The document discusses the EU and the Netherlands. It provides an agenda for an international cyber law seminar covering data protection and e-authentication in the EU and Netherlands. It summarizes the key EU data protection directive and the proposed general data protection regulation. It also outlines the legal framework for e-authentication in the Netherlands, including the national e-identification system called DigiD and eHerkenning for business authentication.
This document discusses legal and regulatory issues related to information and communications technology. It covers five core research areas: the networked individual, access to and control of information, information security and trust, information transport through electronic communications, and the emerging electronic society. For each area, it provides examples of relevant legal topics and ongoing discussions around balancing privacy, security and enabling new technologies. The overall aim is to closely monitor the regulatory framework and how it relates to technical research at IBBT.
This document provides guidance for conducting case studies on the topics of IPR and cyber law. It outlines 8 required case studies covering the entire syllabus. It describes how to structure case study answers by giving an overview, introducing relevant law, stating issues and solutions, and concluding. Key terms used in questions are defined. Major concepts from each unit are listed, including IPR definitions, relevant legislation, and sections of the Information Technology Act. Two sample case studies are provided on digital signatures in e-commerce and trademark infringement on the internet.
The document discusses four projects from 2003-2006 that explored using information and communication technologies (ICT) to improve judicial services. It summarizes each project: [1] Austria focused on automating exchanges between lawyers and courts; [2] Finland emphasized accessibility, user-friendliness, and empowering citizens; [3] Italy focused on security, privacy and automating transactions for professionals; [4] the UK and Wales aimed to reduce costs by bypassing legal representation. The research examined how ICT interacts with institutions and can trigger healthy or unhealthy institutional dynamics during development of e-services.
electronic transactions law lecture series: lecture 1 introductionCaroline B Ncube
This document provides an overview of electronic transactions law. It begins by discussing different terms used to describe this area of law such as cyberlaw, e-commerce law, and internet law. It then defines electronic transactions and the key concepts of electronic communications and data messages in the Electronic Communications and Transactions Act. The document outlines the main technologies used in electronic transactions and different types of transactions and the legal issues they raise. It also discusses the development of South Africa's e-commerce policy framework and relevant domestic and international laws governing electronic transactions.
Some simplified slides I developed to use in briefings and discussions about “data sharing” and the “data sharing” provisions in the Digital Economy Bill (now Digital Economy Act)
Privacy and identity management for everyoneAmir Neziri
The document describes a privacy enhancing technology called PRIME (Privacy and Identity Management for Europe) that aims to give users control over their personal data and enable anonymous transactions. PRIME was developed by a European research project involving over 20 partners. It uses cryptographic tools like anonymous communication and attribute-based credentials to allow users to verify attributes about themselves without revealing their identity. The architecture of PRIME involves components like access control, identity control, and obligation management to negotiate transactions while enforcing privacy policies and obligations.
Electronic Transactions Law - Lecture 3: contractsCaroline B Ncube
This document discusses electronic contracts under South African law. It covers:
1) The essential requirements for a valid contract and how they apply to electronic contracts.
2) The reception theory which determines when electronic contracts are formed based on when messages are sent and received.
3) Different types of online agreements like shrinkwrap, clickwrap, and browsewrap contracts and when their terms can be considered binding.
4) Automated transactions under the Electronic Communications and Transactions Act and situations where agreements formed through electronic agents may not be enforceable.
This document discusses legal and regulatory issues related to information and communications technology. It covers five core research areas: the networked individual, access to and control of information, information security and trust, information transport through electronic communications, and the emerging electronic society. For each area, it provides examples of relevant legal topics and ongoing discussions around balancing privacy, security and enabling new technologies. The overall aim is to closely monitor the regulatory framework and how it relates to technical research at IBBT.
This document provides guidance for conducting case studies on the topics of IPR and cyber law. It outlines 8 required case studies covering the entire syllabus. It describes how to structure case study answers by giving an overview, introducing relevant law, stating issues and solutions, and concluding. Key terms used in questions are defined. Major concepts from each unit are listed, including IPR definitions, relevant legislation, and sections of the Information Technology Act. Two sample case studies are provided on digital signatures in e-commerce and trademark infringement on the internet.
The document discusses four projects from 2003-2006 that explored using information and communication technologies (ICT) to improve judicial services. It summarizes each project: [1] Austria focused on automating exchanges between lawyers and courts; [2] Finland emphasized accessibility, user-friendliness, and empowering citizens; [3] Italy focused on security, privacy and automating transactions for professionals; [4] the UK and Wales aimed to reduce costs by bypassing legal representation. The research examined how ICT interacts with institutions and can trigger healthy or unhealthy institutional dynamics during development of e-services.
electronic transactions law lecture series: lecture 1 introductionCaroline B Ncube
This document provides an overview of electronic transactions law. It begins by discussing different terms used to describe this area of law such as cyberlaw, e-commerce law, and internet law. It then defines electronic transactions and the key concepts of electronic communications and data messages in the Electronic Communications and Transactions Act. The document outlines the main technologies used in electronic transactions and different types of transactions and the legal issues they raise. It also discusses the development of South Africa's e-commerce policy framework and relevant domestic and international laws governing electronic transactions.
Some simplified slides I developed to use in briefings and discussions about “data sharing” and the “data sharing” provisions in the Digital Economy Bill (now Digital Economy Act)
Privacy and identity management for everyoneAmir Neziri
The document describes a privacy enhancing technology called PRIME (Privacy and Identity Management for Europe) that aims to give users control over their personal data and enable anonymous transactions. PRIME was developed by a European research project involving over 20 partners. It uses cryptographic tools like anonymous communication and attribute-based credentials to allow users to verify attributes about themselves without revealing their identity. The architecture of PRIME involves components like access control, identity control, and obligation management to negotiate transactions while enforcing privacy policies and obligations.
