Day 5 of 10: IG Discussions, Legal Issues
Mornings, Today and next Monday, we intend to thrash out the legal dimensions of Internet Governance. The typical issues revolve around: -Jurisdiction & Arbitration (who resolves e-disputes) -Copyright & IPR (are they pro or anti-development?) -Privacy and Data Protection (how is the e-Citizens data abused/protected?) I do hope the 'learned' friends will chip in since I cannot pretend to be an expert here as I introduce the general legal principals. Basically, dispute resolutions can be done through, · Legislation; · Social norms (customs); · Self-regulation; · Regulation through code (software solution); · Jurisprudence (court decisions); · International law. There is however two broad conflicting schools of thought when it comes to resolving disputes occasioned by the Internet. One group claims that whatever happens online does have an equivalent ‘off-line’ characteristics and as such existing laws can easily be applied. E.g stealing money electronically is no different from stealing money physically and so Robbery charges and subsequent jurisdictional procedures could apply. However, the second group feels that electronic crimes have a totally different context and must have a separate and totally new set of legislation or methodologies for resolutions. The borderless nature of the Internet brings to fore the Challenges of Jurisdiction and Arbitration as in yesterday’s example, where content in one country may be illegal but is legal in another. Copyright and Intellectual Property Rights issues are also explosive as demonstrated by the Napster Case, where some young software engineers created software that facilitated sharing of (SONY) Music files across the Internet. Also related was the case of Amazon.com trying to Patent the ‘single-click’ method of buying goods online. Other cases touch on Data Privacy where Business Companies have been known to sell customer records to Marketing firms without express authority from the Customers. Other times customer data is simply hacked into and Businesses are unable to own up (going public) to the detriment of the Customer. Most of these issues are under discussion internationally at the Internet Governance Forum (IGF), World Intellectual Property Organization (WIPO) amongst other fora. They present emerging legal challenges and it would be interesting to know if stakeholders in the East African region are/should be involved in shaping the outcomes of any of these issues. 2days on this one, today and next Monday and feel free to belatedly respond to Day 1 through Day 5 issues. References: http://www.diplomacy.edu/ISL/IG/ http://en.wikipedia.org/wiki/Napster
"The IGF is unique in the UN's history, designed to grant governments, NGOs, and commerce an equal seat at the table." says http://www.theregister.co.uk/2007/06/12/igf_nominet_2007/ The issues for discussion today and Monday calls for government, NGOs, and Private Sector participation as equals. Thus far contributions have come only from members of ICT Civil Society and Private Sector. There is a need for government "spokespersons" to also participate as equals, especially considering that the current topics squarely lie in the their domain. The mature engagement displayed to-date should suffice to re-assure and urge government to participate. We are all in this together looking for answers and not a single constituency holds monopoly on opinion or interests. It would help us much if non-ICT stakeholder expressed their opinion. Rest assured all opinion expressed under this thread is protected under UN Conventions on Free Expression with Responsibility. Government is just an equal participant. Quote me on that;) Regards, On Fri, Aug 15, 2008 at 8:21 AM, John Walubengo <jwalu@yahoo.com> wrote:
Mornings,
Today and next Monday, we intend to thrash out the legal dimensions of Internet Governance. The typical issues revolve around: -Jurisdiction & Arbitration (who resolves e-disputes) -Copyright & IPR (are they pro or anti-development?) -Privacy and Data Protection (how is the e-Citizens data abused/protected?)
I do hope the 'learned' friends will chip in since I cannot pretend to be an expert here as I introduce the general legal principals. Basically, dispute resolutions can be done through, · Legislation; · Social norms (customs); · Self-regulation; · Regulation through code (software solution); · Jurisprudence (court decisions); · International law.
There is however two broad conflicting schools of thought when it comes to resolving disputes occasioned by the Internet. One group claims that whatever happens online does have an equivalent 'off-line' characteristics and as such existing laws can easily be applied. E.g stealing money electronically is no different from stealing money physically and so Robbery charges and subsequent jurisdictional procedures could apply. However, the second group feels that electronic crimes have a totally different context and must have a separate and totally new set of legislation or methodologies for resolutions.
The borderless nature of the Internet brings to fore the Challenges of Jurisdiction and Arbitration as in yesterday's example, where content in one country may be illegal but is legal in another. Copyright and Intellectual Property Rights issues are also explosive as demonstrated by the Napster Case, where some young software engineers created software that facilitated sharing of (SONY) Music files across the Internet. Also related was the case of Amazon.com trying to Patent the 'single-click' method of buying goods online.
Other cases touch on Data Privacy where Business Companies have been known to sell customer records to Marketing firms without express authority from the Customers. Other times customer data is simply hacked into and Businesses are unable to own up (going public) to the detriment of the Customer.
Most of these issues are under discussion internationally at the Internet Governance Forum (IGF), World Intellectual Property Organization (WIPO) amongst other fora. They present emerging legal challenges and it would be interesting to know if stakeholders in the East African region are/should be involved in shaping the outcomes of any of these issues.
2days on this one, today and next Monday and feel free to belatedly respond to Day 1 through Day 5 issues.
References: http://www.diplomacy.edu/ISL/IG/ http://en.wikipedia.org/wiki/Napster
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: alexgakuru.lists@gmail.com Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/alexgakuru.lists%40gmai...
Very true Alex, Meanwhile, for those still in denial on Internet Governance Issues, check this out: Tuesday, August 5, 2008 WWW.USDOJ.GOV US Dept of Justice, Press Release, More Than 40 Million Credit and Debit Card Numbers Stolen http://www.usdoj.gov/opa/pr/2008/August/08-ag-689.html walu. --- On Fri, 8/15/08, Gakuru, Alex <alexgakuru.lists@gmail.com> wrote:
From: Gakuru, Alex <alexgakuru.lists@gmail.com> Subject: Re: [kictanet] Day 5 of 10: IG Discussions, Legal Issues To: jwalu@yahoo.com Cc: kictanet@lists.kictanet.or.ke Date: Friday, August 15, 2008, 8:01 PM "The IGF is unique in the UN's history, designed to grant governments, NGOs, and commerce an equal seat at the table." says http://www.theregister.co.uk/2007/06/12/igf_nominet_2007/
The issues for discussion today and Monday calls for government, NGOs, and Private Sector participation as equals. Thus far contributions have come only from members of ICT Civil Society and Private Sector. There is a need for government "spokespersons" to also participate as equals, especially considering that the current topics squarely lie in the their domain. The mature engagement displayed to-date should suffice to re-assure and urge government to participate. We are all in this together looking for answers and not a single constituency holds monopoly on opinion or interests.
It would help us much if non-ICT stakeholder expressed their opinion. Rest assured all opinion expressed under this thread is protected under UN Conventions on Free Expression with Responsibility. Government is just an equal participant. Quote me on that;)
Regards,
Mornings,
Today and next Monday, we intend to thrash out the legal dimensions of Internet Governance. The typical issues revolve around: -Jurisdiction & Arbitration (who resolves e-disputes) -Copyright & IPR (are they pro or anti-development?) -Privacy and Data Protection (how is the e-Citizens data abused/protected?)
I do hope the 'learned' friends will chip in since I cannot pretend to be an expert here as I introduce
· Legislation; · Social norms (customs); · Self-regulation; · Regulation through code (software solution); · Jurisprudence (court decisions); · International law.
There is however two broad conflicting schools of
On Fri, Aug 15, 2008 at 8:21 AM, John Walubengo <jwalu@yahoo.com> wrote: the general legal principals. Basically, dispute resolutions can be done through, thought when it comes to resolving disputes occasioned by the Internet. One group claims that whatever happens online does have an equivalent 'off-line' characteristics and as such existing laws can easily be applied. E.g stealing money electronically is no different from stealing money physically and so Robbery charges and subsequent jurisdictional procedures could apply. However, the second group feels that electronic crimes have a totally different context and must have a separate and totally new set of legislation or methodologies for resolutions.
The borderless nature of the Internet brings to fore
the Challenges of Jurisdiction and Arbitration as in yesterday's example, where content in one country may be illegal but is legal in another. Copyright and Intellectual Property Rights issues are also explosive as demonstrated by the Napster Case, where some young software engineers created software that facilitated sharing of (SONY) Music files across the Internet. Also related was the case of Amazon.com trying to Patent the 'single-click' method of buying goods online.
Other cases touch on Data Privacy where Business
Companies have been known to sell customer records to Marketing firms without express authority from the Customers. Other times customer data is simply hacked into and Businesses are unable to own up (going public) to the detriment of the Customer.
Most of these issues are under discussion
internationally at the Internet Governance Forum (IGF), World Intellectual Property Organization (WIPO) amongst other fora. They present emerging legal challenges and it would be interesting to know if stakeholders in the East African region are/should be involved in shaping the outcomes of any of these issues.
2days on this one, today and next Monday and feel free
to belatedly respond to Day 1 through Day 5 issues.
References: http://www.diplomacy.edu/ISL/IG/ http://en.wikipedia.org/wiki/Napster
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: alexgakuru.lists@gmail.com Unsubscribe or change your options at
http://lists.kictanet.or.ke/mailman/options/kictanet/alexgakuru.lists%40gmai...
