Your SlideShare is downloading. ×
Jayantha Fernando LLM – IT
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Jayantha Fernando LLM – IT

301
views

Published on


0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
301
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Jayantha Fernando LLM – IT & Telecom Law (Lond.) Director & Legal Advisor, ICTA Business Governance of Information Technology The CXO Perspective LEGAL FRAMEWORK (c) Jayantha Fernando
  • 2. What are the Legal requirements
    • Several legal safeguards having an
    • impact on governance of IT assets and
    • Information management
    • Conformity with IP Laws
    • Controls needed to prevent misuse –Computer Crimes
    • Electronic Transactions – ensuring secure transactions and safeguards to retention of information
    • Legal challenge --- “ Legal systems are based on human interface and manual processes. Transition to IT based processes poses challenges which can be overcome”
    (c) Jayantha Fernando
  • 3. Key Legal Provisions
    • Intellectual Property Act No. 36 of 2003
      • Legal guidelines to safeguard intellectual creations, including compliance obligations for Software and Information systems
    • Computer Crime Act 24 of 2007
      • Framework to prevent misuse of IT Systems
    • Electronic Transactions Act No. 19 of 2006
      • Legitimizes electronic ways of doing business, including guidelines on secure transactions storage
    (c) Jayantha Fernando
  • 4. Intellectual Property Act No. 36 of 2003
    • Safeguards Intellectual Creations
      • Copyrights, Patents, Trademarks etc.
    • Based on WTO/ TRIPS
    • Key Provisions relevant to IT Systems
      • Copyright Protection for Software Sec 6(1)
      • Exclusive Rights (right to copy, translate, adapt and distribute) reserved for Owners– Sec 9
      • Scope of copying “fair-use” defined - Sec 12(7)
      • Licensing rights recognised - Sec 16(1)
      • Information safeguards – Sec 160 (6)
    (c) Jayantha Fernando
  • 5. Compliance Obligations under IP Act
    • Respect software ownership rights
    • Ensure Compliance with License obligations
      • Applicable to both proprietary and open source software
      • Open Source / Free Software embody license conditions with freedoms (rights to modify, customise and freely distribute) but ownership retained by creators
    (c) Jayantha Fernando
  • 6. Scope of Copying of Software IP Act – Section 12(7)
    • Making a Single Copy and Adaptation by the lawful owner of a copy of software is permitted, only if such copy is necessary for :-
      • The purpose for which it was obtained (as per license)
      • For Archival purposes and for replacement of lawfully owned copy (if it is destroyed or rendered unusable)
    (c) Jayantha Fernando
  • 7. Software Protection Intervention by Courts
    • SOFTSYSTEM (Pvt) Ltd vs Visual Tech
    • Alleged misuse of Source Code belonging to Indian Software Company
    • Enjoining Order granted by Commercial High Court of Colombo
    • Out of Court Settlement
    (c) Jayantha Fernando
  • 8. Protection of Information as an Asset Law of Confidentiality
    • Disclosure and acquisition of undisclosed information without the consent of “rightful holder” would constitute an act of “ unfair competition ”
    • Section 160(6)(b) - Disclosure and acquisition may result from Breach of contract, industrial espionage etc
    • Protection for NDAs under the IP Act
    • Sri Lanka has followed English Common law principles relating to Law of Confidence
    (c) Jayantha Fernando
  • 9.
    • Computer Crime Act 24 of 2007
      • Framework to prevent misuse of IT Systems
    • Three Broad Categories of Computer Crimes
      • Computer Related crimes – Computers used as a tool for criminal activity such as theft, fraud etc
      • Hacking – affects integrity, availability and confidentiality of a computer system or network (also includes Viruses, worms etc)
      • Content related Cyber Crime – Computers with internet used to distribute illegal data. Eg;- Internet based pornography, Criminal copyright infringement
    Computer Crimes (c) Jayantha Fernando
  • 10.
    • Criminal liability - Unauthorised access to (a) Computer, and (b) any information held in any computer – Section 3 & 4
      • Mere turning on of a computer sufficient
    • Intentionally and without lawful authority carries out a function which has effect of modification or damage to any computer or computer system or computer program – Section 5
    Computer Crimes - Provisions Relevant for IT Governance (c) Jayantha Fernando