Electronic Transactions Law - Lecture 3: contractsCaroline B Ncube
This document discusses electronic contracts under South African law. It covers:
1) The essential requirements for a valid contract and how they apply to electronic contracts.
2) The reception theory which determines when electronic contracts are formed based on when messages are sent and received.
3) Different types of online agreements like shrinkwrap, clickwrap, and browsewrap contracts and when their terms can be considered binding.
4) Automated transactions under the Electronic Communications and Transactions Act and situations where agreements formed through electronic agents may not be enforceable.
E-contracting and Commerce is presented by Pria Chetty and details the South African legal position with regard to electronic contracts and the effect on commerce.
Whitepaper: What You Should Know About eSignature LawDocuSign
These days international borders are becoming less and less of a hurdle to conducting business. Particularly in industrialized countries, the law recognizes that business accelerators such as electronic signatures are essential to remaining competitive in the global economy. An understanding of the law regarding electronic signatures in the European Union and DocuSign’s strong adherence to these laws, as follows, provides businesses with the confidence to conduct business and get signatures electronically anywhere in the world.
4. florence dupre new usagesprivacy legal framework fdGlobalForum
The document discusses the limits of the current legal framework for cybersecurity. It notes issues like differing approaches to security and privacy, a lack of harmonization between laws, and challenges around applicable law and jurisdiction. It then outlines some new developments, such as privacy by design and identity federation. Finally, it argues that the way forward is to adapt laws to changing technology and threats, work towards more international cooperation and harmonization, and develop best practices.
This document discusses different types of electronic credentials for authentication and secure identification. It describes software-based credentials like certificates, assertions, and hardware-based credentials like hardware security modules, smart cards, and smart tokens. It compares software standards like OpenID and SAML, and analyzes vulnerabilities in OpenID like various attacks that are possible due to lack of encryption of messages and integrity protection of only one message. Hardware-based credentials like smart cards and their use of cryptographic challenge-response protocols for authentication are also covered.
Legal frameworks in Latin America and Spain recognize electronic documents and signatures and their validity and admissibility as evidence in legal proceedings. Key aspects addressed include types of electronic signatures and documents, requirements for originality, integrity and authentication. Countries have established laws and regulations on e-government services, e-commerce and management of electronic records, with a focus on ensuring equivalent treatment between paper and digital documents. Spain's laws validate distance contracts formed electronically and allow electronic evidence in courts under the same conditions as traditional evidence.
The UNCITRAL Model Law on Electronic Commerce was adopted in 1997 to help harmonize the laws related to electronic commerce across countries. It recommends that countries consider the model law when enacting or revising their own e-commerce laws. India enacted the Information Technology Act in 2000, which was influenced by the UNCITRAL Model Law and aimed to facilitate e-commerce and e-governance in India by providing legal recognition for electronic records and transactions. While the Indian law was broadly aligned with principles of the model law like functional equivalence and media neutrality, it deviated in some areas like requiring specific digital signature standards and not having provisions for online contract formation equivalent to those in the model law.
This document discusses cyber or online contracts. It defines a cyber-contract as one created through communications over computer networks, whether entirely through email exchanges showing offer and acceptance, or a combination of electronic and other means. The key elements of a valid contract - offer, acceptance, consideration, and consent - still apply to online contracts. Digital signatures can verify the identity of parties to an online contract by encrypting messages with public and private keys. This allows confirmation that a message has not been altered and verifies the sender. Overall, the document outlines how traditional contract law elements can be applied to agreements made electronically.
This document is the Republic Act No. 8792, also known as the Electronic Commerce Act of 2000, which provides legal recognition and use of electronic commercial and non-commercial transactions and documents in the Philippines. Some key points:
- It aims to facilitate domestic and international dealings through electronic means and recognizes the authenticity and reliability of electronic documents.
- It defines terms related to electronic transactions and documents, such as electronic signature and electronic data message.
- It provides for the legal recognition and equivalence of electronic writings, documents, and signatures to their paper-based counterparts if certain reliability conditions are met.
- It establishes rules for attributing electronic messages and signatures to originators, and addresses formation of electronic
This document provides an introduction to electronic contracting under South African law. It discusses key concepts like the requirements for a valid contract, the Electronic Communications and Transactions Act, and when electronic contracts are formed. It also covers types of electronic contracts like shrinkwrap and clickwrap agreements, and issues around standard terms and conditions in electronic contracts, including cases that address incorporating terms by reference and enforcing exemption clauses.
(1) The Electronic Transactions Act was enacted to regulate electronic records and digital signatures by providing them legal validity and recognition.
(2) Key terms like electronic form, electronic record, digital signature, originator, addressee etc. are defined to have the same meaning when used in reference to electronic records as they would have in reference to physical documents.
(3) The act provides for legal recognition of electronic records and digital signatures by establishing them as valid alternatives to physical documents signed using handwritten signatures when prevailing law requires written, printed or signed records.
This document discusses the definition, essential elements, and validity of e-contracts under Indian law. It defines an e-contract as any contract formed through electronic means like email. The key points are:
1. The Indian Contract Act and Information Technology Act recognize the validity of e-contracts and electronic communications/records as legally binding.
2. Essential elements of a valid contract like offer, acceptance, consideration must be present in e-contracts for them to be enforceable.
3. E-contracts can be formed via websites through clickwrap/browsewrap/shrinkwrap agreements or via email exchange. The postal rule of acceptance applies to email.