Not a legal opinion: It would be very difficult to apply existing common law (analogous to jurisprudence) to electronic crimes committed in a new era, atleast within the local context. For these reasons it is necessary to define the crimes under distinct and separate legislation. Due to the borderless nature of the Internet (see shared link), it is necessary for such legislation to take a broad approach into account. For instance there ought to be provisions that allow local authorities to seek the arrest and extradition of foreign based suspects from other jurisdictions for electronic crimes committed against citizens or local infrastructure owned by individuals or entities even though the suspects at the time of commission of the crime were present in other jurisdictions. The same provision can allow private parties to pursue civil remedies in a similar matter and give them the basis where possible to enforce the judgement in the defendant's jurisdiction. This for example would close the possible jurisdictional loophole of individuals crossing borders so as to commit electronic crimes from a country that lacks electronic crime laws. Current law is ill equipped in ensuring civil remedies, prosecution or arrest of local or international cyber criminals, 419ers, lurers of minors, harassers, electronically transmitted or created threats (threats to a person, threats to infrastructure by way of viruses, malaware, DoS etc) etc neither is it likely to be in a position to ensure serious consequences or deterents for the same or allow for the definition of crimes as distinguished here for an international gang of culprits: http://www.secretservice.gov/press/GPA15-08_CyberIndictments_Final.pdf It was recently reported that a bill or regulations to protect the data of consumers would be brought about as a means of regulating the CRBs. This could be model legislation/regulations to adopt to ensure that the public has a say in the manner in which their private information is used. At the same time consumers ought to be able to instruct companies with whom they have business relationships with not to share that same information with 3rd parties without their prior consent (ie opt-in/out). This is only effective if there are laws or regulations to provide for consequences when businesses violate the same. As CRBs take root, there will be a likelihood that similar bureaus or entities will eventually start sharing information in real time, for example an underwriter of an insurance policy might want to check an individual's claim history across the industry to determine the level of risk the insured poses in determining policy premiums. Similarly an organization may want to conduct background checks for prospective employees in privately maintained electronic databases. It is important that instead of regulations or laws being formed for sectors of the economy, that national data privacy laws and regulations be defined (or ammended) and on that basis refinement of specific regulations/laws could be made for sectors that require specific data requirements. Such regulatory foresight can reduce or avert the occurence of issues such as those seen here: http://www.businessweek.com/magazine/content/08_31/b4094000643943.htm?campai... On Fri, Aug 15, 2008 at 12:21 AM, John Walubengo <jwalu@yahoo.com> wrote:
Mornings,
Today and next Monday, we intend to thrash out the legal dimensions of Internet Governance. The typical issues revolve around: -Jurisdiction & Arbitration (who resolves e-disputes) -Copyright & IPR (are they pro or anti-development?) -Privacy and Data Protection (how is the e-Citizens data abused/protected?)
I do hope the 'learned' friends will chip in since I cannot pretend to be an expert here as I introduce the general legal principals. Basically, dispute resolutions can be done through, · Legislation; · Social norms (customs); · Self-regulation; · Regulation through code (software solution); · Jurisprudence (court decisions); · International law.
There is however two broad conflicting schools of thought when it comes to resolving disputes occasioned by the Internet. One group claims that whatever happens online does have an equivalent 'off-line' characteristics and as such existing laws can easily be applied. E.g stealing money electronically is no different from stealing money physically and so Robbery charges and subsequent jurisdictional procedures could apply. However, the second group feels that electronic crimes have a totally different context and must have a separate and totally new set of legislation or methodologies for resolutions.
The borderless nature of the Internet brings to fore the Challenges of Jurisdiction and Arbitration as in yesterday's example, where content in one country may be illegal but is legal in another. Copyright and Intellectual Property Rights issues are also explosive as demonstrated by the Napster Case, where some young software engineers created software that facilitated sharing of (SONY) Music files across the Internet. Also related was the case of Amazon.com trying to Patent the 'single-click' method of buying goods online.
Other cases touch on Data Privacy where Business Companies have been known to sell customer records to Marketing firms without express authority from the Customers. Other times customer data is simply hacked into and Businesses are unable to own up (going public) to the detriment of the Customer.
Most of these issues are under discussion internationally at the Internet Governance Forum (IGF), World Intellectual Property Organization (WIPO) amongst other fora. They present emerging legal challenges and it would be interesting to know if stakeholders in the East African region are/should be involved in shaping the outcomes of any of these issues.
2days on this one, today and next Monday and feel free to belatedly respond to Day 1 through Day 5 issues.
References: http://www.diplomacy.edu/ISL/IG/ http://en.wikipedia.org/wiki/Napster
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: mike.theuri@gmail.com Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/mike.theuri%40gmail.com
G8 links! The introduction to this topic was on the presumption that consumers were the criminals proceeding to outline law enforcement challenges. The most convenient and common form of misrepresenting cyber crimes and law -- first take away all their rights then they struggle to regain one after the other... It is good that Mike presents both sides of the story. Telecommunication companies hold massive data on all individuals and they ensure that their on their "Terms of Use" and contracts users are "guilty until proven innocent" and the companies are at liberty to do whatever they please with our personal data. Consider below extract from a local telecommunication company's Terms of Use: - ------------ 5. Use of your information (The Company) may hold and use information provided by you for a number of purposes, which may include: (a) Carrying out any activity in connection with a legal, governmental or regulatory requirement on (The Company) in connection with legal proceedings or in respect of crime or fraud prevention, detection or prosecution. (b) Monitoring or recording of your communications for (The Company)’s business purposes such as marketing, quality control and training, prevention of unauthorised use of (The Company)’s telecommunications system and ensuring effective systems operation in order to prevent or detect crime. --------- "May include" does not mean "limited to" - implying that they are allowed, for example, to share, sell, etc private data to their partners... Exactly what Mike points out to on the Business Week link. Framed in ways suggestive of company "law enforcer" (illegal roles) onto "guilty" users. Notice how "Intellectual Property" is conveniently repeated. Or is it be assumed that consumers do not have any "intellectual property" they would wish protected? the companies should abide to also protect. BTW, There is an IGF Dynamic Coalition movement calling for a balance between Intellectual Property and development which includes Access to Knwoledge (A2K).<http://www.ipjustice.org>. Very resourceful! Supposing earlier proposed M-Medicine went ahead in East Africa? Sold ailments data to pharmaceutical companies, that would hike medicines prices in outbreak zones at selected locations... You go to a bank with a water-tight business proposals and all bank turn you down. Reason? They have shared your medical history and they think you will soon "sleep in the shamba" your excellent business proposals notwithstanding. In summary, unless Data Protection and Privacy Laws are enacted, the default should be to deny all telecommunication companies legal loophole to trade with personal information. And it should be seen to be enforced. On a lighter note, should I sue a WiFi company for trespassing when their signals enter my laptop, or should they sue me for illegally access of their signal? Over to Ben Shihanya. Thanks again Mike! --- On Fri, 8/15/08, Mike Theuri <mike.theuri@gmail.com> wrote:
From: Mike Theuri <mike.theuri@gmail.com> Subject: Re: [kictanet] Day 5 of 10: IG Discussions, Legal Issues To: alex.gakuru@yahoo.com Cc: "KICTAnet ICT Policy Discussions" <kictanet@lists.kictanet.or.ke> Date: Friday, August 15, 2008, 2:11 PM Not a legal opinion: It would be very difficult to apply existing common law (analogous to jurisprudence) to electronic crimes committed in a new era, atleast within the local context.
For these reasons it is necessary to define the crimes under distinct and separate legislation. Due to the borderless nature of the Internet (see shared link), it is necessary for such legislation to take a broad approach into account.
For instance there ought to be provisions that allow local authorities to seek the arrest and extradition of foreign based suspects from other jurisdictions for electronic crimes committed against citizens or local infrastructure owned by individuals or entities even though the suspects at the time of commission of the crime were present in other jurisdictions.
The same provision can allow private parties to pursue civil remedies in a similar matter and give them the basis where possible to enforce the judgement in the defendant's jurisdiction.
This for example would close the possible jurisdictional loophole of individuals crossing borders so as to commit electronic crimes from a country that lacks electronic crime laws. Current law is ill equipped in ensuring civil remedies, prosecution or arrest of local or international cyber criminals, 419ers, lurers of minors, harassers, electronically transmitted or created threats (threats to a person, threats to infrastructure by way of viruses, malaware, DoS etc) etc neither is it likely to be in a position to ensure serious consequences or deterents for the same or allow for the definition of crimes as distinguished here for an international gang of culprits: http://www.secretservice.gov/press/GPA15-08_CyberIndictments_Final.pdf
It was recently reported that a bill or regulations to protect the data of consumers would be brought about as a means of regulating the CRBs. This could be model legislation/regulations to adopt to ensure that the public has a say in the manner in which their private information is used.
At the same time consumers ought to be able to instruct companies with whom they have business relationships with not to share that same information with 3rd parties without their prior consent (ie opt-in/out). This is only effective if there are laws or regulations to provide for consequences when businesses violate the same.
As CRBs take root, there will be a likelihood that similar bureaus or entities will eventually start sharing information in real time, for example an underwriter of an insurance policy might want to check an individual's claim history across the industry to determine the level of risk the insured poses in determining policy premiums. Similarly an organization may want to conduct background checks for prospective employees in privately maintained electronic databases.
