Lecture 2: Legal Issues In IT 2024 PDF
Document Details
Uploaded by UndisputableSard2551
Universiti Tunku Abdul Rahman
Tags
Related
- Ethical and Legal Responsibilities in Nursing PDF
- Legal, Ethical, and Professional Issues in Information Security Lecture 3 PDF
- Ethical and Legal Issues of Caring-Based Practice PDF
- LJU4802 Professional Ethics Tutorial Letter 501/3/2024 PDF
- Nursing Ethics and Legal Issues PDF
- RT101 Module A Exam 2 Prep PDF
Summary
This document is a lecture on legal issues in IT and covers topics such as digital signatures, domain names, and software licensing. It provides an overview of legal concepts relating to information technology. The lecture also touches on the importance of intellectual property in the software industry.
Full Transcript
Lecture 2 LEGAL ISSUES IN IT UCCD3053 IT PROFESSIONAL ETHICS CONTENTS Antitrust & 01 Digital Signature 03 Anticompetition Jurisdiction in 02 Domain Name 04 Cyberspace...
Lecture 2 LEGAL ISSUES IN IT UCCD3053 IT PROFESSIONAL ETHICS CONTENTS Antitrust & 01 Digital Signature 03 Anticompetition Jurisdiction in 02 Domain Name 04 Cyberspace 05 Software Licensing 01 Digital Signature 1.1 Digital Signature Digital signature is an electronic signature. It is used to verify the identity of the signatory (the party that has signed) and also to ensure the correctness and validity of information in electronic transactions. 1.1 Digital Signature In addition, the person receiving signed data can present a digital signature as evidence to show a third party that the signature truly came from the stated signer. This is known as non-repudiation (authenticity of a signature cannot be challenged), since the signatory cannot easily repudiate (reject) the signature at a later time. The use of recognized digital signature can fulfil requirements of confidentiality, identity authentication, non-repudiation, and integrity of an information. Source: https://www.mcmc.gov.my/en/sectors/digital-signature 1.2 Digital Signature Act 1997 The Digital Signature Act 1997 (DSA 1997) came into force on 1st October 1998. Its purpose is to regulate the use of digital signature in Malaysia. This ensures the security of legal issues related to electronic transactions. The use of digital signatures is verified through certificates issued by licensed Certification Authority (CA). Source: https://www.mcmc.gov.my/en/sectors/digital-signature 1.2 Digital Signature Act 1997 The Malaysian Communications and Multimedia Commission (MCMC): Is responsible in administering, enforcing, carrying out and giving effect to the provisions under DSA 1997; Is task with the purpose to monitor and oversee the activities of CAs. 1.3 Certification Authority (CA) (Yew Huoi, How and Associates Law Firm, 2020) List of certification authorities in Malaysia that has the license from MCMC to issue digital certificates under the DSA 1997: Pos Digicert Sdn Bhd (457608-K); MSC Trustgate.Com Sdn Bhd (478231-X); Telekom Applied Business Sdn Bhd (455343-U); and Raffcomm Technologies Sdn Bhd (1000449-W) 1.4 Implications of Digital Signature A message shall be as valid, enforceable and effective as if it had been written on paper if: o It bears in its entirety a digital signature; and o That digital signature is verified by the public key listed in a certificate which was issued by a licensed certification authority and was valid at the time the digital signature was created. 1.5 Creation of Digital Signature To create a digital signature, you first need to have a digital certificate in hand. A digital certificate is a small data file that contains verified, identifying information about you or your organization (this is the main info displayed to users). Benefits 1.5 Creation of Digital Signature Digital signatures are created by applying two cryptographic tools to the data you wish to protect: (i) A special cryptographic function (called a hash function or hash algorithm) — This creates a hash value (a mishmash of letters and characters) of a fixed length, which conceals the actual size of the input and maintains the data's integrity. (ii) A private key, which encrypts the hash value — When the recipient receives or downloads the file, they can decrypt it using the signer’s public key. This key ensures only the intended user can read the data. 1.5 Creation of Digital Signature Encryption The process of converting information or data into a code, especially to prevent unauthorized access. Decryption The conversion of encrypted data into its original form. It is generally a reverse process of encryption. Documents that cannot be executed with digital signature Powers of attorney Wills and codicils Trusts Negotiable instruments Advantages of Digital Signature 1. Higher security 2. Legal compliance and acceptance 3. Time savings 4. Cost efficiency 5. Prevents fraud 6. Ensure authenticity of documents 7. Lower transaction cost 8. Workflow automation Domain 02 Name WHAT ARE OUR ORIGINS? Venus is the second planet from the Sun 2.1 Domain Name: What is it? A domain name is your website's equivalent of a physical address. It helps users find your site easily instead of using its internet protocol (IP) address. 