You sell the software under the name ‘Architext’. a) Discuss the protection that the legislation on Patents, Copyright and the Law of Confidence give to your ideas and the software. Through the copyright law I can make sure that I derive any monetary benefits from my ideas and software and that I can control the way my software would be used. I would have the rights to do anything with my creation for a particular time period. Patents would allow me to have exclusive rights in my software. The rights would be granted to me by the state for a certain time period in exchange for a disclosure of my software. The Law of Confidence is there for the protection of confidential information from being illegitimately used by any third party. This law would be there for making sure that my ideas are safe till the software has been developed enough for patenting and copyrighting. Shortly after you introduce your software, you find that another company is selling very similar software, which they call ‘Architalk’. b) How do you establish that they have infringed your copyright if, i. the code is similar; Since they have copied my code I can claim the right to sue that company for violation of copyright. This is because the copyright does not protect the ideas but the expression of the ideas. ii. the code is different; and If the code is different I would have no recourse under the copyright law against the company. iii. the programming language used is different. The company if is using a different programming language is not infringing the copyright law. They have used a different language to obtain a similar program which does not allow me to have any recourse against the company. c) Architext and Architalk are very similar names. Would this be grounds for action against the company producing Architalk? Trademark protection confers on me to the right to prevent others from using a name that is similar to mine. In this case the company is using a “confusingly similar” (Architext and Architalk) name as mine and since it is creating softwares just like mine. The trademark is being used on competing goods and the consumers can probably be confused by the dual use of the trademark. Thus, I have all the rights to sue the other company, Architalk, for using a name similar to that of mine. 2. a) What is a ‘shrink wrap licence’? Shrink wrap licences purport to be a separate agreement between the software owner and the vendor; however, legally they appear to be inextricably linked with the contract of sale. b) What are the three elements of a contract? The three elements of a contract are offer, consideration and acceptance. c) How do these three elements relate to shrink wrap licences? Shrink wrap contracts are license agreements or other stipulations and requisites of a contractual character that can just be read and agreed to by the consumer subsequent to opening the product. One party makes an offer, which is the display on the license. The second party must accept the offer, like by breaking the seal of the package and there must be consideration exchanged. Consideration has to be something of value, for example the fee for the software. d) What are the legal problems associated with shrink wrap licences? Shrink-wrap licences are problematic because the opportunity to read the terms often comes after the contract is made, i.e. after the customer has paid and the software is physically handed to the customer. e) Jane Bloggs finds a software package, VATSoft, on the web that she can use to complete the VAT returns for her business, Bloggs Motors. The package is being sold by Financial Software Ltd. She accepts the licence terms displayed on the website, pays for the software and downloads it. She uses the software to complete her VAT return, and submits this to HM Revenue and Customs. Sometime later, HM Revenue and Customs impose a financial penalty on Bloggs Motors because there are serious errors in the VAT return. She then pays an accountant to check the return, and he finds that, for a particular combination of inputs, the software gives incorrect information. Who is liable for these errors? In this case the responsibility for the errors is of Financial Software Ltd. VATSoft has made faulty software since it is not giving the correct information for certain inputs. There could be bugs in the software which the company is supposed to fix, because of which Jane had to face the problem since she completely relied on the software for her work. However, since it is Financial Software that is promoting and selling the software it is responsible for it. It should have checked everything about the software before going ahead to become the publisher. Discuss this liability in the case if; i. Financial Software Ltd had no contractual relationship with the author of VATSoft other than to sell the software. If the author and the publisher did not have any contractual relationship the author would have been responsible for the errors in the software. The publisher in this case would have been simply a dealer. He only bought the software from the author and sold it. ii. The author of VATSoft was employed by Financial Software Ltd. The responsibility would have been of Financial Software Ltd if the author of VATSoft was its employee. The author had made the software and the company sold it. But since the software was from an employee of the Financial Software Ltd, the company is to be held responsible for any errors in it. The company is dealing with the software thus it should check it properly before selling it since it would be responsible for any kind of mistakes. iii. What action could Jane Bloggs take to recover her financial losses? Jane Bloggs can sue the company, Financial Software Ltd and claim the damages that were caused to her due to her using of the software they sold. She can have legal proceedings against the company and get them to pay her the losses incurred. 3. a) Name three areas of law that may provide a remedy if a person suffers a loss as a result of defects in some computer product (hardware or software). Contract law Law of negligence Negligent misstatement b) What are the three essential ingredients that must be present in order to be able to sue for negligence? a duty of care to the sufferer which is unsettled an infringement of that duty of care consequential loss, i.e. loss which is a direct result of the breach of duty of care. c) What is the key difference in the contract for purchasing computer software compared to purchasing computer hardware? Product liability imposes a liability on the producer of a defective product. This is for hardware only, and not software d) John Smith has a contract with StructureSoft to write an expert system for designing the steel frame for buildings. BuildItQuick purchase a licence for the software from StructureSoft. The licence agreement contains clauses limiting liability to the cost of the software. The software is used by BuildItQuick to design a building. Part way through construction, one corner of the building collapses, and two of the builder’s workers are injured. This is traced to a fault in the software. Discuss the legal position with particular reference to contract law and the law of negligence. Talking about the contract law, the liability for personal injury or death cannot be limited or excluded. In this case two workers were injured due to the faulty software since the building was made using that software. The building had defects due to which it collapsed, harming the two workers. The company StructureSoft would be responsible for that. Negligence imposes liability on a person who has acted carelessly. Since an action in negligence does not depend on a contract, the author of the software would be responsible for the damage incurred. 4. a) What fraud offences are covered by the Theft Acts? Obtaining property by deception Conspiracy to defraud Attempts to fraud Fraud as theft Erasure or falsification of data or programs to gain a financial or other advantage Hacking unlawful admission with the intention to perform or make possible further wrongs b) The 1968 Theft Act defines a number of fraud offences. Name three of them. Obtaining property by dishonesty Obtaining fiscal benefit by dishonesty Dishonestly acquiring implementation of an expensive security c) Name the four categories of fraud introduced by the Audit Commission. Entry of an unauthorised instruction Alteration of input data Suppression of data Program fraud d) Why is it difficult to apply the Theft Act to computer fraud? According to the Theft Act any offence involves deception of a person. In the case of computer fraud there is no person being involved so it is not suitable for computer fraud. Therefore, the application of Theft Act to computer fraud is difficult. e) The Computer Misuse Act (CMA) 1990 includes, in the new offences that it created, ‘unauthorised access…’ An employee of a company has access to the personnel system in order to perform maintenance operations on the software. He writes a macro to sort the names and addresses of employees by postcode, and sells the information to a local marketing company. Has he committed an offence under the CMA 1990? Is any other legislation relevant? The Computer Misuse Act (CMA) 1990 completely disallows anyone to gain unlawful admission. In this case the employee already has the access and he has not committed any offence under CMA 1990 since the law mentions “unauthorised” access. Here the employee has “authorised” access thus he cannot be charged with CMA 1990. Read More