It is important that instead of regulations or laws being formed for sectors of the economy, that national data privacy laws and regulations be defined (or ammended) and on that basis refinement of specific regulations/laws could be made for sectors that require specific data requirements. Such regulatory foresight can reduce or avert the occurence of issues such as those seen here: http://www.businessweek.com/magazine/content/08_31/b4094000643943.htm?campai...
On Fri, Aug 15, 2008 at 12:21 AM, John Walubengo <jwalu@yahoo.com> wrote:
Mornings,
Today and next Monday, we intend to thrash out the legal dimensions of Internet Governance. The typical issues revolve around: -Jurisdiction & Arbitration (who resolves e-disputes) -Copyright & IPR (are they pro or anti-development?) -Privacy and Data Protection (how is the e-Citizens data abused/protected?)
I do hope the 'learned' friends will chip in since I cannot pretend to be an expert here as I introduce the general legal principals. Basically, dispute resolutions can be done through, · Legislation; · Social norms (customs); · Self-regulation; · Regulation through code (software solution); · Jurisprudence (court decisions); · International law.
There is however two broad conflicting schools of thought when it comes to resolving disputes occasioned by the Internet. One group claims that whatever happens online does have an equivalent 'off-line' characteristics and as such existing laws can easily be applied. E.g stealing money electronically is no different from stealing money physically and so Robbery charges and subsequent jurisdictional procedures could apply. However, the second group feels that electronic crimes have a totally different context and must have a separate and totally new set of legislation or methodologies for resolutions.
The borderless nature of the Internet brings to fore the Challenges of Jurisdiction and Arbitration as in yesterday's example, where content in one country may be illegal but is legal in another. Copyright and Intellectual Property Rights issues are also explosive as demonstrated by the Napster Case, where some young software engineers created software that facilitated sharing of (SONY) Music files across the Internet. Also related was the case of Amazon.com trying to Patent the 'single-click' method of buying goods online.
Other cases touch on Data Privacy where Business Companies have been known to sell customer records to Marketing firms without express authority from the Customers. Other times customer data is simply hacked into and Businesses are unable to own up (going public) to the detriment of the Customer.
Most of these issues are under discussion internationally at the Internet Governance Forum (IGF), World Intellectual Property Organization (WIPO) amongst other fora. They present emerging legal challenges and it would be interesting to know if stakeholders in the East African region are/should be involved in shaping the outcomes of any of these issues.
2days on this one, today and next Monday and feel free to belatedly respond to Day 1 through Day 5 issues.
References: http://www.diplomacy.edu/ISL/IG/ http://en.wikipedia.org/wiki/Napster
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: mike.theuri@gmail.com Unsubscribe or change your options at
http://lists.kictanet.or.ke/mailman/options/kictanet/mike.theuri%40gmail.com
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: alex.gakuru@yahoo.com Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/alex.gakuru%40yahoo.com
Hi all, Hpe u had a good weekend. Today is day 6 of 10, but the theme is still on legal issues. I still cant believe the learned friends have not spoken and left everything to Alex and Mike. If any of you runs into Evelyn R., Kihanya J., Omo J. or Clara R. just to mention a few, ask them if they can give us a shout without us having to 'open a file' We have only today for this since tomorrow we move into the Economic Issues to be facilitated by a renowned IG expert to be unveiled in due course. walu. --- On Sat, 8/16/08, Alex Gakuru <alex.gakuru@yahoo.com> wrote:
From: Alex Gakuru <alex.gakuru@yahoo.com> Subject: Re: [kictanet] Day 5 of 10: IG Discussions, Legal Issues To: jwalu@yahoo.com Cc: "KICTAnet ICT Policy Discussions" <kictanet@lists.kictanet.or.ke> Date: Saturday, August 16, 2008, 11:17 AM G8 links!
The introduction to this topic was on the presumption that consumers were the criminals proceeding to outline law enforcement challenges. The most convenient and common form of misrepresenting cyber crimes and law -- first take away all their rights then they struggle to regain one after the other... It is good that Mike presents both sides of the story. Telecommunication companies hold massive data on all individuals and they ensure that their on their "Terms of Use" and contracts users are "guilty until proven innocent" and the companies are at liberty to do whatever they please with our personal data.
Consider below extract from a local telecommunication company's Terms of Use: - ------------ 5. Use of your information
(The Company) may hold and use information provided by you for a number of purposes, which may include:
(a) Carrying out any activity in connection with a legal, governmental or regulatory requirement on (The Company) in connection with legal proceedings or in respect of crime or fraud prevention, detection or prosecution.
(b) Monitoring or recording of your communications for (The Company)’s business purposes such as marketing, quality control and training, prevention of unauthorised use of (The Company)’s telecommunications system and ensuring effective systems operation in order to prevent or detect crime.
---------
"May include" does not mean "limited to" - implying that they are allowed, for example, to share, sell, etc private data to their partners... Exactly what Mike points out to on the Business Week link.
Framed in ways suggestive of company "law enforcer" (illegal roles) onto "guilty" users. Notice how "Intellectual Property" is conveniently repeated. Or is it be assumed that consumers do not have any "intellectual property" they would wish protected? the companies should abide to also protect. BTW, There is an IGF Dynamic Coalition movement calling for a balance between Intellectual Property and development which includes Access to Knwoledge (A2K).<http://www.ipjustice.org>. Very resourceful!
Supposing earlier proposed M-Medicine went ahead in East Africa? Sold ailments data to pharmaceutical companies, that would hike medicines prices in outbreak zones at selected locations... You go to a bank with a water-tight business proposals and all bank turn you down. Reason? They have shared your medical history and they think you will soon "sleep in the shamba" your excellent business proposals notwithstanding.
In summary, unless Data Protection and Privacy Laws are enacted, the default should be to deny all telecommunication companies legal loophole to trade with personal information. And it should be seen to be enforced.
On a lighter note, should I sue a WiFi company for trespassing when their signals enter my laptop, or should they sue me for illegally access of their signal? Over to Ben Shihanya.
Thanks again Mike!
--- On Fri, 8/15/08, Mike Theuri <mike.theuri@gmail.com> wrote:
From: Mike Theuri <mike.theuri@gmail.com> Subject: Re: [kictanet] Day 5 of 10: IG Discussions, Legal Issues To: alex.gakuru@yahoo.com Cc: "KICTAnet ICT Policy Discussions" <kictanet@lists.kictanet.or.ke> Date: Friday, August 15, 2008, 2:11 PM Not a legal opinion: It would be very difficult to apply existing common law (analogous to jurisprudence) to electronic crimes committed in a new era, atleast within the local context.
For these reasons it is necessary to define the crimes under distinct and separate legislation. Due to the borderless nature of the Internet (see shared link), it is necessary for such legislation to take a broad approach into account.
For instance there ought to be provisions that allow local authorities to seek the arrest and extradition of foreign based suspects from other jurisdictions for electronic crimes committed against citizens or local infrastructure owned by individuals or entities even though the suspects at the time of commission of the crime were present in other jurisdictions.
The same provision can allow private parties to pursue civil remedies in a similar matter and give them the basis where possible to enforce the judgement in the defendant's jurisdiction.
This for example would close the possible jurisdictional loophole of individuals crossing borders so as to commit electronic crimes from a country that lacks electronic crime laws. Current law is ill equipped in ensuring civil remedies, prosecution or arrest of local or international cyber criminals, 419ers, lurers of minors, harassers, electronically transmitted or created threats (threats to a person, threats to infrastructure by way of viruses, malaware, DoS etc) etc neither is it likely to be in a position to ensure serious consequences or deterents for the same or allow for the definition of crimes as distinguished here for an international gang of culprits:
http://www.secretservice.gov/press/GPA15-08_CyberIndictments_Final.pdf
It was recently reported that a bill or regulations to protect the data of consumers would be brought about as a means of
the CRBs. This could be model legislation/regulations to adopt to ensure that the public has a say in the manner in which their private information is used.
At the same time consumers ought to be able to instruct companies with whom they have business relationships with not to share
regulating that
same information with 3rd parties without their prior consent (ie opt-in/out). This is only effective if there are laws or regulations to provide for consequences when businesses violate the same.
As CRBs take root, there will be a likelihood that similar bureaus or entities will eventually start sharing information in real time, for example an underwriter of an insurance policy might want to check an individual's claim history across the industry to determine the level of risk the insured poses in determining policy premiums. Similarly an organization may want to conduct background checks for prospective employees in privately maintained electronic databases.
It is important that instead of regulations or laws being formed for sectors of the economy, that national data privacy laws and regulations be defined (or ammended) and on that basis refinement of specific regulations/laws could be made for sectors that require specific data requirements. Such regulatory foresight can reduce or avert the occurence of issues such as those seen here:
http://www.businessweek.com/magazine/content/08_31/b4094000643943.htm?campai...
On Fri, Aug 15, 2008 at 12:21 AM, John Walubengo <jwalu@yahoo.com> wrote:
Mornings,
Today and next Monday, we intend to thrash out
Internet Governance. The typical issues revolve around: -Jurisdiction & Arbitration (who resolves e-disputes) -Copyright & IPR (are they pro or anti-development?) -Privacy and Data Protection (how is the e-Citizens data abused/protected?)