4. Electronic records and digital signatures have evidentiary
This document discusses electronic contracts (e-contracts) under Indian law. It defines essential elements of valid contracts including offer, acceptance, consideration, and intention to create legal relations. Key provisions of the Information Technology Act relating to attribution of electronic records and time/place of communication are summarized. Different types of e-contracts like shrink wrap and click wrap agreements are described. Sample clauses from real e-contracts for email services, domain purchase, online share trading, and online shopping are provided to illustrate common purposes and sub-parts of e-contracts. Finally, the document outlines the legal framework for secure e-contracts covering different business and legal phases of the contracting process.
This document provides an overview of cyber ethics, legal and privacy issues related to cyber technology. It defines key concepts like cyberethics, computer ethics, and discusses ethical standards and codes from professional organizations. It also covers topics like open source ethics, net neutrality, digital rights, e-democracy, privacy law, and the impact of computer technology on privacy. The document references laws and regulations in Tanzania related to privacy and restrictions. It discusses expectations of privacy and challenges posed by new technologies.
E-Contracting: The Basic Rules (2/2/2001)Shawn Tuma
This is a presentation that discusses the basics of contracting over the Internet -- back in 2001 -- before the rules for Internet contracting were settled. The date of the presentation was February 2, 2001. This is a Golden Oldie!
This document summarizes a presentation on electronic commerce regulation in Africa. It discusses how countries can benefit from electronic commerce by assessing their policy and legal frameworks. It provides an overview of global electronic commerce trends and regulations, including models from UNCITRAL, the African Union, SADC, ECOWAS, and various countries. The presentation explores issues around developing enabling environments for e-commerce and regulating areas like electronic transactions, data protection, cybercrime, and intellectual property. It also discusses challenges African countries face in developing appropriate ICT policies and legal frameworks to promote regional economic integration and access to the global digital economy.
The document discusses information technology (IT) law and various types of cybercrimes. It begins by defining what constitutes a computer and examines perspectives from different industries and jurisdictions. It then explores the relationship between law and computer technology, how IT law emerged from legal issues involving computers, and sources of IT law. The document distinguishes between computer crimes, where the computer is the target, and cyber crimes, which are enabled by computers but may have existed previously. It proceeds to examine examples of computer fraud, hacking, unauthorized data modification, and dissemination of malicious software.
Closer All The Time: Moving Toward Fiduciary Access to Digital Assetsgallowayandcollens
The document discusses moving toward laws that allow fiduciaries like personal representatives and agents under a power of attorney to access and manage a person's digital assets when they become incapacitated or die. It summarizes the Uniform Fiduciary Access to Digital Assets Act (UFADAA) and Michigan's proposed Fiduciary Access to Digital Assets Act (HB 5034), which would give fiduciaries access to digital assets like photos, emails and financial accounts according to the account holder's intent. It distinguishes between access to the content of communications versus just a catalogue of contacts and addresses.
The document discusses future directions for identity management and electronic identification (eID). It notes growing demand for identity assurance globally due to increasing regulations, digital payments, and cross-border interactions. Several countries have implemented national eID systems with varying levels of assurance and functionality. High assurance eIDs that can be used across borders and support commercial processes are most valued. Moving eIDs to mobile could reduce costs and open opportunities. National eID programs should focus on level 3 or 4 assurance for high value, functionality, and future interoperability.
Return On Contribution (ROC) ECSCW 2009 Muller Et AlMichael Muller
We desribe Return On Contribution (ROC), a social metric for social software. ROC can be used to characterize social software at the level of (a) an application, (b) types of contributions, (c) particular contributions, and (d) particular contributors (where permitted by privacy rules). Our work also highlights the importance of "lurkers" or "non-public participants" in social software. ROC can be applied across diverse types of social software and forms of participation.
MassMutual has strong financials as of June 30, 2009 with a surplus of $8.3 billion, $2.7 billion in cash and equivalents, and over $11 billion in government securities. It has the highest ratings of AAA from Standard & Poor's, Aa1 from Moody's, and AAA from Fitch. Core weighted whole life sales were up 9% and the net field force increased 9% despite challenges. The investment portfolio totaled $84.3 billion using a prudent, diversified approach.
E-contracting and Commerce is presented by Pria Chetty and details the South African legal position with regard to electronic contracts and the effect on commerce.
Whitepaper: What You Should Know About eSignature LawDocuSign
These days international borders are becoming less and less of a hurdle to conducting business. Particularly in industrialized countries, the law recognizes that business accelerators such as electronic signatures are essential to remaining competitive in the global economy. An understanding of the law regarding electronic signatures in the European Union and DocuSign’s strong adherence to these laws, as follows, provides businesses with the confidence to conduct business and get signatures electronically anywhere in the world.
4. florence dupre new usagesprivacy legal framework fdGlobalForum
The document discusses the limits of the current legal framework for cybersecurity. It notes issues like differing approaches to security and privacy, a lack of harmonization between laws, and challenges around applicable law and jurisdiction. It then outlines some new developments, such as privacy by design and identity federation. Finally, it argues that the way forward is to adapt laws to changing technology and threats, work towards more international cooperation and harmonization, and develop best practices.
This document discusses different types of electronic credentials for authentication and secure identification. It describes software-based credentials like certificates, assertions, and hardware-based credentials like hardware security modules, smart cards, and smart tokens. It compares software standards like OpenID and SAML, and analyzes vulnerabilities in OpenID like various attacks that are possible due to lack of encryption of messages and integrity protection of only one message. Hardware-based credentials like smart cards and their use of cryptographic challenge-response protocols for authentication are also covered.
Legal frameworks in Latin America and Spain recognize electronic documents and signatures and their validity and admissibility as evidence in legal proceedings. Key aspects addressed include types of electronic signatures and documents, requirements for originality, integrity and authentication. Countries have established laws and regulations on e-government services, e-commerce and management of electronic records, with a focus on ensuring equivalent treatment between paper and digital documents. Spain's laws validate distance contracts formed electronically and allow electronic evidence in courts under the same conditions as traditional evidence.