2.2 Domain Name vs. Trademark Trademark use as Domain - Most trademark owners use their trademarks in their name portion of their domain name. Amazon https://www.amazon.com/ Google https://www.google.com/ Nike Malaysia https://www.nike.com/my/ Shopee https://shopee.com.my Wikipedia https://en.wikipedia.org/ 2.2 Domain Name vs. Trademark Problem (Ownership) - However, the use of trademarks in domain names creates a problem. It belongs to those who own it and not the company. Previous Solution - The internet community has traditionally resolved the unique nature of a domain name on a “first come, first served” basis. 2.3 Issues with Domain Name Trademark (ii) Cybersquatting Third-party registration Occurs where a person other than the trademark owner registers a domain name containing a trademark or something similar to it. Purpose: Done in bad faith with the intention of either selling the domain name to the trademark owner or a competitor for a profit or blocking the trademark owner from securing the domain name. 2.3 Issues with Domain Name Trademark (ii) Typosquatting Distorted domain The practice of registering a domain name with a common misspelling of a trademark. Example, dicitionary.com vs dictionary.com. Purpose: (a) Luring (diverting) internet users looking for the trademark holder to another site. (b) Profit Taking - Like cybersquatting, it may also be done with the intention of selling the domain to the trademark owner for a profit, or merely competing with the trademark owner. 2.3 Issues with Domain Name Trademark (iii) Gripe Sites Unethical domain names These are websites which criticize someone or something, where the person or thing criticized is a trademark owner. The publisher of gripe sites often use the trademark of the person or thing criticized in the domain name for the site. For example, lockheedsucks.com vs lockheed.com. 2.3 Issues with Domain Name Trademark (iv) Foreign Language Variation Domain name in another language These are domain names which include the foreign language equivalent of a trademark. 2.4 Malaysian Network Information Centre (MYNIC) Disputes - In Malaysia, besides the Courts, one can refer complaints via the dispute resolution mechanism called the Malaysian Network Information Centre (MYNIC). Solution to disputes - Since 2003, MYNIC has introduced a Domain Name Dispute Resolution Service to resolve disputes between registrants and third parties over domain name rights. 2.4 Malaysian Network Information Centre (MYNIC) Complain Criteria - When an owner of a trademark or service mark wants to make a complaint, then the owner must prove the following: (a) Reasonable similarity - How the name is identical or similar to the trademark or service mark that the owner has rights to; and 2.4 Malaysian Network Information Centre (MYNIC) (b) Provide good reasons - Why the respondent does not have rights or legitimate interest in the domain name; and - Why the domain name should be considered as having been registered and used in bad faith. * If the trademark owner can prove all these grounds, then the panel can cancel the registration or transfer the ownership of the domain name to the trademark owner. 2.5 Trade Secret: Reverse Engineering While it is illegal to steal a trade secret, there are other ways in which the confidentiality may be broken. (i) Copycat - Reverse engineering is one way in which a competing firm can legally gain access to information contained in a trade secret. If another company can purchase a can of Coca-Cola and figure out the formula, it is free to manufacture a soft drink that looks and tastes just like Coke. 2.5 Trade Secret: Reverse Engineering (ii) Hiring competitor’s employee - Another way in which a competing firm can gain access to information contained in another company’s trade secret is by hiring its employees. While a firm can require its employees to sign confidentiality agreements, it cannot erase the memories of an employee who starts working for a competing firm. Leakage of confidential information may be inevitable. Antitrust and Anticompetition 03 Antitrust Law The Antitrust law prevents anti-competitive behaviour in the marketplace, restrains abuses of dominant market position, and prevents the formation of monopolies. In other words, it regulates the conduct and organization of businesses to promote competition and prevent unjustified monopolies. Antitrust Law Example: Price fixing, cartel formation, and predatory pricing are all examples of anti-competitive behaviour. Any industry whose market share is concentrated among a few big players must be wary of this legislation, since these industries may fall under active government regulation. For example, in the telecommunication infrastructure industry, the few big players are Digi, Axiata (formerly Celcom), and Maxis. 04 Cyberspace Jurisdiction 4.1 Jurisdiction in Cyberspace Jurisdiction is the authority of a court to hear a case and resolve a dispute. E-business – Launching an e-business could mean defending a lawsuit in any state or country where the end user resides. For example, a Penang company could be doing business with customers in Kelantan or in India. If a user is deprived of a legal right in the user’s state, the user may be able to sue you in that state or foreign country if a court has jurisdiction over your company. 