I do hope the 'learned' friends will chip in since I cannot pretend to be an expert here as I introduce the general legal
dispute resolutions can be done through, · Legislation; · Social norms (customs); · Self-regulation; · Regulation through code (software solution); · Jurisprudence (court decisions); · International law.
There is however two broad conflicting schools of
resolving disputes occasioned by the Internet. One group claims that whatever happens online does have an equivalent 'off-line' characteristics and as such existing laws can easily be applied. E.g stealing money electronically is no different from stealing money
charges and subsequent jurisdictional procedures could apply. However, the second group feels that electronic crimes have a totally different context and must have a separate and totally new set of legislation or methodologies for resolutions.
The borderless nature of the Internet brings to fore
legal dimensions of principals. Basically, thought when it comes to physically and so Robbery the Challenges of
Jurisdiction and Arbitration as in yesterday's example, where content in one country may be illegal but is legal in another. Copyright and Intellectual Property Rights issues are also explosive as demonstrated by the Napster Case, where some young software engineers created software that facilitated sharing of (SONY) Music files across the Internet. Also related was the case of Amazon.com trying to Patent the 'single-click' method of buying goods online.
Other cases touch on Data Privacy where Business Companies have been known to sell customer records to Marketing firms without express authority from the Customers. Other times customer data is simply hacked into and Businesses are unable to own up (going public) to
the the
detriment of the
Customer.
Most of these issues are under discussion internationally at the Internet Governance Forum (IGF), World Intellectual Property Organization (WIPO) amongst other fora. They present emerging legal challenges and it would be interesting to know if stakeholders in the East African region are/should be involved in shaping the outcomes of any of these issues.
2days on this one, today and next Monday and feel free to belatedly respond to Day 1 through Day 5 issues.
References: http://www.diplomacy.edu/ISL/IG/ http://en.wikipedia.org/wiki/Napster
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke
http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: mike.theuri@gmail.com Unsubscribe or change your options at
http://lists.kictanet.or.ke/mailman/options/kictanet/mike.theuri%40gmail.com
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: alex.gakuru@yahoo.com Unsubscribe or change your options at
http://lists.kictanet.or.ke/mailman/options/kictanet/alex.gakuru%40yahoo.com
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: jwalu@yahoo.com Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com
And in addition, we should insist that John Kariuki of NCS contributes. He has contributed on various other issues on this list in the past. They write the policies, that are made into laws we engage them on thereafter. Secondly, we also need to have government participants otherwise we risk being accused of being exclusive IGF discussants. Telecos with revamped legal departments could also generically raise some of their challenges in the e-i-legislations arena. I know key Civil Society and development partner chiefs who are lawyers by training-they should contribute. CCK? This is a debate you might not wish to be left out of and may need to be seen to embrace. Please chip in.. Na pia wengineo hapa na pale, changieni tafadhali... On Mon, Aug 18, 2008 at 9:00 AM, John Walubengo <jwalu@yahoo.com> wrote:
Hi all,
Hpe u had a good weekend. Today is day 6 of 10, but the theme is still on legal issues.
I still cant believe the learned friends have not spoken and left everything to Alex and Mike. If any of you runs into Evelyn R., Kihanya J., Omo J. or Clara R. just to mention a few, ask them if they can give us a shout without us having to 'open a file'
We have only today for this since tomorrow we move into the Economic Issues to be facilitated by a renowned IG expert to be unveiled in due course.
walu.
--- On Sat, 8/16/08, Alex Gakuru <alex.gakuru@yahoo.com> wrote:
From: Alex Gakuru <alex.gakuru@yahoo.com> Subject: Re: [kictanet] Day 5 of 10: IG Discussions, Legal Issues To: jwalu@yahoo.com Cc: "KICTAnet ICT Policy Discussions" <kictanet@lists.kictanet.or.ke> Date: Saturday, August 16, 2008, 11:17 AM G8 links!
The introduction to this topic was on the presumption that consumers were the criminals proceeding to outline law enforcement challenges. The most convenient and common form of misrepresenting cyber crimes and law -- first take away all their rights then they struggle to regain one after the other... It is good that Mike presents both sides of the story. Telecommunication companies hold massive data on all individuals and they ensure that their on their "Terms of Use" and contracts users are "guilty until proven innocent" and the companies are at liberty to do whatever they please with our personal data.
Consider below extract from a local telecommunication company's Terms of Use: - ------------ 5. Use of your information
(The Company) may hold and use information provided by you for a number of purposes, which may include:
(a) Carrying out any activity in connection with a legal, governmental or regulatory requirement on (The Company) in connection with legal proceedings or in respect of crime or fraud prevention, detection or prosecution.
(b) Monitoring or recording of your communications for (The Company)'s business purposes such as marketing, quality control and training, prevention of unauthorised use of (The Company)'s telecommunications system and ensuring effective systems operation in order to prevent or detect crime.
---------
"May include" does not mean "limited to" - implying that they are allowed, for example, to share, sell, etc private data to their partners... Exactly what Mike points out to on the Business Week link.
Framed in ways suggestive of company "law enforcer" (illegal roles) onto "guilty" users. Notice how "Intellectual Property" is conveniently repeated. Or is it be assumed that consumers do not have any "intellectual property" they would wish protected? the companies should abide to also protect. BTW, There is an IGF Dynamic Coalition movement calling for a balance between Intellectual Property and development which includes Access to Knwoledge (A2K).<http://www.ipjustice.org>. Very resourceful!
Supposing earlier proposed M-Medicine went ahead in East Africa? Sold ailments data to pharmaceutical companies, that would hike medicines prices in outbreak zones at selected locations... You go to a bank with a water-tight business proposals and all bank turn you down. Reason? They have shared your medical history and they think you will soon "sleep in the shamba" your excellent business proposals notwithstanding.
In summary, unless Data Protection and Privacy Laws are enacted, the default should be to deny all telecommunication companies legal loophole to trade with personal information. And it should be seen to be enforced.
On a lighter note, should I sue a WiFi company for trespassing when their signals enter my laptop, or should they sue me for illegally access of their signal? Over to Ben Shihanya.
Thanks again Mike!
--- On Fri, 8/15/08, Mike Theuri <mike.theuri@gmail.com> wrote:
From: Mike Theuri <mike.theuri@gmail.com> Subject: Re: [kictanet] Day 5 of 10: IG Discussions, Legal Issues To: alex.gakuru@yahoo.com Cc: "KICTAnet ICT Policy Discussions" <kictanet@lists.kictanet.or.ke> Date: Friday, August 15, 2008, 2:11 PM Not a legal opinion: It would be very difficult to apply existing common law (analogous to jurisprudence) to electronic crimes committed in a new era, atleast within the local context.
For these reasons it is necessary to define the crimes under distinct and separate legislation. Due to the borderless nature of the Internet (see shared link), it is necessary for such legislation to take a broad approach into account.
For instance there ought to be provisions that allow local authorities to seek the arrest and extradition of foreign based suspects from other jurisdictions for electronic crimes committed against citizens or local infrastructure owned by individuals or entities even though the suspects at the time of commission of the crime were present in other jurisdictions.
The same provision can allow private parties to pursue civil remedies in a similar matter and give them the basis where possible to enforce the judgement in the defendant's jurisdiction.
This for example would close the possible jurisdictional loophole of individuals crossing borders so as to commit electronic crimes from a country that lacks electronic crime laws. Current law is ill equipped in ensuring civil remedies, prosecution or arrest of local or international cyber criminals, 419ers, lurers of minors, harassers, electronically transmitted or created threats (threats to a person, threats to infrastructure by way of viruses, malaware, DoS etc) etc neither is it likely to be in a position to ensure serious consequences or deterents for the same or allow for the definition of crimes as distinguished here for an international gang of culprits:
http://www.secretservice.gov/press/GPA15-08_CyberIndictments_Final.pdf
It was recently reported that a bill or regulations to protect the data of consumers would be brought about as a means of
the CRBs. This could be model legislation/regulations to adopt to ensure that the public has a say in the manner in which their private information is used.
At the same time consumers ought to be able to instruct companies with whom they have business relationships with not to share
regulating that
same information with 3rd parties without their prior consent (ie opt-in/out). This is only effective if there are laws or regulations to provide for consequences when businesses violate the same.
As CRBs take root, there will be a likelihood that similar bureaus or entities will eventually start sharing information in real time, for example an underwriter of an insurance policy might want to check an individual's claim history across the industry to determine the level of risk the insured poses in determining policy premiums. Similarly an organization may want to conduct background checks for prospective employees in privately maintained electronic databases.
It is important that instead of regulations or laws being formed for sectors of the economy, that national data privacy laws and regulations be defined (or ammended) and on that basis refinement of specific regulations/laws could be made for sectors that require specific data requirements. Such regulatory foresight can reduce or avert the occurence of issues such as those seen here:
http://www.businessweek.com/magazine/content/08_31/b4094000643943.htm?campai...
On Fri, Aug 15, 2008 at 12:21 AM, John Walubengo <jwalu@yahoo.com> wrote:
Mornings,
Today and next Monday, we intend to thrash out
Internet Governance. The typical issues revolve around: -Jurisdiction & Arbitration (who resolves e-disputes) -Copyright & IPR (are they pro or anti-development?) -Privacy and Data Protection (how is the e-Citizens data abused/protected?)