The UNCITRAL Model Law on Electronic Commerce was adopted in 1997 to help harmonize the laws related to electronic commerce across countries. It recommends that countries consider the model law when enacting or revising their own e-commerce laws. India enacted the Information Technology Act in 2000, which was influenced by the UNCITRAL Model Law and aimed to facilitate e-commerce and e-governance in India by providing legal recognition for electronic records and transactions. While the Indian law was broadly aligned with principles of the model law like functional equivalence and media neutrality, it deviated in some areas like requiring specific digital signature standards and not having provisions for online contract formation equivalent to those in the model law.
This document discusses cyber or online contracts. It defines a cyber-contract as one created through communications over computer networks, whether entirely through email exchanges showing offer and acceptance, or a combination of electronic and other means. The key elements of a valid contract - offer, acceptance, consideration, and consent - still apply to online contracts. Digital signatures can verify the identity of parties to an online contract by encrypting messages with public and private keys. This allows confirmation that a message has not been altered and verifies the sender. Overall, the document outlines how traditional contract law elements can be applied to agreements made electronically.
This document is the Republic Act No. 8792, also known as the Electronic Commerce Act of 2000, which provides legal recognition and use of electronic commercial and non-commercial transactions and documents in the Philippines. Some key points:
- It aims to facilitate domestic and international dealings through electronic means and recognizes the authenticity and reliability of electronic documents.
- It defines terms related to electronic transactions and documents, such as electronic signature and electronic data message.
- It provides for the legal recognition and equivalence of electronic writings, documents, and signatures to their paper-based counterparts if certain reliability conditions are met.
- It establishes rules for attributing electronic messages and signatures to originators, and addresses formation of electronic
This document provides an introduction to electronic contracting under South African law. It discusses key concepts like the requirements for a valid contract, the Electronic Communications and Transactions Act, and when electronic contracts are formed. It also covers types of electronic contracts like shrinkwrap and clickwrap agreements, and issues around standard terms and conditions in electronic contracts, including cases that address incorporating terms by reference and enforcing exemption clauses.
(1) The Electronic Transactions Act was enacted to regulate electronic records and digital signatures by providing them legal validity and recognition.
(2) Key terms like electronic form, electronic record, digital signature, originator, addressee etc. are defined to have the same meaning when used in reference to electronic records as they would have in reference to physical documents.
(3) The act provides for legal recognition of electronic records and digital signatures by establishing them as valid alternatives to physical documents signed using handwritten signatures when prevailing law requires written, printed or signed records.
This document discusses the definition, essential elements, and validity of e-contracts under Indian law. It defines an e-contract as any contract formed through electronic means like email. The key points are:
1. The Indian Contract Act and Information Technology Act recognize the validity of e-contracts and electronic communications/records as legally binding.
2. Essential elements of a valid contract like offer, acceptance, consideration must be present in e-contracts for them to be enforceable.
3. E-contracts can be formed via websites through clickwrap/browsewrap/shrinkwrap agreements or via email exchange. The postal rule of acceptance applies to email.
4. Electronic records and digital signatures have evidentiary
This document discusses electronic contracts (e-contracts) under Indian law. It defines essential elements of valid contracts including offer, acceptance, consideration, and intention to create legal relations. Key provisions of the Information Technology Act relating to attribution of electronic records and time/place of communication are summarized. Different types of e-contracts like shrink wrap and click wrap agreements are described. Sample clauses from real e-contracts for email services, domain purchase, online share trading, and online shopping are provided to illustrate common purposes and sub-parts of e-contracts. Finally, the document outlines the legal framework for secure e-contracts covering different business and legal phases of the contracting process.
This document provides an overview of cyber ethics, legal and privacy issues related to cyber technology. It defines key concepts like cyberethics, computer ethics, and discusses ethical standards and codes from professional organizations. It also covers topics like open source ethics, net neutrality, digital rights, e-democracy, privacy law, and the impact of computer technology on privacy. The document references laws and regulations in Tanzania related to privacy and restrictions. It discusses expectations of privacy and challenges posed by new technologies.
E-Contracting: The Basic Rules (2/2/2001)Shawn Tuma
This is a presentation that discusses the basics of contracting over the Internet -- back in 2001 -- before the rules for Internet contracting were settled. The date of the presentation was February 2, 2001. This is a Golden Oldie!
This document summarizes a presentation on electronic commerce regulation in Africa. It discusses how countries can benefit from electronic commerce by assessing their policy and legal frameworks. It provides an overview of global electronic commerce trends and regulations, including models from UNCITRAL, the African Union, SADC, ECOWAS, and various countries. The presentation explores issues around developing enabling environments for e-commerce and regulating areas like electronic transactions, data protection, cybercrime, and intellectual property. It also discusses challenges African countries face in developing appropriate ICT policies and legal frameworks to promote regional economic integration and access to the global digital economy.
The document discusses information technology (IT) law and various types of cybercrimes. It begins by defining what constitutes a computer and examines perspectives from different industries and jurisdictions. It then explores the relationship between law and computer technology, how IT law emerged from legal issues involving computers, and sources of IT law. The document distinguishes between computer crimes, where the computer is the target, and cyber crimes, which are enabled by computers but may have existed previously. It proceeds to examine examples of computer fraud, hacking, unauthorized data modification, and dissemination of malicious software.
