CISB412 ETHICS & IT

PROFESSIONAL
PRACTICES
Chapter 3:
An Insight Into
Legal issues

College of Information Technology, UNITEN

 Lecture Outline
Intellectual Property
• Intellectual Property Right
• Methods of Protecting
• Fair Use
• Restriction On Use
Protection for Software
• Software Copyright
• Open Source Software
Peer to Peer Networks

Privacy

Malaysian Cyber Law

 Intellectual Property Rights
■ Intellectual property: any unique
product of the human intellect that
has commercial value
– Example:
■ Books, songs, movies
■ Paintings, drawings
■ Inventions, chemical
formulas, computer programs

Copyright 2013 Pearson Education, Inc, Publishing on Pearson Addison-Wesley

 Types of IPs

Copyrights

Patents

Trademarks

Trade Secrets

College of Information Technology, UNITEN

http://academickids.com
 Copyright
■ Gives the holder some exclusive rights to
control some reproduction of works of Stupify! "We confirm
authorship, for a certain period of time that we have recently
commenced
proceedings against
parties involved in
■ Provides owner of an original work five rights the production and
distribution of a
– Reproduction movie entitled ‘Hari
Puttar’," said Warner
– Distribution Bros. spokeswoman
– Public display Deborah Lincoln
to Reuters in an e-m
– Public performance ail
.
– Production of derivative works

College of Information Technology, UNITEN

 Trademark
■The symbols commonly associated with trade marks are ® and ™.
■Examples:
– Tenaga Nasional is a registered service mark for Utility services
– McDonald’s is a registered service mark for restaurant services
– Habib Jewel is a registered trademark for a line of jewelry
products
– Nike is a registered trademark for a line of footwear and clothing
products

■Suppose FedEx came up with a new slogan: “Faster than a lightning

bolt.”
– If FedEx used the slogan to brand its shipping and delivery
services, it would be registered as a service mark.
– If FedEx decided to expand its product line by selling boxes and
packaging materials. If the company were to put the lightning bolt
http://www.biotechcorp.com.my/wp-
slogan on those items, the phrase would become a trademark,
content/uploads/2011/11/downloads_aboutmalaysia/IP_B
because it brands an actual product being offered by the company. ooklet_Trade-Mark_V1.pdf

College of Information Technology, UNITEN

 Patent
■ A public document that provides detailed description of
invention
– Provides owner with exclusive right to the invention
– Owner can prevent others (the right to exclude
others) from making, using, or selling invention for
20 years
■ The five primary requirements for patentability are:
– patentable subject matter
– Utility
– Novelty Quick revision:
Positive Rights (oblige action) and
– Nonobviousness, and
Negative Rights (oblige inaction)
– enablement.
College of Information Technology, UNITEN
 Trade Secret
■ A trade secret is a confidential piece of intellectual property that provides a
company with a competitive advantage. Examples of trade secrets include
formulas, processes, proprietary designs, strategic plans, customer lists, and other
collections of information.
■ Where a company keeps information secret, perhaps by enforcing a contract under
which those given access to information are not permitted to disclose it to others
– Confidential piece of intellectual property that gives company a competitive
advantage (strategic plans, customer lists)
– Never expires
– Not appropriate for all intellectual properties (movie)
– Reverse engineering allowed (coca-cola)
– Maybe compromised when employees leave firm
College of Information Technology, UNITEN
 Fair Use
■ Sometimes it can be legal to reproduce
a copyrighted work without permission
Cases:
■ The four factors judges consider are: Sony v. Universal City Studios
the purpose and character of your use RIAA v. Diamond Multimedia
the nature of the copyrighted work Systems Inc.
the amount and substantiality of the
Digital Technology and Fair Use
portion taken, and
the effect of the use upon the potential
market.

