Hpe u had a good weekend. Today is day 6 of 10, but the theme is still on legal issues.
I still cant believe the learned friends have not spoken and left everything to Alex and Mike. If any of you runs into Evelyn R., Kihanya J., Omo J. or Clara R. just to mention a few, ask them if they can give us a shout without us having to 'open a file'
We have only today for this since tomorrow we move into the Economic Issues to be facilitated by a renowned IG expert to be unveiled in due course.
walu.
Subject: Re: [kictanet] Day 5 of 10: IG Discussions, Legal Issues
Date: Saturday, August 16, 2008, 11:17 AM
G8 links!
The introduction to this topic was on the presumption that
consumers were the criminals proceeding to outline law
enforcement challenges. The most convenient and common form
of misrepresenting cyber crimes and law -- first take away
all their rights then they struggle to regain one after the
other... It is good that Mike presents both sides of the
story.
Telecommunication companies hold massive data on all
individuals and they ensure that their on their "Terms
of Use" and contracts users are "guilty until
proven innocent" and the companies are at liberty to do
whatever they please with our personal data.
Consider below extract from a local telecommunication
company's Terms of Use: -
------------
5. Use of your information
(The Company) may hold and use information provided by you
for a number of purposes, which may include:
(a) Carrying out any activity in connection with a legal,
governmental or regulatory requirement on (The Company) in
connection with legal proceedings or in respect of crime or
fraud prevention, detection or prosecution.
(b) Monitoring or recording of your communications for (The
Company)’s business purposes such as marketing, quality
control and training, prevention of unauthorised use of
(The Company)’s telecommunications system and ensuring
effective systems operation in order to prevent or detect
crime.
---------
"May include" does not mean "limited
to" - implying that they are allowed, for example, to
share, sell, etc private data to their partners... Exactly
what Mike points out to on the Business Week link.
Framed in ways suggestive of company "law
enforcer" (illegal roles) onto "guilty"
users. Notice how "Intellectual Property" is
conveniently repeated. Or is it be assumed that consumers do
not have any "intellectual property" they would
wish protected? the companies should abide to also protect.
BTW, There is an IGF Dynamic Coalition movement calling for
a balance between Intellectual Property and development
which includes Access to Knwoledge
Supposing earlier proposed M-Medicine went ahead in East
Africa? Sold ailments data to pharmaceutical companies, that
would hike medicines prices in outbreak zones at selected
locations... You go to a bank with a water-tight business
proposals and all bank turn you down. Reason? They have
shared your medical history and they think you will soon
"sleep in the shamba" your excellent business
proposals notwithstanding.
In summary, unless Data Protection and Privacy Laws are
enacted, the default should be to deny all telecommunication
companies legal loophole to trade with personal information.
And it should be seen to be enforced.
On a lighter note, should I sue a WiFi company for
trespassing when their signals enter my laptop, or should
they sue me for illegally access of their signal? Over to
Ben Shihanya.
Thanks again Mike!
--- On Fri, 8/15/08, Mike Theuri
Subject: Re: [kictanet] Day 5 of 10: IG Discussions,
Legal Issues
Cc: "KICTAnet ICT Policy Discussions"
Date: Friday, August 15, 2008, 2:11 PM
Not a legal opinion: It would be very difficult to
apply
existing common law
(analogous to jurisprudence) to electronic crimes
committed
in a new era,
atleast within the local context.
For these reasons it is necessary to define the crimes
under distinct and
separate legislation. Due to the borderless nature of
the
Internet (see
shared link), it is necessary for such legislation to
take
a broad
approach into account.
For instance there ought to be provisions that allow
local
authorities to
seek the arrest and extradition of foreign based
suspects
from other
jurisdictions for electronic crimes committed against
citizens or local
infrastructure owned by individuals or entities even
though
the suspects at
the time of commission of the crime were present in
other
jurisdictions.
The same provision can allow private parties to pursue
civil remedies in a
similar matter and give them the basis where possible
to
enforce the
judgement in the defendant's jurisdiction.