I do hope the 'learned' friends will chip in since I cannot pretend to be an expert here as I introduce the general legal
dispute resolutions can be done through, · Legislation; · Social norms (customs); · Self-regulation; · Regulation through code (software solution); · Jurisprudence (court decisions); · International law.
There is however two broad conflicting schools of
resolving disputes occasioned by the Internet. One group claims that whatever happens online does have an equivalent 'off-line' characteristics and as such existing laws can easily be applied. E.g stealing money electronically is no different from stealing money
charges and subsequent jurisdictional procedures could apply. However, the second group feels that electronic crimes have a totally different context and must have a separate and totally new set of legislation or methodologies for resolutions.
The borderless nature of the Internet brings to fore
legal dimensions of principals. Basically, thought when it comes to physically and so Robbery the Challenges of
Jurisdiction and Arbitration as in yesterday's example, where content in one country may be illegal but is legal in another. Copyright and Intellectual Property Rights issues are also explosive as demonstrated by the Napster Case, where some young software engineers created software that facilitated sharing of (SONY) Music files across the Internet. Also related was the case of Amazon.com trying to Patent the 'single-click' method of buying goods online.
Other cases touch on Data Privacy where Business Companies have been known to sell customer records to Marketing firms without express authority from the Customers. Other times customer data is simply hacked into and Businesses are unable to own up (going public) to
the the
detriment of the
Customer.
Most of these issues are under discussion internationally at the Internet Governance Forum (IGF), World Intellectual Property Organization (WIPO) amongst other fora. They present emerging legal challenges and it would be interesting to know if stakeholders in the East African region are/should be involved in shaping the outcomes of any of these issues.
2days on this one, today and next Monday and feel free to belatedly respond to Day 1 through Day 5 issues.
References: http://www.diplomacy.edu/ISL/IG/ http://en.wikipedia.org/wiki/Napster
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke
http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: mike.theuri@gmail.com Unsubscribe or change your options at
http://lists.kictanet.or.ke/mailman/options/kictanet/mike.theuri%40gmail.com
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: alex.gakuru@yahoo.com Unsubscribe or change your options at
http://lists.kictanet.or.ke/mailman/options/kictanet/alex.gakuru%40yahoo.com
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: jwalu@yahoo.com Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: alexgakuru.lists@gmail.com Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/alexgakuru.lists%40gmai...
my experience is that our learned friends tend to "reserve comment" so that they are not "quoted out of context" or held personally liable for their remarks. Short of giving a legal opinion which would withstand the scrutiny of the entire LSK it is often very difficult to extract "feelings" out of this species without external (and sometimes internal influences). I also heard one learned friend saying that of late it has been so cold he has actually been putting his hands in his own pockets ;-) Anyway 'nuff said - but I would really love to hear even a simplified view of some of the issues that have been raised in this look at legal frameworks as pertain to internet, internet related technologies and more especially offenses that have had something to do with the internet. Note this example of a cross-border engagement: 1. Dutch Police and F.B.I. Rein in Large Botnet By JEREMY KIRK, IDG News Service New York Times August 14, 2008 The botnet created by a teenager who was arrested by Dutch police in a sting operation is most notable for its total reliance on social engineering to spread, computer security experts said Thursday. The 19-year-old Dutch man was caught July 29 with his 16-year-old brother trying to sell a botnet to a 35-year-old Brazilian man, according to Dutch prosecutors. All were arrested by the Dutch High- Tech Crime Unit, with assistance from the U.S. Federal Bureau of Investigation. As is customary in the Netherlands, Dutch police have not released the names of those arrested. Few other details, such as how authorities became cued into the case, have been released. U.S. authorities are seeking the extradition of the Brazilian man. But experts from Russian security vendor Kaspersky Lab were called on by Dutch police to write up instructions for how to remove the botnet code from infected PCs, as well as aid in the continuing investigation, said Eddy Willems, one of Kaspersky's security evangelists. A botnet is a group of PCs that is infected with malicious code and controlled by a hacker. This particular botnet, which at one time had as many as 150,000 machines worldwide, is called "Shadow," the name bestowed on it by its creator. The code that enabled Shadow to work was distributed on Microsoft's Windows Live Messenger instant messaging network. Victims would typically get a message from someone who appeared to be one of their contacts. The message would contain a link to another Web site, where the victim was asked to download a file. If the file was executed on a PC, Shadow would collect other instant messaging contacts and send out more messages trying to enlarge the botnet. It appeared that Shadow was particularly successful in the Netherlands, since some messages were sent out in Dutch. The distribution method relied entirely on victims willingly downloading the code rather than trying to exploit a software vulnerability, which could result in an infection regardless of what the user does. It means that Internet surfers are just as susceptible to fall victim to scammy tricks. "Social engineering seems just as effective as it was 10 years ago," said Roel Schouwenberg, senior antivirus researcher. Shadow could also download other malicious code and may have been used to download advertising software and spyware programs, Schouwenberg said. The teenager who created Shadow appears to use bits of malware code already circulating on the Internet, as well writing his own code. The result was a fairly run-of-the-mill botnet, but one that could be considered large, Willems said. When the bust occurred, the 19-year- old was attempting to sell the botnet for €25,000 (US$37,290), a price Willems said is way too high in proportion to how botnets are currently priced. People who control a group of computers, called botnet herders, have been known to rent time to other scammers, who use the computers to send spam or conduct other malicious activity. The use of remote computers helps disguise who is actually using those machines to carry out crime. Dutch prosecutors could not immediately be reached for comment. On Aug 18, 2008, at 9:00 AM, John Walubengo wrote:
Hi all,
Hpe u had a good weekend. Today is day 6 of 10, but the theme is still on legal issues.
I still cant believe the learned friends have not spoken and left everything to Alex and Mike. If any of you runs into Evelyn R., Kihanya J., Omo J. or Clara R. just to mention a few, ask them if they can give us a shout without us having to 'open a file'
We have only today for this since tomorrow we move into the Economic Issues to be facilitated by a renowned IG expert to be unveiled in due course.
walu.
--- On Sat, 8/16/08, Alex Gakuru <alex.gakuru@yahoo.com> wrote:
From: Alex Gakuru <alex.gakuru@yahoo.com> Subject: Re: [kictanet] Day 5 of 10: IG Discussions, Legal Issues To: jwalu@yahoo.com Cc: "KICTAnet ICT Policy Discussions" <kictanet@lists.kictanet.or.ke> Date: Saturday, August 16, 2008, 11:17 AM G8 links!
The introduction to this topic was on the presumption that consumers were the criminals proceeding to outline law enforcement challenges. The most convenient and common form of misrepresenting cyber crimes and law -- first take away all their rights then they struggle to regain one after the other... It is good that Mike presents both sides of the story. Telecommunication companies hold massive data on all individuals and they ensure that their on their "Terms of Use" and contracts users are "guilty until proven innocent" and the companies are at liberty to do whatever they please with our personal data.
Consider below extract from a local telecommunication company's Terms of Use: - ------------ 5. Use of your information
(The Company) may hold and use information provided by you for a number of purposes, which may include:
(a) Carrying out any activity in connection with a legal, governmental or regulatory requirement on (The Company) in connection with legal proceedings or in respect of crime or fraud prevention, detection or prosecution.
(b) Monitoring or recording of your communications for (The Company)’s business purposes such as marketing, quality control and training, prevention of unauthorised use of (The Company)’s telecommunications system and ensuring effective systems operation in order to prevent or detect crime.
---------
"May include" does not mean "limited to" - implying that they are allowed, for example, to share, sell, etc private data to their partners... Exactly what Mike points out to on the Business Week link.
Framed in ways suggestive of company "law enforcer" (illegal roles) onto "guilty" users. Notice how "Intellectual Property" is conveniently repeated. Or is it be assumed that consumers do not have any "intellectual property" they would wish protected? the companies should abide to also protect. BTW, There is an IGF Dynamic Coalition movement calling for a balance between Intellectual Property and development which includes Access to Knwoledge (A2K).<http://www.ipjustice.org>. Very resourceful!
Supposing earlier proposed M-Medicine went ahead in East Africa? Sold ailments data to pharmaceutical companies, that would hike medicines prices in outbreak zones at selected locations... You go to a bank with a water-tight business proposals and all bank turn you down. Reason? They have shared your medical history and they think you will soon "sleep in the shamba" your excellent business proposals notwithstanding.
In summary, unless Data Protection and Privacy Laws are enacted, the default should be to deny all telecommunication companies legal loophole to trade with personal information. And it should be seen to be enforced.
On a lighter note, should I sue a WiFi company for trespassing when their signals enter my laptop, or should they sue me for illegally access of their signal? Over to Ben Shihanya.
Thanks again Mike!
--- On Fri, 8/15/08, Mike Theuri <mike.theuri@gmail.com> wrote:
From: Mike Theuri <mike.theuri@gmail.com> Subject: Re: [kictanet] Day 5 of 10: IG Discussions, Legal Issues To: alex.gakuru@yahoo.com Cc: "KICTAnet ICT Policy Discussions" <kictanet@lists.kictanet.or.ke> Date: Friday, August 15, 2008, 2:11 PM Not a legal opinion: It would be very difficult to apply existing common law (analogous to jurisprudence) to electronic crimes committed in a new era, atleast within the local context.