4.1 Jurisdiction in Cyberspace Company Protection - However, the company is entitled to the protection of the Constitution of Malaysia and state law, where the company is located. User Protection - Any person, including a distant user, who accesses the website is entitled to the same legal protection. 4.2 Website Soliciting Level Passive website - merely transmit information and does not solicit business will generally not incur jurisdiction in a foreign state or country. Interactive website - does solicit business, provides information to users to make purchasing decisions, and may be subject to jurisdiction in a foreign state or country. Future - The Malaysian Government is planning to include Cyber Court of Justice to make the MSC(Multimedia Super Corridor) a leader in cyberlaws. 4.3 Jurisdictional Challenges Cyberspace is a unique space in nature due to its following qualities: Borderless territory Unlimited access Ubiquitous – everywhere Spontaneous Thus, it is difficult to enforce cyberlaws. 4.3 Jurisdictional Challenges (i) Taking advantages Cybercrime crosses multiple jurisdictions, thus which law or country where prosecution is conducted? Or worse, perpetrator chooses a country where the laws are more flexible to commit crimes in another country. 4.3 Jurisdictional Challenges (ii) Inadequate knowledge Enforcement agencies do not have adequate technical knowledge. Hampers their attempt to complete the evidentiary link between cybercrimes and cybercriminal. (iii) No trace More sophisticated cybercriminals would erase evidence of wrongdoing or make their detection impossible. 5 Software Licensing 5.1 Background Almost every piece of computer software is created using source code, which is the technical blueprint that tells a program how to function. When creators release their finished product to the public, they must decide whether to make its code open source or closed source. 5.1 Background With opened source software, the source code is publicly available to anyone who wants it, and programmers can read or change that code if they desire. During the early years of commercial computing, there was no independent software industry. Computer manufacturers such as IBM produced both the hardware and the software needed for the system. In the 1960s, software distributions included the source code. Customers who wanted to fix bugs in the programs or add new features could do so by modifying the source code and generating new versions of the program. 5.1 Background With closed source software (also known as proprietary software), the public is not given access to the source code, so they can’t see or modify it in any way. 5.1 Background In the 1970s when computer applications expanded, organizations recognized the increasing value of its intellectual property. They treat source code as a trade secret and only distribute the object code, which is not in readable form and also not for sale. Instead, when people “purchase” the program, what they are actually buying is a license allowing them to run the program. Their rights to do other things with the code, such as make backup copies, are limited. 5.2 Consequences of Propriety Software Ownership/Copyright Governments gave ownership rights to those who produce computer software because of its benefits. An advantage is the profit from the licensing of the software. The assumption is that people will work harder and be more creative if they must compete with others to produce the best product. Those who produce the best products will have the opportunity to make money from them. 5.3 Closed Source vs. Opened Source Opened Source Thus, the open-source movement finds its way into the software industry. Open source is an alternative way of distributing software. The open-sourced movement is the philosophy that source code to software ought to be freely distributed, examined and improved. Cooperation - The open-sourced software movement promoted a cooperative model of software development. 5.4 Benefits of Open-Sourced Licensing (i) Improvement through time People can fix bugs, add enhancements, or adapt the program for entire new uses. Software evolves more quickly when more people are working on it. (ii) Speed up new release New versions of open-source programs appear much more frequently than new versions of commercial (proprietary) programs. 5.4 Benefits of Open-Sourced Licensing (iii) No burden in distribution Removes tension between compliance with Copyright and helping others. Suppose you legally purchased a traditional license to use a program, and your friend asks you for a copy, you must choose between helping your friend and conforming to the license agreement. 5.4 Benefits of Open-Sourced Licensing (iv) No hindrance on future development Open-sourced programs belong to the entire community. If a vendor selling a proprietary program decides not to invest in further improvements to it, the user community is stuck. In contrast, a use community with access to the source code to a program may continue its development indefinitely. 5.4 Benefits of Open-Sourced Licensing (v) Better support It shifts the focus from manufacturing to service, which can result in customers getting better support for their software. Thank You