Your SlideShare is downloading. ×
Jayantha Fernando LLM – IT
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.


Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Jayantha Fernando LLM – IT


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. Jayantha Fernando LLM – IT & Telecom Law (Lond.) Director & Legal Advisor, ICTA Business Governance of Information Technology The CXO Perspective LEGAL FRAMEWORK (c) Jayantha Fernando
  • 2. What are the Legal requirements
    • Several legal safeguards having an
    • impact on governance of IT assets and
    • Information management
    • Conformity with IP Laws
    • Controls needed to prevent misuse –Computer Crimes
    • Electronic Transactions – ensuring secure transactions and safeguards to retention of information
    • Legal challenge --- “ Legal systems are based on human interface and manual processes. Transition to IT based processes poses challenges which can be overcome”
    (c) Jayantha Fernando
  • 3. Key Legal Provisions
    • Intellectual Property Act No. 36 of 2003
      • Legal guidelines to safeguard intellectual creations, including compliance obligations for Software and Information systems
    • Computer Crime Act 24 of 2007
      • Framework to prevent misuse of IT Systems
    • Electronic Transactions Act No. 19 of 2006
      • Legitimizes electronic ways of doing business, including guidelines on secure transactions storage
    (c) Jayantha Fernando
  • 4. Intellectual Property Act No. 36 of 2003
    • Safeguards Intellectual Creations
      • Copyrights, Patents, Trademarks etc.
    • Based on WTO/ TRIPS
    • Key Provisions relevant to IT Systems
      • Copyright Protection for Software Sec 6(1)
      • Exclusive Rights (right to copy, translate, adapt and distribute) reserved for Owners– Sec 9
      • Scope of copying “fair-use” defined - Sec 12(7)
      • Licensing rights recognised - Sec 16(1)
      • Information safeguards – Sec 160 (6)
    (c) Jayantha Fernando
  • 5. Compliance Obligations under IP Act
    • Respect software ownership rights
    • Ensure Compliance with License obligations
      • Applicable to both proprietary and open source software
      • Open Source / Free Software embody license conditions with freedoms (rights to modify, customise and freely distribute) but ownership retained by creators
    (c) Jayantha Fernando
  • 6. Scope of Copying of Software IP Act – Section 12(7)
    • Making a Single Copy and Adaptation by the lawful owner of a copy of software is permitted, only if such copy is necessary for :-
      • The purpose for which it was obtained (as per license)
      • For Archival purposes and for replacement of lawfully owned copy (if it is destroyed or rendered unusable)
    (c) Jayantha Fernando
  • 7. Software Protection Intervention by Courts
    • SOFTSYSTEM (Pvt) Ltd vs Visual Tech
    • Alleged misuse of Source Code belonging to Indian Software Company
    • Enjoining Order granted by Commercial High Court of Colombo
    • Out of Court Settlement
    (c) Jayantha Fernando
  • 8. Protection of Information as an Asset Law of Confidentiality
    • Disclosure and acquisition of undisclosed information without the consent of “rightful holder” would constitute an act of “ unfair competition ”
    • Section 160(6)(b) - Disclosure and acquisition may result from Breach of contract, industrial espionage etc
    • Protection for NDAs under the IP Act
    • Sri Lanka has followed English Common law principles relating to Law of Confidence
    (c) Jayantha Fernando
  • 9.
    • Computer Crime Act 24 of 2007
      • Framework to prevent misuse of IT Systems
    • Three Broad Categories of Computer Crimes
      • Computer Related crimes – Computers used as a tool for criminal activity such as theft, fraud etc
      • Hacking – affects integrity, availability and confidentiality of a computer system or network (also includes Viruses, worms etc)
      • Content related Cyber Crime – Computers with internet used to distribute illegal data. Eg;- Internet based pornography, Criminal copyright infringement
    Computer Crimes (c) Jayantha Fernando
  • 10.
    • Criminal liability - Unauthorised access to (a) Computer, and (b) any information held in any computer – Section 3 & 4
      • Mere turning on of a computer sufficient
    • Intentionally and without lawful authority carries out a function which has effect of modification or damage to any computer or computer system or computer program – Section 5
    Computer Crimes - Provisions Relevant for IT Governance (c) Jayantha Fernando
  • 11.