For these reasons it is necessary to define the crimes under distinct and separate legislation. Due to the borderless nature of the Internet (see shared link), it is necessary for such legislation to take a broad approach into account.
For instance there ought to be provisions that allow local authorities to seek the arrest and extradition of foreign based suspects from other jurisdictions for electronic crimes committed against citizens or local infrastructure owned by individuals or entities even though the suspects at the time of commission of the crime were present in other jurisdictions.
The same provision can allow private parties to pursue civil remedies in a similar matter and give them the basis where possible to enforce the judgement in the defendant's jurisdiction.
This for example would close the possible jurisdictional loophole of individuals crossing borders so as to commit electronic crimes from a country that lacks electronic crime laws. Current law is ill equipped in ensuring civil remedies, prosecution or arrest of local or international cyber criminals, 419ers, lurers of minors, harassers, electronically transmitted or created threats (threats to a person, threats to infrastructure by way of viruses, malaware, DoS etc) etc neither is it likely to be in a position to ensure serious consequences or deterents for the same or allow for the definition of crimes as distinguished here for an international gang of culprits:
http://www.secretservice.gov/press/ GPA15-08_CyberIndictments_Final.pdf
It was recently reported that a bill or regulations to protect the data of consumers would be brought about as a means of
the CRBs. This could be model legislation/regulations to adopt to ensure that the public has a say in the manner in which their private information is used.
At the same time consumers ought to be able to instruct companies with whom they have business relationships with not to share
regulating that
same information with 3rd parties without their prior consent (ie opt-in/out). This is only effective if there are laws or regulations to provide for consequences when businesses violate the same.
As CRBs take root, there will be a likelihood that similar bureaus or entities will eventually start sharing information in real time, for example an underwriter of an insurance policy might want to check an individual's claim history across the industry to determine the level of risk the insured poses in determining policy premiums. Similarly an organization may want to conduct background checks for prospective employees in privately maintained electronic databases.
It is important that instead of regulations or laws being formed for sectors of the economy, that national data privacy laws and regulations be defined (or ammended) and on that basis refinement of specific regulations/laws could be made for sectors that require specific data requirements. Such regulatory foresight can reduce or avert the occurence of issues such as those seen here:
http://www.businessweek.com/magazine/content/08_31/ b4094000643943.htm?campaign_id=rss_null
On Fri, Aug 15, 2008 at 12:21 AM, John Walubengo <jwalu@yahoo.com> wrote:
Mornings,
Today and next Monday, we intend to thrash out
Internet Governance. The typical issues revolve around: -Jurisdiction & Arbitration (who resolves e-disputes) -Copyright & IPR (are they pro or anti-development?) -Privacy and Data Protection (how is the e-Citizens data abused/protected?)
I do hope the 'learned' friends will chip in since I cannot pretend to be an expert here as I introduce the general legal
dispute resolutions can be done through, · Legislation; · Social norms (customs); · Self-regulation; · Regulation through code (software solution); · Jurisprudence (court decisions); · International law.
There is however two broad conflicting schools of
resolving disputes occasioned by the Internet. One group claims that whatever happens online does have an equivalent 'off-line' characteristics and as such existing laws can easily be applied. E.g stealing money electronically is no different from stealing money
charges and subsequent jurisdictional procedures could apply. However, the second group feels that electronic crimes have a totally different context and must have a separate and totally new set of legislation or methodologies for resolutions.
The borderless nature of the Internet brings to fore
legal dimensions of principals. Basically, thought when it comes to physically and so Robbery the Challenges of
Jurisdiction and Arbitration as in yesterday's example, where content in one country may be illegal but is legal in another. Copyright and Intellectual Property Rights issues are also explosive as demonstrated by the Napster Case, where some young software engineers created software that facilitated sharing of (SONY) Music files across the Internet. Also related was the case of Amazon.com trying to Patent the 'single-click' method of buying goods online.
Other cases touch on Data Privacy where Business Companies have been known to sell customer records to Marketing firms without express authority from the Customers. Other times customer data is simply hacked into and Businesses are unable to own up (going public) to
the the
detriment of the
Customer.
Most of these issues are under discussion internationally at the Internet Governance Forum (IGF), World Intellectual Property Organization (WIPO) amongst other fora. They present emerging legal challenges and it would be interesting to know if stakeholders in the East African region are/should be involved in shaping the outcomes of any of these issues.
2days on this one, today and next Monday and feel free to belatedly respond to Day 1 through Day 5 issues.
References: http://www.diplomacy.edu/ISL/IG/ http://en.wikipedia.org/wiki/Napster
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke
http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: mike.theuri@gmail.com Unsubscribe or change your options at
http://lists.kictanet.or.ke/mailman/options/kictanet/mike.theuri% 40gmail.com
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: alex.gakuru@yahoo.com Unsubscribe or change your options at
http://lists.kictanet.or.ke/mailman/options/kictanet/alex.gakuru% 40yahoo.com
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: jwalu@yahoo.com Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu% 40yahoo.com
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: brian@caret.net Unsubscribe or change your options at http://lists.kictanet.or.ke/ mailman/options/kictanet/brian%40caret.net
So does Cyber War bring out any legal issues? This is a slightly chilling summary of the current crisis in Georgia and the central role that the internet had before the hostilities escalated. Longtime Battle Lines Are Recast In Russia and Georgia's Cyberwar By Kim Hart Washington Post Staff Writer Thursday, August 14, 2008; D01 As the violence unfolded between Russia and Georgia during the past week, hackers waged war on another front: the Internet. The Georgian government accused Russia of engaging in cyberwarfare by disabling many government Web sites, making it difficult to inform citizens quickly of important updates. Russia said that it was not involved and that its own media and official Web sites had suffered similar attacks. Although a cease-fire has been ordered, major Georgian servers are still down, hindering communication in the country. Some Georgian officials, bloggers and citizens were able to work around the disruptions, sending text messages to friends in other countries using Web sites hosted by servers in the United States, Poland and Estonia that are less likely to fall victim to a cyberattack. Concerted online attacks have been a threat for years. But security experts say the "cyberwar" between Russia and Georgia underscores the havoc that can spread on a digital battlefield. It also highlights how vulnerable Web-reliant countries are to assaults that could cripple military communications or a national banking industry. The attacks against Georgia's Internet infrastructure began nearly two months before the first shots were fired, according to security researchers who track Internet traffic into and out of the countries. Such attacks, known as "denial of service" attacks, are triggered when computers in a network are simultaneously ordered to bombard a site with millions of requests, which overloads a server and causes it to shut down. "In terms of the scope and international dimension of this attack, it's a landmark," said Ronald J. Deibert, director of the University of Toronto's Citizen Lab, which has nearly 100 researchers mapping Web traffic through several countries, including Russia and Georgia. He said small-scale attacks have occurred between the countries since June. "International laws are very poorly developed, so it really crosses a line into murky territory . . . Is an information blockade an act of war?" Cyberattacks can be launched cheaply and easily, with a few hundred computers and a couple of skilled hackers. Simpler tactics are even easier to mount by hacking into a server and deleting files, reconfiguring settings and altering photos. Compared with expensive military attacks, cyberwar tactics "seems like the kind of thing that a sophisticated military would want to experiment with," said Ben Edelman, assistant professor at Harvard Business School who has studied cyberattacks. "Imagine how devastating it would be to a military commander to lose access to a server that tells him where his troops are stationed and where he has resources," he said, adding that "this is the first time we've had such strong evidence of cyberwarfare." Instructions on how to mount such attacks are readily available on blogs, making it easy for a grass-roots effort to quickly escalate into a crippling assault, said Evgeny Morozov, a technology consultant based in Berlin who has tracked blogs in Georgia and Russia. Figuring out who is behind the attacks has been difficult, Deibert said, because of complex routing methods and a multitude of connection exchanges. The Internet's infrastructure is a maze of lines laid by different service providers traversing many countries, masking how information is traveling -- or blocked. "It's an ongoing battle in documenting where it's coming from and helping people get around it," he said. In Georgia, which is not as dependent on the Internet as other nations, the cyberattack mainly hindered the government's ability to communicate with its citizens and others during the fighting. The Georgian Foreign Ministry's Web site, for example, was disabled except for a collage that compared Georgian President Mikheil Saakashvili to Adolf Hitler. "Battles today are as much about ideas and images as they are territories," Deibert said. "If you're a military and intelligence agency, you're going to take down information that is in opposition and control the message." To get around the blockade, Georgian officials relocated national Web sites to addresses hosted by Google's Blogspot, whose U.S. servers are more immune to attack. Citizens used blogging platforms such as LiveJournal -- the dominant platform in Russia and Georgia -- to post their own reactions during the fighting. For example, a Georgian refugee from Abkhazia who blogs under the name Cyxymu on LiveJournal posted photos of Russian troops entering the Georgian town of Gori. The blogger said the photos were taken after Russia had announced its withdrawal, proving, he said, that fighting continued. Morozov said only a few hundred Georgians used blogs to communicate with people outside the country. Even that tool was threatened, he said, when a group of Russian bloggers sent a letter asking Sup, the Russian company that owns and manages LiveJournal, to censor posts with pro-Georgian sentiment. Sup did not comply. Givi Bitsadze, in Tbilisi, used microblogging site Twitter to share updates about the fighting in English and Russian. "Tbilisi is still safe, but other cities are under attack, bombs kinda stopped, but Russian soldiers are breaking in a houses," one post read yesterday. He also noted an Olympic victory: "Georgia beats Russia in beach volleyball." The cyberwar will most likely serve as a Web security wake-up call, Morozov said. "Georgia was completely unprepared to the fact that all this information was on the Internet," he said. "I think it taught them -- and a lot of people -- a lesson." On Aug 18, 2008, at 9:00 AM, John Walubengo wrote:
Hi all,
Hpe u had a good weekend. Today is day 6 of 10, but the theme is still on legal issues.
