June 16th, 2010 by admin.
No Comments »
A US law has been proposed to give the US President full control over sizeable sectors of the internet’s infrastructure. Such powers would be usable if the US government declared a state of emergency.
The bill, entitled Protecting Cyberspace as a National Asset Act (also known as the PCNAA) was initially proposed by the chairman of the Senate’s Homeland Security Committee, Joe Lieberman.
If enacted, the bill would create a governmental body that would supervise the safety of the many networks upon which the internet relies. This would be known as the Office of Cyberspace Policy. Under this law, the US President and Director of Cyberspace Policy would have far-reaching powers.
The proposed law has been greeted with unease by IT professionals. TechAmerica is the US’ largest IT group and has said that while the provisions for national economic security were founded, a measure of this magnitude put into force could prove detrimental to general terms and conditions contained in the Patriot Act. Although, the US Patriot Act contains a definition of the critical infrastructure utilized in the PCNAA, campaigners have stressed the need to diligent control to prevent an abuse of powers by the US Senate.
The bill has proposed that a declared state of emergency would not last longer than 30 consecutive days unless a written order to extend such a term had been submitted by either the President of Director of Cyberspace Policy.
The bill would necessitate the operators of the infrastructure to report all security breaches to the Office of Cyberspace Policy to enable the US Government to maintain a widespread picture of security threats.
June 14th, 2010 by admin.
No Comments »
A Canadian college has been permitted to use another’s business name as a trigger for search engine adverts, a court has ruled. The Canadian court stated that the laws in place on misleading advertisements should be used to prevent the use of a different organisations name because it did not create confusion to users.
The dispute was between Vancouver Career College (VCC), which ran courses under different business names, and college regulator the Private Career Training Institutions Agency (PCTIA). The PCTIA argued that VCC had paid for its advertisements to appear when online users entered a competitors name into the relevant search engine tool. The PCTIA believed that this paid advertising campaign amounted to misleading advertising to online users.
Although it had been recorded that these paid adverts had caused confusion to potential students with competing colleges appealing to the PCTIA, the court opposed this standpoint.
Instead, the court said that Vancouver Career College ought not to be prohibited from using advert triggers due to the fact there was sufficient information available to enable prospective students to make a distinction from one college to another.
It is believed that this instance was the first of its kind in Canada. The European Court of Justice (ECJ) has received numerous requests to create rulings on the trade mark inferences of one company’s use of another’s brand name to advertise their own products and/or services.
Earlier this year the ECJ ruled that Google’s own keyword advertising system, called AdWords, does not itself violate the rights of a trademark owner when their trademark has been used by another company as a keyword.
However, in regard to the above, some companies making use of another’s trade mark may infringe those trademark rights and subsequently, the trade mark owner may have cause to prevent Google, or any other search engine, from using the trade mark as a keyword.
Google is an information provider only. The result of this means that it is unlikely they shall ever be directly responsible for a trademark infringement performed by one of its users.
The European Court of Justice has said that an organisation using another’s trademark may only be guilty of trademark infringement to owners of the trademark company if the advert has caused confusion amongst users and the origin of goods or services sold.
Make sure you have your website terms and conditions in place to protect your website and convey to users your limited liability.
June 11th, 2010 by admin.
No Comments »
Organisations based in Ireland who lose the personal data of one hundred people or more shall be compelled to report the data loss to the authorities under new rules proposed Irelands Data Protection Commissioner.
The country’s privacy regulator has drafted a Code of Practice after thousands of people’s personal data became lost after organisations privacy policy was not sufficient to protect data.
Under the proposed rules, organisations will be compelled to encrypt all data and secure using a strong password if they are to avoid the requirement to report the data loss to the Irish Data Protection Commissioner.
In 2008, the Irish Government requested a review be undertaken to establish whether obligations on organisation to report data losses would be sufficient to assist in the protection of personal information. The Government recommended that official guidelines ought to be put into place to distinguish clearer rules on when to, or when not to, report data losses.
Although data protection officials are split over the Commissioner’s recommendations, the European Union approved a data breach law last year under the telecommunications law reforms. However, this law was not extended to include online business such as online shops and banks after the European Commission and European Council rejected the Parliaments suggestion to extend data breach rules to all.
The Commissioner’s proposed Code has also been used as a means of clarifying when, exactly, reports should be made to the Commissioner’s office regarding a data breach. When an organisation loses the data of a group of less than one hundred people, they must report any incident that occurs to the Commissioner within two working days of that incident occurring. This is to encourage identity fraud protection and to inhibit identity theft whereby an individual is impersonated by another.
Upon notification of the data breach to the Commissioner’s office, a thorough investigation shall be undertaken of all procedures that are in place by that organisation, as well as the systems and strategy in place. The findings obtained by the authorities may result in legal action being taken to coerce particular actions to be undertaken by that organisation.
The draft Code of Practice shall be decided upon shortly. Under this Code, all organisations in breach shall have provide a secondary report to the Commissioner outlining the steps they are taking to protect data and prevent a similar incident occurring again.
June 7th, 2010 by admin.