College of Information Technology, UNITEN

Copyright 2013 Pearson Education, Inc, Publishing on Pearson Addison-Wesley
 Example Fair Use Scenario
An art professor takes slide photographs of a number of
paintings reproduced in a book about Renaissance artists. She
uses the slides in her class lectures.
this professor’s actions are less likely to be considered fair use

The third factor is the amount

The first factor to The final factor is the
of material copied.
consider is the The second effect the copying will
In this case, the professor is
purpose of the factor is the have on the market.
displaying copies of the
copying. type of material paintings in their entirety. Fair
The determination
The professor’s being copied. of this factor would depend
use almost never allows a work on how many images the
purpose is The material is to professor took from any one
strictly educational. art. Hence, be copied in its entirety. Note book and whether the
Hence, the first factor this factor that even if the original painting publisher is in the business
weighs in favor of fair weighs against a is in the public domain, of selling slides of
use. ruling of fair use. the photograph of the painting individual images
appearing in the art book is appearing in its book
probably copyrighted.

Copyright 2013 Pearson Education, Inc, Publishing on Pearson Addison-Wesley

Protection for Software
 Software Piracy
Piracy (dictionary definition)
1.robbery on the high seas
2.the unauthorized use of another's production,
invention, or conception esp. in breach of a copyright

What is software piracy?

– It is the unauthorized duplication of computer
software

College of Information Technology, UNITEN

 Types of Software Piracy

Softlifting: purchasing a single Uploading and downloading:

licensed copy of software and Software counterfeiting:
making unauthorized copies illegally duplicating and selling
loading it onto several of copyrighted software
computers contrary to the copyrighted software in a form
available to end users designed to make it appear
license terms. For example, connected by modem to online
sharing software with legitimate.
service providers and/or the
friends, co-workers and Internet
others.
Hard disk loading: installing OEM (Original Equipment
unauthorized copies of software Manufacture) unbundling:
Renting: unauthorized selling onto the hard disks of personal selling standalone software
of software for temporary use, computers, often as an incentive that was intended to be
like you would a video. for the end user to buy the bundled with specific
hardware from that particular accompanying hardware.
hardware dealer.

College of Information Technology, UNITEN

 Public Domain
■ The term “public domain” refers to creative materials that are not protected There are four common ways
by intellectual property laws such as copyright, trademark, or patent laws. that works arrive in the public
■ The public owns these works, not an individual author or artist. Anyone can domain:
use a public domain work without obtaining permission, but no one can ever
own it. ■ the copyright has expired
■ An important wrinkle to understand about public domain material is that, ■ the copyright owner failed
while each work belongs to the public, collections of public domain works to follow copyright
may be protected by copyright. If, for example, someone has collected public
domain images in a book or on a website, the collection as a whole may be
renewal rules
protectible even though individual images are not. ■ the copyright owner
■ You are free to copy and use individual images but copying and distributing deliberately places it in the
the complete collection may infringe what is known as the “collective works” public domain, known as
copyright. Collections of public domain material will be protected if the “dedication,” or
person who created it has used creativity in the choices and organization of
the public domain material. ■ copyright law does not
■ This usually involves some unique selection process, for example, a poetry protect this type of work.
scholar compiling a book — The Greatest Poems of e.e. cummings.
Source:http://fairuse.stanford.edu/overview/public-domain/welcome/#sthash.9hsM19Re.dpuf
College of Information Technology, UNITEN
 Open Source Software
■ Open source software is software whose source code is available for
modification or enhancement by anyone. (https://
opensource.com/resources/what-open-source)
■ Open-source software (OSS) is computer software with its source code
made available with a license in which the copyright holder provides the
rights to study, change, and distribute the software to anyone and for any
purpose (Wikipedia)
 Open-Source Definition

■ No restrictions preventing others from selling or giving away

software
■ Source code included in distribution
■ No restrictions preventing others from modifying source code
■ No restrictions regarding how people can use software
■ Same rights apply to everyone receiving redistributions of the
software (copyleft)

1-16
Copyright 2013 Pearson Education, Inc, Publishing on Pearson Addison-Wesley
 Consequences of Proprietary Software

■ Increasingly harsh measures being taken to

enforce copyrights
■ Copyrights are not serving their purpose of
promoting progress
■ It is wrong to allow someone to “own” a piece of
intellectual property

1-17
Copyright 2013 Pearson Education, Inc, Publishing on Pearson Addison-Wesley
 Beneficial Consequences of Open-Source Software