I still cant believe the learned friends have not spoken and left everything to Alex and Mike. If any of you runs into Evelyn R., Kihanya J., Omo J. or Clara R. just to mention a few, ask them if they can give us a shout without us having to 'open a file'
We have only today for this since tomorrow we move into the Economic Issues to be facilitated by a renowned IG expert to be unveiled in due course.
walu.
--- On Sat, 8/16/08, Alex Gakuru <alex.gakuru@yahoo.com> wrote:
From: Alex Gakuru <alex.gakuru@yahoo.com> Subject: Re: [kictanet] Day 5 of 10: IG Discussions, Legal Issues To: jwalu@yahoo.com Cc: "KICTAnet ICT Policy Discussions" <kictanet@lists.kictanet.or.ke> Date: Saturday, August 16, 2008, 11:17 AM G8 links!
The introduction to this topic was on the presumption that consumers were the criminals proceeding to outline law enforcement challenges. The most convenient and common form of misrepresenting cyber crimes and law -- first take away all their rights then they struggle to regain one after the other... It is good that Mike presents both sides of the story. Telecommunication companies hold massive data on all individuals and they ensure that their on their "Terms of Use" and contracts users are "guilty until proven innocent" and the companies are at liberty to do whatever they please with our personal data.
Consider below extract from a local telecommunication company's Terms of Use: - ------------ 5. Use of your information
(The Company) may hold and use information provided by you for a number of purposes, which may include:
(a) Carrying out any activity in connection with a legal, governmental or regulatory requirement on (The Company) in connection with legal proceedings or in respect of crime or fraud prevention, detection or prosecution.
(b) Monitoring or recording of your communications for (The Company)’s business purposes such as marketing, quality control and training, prevention of unauthorised use of (The Company)’s telecommunications system and ensuring effective systems operation in order to prevent or detect crime.
---------
"May include" does not mean "limited to" - implying that they are allowed, for example, to share, sell, etc private data to their partners... Exactly what Mike points out to on the Business Week link.
Framed in ways suggestive of company "law enforcer" (illegal roles) onto "guilty" users. Notice how "Intellectual Property" is conveniently repeated. Or is it be assumed that consumers do not have any "intellectual property" they would wish protected? the companies should abide to also protect. BTW, There is an IGF Dynamic Coalition movement calling for a balance between Intellectual Property and development which includes Access to Knwoledge (A2K).<http://www.ipjustice.org>. Very resourceful!
Supposing earlier proposed M-Medicine went ahead in East Africa? Sold ailments data to pharmaceutical companies, that would hike medicines prices in outbreak zones at selected locations... You go to a bank with a water-tight business proposals and all bank turn you down. Reason? They have shared your medical history and they think you will soon "sleep in the shamba" your excellent business proposals notwithstanding.
In summary, unless Data Protection and Privacy Laws are enacted, the default should be to deny all telecommunication companies legal loophole to trade with personal information. And it should be seen to be enforced.
On a lighter note, should I sue a WiFi company for trespassing when their signals enter my laptop, or should they sue me for illegally access of their signal? Over to Ben Shihanya.
Thanks again Mike!
--- On Fri, 8/15/08, Mike Theuri <mike.theuri@gmail.com> wrote:
From: Mike Theuri <mike.theuri@gmail.com> Subject: Re: [kictanet] Day 5 of 10: IG Discussions, Legal Issues To: alex.gakuru@yahoo.com Cc: "KICTAnet ICT Policy Discussions" <kictanet@lists.kictanet.or.ke> Date: Friday, August 15, 2008, 2:11 PM Not a legal opinion: It would be very difficult to apply existing common law (analogous to jurisprudence) to electronic crimes committed in a new era, atleast within the local context.
For these reasons it is necessary to define the crimes under distinct and separate legislation. Due to the borderless nature of the Internet (see shared link), it is necessary for such legislation to take a broad approach into account.
For instance there ought to be provisions that allow local authorities to seek the arrest and extradition of foreign based suspects from other jurisdictions for electronic crimes committed against citizens or local infrastructure owned by individuals or entities even though the suspects at the time of commission of the crime were present in other jurisdictions.
The same provision can allow private parties to pursue civil remedies in a similar matter and give them the basis where possible to enforce the judgement in the defendant's jurisdiction.
This for example would close the possible jurisdictional loophole of individuals crossing borders so as to commit electronic crimes from a country that lacks electronic crime laws. Current law is ill equipped in ensuring civil remedies, prosecution or arrest of local or international cyber criminals, 419ers, lurers of minors, harassers, electronically transmitted or created threats (threats to a person, threats to infrastructure by way of viruses, malaware, DoS etc) etc neither is it likely to be in a position to ensure serious consequences or deterents for the same or allow for the definition of crimes as distinguished here for an international gang of culprits:
http://www.secretservice.gov/press/ GPA15-08_CyberIndictments_Final.pdf
It was recently reported that a bill or regulations to protect the data of consumers would be brought about as a means of
the CRBs. This could be model legislation/regulations to adopt to ensure that the public has a say in the manner in which their private information is used.
At the same time consumers ought to be able to instruct companies with whom they have business relationships with not to share
regulating that
same information with 3rd parties without their prior consent (ie opt-in/out). This is only effective if there are laws or regulations to provide for consequences when businesses violate the same.
As CRBs take root, there will be a likelihood that similar bureaus or entities will eventually start sharing information in real time, for example an underwriter of an insurance policy might want to check an individual's claim history across the industry to determine the level of risk the insured poses in determining policy premiums. Similarly an organization may want to conduct background checks for prospective employees in privately maintained electronic databases.
It is important that instead of regulations or laws being formed for sectors of the economy, that national data privacy laws and regulations be defined (or ammended) and on that basis refinement of specific regulations/laws could be made for sectors that require specific data requirements. Such regulatory foresight can reduce or avert the occurence of issues such as those seen here:
http://www.businessweek.com/magazine/content/08_31/ b4094000643943.htm?campaign_id=rss_null
On Fri, Aug 15, 2008 at 12:21 AM, John Walubengo <jwalu@yahoo.com> wrote:
Mornings,
Today and next Monday, we intend to thrash out
Internet Governance. The typical issues revolve around: -Jurisdiction & Arbitration (who resolves e-disputes) -Copyright & IPR (are they pro or anti-development?) -Privacy and Data Protection (how is the e-Citizens data abused/protected?)
I do hope the 'learned' friends will chip in since I cannot pretend to be an expert here as I introduce the general legal
dispute resolutions can be done through, · Legislation; · Social norms (customs); · Self-regulation; · Regulation through code (software solution); · Jurisprudence (court decisions); · International law.
There is however two broad conflicting schools of
resolving disputes occasioned by the Internet. One group claims that whatever happens online does have an equivalent 'off-line' characteristics and as such existing laws can easily be applied. E.g stealing money electronically is no different from stealing money
charges and subsequent jurisdictional procedures could apply. However, the second group feels that electronic crimes have a totally different context and must have a separate and totally new set of legislation or methodologies for resolutions.
The borderless nature of the Internet brings to fore
legal dimensions of principals. Basically, thought when it comes to physically and so Robbery the Challenges of
Jurisdiction and Arbitration as in yesterday's example, where content in one country may be illegal but is legal in another. Copyright and Intellectual Property Rights issues are also explosive as demonstrated by the Napster Case, where some young software engineers created software that facilitated sharing of (SONY) Music files across the Internet. Also related was the case of Amazon.com trying to Patent the 'single-click' method of buying goods online.
Other cases touch on Data Privacy where Business Companies have been known to sell customer records to Marketing firms without express authority from the Customers. Other times customer data is simply hacked into and Businesses are unable to own up (going public) to
the the
detriment of the
Customer.
Most of these issues are under discussion internationally at the Internet Governance Forum (IGF), World Intellectual Property Organization (WIPO) amongst other fora. They present emerging legal challenges and it would be interesting to know if stakeholders in the East African region are/should be involved in shaping the outcomes of any of these issues.
2days on this one, today and next Monday and feel free to belatedly respond to Day 1 through Day 5 issues.
References: http://www.diplomacy.edu/ISL/IG/ http://en.wikipedia.org/wiki/Napster
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke
http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: mike.theuri@gmail.com Unsubscribe or change your options at
http://lists.kictanet.or.ke/mailman/options/kictanet/mike.theuri% 40gmail.com
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: alex.gakuru@yahoo.com Unsubscribe or change your options at
http://lists.kictanet.or.ke/mailman/options/kictanet/alex.gakuru% 40yahoo.com
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: jwalu@yahoo.com Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu% 40yahoo.com
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: brian@caret.net Unsubscribe or change your options at http://lists.kictanet.or.ke/ mailman/options/kictanet/brian%40caret.net
Hi Walu - IPR presents one of the greatest legal challenges on the Internet. Expert is Bernard Sihanya. One of the learned friends to be traced. Waudo On Sun, 17 Aug 2008 23:00:03 -0700 (PDT), "John Walubengo" <jwalu@yahoo.com> said:
Hi all,
Hpe u had a good weekend. Today is day 6 of 10, but the theme is still on legal issues.