No Comments »
A new law that has been put forward by a Liberal Democrat MP could provide much needed clarity on the length of time permitted for publishers to act when defamatory content has not been removed online.
Currently, the law enables companies to limit liability provided they have removed a defamatory article or comment posting as speedily as is reasonably possible once they have been notified of such.
If passed, the result of the new libel act would mean that those in an indirect role, such as publishers and online platform providers, would become responsible for their part but would at least know exactly where they stand with regard to the time limit is resolving any issue that may arise.
The existing laws on libellous content online have long been the subject of criticism by consumer groups and campaigners. When in term, the Labour Government stated that the law operated to protect companies reputations rather than to act as an advocate to encourage freedom of speech. At present, the Government has not yet decided whether or not it shall support the implementation of this proposed Libel Bill.
The suggested Bill recommends that the judiciary should consider certain conditions such as the nature of the news stories or scientific studies being based on the findings evident at that time which may result in such stories or studies being deemed defamatory or libellous without intent.
Also the Bill, if enacted, could successfully diminish the amount of time in which action can be taken against something that is libellous or defamatory. By virtue of current legislation, the twelve month time limit can be extended indefinitely without liability provided the defamatory comment or blog post has been removed by the publisher in a reasonable amount of time after they have been notified of such.
The introduction of the Libel Bill would replace the currently available defence of ‘fair comment’ which is available to those whom have merely expressed a reasonable opinion. Such a law could also make many online resources amend their website terms and conditions to limit their liability for comment posters opinion where they are merely the publisher.
This proposal may set the bar for people and companies to meet if they seek compensation for a libellous comment made in reference to them. Companies would only be able to take a case to court where they have suffered a considerable financial loss and individuals would be required to show that they have suffered substantial harm to their reputation.
In recent years, the UKs libel laws have drawn many foreign cases due to the concept that our laws currently look to the protection of the individual’s reputation rather than the context of the libellous or defamatory comment.
June 2nd, 2010 by admin.
No Comments »
According to a draft Initial Obligations Code published on Friday by Ofcom, small-fry Internet Service Providers (ISPs) shall be exempt from being blacklisted under the Digital Economy Act.
Small ISPs include cafés, hotels and other Wi-Fi service providers. Ofcom has stated that its draft Code is not to include small ISPs for now, with the view to change this in the near future.
Ofcom, the communications controller, suggested that its draft Code shall apply to only those ISPs with 400,000 subscribers or more.
The purpose of the Digital Economy Act is to impose obligations on Internet Service Providers where copyright infringers have used their network to commit the infringement. The Act states that ISPs must inform all of their subscribers should the Internet Protocol (IP) addresses associated with them be flagged by copyright owners as being used for copyright infringement purposes.
The purpose of the Initial Obligations Code is to simply explain the in place for copyright owners to inform ISPs of contended copyright infringements.
Mobile networks shall not be covered by the Code, mainly because they are not conducive co copyright infringement, due to their lack of storage capacity and service speed in comparison with large ISPs.
Ofcom recorded that more the 95% of alleged copyright infringement occurs on fixed networks. If, after some investigation from Ofcom, mobile networks and Wi-Fi networks from small ISPs are found to be sustaining copyright infringement, Ofcom shall compel such ISPs to be bound by the Code as though they were a large ISP.
The Initial Obligations Code sets down the way in which a copyright infringement shall be dealt with. The Code states who may allege copyright infringement by completing a Copyright Infringement Report (CIR) which shall require an explanation of the work copied and the IP address associated with the alleged infringement. A CIR of more than 12 months old shall naturally expire after this time if it is not filed on the Copyright Infringement List.
The Government has stated that the Digital Economy Act’s accompanying notes shall, hopefully, assist in the reduction of online copyright infringement.
May 27th, 2010 by admin.
No Comments »
The European Commission has released the terms on which it wants to consult with the US to permit the transferring of EU citizens’ personal data and information to US authorities in the process of carrying out terrorism investigations.
First, the European Council must grant their approval of the European Commission’s draft directive before any such negotiations with US authorities can begin. The European Parliament’s consent shall need to be sought once negotiations have been finalised and a set of terms by which the transfer of personal data shall be undertaken have been created.
In February this year, the European Parliament rebuffed a deal opted for by the European Commission with the US in relation to the transference of financial records. After this, the European Parliament ordered the European Commission to come up with a plan to improve upon the protection of personal data and personal information before any such transference was to take place.
In response to this, the European Commission have now published a draft directive as a way to commence new negotiations. Within the draft mandate, there is a set of terms in place to attempt to finalise a broad data-sharing arrangement.
Data transfer agreements that have been made in the past have often been deemed as contentious or have simply been declared unlawful by data protection regulators.
The European Parliament earlier opposed certain features of a different data transfer agenda which was to enable the US authorities to require passenger name records (known as PNR), as well as airline records on any individual flying into the US.
The Commission has summarised the protections it plans to reason with when agreeing the terms with the US for the transference of data.
In light of the terrorism the EU and US have faced in the past decade, each has become committed to the preservation of data protection and privacy. The issue that arises is in how such data is to be safe guarded, as both the US and EU have in place differing measures for the protection of personal data.