Closer All The Time: Moving Toward Fiduciary Access to Digital Assetsgallowayandcollens
The document discusses moving toward laws that allow fiduciaries like personal representatives and agents under a power of attorney to access and manage a person's digital assets when they become incapacitated or die. It summarizes the Uniform Fiduciary Access to Digital Assets Act (UFADAA) and Michigan's proposed Fiduciary Access to Digital Assets Act (HB 5034), which would give fiduciaries access to digital assets like photos, emails and financial accounts according to the account holder's intent. It distinguishes between access to the content of communications versus just a catalogue of contacts and addresses.
The document discusses future directions for identity management and electronic identification (eID). It notes growing demand for identity assurance globally due to increasing regulations, digital payments, and cross-border interactions. Several countries have implemented national eID systems with varying levels of assurance and functionality. High assurance eIDs that can be used across borders and support commercial processes are most valued. Moving eIDs to mobile could reduce costs and open opportunities. National eID programs should focus on level 3 or 4 assurance for high value, functionality, and future interoperability.
Return On Contribution (ROC) ECSCW 2009 Muller Et AlMichael Muller
We desribe Return On Contribution (ROC), a social metric for social software. ROC can be used to characterize social software at the level of (a) an application, (b) types of contributions, (c) particular contributions, and (d) particular contributors (where permitted by privacy rules). Our work also highlights the importance of "lurkers" or "non-public participants" in social software. ROC can be applied across diverse types of social software and forms of participation.
MassMutual has strong financials as of June 30, 2009 with a surplus of $8.3 billion, $2.7 billion in cash and equivalents, and over $11 billion in government securities. It has the highest ratings of AAA from Standard & Poor's, Aa1 from Moody's, and AAA from Fitch. Core weighted whole life sales were up 9% and the net field force increased 9% despite challenges. The investment portfolio totaled $84.3 billion using a prudent, diversified approach.
QuickClose is a program by Massachusetts Mutual Life Insurance Company that provides expedited underwriting and policy issuance for business loans requiring life insurance as collateral, allowing lenders to close loans faster. It offers term life, universal life, whole life, and variable life insurance options with turnaround times of 7-10 business days. Lenders benefit from being able to close loans more quickly while borrowers have access to high-quality, affordable life insurance without additional costs.
Co proposers in crowdfunding (muller et al. 2016)Michael Muller
Social Ties in Organizational Crowdfunding: Benefits of Team-Authored Proposals
Michael Muller, Mary Keough, John Wafer, Werner Geyer,
Alberto Alvarez Saez, David Leip, and Cara Viktorov
Social ties have been hypothesized to help people to gain
support in achieving collaborative goals. We test this
hypothesis in a study of organizational crowdfunding (or
“crowdfunding behind the firewall”). 201 projects were
proposed for peer-crowdfunding in a large international
corporation. The crowdfunding website allowed people to
join a project as Co-Proposers. We analyzed the funding
success of 114 projects as a function of the number of
(Co-)Proposers. Projects that had more co-proposers were
more likely to reach their funding targets. Using data from
an organizational social-networking service, we show how
employees’ social ties were associated with these success
patterns. Our results have implications for theories of
collaboration in social networks, and the design of
crowdfunding websites.
CSCW 2016 Conference
1) The document proposes personalized retrieval methods in social bookmarking systems to improve users' ability to refind bookmarks.
2) It describes a bookmark refinding scenario where a user filters their bookmark list using tags to find a target bookmark, and analyzes how many filters it takes users to refind bookmarks.
3) The authors develop a personalized ordering metric based on individual users' access histories to rank bookmarks higher that they are more likely to want to refind, improving the position of target bookmarks in search results and reducing the number of filters needed to find them.
Lurking as trait or situational disposition: Lurking and contributing in ente...Michael Muller
The document summarizes research into theories of lurking and contributing behavior in enterprise social media. It analyzed data from over 200,000 users across 8,700 online communities. The research found little support for the binary trait theory that users are either lurkers or contributors. It found moderate support for the continuity-of-engagement theory that lurking and contributing are related. Analysis of individual patterns found no clear evidence for the social learning theory that lurking precedes contributing. The research proposes a new theory that engagement and individual disposition factors influence behavior. It suggests future work to understand disposition factors and design implications to strengthen user engagement.
Crisis Commons is a global network of volunteers who use technology to help people during crises. Members organize CrisisCamp events to bring volunteers together to develop tools. The first CrisisCamp in 2009 led to many others, including over 50 events in 90 days responding to the Haiti earthquake in 2010 involving over 2,000 volunteers. Crisis Commons works with government, non-profits, and private sector groups and received a grant to further community engagement and research on crisis response innovation. Local CrisisCamp Boston events continue developing crisis response projects and resources.
The document discusses the benefits of fixed annuities for retirement planning. It notes that Americans are living longer but face financial challenges in retirement. Fixed annuities offer guaranteed returns, tax deferral, and can provide lifetime income streams. Both immediate and deferred fixed annuities are described as options to help investors meet their retirement income needs through guaranteed and predictable payments.
Muller and Chua - brainstorming for japan - chi 2012Michael Muller
The document summarizes a global brainstorming event called a "Japan Jam" organized by IBM to crowdsource ideas for disaster response and recovery after the 2011 Tōhoku earthquake and tsunami in Japan. Over 1,250 people from 43 countries participated in the 3 day online event using IBM Connections communities software. Key metrics on participation and contributions are provided. The outcomes focused on responding, recovering, preventing, and planning. It concludes the event demonstrated a new model for mobilizing large volunteer teams globally using online tools to rapidly respond to emergencies.
Usage Of Enterprise File Sharing Service Muller Chi 2010Michael Muller
We conducted a principle components analysis of users' actions in an enterprise file-sharing service. We describe four factors, their attributes with respect to social action and awareness, and their implications for design.
Exploring social theory through enterprise social media (muller, ibm research)Michael Muller
1) The document describes research conducted at IBM on enterprise social media platforms, which aimed to study social phenomena by building internal versions of popular online platforms and collecting user data.