■ Gives everyone opportunity to improve program

■ New versions of programs appear more frequently
■ Eliminates tension between obeying law and helping
others
■ Programs belong to entire community
■ Shifts focus from manufacturing to service

1-18
Copyright 2013 Pearson Education, Inc, Publishing on Pearson Addison-Wesley
 Critique of the Open-Source
Software Movement
■ Without critical mass of developers, quality can be
poor
■ Without an “owner,” incompatible versions may arise
■ Relatively weak graphical user interface
■ Poor mechanism for stimulating innovation (no
companies will spend billions on new programs)

1-19
Copyright 2013 Pearson Education, Inc, Publishing on Pearson Addison-Wesley
Peer to Peer Networks (P2P)
 Peer-to-Peer Networks Facilitate
Data Exchange
■ Peer-to-peer network
– Transient network
– Connects computers running same networking program
– Computers can access files stored on each other’s hard drives
■ How P2P networks facilitate data exchange
– Give each user access to data stored in many other computers
– Support simultaneous file transfers among arbitrary pairs of computers
– Allow users to identify systems with faster file exchange speeds

Some of the computers on the Internet run the same networking

program to
form a peer-to-peer network. The network supports multiple
simultaneous file transfers.
The files may contain digitized music, images, computer
software, or other content.

1-21
 Napster FastTrack
• Peer-to-peer music exchange
network • Second-generation peer-to-peer
• Began operation in 1999 network technology
• Sued by RIAA for copyright • Used by KaZaA and Grokster
violations • Distributes index among large
• Courts ruled in favor of RIAA number of “supernodes”
• Went off-line in July 2001 • Cannot be shut down as easily
• Re-emerged in 2003 as a as Napster
subscription music service

BitTorrent
• Broadband connections: download much faster
than upload
• BitTorrent speeds downloading
• Files broken into pieces
• Different pieces downloaded from different
computers
• Used for downloading large files
Computer programs, Television shows, Movies
1-22
Privacy

College of Information Technology, UNITEN

 Solove’s Taxonomy of Privacy
■ Information collection: Activities that gather personal information
■ Information processing: Activities that store, manipulate, and use
personal information that has been collected
■ Information dissemination: Activities that spread personal information
■ Invasion: Activities that intrude upon a person’s daily life, interrupt
someone’s solitude, or interfere with decision-making

Copyright 2013 Pearson Education, Inc, Publishing on Pearson Addison-Wesley

College of Information Technology, UNITEN

1-24
One Definition of Privacy
■ Social arrangement that allows individuals
to have some level of control of who is able
to gain access to their physical selves and
their personal information.
■ Violating someone’s privacy is considered
an insult to the person’s dignity.

College of Information Technology, UNITEN

 Privacy can be harmful
■ People may take advantage of privacy to
plan and cover up illegal or immoral
activities
Examples:
– Family violence
– Social and economics inequities
■ A challenge in parenting duties
■ “Love thy neighbor” – who is my
neighbour?
College of Information Technology, UNITEN
 Privacy can be beneficial
Individual growth, individual responsibility – a way society
acknowledge and communicates to an individual that he/she
is responsible or his own development as a unique person
• Freedom to be yourself, allow us to remove our public
persona
• Shut out the world, be more creative
• Development of loving, trusting, caring, intimate
relationships – privacy ladder

College of Information Technology, UNITEN

 Privacy and Trust
Trusting is easier a couple of centuries ago
■ Greater emphasis on community, lesser on individual
■ Extended family
■ Pressure to conform

Modern life tend to be more “private”

• Nuclear family rather than extended
• Challenge: living among strangers
• How can we be sure that …
? Taxi driver will get us to our destination without hurting us?
? The teachers at school are not child molesters?
? Bank knows that if it loans someone money, it will be repaid?