May 24th, 2010 by admin.
No Comments »
In a recent speech under taken by Deputy Prime Minister Nick Clegg, the Conservative/Lib Dem government indicated its plans to scrap Labour’s previous proposal to increase the volume of data held on the use of telecommunications by the public.
Although Clegg did not elaborate on the issue, he stated that Labour’s privacy policy would not be enforced.
At present, the law requires telecommunications companies to hold basic data for one year from the date it is recorded. Last year, the Labour government outlined plans to compel telecommunications companies to retain data on internet use, including social networking messages, emails and other third party data. These plans will no longer be put into place according the Deputy Prime Minister.
A Home Office spokesman said that data retention of internet and email records will not be held without good reason.
Although the new coalition government may not be in agreement with plans made by their predecessors, it is unlikely that many changes to the current law will be made as the twelve month storage of rudimentary data is mandatory under the Data Retention Directive.
It is believed the government shall begin a review of the arrangements currently in place for data retention and privacy policy within the next six months.
Further to this, Nick Clegg also stated that CCTV shall be better regulated to sustain public protection.
May 13th, 2010 by admin.
No Comments »
In response to recent criticisms made by regulator’s, Google has claimed that their privacy protections are good enough.
The ten privacy commissioner’s demanded that Google must improve its privacy policy for new products to protect users’ privacy online. Google’s privacy lawyers, Peter Fleischer and Jane Horvath, wrote to the ten privacy commissioners to reassure them that Google’s privacy protection policies were adequate to protect online users against privacy breaches when using Google’s latest products.
Concern was initially raised by Canadian Privacy Commissioner Jenifer Stoddart, whom initiated contact with Google by way of a letter, also signed by the UK Information Commissioner and EU Committee of Commissioners, to name but a few.
The letter detailed the concern of Google’s newly launched products which were believed to be being launched without the extent of internet users privacy being taken into great enough consideration.
The privacy commissioner’s stated that the integrity of a users’ privacy should not be compromised in a bid to push through a new product or service ahead of competitors.
Google has rejected the privacy commissioners stance and instead has insisted that it not only protects user’s privacy, but also informs all users of the process of the use of their personal data and information using website terms and conditions.
Google has faced strong criticism in the past from privacy campaigners regarding its policies on data retention and the creation of street view mapping, where people’s homes and cars could be clearly seen in certain pictures. Google had not sought the permission of the owners of the property in their pictures. Furthermore, Google recently introduced advertising technology in emails.
Google’s response to the privacy commissioner’s letter did not contain any provision or promises for reform of their privacy policy.
May 10th, 2010 by admin.
No Comments »
The European Parliament has stated that internet users should have the independent ability to request that their personal information and data is removed from any company’s system, even if that personal data was obtained with the user’s consent.
The parliament has approved a new policy called 2015.eu, which summarises the European Parliament’s for internet privacy policy for the next five years. The EU Parliament has already begun this process with the passing of a resolution to affect changes and compel the European Commission to implement and enforce this scheme.
Further to this, the European Parliament stated that every household situated within the boundaries of the European Union should have consistent access to an affordable broadband connection within the next three years. In accordance with the strategy in place, each household must have access to affordable high speed broadband by 2020.
The Parliament’s resolution has founded the policy’s aim to have complete and cost effective broadband coverage by 2013, and to enable mobile phone user’s affordable access to 3G networks by 2015.
The European Parliament’s strategy calls on the European Commission to endorse rapid growth in the domestic broadband and mobile network market place and ensure the law is amended from last years Telecoms Reform into the national law of the 27 Member States of the European Union.
May 7th, 2010 by admin.
No Comments »
A proposed law to improve privacy protections for internet users in the US has been published by the House of Representatives subcommittee on Communications, Technology and Internet. It is believed that by implementing such measures online users will be afforded greater protection under the privacy policy in the current market of online behavioural advertising by companies.
It has long been debated throughout the globe to what extent data collection and data retention is acceptable to target consumers with specific advertising depending on their usage of ecommerce sites.
The new law contains a clause that states that a company shall not have the authority to collect, disclose or use certain personal information and data, called covered information, unless a privacy notice or privacy policy explaining why and how personal information will be collected and stored is present on the site. Further to this, website owners must also ensure such a privacy policy contains a consent form for users to confirm they have read, understood and accept the terms of the websites data collection and data retention policies.
In accordance with the US lawmaker’s publication, the privacy policy must be clearly visible on the website and easily accessed by users from the homepage.
The publication states that a user will have been deemed to have consented to the privacy policy of the website if they expressly grant their consent or if they do not decline to provide their consent.
The law will act to limit the scope by which a company may disclose user’s personal data to third parties. In contrast, the law will not apply to government organisations or companies collecting the personal data of less than 5000 in any yearly period.
Last year there was some speculation regarding user’s online safety when disclosing their personal information over the web. The European Union’s Consumer Affairs Commissioner stated that behavioural advertising techniques should be closely monitored. Further to this, the Office of Fair Trading in the UK has been investigating the extent to which consumers should be protected in relation to the use of the personal information to decide what advertisements they get to see when searching online.
« previous —
next »