2) Several internal social platforms are described, including blogs, wikis, profiles, activities, and communities. Research analyzed user data from these platforms to study topics like tagging behaviors and indicators of employee engagement.
3) One study found that users tagged bookmarks differently depending on their goal to reach certain audiences. Another used text analysis to identify themes in posts correlated with employee engagement. A third studied how identity factors like country and division influenced funding patterns in an internal crowdfunding platform.
Information Curators in an Enterprise File-Sharing ServiceMichael Muller
We describe an emergent role in an enterprise social file-sharing service, in which users create collections of files for use by themselves or other users. We call these users "information curators."
Hcic muller guha davis geyer shami 2015 06-29Michael Muller
Grounded theory and machine learning methods have more similarities than initially expected. Both approaches involve modeling theories or descriptions up from the data through an iterative process of constant comparison between the emerging theory/description and the data. They also both involve modeling down from a priori premises by applying theorized categories or relationships to the data and refining them based on how well they fit the data. A key difference is that grounded theory aims to develop theory without prematurely imposing categories, while machine learning often involves applying theorized categories or relationships to data from the beginning.
2014 Update EU Cyber Law & Authentication LegislationMartenLinkedin
This document summarizes the latest developments in European Union cyber law and regulation of national authentication systems. It discusses the new EU data protection legislation and electronic identification regulation that will replace the 1999 electronic signatures directive. The regulation establishes assurance levels for electronic identification schemes and requires EU countries to recognize each other's identification schemes that meet the substantial or high levels. It also defines requirements for trust service providers that issue electronic signatures, seals, time stamps and registered delivery services.
The document discusses challenges with existing eParticipation systems for government. It notes tensions around who should own such systems, issues with systems built by or outside of government, and limited evaluation of systems in isolation. The author proposes ideas for new stages in eParticipation lifecycles and tools that address these challenges by taking a more hybrid approach between government and external groups.
This document provides an overview of Google Wave including:
- Wave allows for real-time collaboration by combining elements of email, chat and documents.
- Developers can build extensions like robots and gadgets that interact with waves using APIs.
- The Wave Embed API allows waves to be embedded in other web applications.
The document provides an overview of grounded theory methods, noting the diversity of approaches that have developed since its introduction and highlighting key components of the methodology such as simultaneous data collection and analysis, coding practices, and grounding emerging theories in qualitative data to develop conceptual categories.
Muller - Grounded Theory Method (revised 2012)Michael Muller
This document provides an overview of grounded theory methods. It discusses that grounded theory is useful for exploring a domain without a dominant theory and allows for open-minded interpretation and theory development from qualitative or quantitative data. Grounded theory involves simultaneous data collection and analysis to develop conceptual categories that are continually refined through theoretical sampling of focused data. The strengths of grounded theory are that outcomes are grounded in data and theory is tested through constant comparison, but weaknesses include many diverse approaches and unclear stopping rules.
This document provides an overview of cyber law and introduces key concepts. It defines the internet and world wide web, outlines provisions of the Information Technology Act 2000 regarding electronic commerce and digital signatures, describes common cyber crimes and cyber etiquette, and concludes with remarks about the importance of cyber security law given increased computer usage and potential for abuse.
Digital Crime & Forensics - Presentationprashant3535
The document discusses digital crime and forensics. It defines digital crime as any crime where a computer is used as a tool or target. Examples include malware, denial of service attacks, and phishing. Forensics involves the identification, preservation, extraction, documentation, interpretation and presentation of digital evidence. However, forensics faces challenges due to issues like anonymity, large data storage, encryption, and differences between legal systems of countries. The document concludes that collaboration between law enforcement, governments and industry is needed to address new trends in digital crime.
The document provides an overview of cyber law and ethics topics including:
- The Information Technology Act of 2000 which provides the legal framework for cyber crimes and electronic transactions in India. It defines key terms related to computers, networks, and digital evidence.
- Concepts of encryption, digital signatures, and the legal recognition of digital signatures in verifying electronic records.
- The "Ten Commandments of Computing" which outline ethics principles for computer users.
- An introduction to intellectual property rights, copyright, and distinctions between shareware, freeware, and public domain software licenses.
This document discusses public key infrastructure (PKI) which supports the distribution and identification of public encryption keys to allow secure data exchange over networks. PKI allows users to confirm the identity of other parties they are exchanging data with. Without PKI, data can be encrypted but there is no guarantee of the identity of the other party. PKI consists of hardware, software, policies, administration and distribution of keys and digital certificates which bind identities to public keys.
This document provides an agenda for a workshop on cybercrime threats in Riga, Latvia on October 26, 2018. The workshop will be led by Raoul "Nobody" Chiesa and Selene Giupponi and cover topics including the underground economy of cybercrime, profiles of "hackers", the evolution of the market for software vulnerabilities, cryptocurrencies used in cybercrime, and case studies. It includes biographies of the trainers and information about their company, The Security Brokers, which provides cybersecurity services. The goal is to give attendees an in-depth look at the "dark side of information security" and new threats posed by cybercriminals.
This document provides an introduction to cyber law and intellectual property rights. It defines key terms related to the internet and world wide web such as how the web was invented by Tim Berners-Lee. It also summarizes provisions of the Indian IT Act 2000 related to email validity, e-commerce, and digital signatures. The document further discusses cyber crimes, cyber squatting, and features of the IT Act related to tampering and publishing obscene content. It provides an overview of how digital signatures are used and authenticated under the IT Act.