I still cant believe the learned friends have not spoken and left everything to Alex and Mike. If any of you runs into Evelyn R., Kihanya J., Omo J. or Clara R. just to mention a few, ask them if they can give us a shout without us having to 'open a file'
We have only today for this since tomorrow we move into the Economic Issues to be facilitated by a renowned IG expert to be unveiled in due course.
walu.
--- On Sat, 8/16/08, Alex Gakuru <alex.gakuru@yahoo.com> wrote:
From: Alex Gakuru <alex.gakuru@yahoo.com> Subject: Re: [kictanet] Day 5 of 10: IG Discussions, Legal Issues To: jwalu@yahoo.com Cc: "KICTAnet ICT Policy Discussions" <kictanet@lists.kictanet.or.ke> Date: Saturday, August 16, 2008, 11:17 AM G8 links!
The introduction to this topic was on the presumption that consumers were the criminals proceeding to outline law enforcement challenges. The most convenient and common form of misrepresenting cyber crimes and law -- first take away all their rights then they struggle to regain one after the other... It is good that Mike presents both sides of the story. Telecommunication companies hold massive data on all individuals and they ensure that their on their "Terms of Use" and contracts users are "guilty until proven innocent" and the companies are at liberty to do whatever they please with our personal data.
Consider below extract from a local telecommunication company's Terms of Use: - ------------ 5. Use of your information
(The Company) may hold and use information provided by you for a number of purposes, which may include:
(a) Carrying out any activity in connection with a legal, governmental or regulatory requirement on (The Company) in connection with legal proceedings or in respect of crime or fraud prevention, detection or prosecution.
(b) Monitoring or recording of your communications for (The Company)’s business purposes such as marketing, quality control and training, prevention of unauthorised use of (The Company)’s telecommunications system and ensuring effective systems operation in order to prevent or detect crime.
---------
"May include" does not mean "limited to" - implying that they are allowed, for example, to share, sell, etc private data to their partners... Exactly what Mike points out to on the Business Week link.
Framed in ways suggestive of company "law enforcer" (illegal roles) onto "guilty" users. Notice how "Intellectual Property" is conveniently repeated. Or is it be assumed that consumers do not have any "intellectual property" they would wish protected? the companies should abide to also protect. BTW, There is an IGF Dynamic Coalition movement calling for a balance between Intellectual Property and development which includes Access to Knwoledge (A2K).<http://www.ipjustice.org>. Very resourceful!
Supposing earlier proposed M-Medicine went ahead in East Africa? Sold ailments data to pharmaceutical companies, that would hike medicines prices in outbreak zones at selected locations... You go to a bank with a water-tight business proposals and all bank turn you down. Reason? They have shared your medical history and they think you will soon "sleep in the shamba" your excellent business proposals notwithstanding.
In summary, unless Data Protection and Privacy Laws are enacted, the default should be to deny all telecommunication companies legal loophole to trade with personal information. And it should be seen to be enforced.
On a lighter note, should I sue a WiFi company for trespassing when their signals enter my laptop, or should they sue me for illegally access of their signal? Over to Ben Shihanya.
Thanks again Mike!
--- On Fri, 8/15/08, Mike Theuri <mike.theuri@gmail.com> wrote:
From: Mike Theuri <mike.theuri@gmail.com> Subject: Re: [kictanet] Day 5 of 10: IG Discussions, Legal Issues To: alex.gakuru@yahoo.com Cc: "KICTAnet ICT Policy Discussions" <kictanet@lists.kictanet.or.ke> Date: Friday, August 15, 2008, 2:11 PM Not a legal opinion: It would be very difficult to apply existing common law (analogous to jurisprudence) to electronic crimes committed in a new era, atleast within the local context.
For these reasons it is necessary to define the crimes under distinct and separate legislation. Due to the borderless nature of the Internet (see shared link), it is necessary for such legislation to take a broad approach into account.
For instance there ought to be provisions that allow local authorities to seek the arrest and extradition of foreign based suspects from other jurisdictions for electronic crimes committed against citizens or local infrastructure owned by individuals or entities even though the suspects at the time of commission of the crime were present in other jurisdictions.
The same provision can allow private parties to pursue civil remedies in a similar matter and give them the basis where possible to enforce the judgement in the defendant's jurisdiction.
This for example would close the possible jurisdictional loophole of individuals crossing borders so as to commit electronic crimes from a country that lacks electronic crime laws. Current law is ill equipped in ensuring civil remedies, prosecution or arrest of local or international cyber criminals, 419ers, lurers of minors, harassers, electronically transmitted or created threats (threats to a person, threats to infrastructure by way of viruses, malaware, DoS etc) etc neither is it likely to be in a position to ensure serious consequences or deterents for the same or allow for the definition of crimes as distinguished here for an international gang of culprits:
http://www.secretservice.gov/press/GPA15-08_CyberIndictments_Final.pdf
It was recently reported that a bill or regulations to protect the data of consumers would be brought about as a means of
the CRBs. This could be model legislation/regulations to adopt to ensure that the public has a say in the manner in which their private information is used.
At the same time consumers ought to be able to instruct companies with whom they have business relationships with not to share
regulating that
same information with 3rd parties without their prior consent (ie opt-in/out). This is only effective if there are laws or regulations to provide for consequences when businesses violate the same.
As CRBs take root, there will be a likelihood that similar bureaus or entities will eventually start sharing information in real time, for example an underwriter of an insurance policy might want to check an individual's claim history across the industry to determine the level of risk the insured poses in determining policy premiums. Similarly an organization may want to conduct background checks for prospective employees in privately maintained electronic databases.
It is important that instead of regulations or laws being formed for sectors of the economy, that national data privacy laws and regulations be defined (or ammended) and on that basis refinement of specific regulations/laws could be made for sectors that require specific data requirements. Such regulatory foresight can reduce or avert the occurence of issues such as those seen here:
http://www.businessweek.com/magazine/content/08_31/b4094000643943.htm?campai...
On Fri, Aug 15, 2008 at 12:21 AM, John Walubengo <jwalu@yahoo.com> wrote:
Mornings,
Today and next Monday, we intend to thrash out
Internet Governance. The typical issues revolve around: -Jurisdiction & Arbitration (who resolves e-disputes) -Copyright & IPR (are they pro or anti-development?) -Privacy and Data Protection (how is the e-Citizens data abused/protected?)
I do hope the 'learned' friends will chip in since I cannot pretend to be an expert here as I introduce the general legal
dispute resolutions can be done through, · Legislation; · Social norms (customs); · Self-regulation; · Regulation through code (software solution); · Jurisprudence (court decisions); · International law.
There is however two broad conflicting schools of
resolving disputes occasioned by the Internet. One group claims that whatever happens online does have an equivalent 'off-line' characteristics and as such existing laws can easily be applied. E.g stealing money electronically is no different from stealing money
charges and subsequent jurisdictional procedures could apply. However, the second group feels that electronic crimes have a totally different context and must have a separate and totally new set of legislation or methodologies for resolutions.
The borderless nature of the Internet brings to fore
legal dimensions of principals. Basically, thought when it comes to physically and so Robbery the Challenges of
Jurisdiction and Arbitration as in yesterday's example, where content in one country may be illegal but is legal in another. Copyright and Intellectual Property Rights issues are also explosive as demonstrated by the Napster Case, where some young software engineers created software that facilitated sharing of (SONY) Music files across the Internet. Also related was the case of Amazon.com trying to Patent the 'single-click' method of buying goods online.
Other cases touch on Data Privacy where Business Companies have been known to sell customer records to Marketing firms without express authority from the Customers. Other times customer data is simply hacked into and Businesses are unable to own up (going public) to
the the
detriment of the
Customer.
Most of these issues are under discussion internationally at the Internet Governance Forum (IGF), World Intellectual Property Organization (WIPO) amongst other fora. They present emerging legal challenges and it would be interesting to know if stakeholders in the East African region are/should be involved in shaping the outcomes of any of these issues.
2days on this one, today and next Monday and feel free to belatedly respond to Day 1 through Day 5 issues.
References: http://www.diplomacy.edu/ISL/IG/ http://en.wikipedia.org/wiki/Napster
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke
http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: mike.theuri@gmail.com Unsubscribe or change your options at
http://lists.kictanet.or.ke/mailman/options/kictanet/mike.theuri%40gmail.com
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: alex.gakuru@yahoo.com Unsubscribe or change your options at
http://lists.kictanet.or.ke/mailman/options/kictanet/alex.gakuru%40yahoo.com
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: jwalu@yahoo.com Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
This message was sent to: emailsignet@mailcan.com Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/emailsignet%40mailcan.c... People make a plan work, a plan alone seldom makes people work (Confucius).
participants (6)
-
Alex Gakuru -
Brian Munyao Longwe -
Gakuru, Alex -
John Walubengo -
Mike Theuri -
waudo siganga