College of Information Technology, UNITEN

 Privacy and Trust
In order to trust, we must rely on the reputations
■ This was easier in the past.
■ Today’s society must get information out of people to
establish reputation:
– Through ordeal e.g. lie detector, drug test
– Through issuing/requesting credentials e.g. drivers
license, badge, id, degree transcript etc.
•Establishing reputation  reducing privacy

College of Information Technology, UNITEN

 Public Record
Contains information about an incident or
action reported for the purpose of informing
the public
Examples:
– Birth certificates, marriage
certificates, death certificates,
criminal records, police report
– Census Record
– Internal Revenue (Taxation)

College of Information Technology, UNITEN

 Public Information
Information you have provided to an
organization that has the right to share it
with other organization
Examples:
– Listing in phone directory
– Rewards, Loyalty Programs
– Digital Video Recorder
– Automobile Black Box
– Implanted Chips
– Spyware, Cookies

College of Information Technology, UNITEN

 Personal Information
Are undisclosed information,
Which will remain personal (information) as long as you never
disclose to a party that has the right to share with others
Examples: Your religion, your mobile number, your health

Types of disclosures
■ Voluntary (e.g. form filling)
■ Involuntary (e.g. CCTV)
■ Statutory (e.g. obtaining license, loan)

Police Drone Surveillance

Platform

College of Information Technology, UNITEN

 Data Mining
■ Searching for patterns or relationships in one or more
databases
■ Way to generate new information
■ Secondary use: information collected for one purpose
used for another purpose

College of Information Technology, UNITEN

 IRS(Internal Revenue Service) Audits
■ IRS uses computer matching and data mining to look
for possible income tax fraud
■ Computer matching: matching tax form information
with information provided by employers, banks, etc.
■ Data mining: searching through forms to detect those
that appear most likely to have errors resulting in
underpayment of taxes

Copyright 2014 Pearson Education, Inc, Publishing on Pearson Addison-Wesley

1-34
 Syndromic Surveillance Systems
■ Syndromic surveillance system: A data mining system that
searches for patterns indicating the outbreak of an epidemic or
bioterrorism
– 911 calls
– emergency room visits
– school absenteeism
– Internet searches
■ Example: A system in New York City detected an outbreak of a virus in 2002

Copyright 2014 Pearson Education, Inc, Publishing on Pearson Addison-Wesley

1-35
 Protecting Privacy

■Acts (Law)
■Cryptography &
Encryption
■Good habits

College of Information Technology, UNITEN

 The USA Privacy Act 1974
The Privacy Act states in part: There are specific exceptions for the record
No agency shall disclose any record which is allowing the use of personal records:
contained in a system of records by any – For statistical purposes by the Census
means of communication to any person, or to Bureau and the Bureau of Labor Statistics
another agency, except pursuant to a – For routine uses within a U.S. government
written request by, or with the prior written agency
consent of, the individual to whom the record – For archival purposes "as a record which
pertains... has sufficient historical or other value to
warrant its continued preservation
The Privacy Act mandates that each United States by the United States Government"
Government agency have in place – For law enforcement purposes
an administrative and physical security system to – For congressional investigations
prevent the unauthorized release of personal – Other administrative purposes
records.

College of Information Technology, UNITEN

 Cryptography

Cryptography defined as "the science and study of secret

writing," concerns the ways in which communications and data
can be encoded to prevent disclosure of their contents through
eavesdropping or message interception, using codes, ciphers,
and other methods, so that only certain people can see the real
message.

http://www.cyber-rights.org/crypto/cryptog.htm

College of Information Technology, UNITEN

 Encryption
Encryption transforms original information, called plaintext or
cleartext, into transformed information, called ciphertext,
codetext or simply cipher, which usually has the appearance of
random, unintelligible data.
The transformed information, in its encrypted form, is called the
cryptogram
■ A valuable tool for maintaining privacy
■ Information can be deemed worthless unless it can be decoded

Yaman Akdeniz, http://www.cyber-rights.org/crypto/cryptog.htm

College of Information Technology, UNITEN
Malaysian Cyber Law

College of Information Technology, UNITEN

 Definition : Cyber Law
■ Cyber Law refers to any laws relating to protecting the
Internet and other online communication technologies.
■ Cyberlaw or Internet law is a term that encapsulates
the legal issues related to use of the Internet. It is less a
distinct field of law than intellectual property or
contract law, as it is a domain covering many areas of
law and regulation. (Wikipedia)