The document discusses best practices for managing cybersecurity and data privacy risks from third party vendors. It recommends (1) conducting due diligence on third parties' security practices before engaging them, (2) using contracts to obligate third parties to comply with security standards and notify clients of incidents, and (3) periodically assessing third parties' security based on risk. Following these practices can help companies minimize risks from third parties as required by laws and frameworks.
B11: Central IP & IT Court | FinTech: Legal and Regulatory Challenges (7 Aug ...Kullarat Phongsathaporn
"Special seminar on Memorial Day for Thailand's Father of Law" by Central IP & IT Court, Panelist for "FinTech: Legal and Regulatory Challenges" (7 Aug 2019)
Presentation given at the Service Design and Delivery in a Digital Age - Academies for EaP countries organised by the SIGMA Programme and the GiZ Eastern Partnership Regional Fund. Topic 2: Digital transformation.
Presentation given at the Service Design and Delivery in a Digital Age - Academies for EaP countries organised by the SIGMA Programme and the GiZ Eastern Partnership Regional Fund. Topic 2: Digital transformation.
Cyber Summit 2016: Using Law Responsibly: What Happens When Law Meets Technol...Cybera Inc.
This document summarizes issues at the intersection of law and technology in Canada over the next five years. It discusses debates around lawful access to data, encryption, data retention, and network interception capabilities. Other issues addressed include internet taxes, linking and payments between platforms, VPN use, global orders for content removal, localization requirements, and website blocking. The document argues that as these issues are addressed through law and policy, responsibilities must be met to use law responsibly and consider matters like privacy, oversight, safeguards, and technological implications.
Re-using existing PKIs for online Identity ManagementMartijn Oostdijk
The document discusses using existing public key infrastructure (PKI) from electronic passports to enable online identity management according to Identity 2.0 standards. It describes how an Identity Provider could verify a user's passport remotely by performing authentication and accessing standardized data groups. Attributes from the passport like date of birth could then be translated to be more privacy-friendly before being shared with a Relying Party. Combining offline and online identity management allows flexibility in privacy protection while leveraging widespread government PKI systems.
Authentication means in electronic environmentsStevenSegaert
Authentication refers to verifying the identity of users in electronic environments. Effective authentication relies on at least two factors such as something the user has (e.g. ID card), knows (e.g. password), or is (e.g. biometrics). Common authentication technologies include passwords, one-time passwords, smart cards, and mobile-ID, but each has challenges regarding security, scalability, and user adoption. The STORK project aims to establish a European eID interoperability platform to allow citizens to authenticate across borders using their national eID systems.
Be careful what you wish for! How the GDPR even now it has been finalised may not solve the key problems of rthe tech community of what is personal data and what is anonymised/pseudonymous.
Be careful what you wish for: the great Data Protection law reform - Lilian E...IISPEastMids
At our Spring East Midlands Cyber Security event on the Impact of the General Data Protection Regulation, Lilian Edwards looked at the basics on what you need to know about the new regulation.
http://qonex.com/east-midlands-cyber-security-forum/
Lawyers often lack knowledge about electronic data discovery compared to traditional paper discovery. To properly handle digital evidence, lawyers should understand basic computer functions and data storage. They should also identify qualified forensic experts, ensure the forensic process follows proper procedures, and understand what types of computer forensic analysis may be necessary for different legal cases.
20131009 aon security breach legislationJos Dumortier
The document discusses recent EU legislation around security breach notification duties. It summarizes that the 2009 EU ePrivacy Directive first introduced security breach notification requirements for telecom providers and ISPs. Recent EU proposals aim to expand these duties to other sectors by 1) extending notification to data protection authorities and individuals under the 2012 General Data Protection Regulation and 2) requiring notifications for public administrations and critical infrastructure operators under the 2013 Network and Information Security Directive. The proposals seek to increase harmonization of security breach response across EU member states but questions remain around practical implementation details.
The document discusses characteristics and privacy issues related to the internet and new technologies. It notes that while the internet provides access to information, it can also be vulnerable to security and accuracy issues and enable illegal activity. Privacy is defined as the right to be left alone. Privacy issues discussed include electronic surveillance, email monitoring, data collection from websites, and workplace monitoring. Technologies like cookies, spyware, and RFID are examined in terms of the privacy risks they pose. Guidelines to minimize privacy invasions are provided.
1. The EU and the Netherlands
Dr. Marten Voulon
marten@voulon.nl
International Cyber Law Seminar
15 & 16 January 2013, Kuta, Bali
Leiden University. The university to discover.
3. General overview
Issue Pointers
Privacy & data protection Data Protection Act
Telecommunications Act
Intellectual property rights Copyright Act Benelux Treaty on IPR
Neighbouring Rights Act (trademarks)
Patent Act 1995 “Chip Act”
Database Act Trade Name Act
e-Contract Civil code
Advertising & consumer protection Civil code
Cybercrime & evidence Code on criminal procedure
Taxation Normal sales tax (VAT) applies online
E-Government & public services Administrative code
Unfair competition Competition Act
Insurance Civil code
Financial Supervision Act
e-Payment system EU SEPA-directive & regulations, EU e-Money Directive
Archives & corporate documents Civil code
Archive Act
Leiden University. The university to discover.
4. Data protection
- 1995
- European Directive 1995/46/EC
• Legal framework for EU Member States
- 25 January 2012
- Proposal for a General Data Protection
Regulation (GPDR)
- Proposal for a Directive (criminal data)
Directive Regulation
Obliges Member States to implement Directly enforceable in all Member
into national legislation states
Leiden University. The university to discover.
5. Helicopter view of the Directive (I)
- Personal data
- Controller, subject, processor
- “Processing”
- Processing only allowed for the “purpose”
- Exhaustive list of reasons for processing:
- Consent
- Performance of contract
- Legal obligation
- Vital interest of the subject
- Public interest
- Legitimate interests of the controller
Leiden University. The university to discover.