  • 11.
    • What constitutes modification or damage to any computer or computer system or computer program (Vide illustration to Section 5)
      • impairing the operation of any computer, or the reliability of any data or information held in any computer
      • destroying, deleting or corrupting or adding, moving or altering any information held in any computer
      • introduces a computer program which will have the effect of malfunctioning of a computer or falsifies the data
    Computer Crimes - Provisions Relevant for IT Governance (c) Jayantha Fernando
  • 12.
    • Obtaining information from a computer or a storage medium without authority- Section 7
      • Including buying, selling, uploading and downloading, copies or acquires the substance or meaning of such information
    • Illegal interception of Data – Section 8
    • Use of Illegal devices – Section 9
    • Unauthorised disclosure of Information – Section 10
    Computer Crimes - Provisions Relevant for IT Governance (c) Jayantha Fernando
  • 13. Electronic Transactions Act No. 19 of 2006
    • Framework for electronic business and sets guidelines on secure e-transactions & storage
    • Substantive Legal Issues
      • Formation and validity of online Contracts
      • Statutory limitations relating to enforcement (writing and signature requirements, i.e Prevention of Frauds Ordinance of 1840)
      • Proof – Evidentiary issues
    • Regulation of Service Providers (Facilitate the use of electronic signatures)
    (c) Jayantha Fernando
  • 14. Electronic Transactions Act
    • No Definition of “Electronic Transactions”
    • Covers all commercial transactions carried out in the electronic form
    • Areas Not covered
      • Last wills, Property related transactions (Section 23)
      • Consumer protection issues (Consumer Affairs Authority Act No. 9 of 2003)
    (c) Jayantha Fernando
  • 15. Electronic Transactions Act Objectives (what it covers)– Section 2
    • to facilitate domestic and international electronic commerce by eliminating legal barriers
    • to encourage the use of reliable forms of electronic commerce
    • to facilitate electronic filing of documents with Government and to promote efficient delivery of Government services by means of reliable forms of electronic communications; and
    • to promote public confidence in the authenticity, integrity and reliability of data messages and electronic communications
    (c) Jayantha Fernando
  • 16. Electronic Transactions Act
    • Section 3 – Broad Principles
      • recognition to Data Messages, electronic documents, electronic records and other communications should not be denied legal effect
    • The term “Data Messages”, “electronic documents”, “electronic records” and “Communications” have been defined to give a wide connotation to all forms of electronic transactions
    • Based on UNCITRAL templates
    (c) Jayantha Fernando
  • 17. Electronic Transactions Act Chapter II
    • Section 6
      • Legal Standards for Retention of Information originally NOT generated in electronic form
    • Section 7
      • Legal Recognition of Electronic Signatures for secure transactions
    • “ Writing” and “Signing” a paper document provides reliability , traceability and un-alterability
      • Satisfied by Electronic Signatures (digital certificates)
    (c) Jayantha Fernando
  • 18. Electronic Transactions Act Chapter V
    • Rules Governing Evidence
    • New admissibility framework based on regularity of business records principles– Section 21 (2)
      • Information contained in electronic documents compiled, received and obtained during the course of business, trade of profession or other regularly conducted activity are per se admissible
    • Presumption on the accuracy of contents of electronic documents and records– Section 21 (3)
    • Burden shifted to party seeking to DENY admissibility
    (c) Jayantha Fernando
  • 19. Electronic Transactions Recent Developments
    • All Sections except Section 18 and 20(1) brought into operation w.e.f 1 st October 2007 - Gazette dated 27 Sept 2007
    • UN Convention on the Use of Electronic Communications in International Contracts
      • UN e-Contracting Convention
    • Sri Lanka first in South Asia to sign it with China and Singapore
    • Act needs few Amendments
    (c) Jayantha Fernando
  • 20. Conclusions
    • Adequate legislative provisions for IT Governance
    • Enforcement challenges and consider business impact
    • Availability of Technology solutions for better legal compliance
    (c) Jayantha Fernando