    • What constitutes modification or damage to any computer or computer system or computer program (Vide illustration to Section 5)
      • impairing the operation of any computer, or the reliability of any data or information held in any computer
      • destroying, deleting or corrupting or adding, moving or altering any information held in any computer
      • introduces a computer program which will have the effect of malfunctioning of a computer or falsifies the data
    Computer Crimes - Provisions Relevant for IT Governance (c) Jayantha Fernando
  • 12.
    • Obtaining information from a computer or a storage medium without authority- Section 7
      • Including buying, selling, uploading and downloading, copies or acquires the substance or meaning of such information
    • Illegal interception of Data – Section 8
    • Use of Illegal devices – Section 9
    • Unauthorised disclosure of Information – Section 10
    Computer Crimes - Provisions Relevant for IT Governance (c) Jayantha Fernando
  • 13. Electronic Transactions Act No. 19 of 2006
    • Framework for electronic business and sets guidelines on secure e-transactions & storage
    • Substantive Legal Issues
      • Formation and validity of online Contracts
      • Statutory limitations relating to enforcement (writing and signature requirements, i.e Prevention of Frauds Ordinance of 1840)
      • Proof – Evidentiary issues
    • Regulation of Service Providers (Facilitate the use of electronic signatures)
    (c) Jayantha Fernando
  • 14. Electronic Transactions Act
    • No Definition of “Electronic Transactions”
    • Covers all commercial transactions carried out in the electronic form
    • Areas Not covered
      • Last wills, Property related transactions (Section 23)
      • Consumer protection issues (Consumer Affairs Authority Act No. 9 of 2003)
    (c) Jayantha Fernando
  • 15. Electronic Transactions Act Objectives (what it covers)– Section 2
    • to facilitate domestic and international electronic commerce by eliminating legal barriers
    • to encourage the use of reliable forms of electronic commerce
    • to facilitate electronic filing of documents with Government and to promote efficient delivery of Government services by means of reliable forms of electronic communications; and
    • to promote public confidence in the authenticity, integrity and reliability of data messages and electronic communications
    (c) Jayantha Fernando
  • 16. Electronic Transactions Act
    • Section 3 – Broad Principles
      • recognition to Data Messages, electronic documents, electronic records and other communications should not be denied legal effect
    • The term “Data Messages”, “electronic documents”, “electronic records” and “Communications” have been defined to give a wide connotation to all forms of electronic transactions
    • Based on UNCITRAL templates
    (c) Jayantha Fernando
  • 17. Electronic Transactions Act Chapter II
    • Section 6
      • Legal Standards for Retention of Information originally NOT generated in electronic form
    • Section 7
      • Legal Recognition of Electronic Signatures for secure transactions
    • “ Writing” and “Signing” a paper document provides reliability , traceability and un-alterability
      • Satisfied by Electronic Signatures (digital certificates)
    (c) Jayantha Fernando
  • 18. Electronic Transactions Act Chapter V
    • Rules Governing Evidence
    • New admissibility framework based on regularity of business records principles– Section 21 (2)
      • Information contained in electronic documents compiled, received and obtained during the course of business, trade of profession or other regularly conducted activity are per se admissible
    • Presumption on the accuracy of contents of electronic documents and records– Section 21 (3)
    • Burden shifted to party seeking to DENY admissibility
    (c) Jayantha Fernando
  • 19. Electronic Transactions Recent Developments
    • All Sections except Section 18 and 20(1) brought into operation w.e.f 1 st October 2007 - Gazette dated 27 Sept 2007
    • UN Convention on the Use of Electronic Communications in International Contracts
      • UN e-Contracting Convention
    • Sri Lanka first in South Asia to sign it with China and Singapore
    • Act needs few Amendments
    (c) Jayantha Fernando
  • 20. Conclusions
    • Adequate legislative provisions for IT Governance
    • Enforcement challenges and consider business impact
    • Availability of Technology solutions for better legal compliance
    (c) Jayantha Fernando