6. Helicopter view of the Directive (II)
- Sensitive data
- Race, ethnicity, political opinion,
religious & philosophical beliefs, trade
union membership, health, sex life
- Rights of the subject
- Information, access, right to object
- Data processing agreement
- Contract between controller & processor
Leiden University. The university to discover.
7. Helicopter view of the Directive (III)
- Transfer to third countries (outside EU/EEA)
- Only allowed if:
• Adequate level of protection
• Consent of the subject
• Transfer if necessary for execution of contract between
subject and controller
• Necessary for vital interests of subject
• (…)
- And/or(?):
• EU model clauses (decision 2010/87/EU)
• Binding corporate rules (BCR) (authorization by regulator)
• US Safe Harbor (decision 2000/520/EU)
Leiden University. The university to discover.
8. Transfer to third country
Leiden University. The university to discover.
9. Transfer under the General Data
Protection Regulation
- Transfer is allowed, if:
- Adequacy decision
• Country, territory, processing sector, international
organization
- Appropriate safeguards
• BCR
• Model clauses
- Derogation applies
• Consent, contract performance, ….
Leiden University. The university to discover.
10. In practice
- IT administrator in Bangalore
- Transfer to third country?
- “(…) transfer of personal data which are undergoing
processing or are intended for processing after transfer
(…)”?
Leiden University. The university to discover.
11. In practice
- Patriot Act
- FISA order/NSL can imply illegal
transfer to third country
• Leaked draft of the regulation:
– “(…) no decision of an administrative authority
of a third country requiring a controller or
processor to disclose personal data shall be
recognized or be enforceable in any manner,
without prejudice to a mutual assistance treaty
or an international agreement in force between
the requesting third country and the Union or a
Member State.”
Leiden University. The university to discover.
12. Other
- “Right to be forgotten and to erasure”
- Right of data portability
- Security breach notification
- Within 24 hours to supervisory authority
- After that, without undue delay to subject
- Fines
- Maximums of 0,5%, 1% and 2% of annual
worldwide turnover
Leiden University. The university to discover.
14. Legal framework
- Directive 1999/93/EC on a Community
framework for electronic signatures
- New proposal: EU Regulation on electronic
identification and trust services for electronic
transactions (COM(2012)238)
Leiden University. The university to discover.
15. Legal framework
Type of signature Abbreviation
Electronic signature ES
Advanced electronic signature AES
Advanced electronic signature, AES + QC
based on a qualified certificate
Advanced electronic signature, AES + QC + SSCD
based on a qualified certificate, “qualified electronic
created with a secure-signature-creation-device signature”
Public/private keys
- Certificate Encryption
• Links a public key to a personProvider
Certificate Service
Certificate Policy (CP)
- SSCD Certificate Practice Statement (CPS)
• Software/hardware used to create an electronic signature
Leiden University. The university to discover.
16. Legal effect of the electronic signature
- Focus on handwritten signature
- Qualified electronic signature
- Has equivalent legal effect of
handwritten signature
- Is admissible as evidence
- Non-qualified electronic signature
- “will not be denied legal effect”
Leiden University. The university to discover.
17. Functions of the handwritten signature
vs public key encryption
Handwritten signature Public key encryption
Identity signatory Identification
Intention of the signatory Authentication
Confidentiality
Integrity
Non-repudiation
(…)
Leiden University. The university to discover.
18. Broader scope of the Regulation
- Not just e-signature, but:
- Trust services in general
• Electronic signature
• Electronic seal
• Electronic time stamps
• Electronic documents
• Electronic delivery services
• Website authentication
• Electronic certificates
Leiden University. The university to discover.
19. A generic authentication service
User Service provider
Authentication service
provider
Leiden University. The university to discover.
20. Authentication means
- Something you know (knowledge)
- Something you have (possession)
- Something you are (inherence)
• Single factor authentication
• Two factor authentication
• Multi factor authentication
Leiden University. The university to discover.
21. DigiD
- Authentication system
- Provided to Dutch citizens
- Electronic communication with government
- Mandatory for tax filings
- Verification against Database Persons (GBA)
- Security levels
• Basic
– Single factor
• Middle
– Two factor
• High
– PKI chipcard
Leiden University. The university to discover.
22. DigiD
- Issue process
1. Request account on website
2. Activation code sent to address as
registered in Database Persons
(snailmail)
- Hereafter, DigiD can be used to log in
- National identification number (BSN)
- Use of BSN is strictly regulated
Leiden University. The university to discover.
23. DigiD fraud
- Request DigiD account for your neighbour
- Steal the activation code from his mailbox
- Use his DigiD to apply for social security
payment
- Fill in your own bank account for the
payment
- … not exactly the perfect crime
Leiden University. The university to discover.
24. e-Identity (eHerkenning)
- Business to Government
- Public/private cooperation
- Competitive/cooperative domain
- Two-sided market
- One digital key 1. Registration phase
Identification procedure
- Five security levels Issue process
2. Authentication phase
- See also STORK Type and robustness token
Security of authentication mechanism
Leiden University. The university to discover.
25. e-Identity (eHerkenning)
Company & User Service provider
Scheme
Mandate
register
Token Authentication Broker
issuer service
Leiden University. The university to discover.
26. Contractual relations
Governing body
Participation agreement
Service agreement Service agreement
Company Participant Service provider
Leiden University. The university to discover.
27. e-Identity and the Regulation
- Cross-border acceptance of online
identification
- Within EU
- If the scheme is notified
- Member State has to
• Accept liability
• Ensure availability
– At any time, free of charge
What about public/private cooperation?
- Third country providers: treaty
Leiden University. The university to discover.
28. Questions
Leiden University. The university to discover.