This for example would close the possible
jurisdictional
loophole
of individuals crossing borders so as to commit
electronic
crimes from a
country that lacks electronic crime laws. Current law
is
ill equipped in
ensuring civil remedies, prosecution or arrest of
local or
international
cyber criminals, 419ers, lurers of minors, harassers,
electronically
transmitted or created threats (threats to a person,
threats to
infrastructure by way of viruses, malaware, DoS etc)
etc
neither is it
likely to be in a position to ensure serious
consequences
or deterents for
the same or allow for the definition of crimes as
distinguished here for an
international gang of culprits:
It was recently reported that a bill or regulations to
protect the data of
consumers would be brought about as a means of
regulating
the CRBs. This
could be model legislation/regulations to adopt to
ensure
that the public
has a say in the manner in which their private
information
is used.
At the same time consumers ought to be able to
instruct
companies with whom
they have business relationships with not to share
that
same information
with 3rd parties without their prior consent (ie
opt-in/out). This is only
effective if there are laws or regulations to provide
for
consequences when
businesses violate the same.
As CRBs take root, there will be a likelihood that
similar
bureaus or
entities will eventually start sharing information in
real
time, for example
an underwriter of an insurance policy might want to
check
an individual's
claim history across the industry to determine the
level of
risk the insured
poses in determining policy premiums. Similarly an
organization may want to
conduct background checks for prospective employees in
privately maintained
electronic databases.
It is important that instead of regulations or laws
being
formed for sectors
of the economy, that national data privacy laws and
regulations be defined
(or ammended) and on that basis refinement of specific
regulations/laws
could be made for sectors that require specific data
requirements. Such
regulatory foresight can reduce or avert the occurence
of
issues such as
those seen here:
On Fri, Aug 15, 2008 at 12:21 AM, John Walubengo
Mornings,
Today and next Monday, we intend to thrash out
the
legal dimensions of
Internet Governance. The typical issues revolve
around:
-Jurisdiction & Arbitration (who resolves
e-disputes)
-Copyright & IPR (are they pro or
anti-development?)
-Privacy and Data Protection (how is the
e-Citizens
data abused/protected?)
I do hope the 'learned' friends will chip
in
since I cannot pretend to be
an expert here as I introduce the general legal
principals. Basically,
dispute resolutions can be done through,
· Legislation;
· Social norms (customs);
· Self-regulation;
· Regulation through code (software
solution);
· Jurisprudence (court decisions);
· International law.
There is however two broad conflicting schools of
thought when it comes to
resolving disputes occasioned by the Internet.
One
group claims that
whatever happens online does have an equivalent
'off-line' characteristics
and as such existing laws can easily be applied.
E.g
stealing money
electronically is no different from stealing
money
physically and so Robbery
charges and subsequent jurisdictional procedures
could
apply. However, the
second group feels that electronic crimes have a
totally different context
and must have a separate and totally new set of
legislation or methodologies
for resolutions.
The borderless nature of the Internet brings to
fore
the Challenges of
Jurisdiction and Arbitration as in
yesterday's
example, where content in one
country may be illegal but is legal in another.
Copyright and Intellectual
Property Rights issues are also explosive as
demonstrated by the Napster
Case, where some young software engineers created
software that facilitated
sharing of (SONY) Music files across the
Internet.
Also related was the case
of Amazon.com trying to Patent the
'single-click' method of buying goods
online.
Other cases touch on Data Privacy where Business
Companies have been known
to sell customer records to Marketing firms
without
express authority from
the Customers. Other times customer data is
simply
hacked into and
Businesses are unable to own up (going public) to
the
detriment of the
Customer.
Most of these issues are under discussion
internationally at the Internet
Governance Forum (IGF), World Intellectual
Property
Organization (WIPO)
amongst other fora. They present emerging legal
challenges and it would be
interesting to know if stakeholders in the East
African region are/should be
involved in shaping the outcomes of any of these
issues.
2days on this one, today and next Monday and feel
free
to belatedly respond
to Day 1 through Day 5 issues.
References:
_______________________________________________
kictanet mailing list
Unsubscribe or change your options at
_______________________________________________
kictanet mailing list
Unsubscribe or change your options at
_______________________________________________
kictanet mailing list
Unsubscribe or change your options at