College of Information Technology, UNITEN

 Content of Malaysian Cyber Law
■ Malaysian Computer Crimes Act 1997 (CCA 1997)
■ Digital Signature Act 1997
■ Telemedicine Act 1997
■ Communications and Multimedia Act 1998
■ Malaysian Communications and Multimedia Commission Act 1998
■ Digital Signature Act 1997
■ Copyright Act (Amendment) 1997
■ Optical Disc Act 2000
■ Electronic Transaction Act 2006

College of Information Technology, UNITEN

 Digital Signature Act 1997
Transactions conducted via the Internet are increasing. As identities in cyberspace
can be falsified and messages tampered with, there is a need for transacting parties
to ascertain each other's identity and the integrity of the messages, thereby
removing doubt and the possibility of fraud when conducting transactions online.

Computer Crime Act 1997

As computing becomes more central to people's life and work,
computers become both targets and tools of crime. This Act serves to
ensure that misuse of computers is an offense.

http://nitc.kkmm.gov.my/index.php/national-ict-
policies/cyberlaws-in-malaysia
 Telemedicine Act 1997
Healthcare systems and providers around the world are becoming interconnected. People and
local healthcare providers can thus source quality healthcare advice and consultation from
specialists from around the world, independent of geographical location. Conversely,
interconnectivity also allows for non-quality healthcare advice and consultation from around
the world. The Act serves to regulate the practice of teleconsultations in the medical profession.

The Copyright (Amendment) Act 1997

Copyright serves to protect the expression of thoughts and ideas from unauthorized copying
and/or alteration. With the convergence of Information and Communication Technologies
(ICT), creative expression is now being captured and communicated in new forms (example:
multimedia products, broadcast of movies over the Internet and cable TV). These new forms
need protection.

http://nitc.kkmm.gov.my/index.php/national-ict-
policies/cyberlaws-in-malaysia
 The Communications and Multimedia Act 1998
Convergence of technologies is also resulting in the convergence of the following
industries: telecommunications, broadcasting, computing and content. Previously,
each of these industries was regulated by several different pieces of legislation
(example: the Telecommunications Act 1950 and the Broadcasting Act 1988). The
old regulatory framework cannot cope with convergence and inhibits the growth of
the new converged industry.

The Electronic Government Activities Act 2007

To facilitate the electronic delivery of government
services to the public.

http://nitc.kkmm.gov.my/index.php/national-ict-
policies/cyberlaws-in-malaysia
 Privacy Act in Malaysia
Personal Data Protection Act (PDPA) 2010
■ The Personal Data Protection Act 2010 (PDPA) was passed by the Malaysian Parliament in May
2010 and received Royal Assent on 2 June 2010. The PDPA came into force on 15 November
2013 by way of notification in the Government Gazette, with a three month sunrise period
which ended on 15 February 2014.
■ The PDPA confers the following rights (subject to qualifications) on the individual vis-à-vis a
data user in relation to their personal data:
– the right to access personal data;
– the right to correct personal data;
– the right to withdraw consent to process personal data;
– the right to prevent processing likely to cause damage and distress; and
– the right to prevent processing for direct marketing.

College of Information Technology, UNITEN

 Personal Data Protection Act 2010.
LAWS OF MALAYSIA Act 709
PERSONAL DATA PROTECTION ACT 2010
■ Date of Royal Assent - 2 June 2010
■ Date of publication in the Gazette - 10 June
2010
■ This Act applies to:
(a) any person who processes; and
(b) any person who has control over or
authorizes the processing of,
any personal data in respect of commercial
transactions

College of Information Technology, UNITEN

IN-CLASS EXERCISE
■ To be discussed in groups
A plane makes an emergency crash landing on a deserted tropical island. Two dozen survivors must
fend for themselves until help arrives. All of them are from large cities, and none of them has
camping experience. The survivors find it impossible to gather enough food, and everyone begins
losing weight. One person spends a lot of time by himself and figures out how to catch fish. He
brings fish back to camp. Others ask him to teach them how to catch fish. He refuses, but offers to
share the fish he has caught with the other passengers as long as they take care of the other camp
chores, such as hauling fresh water, gathering firewood, and cooking.

Debate the morality of the bargain proposed by the fisherman. One group should explain why the
fisherman’s position is morally wrong. The other group should explain why the fisherman’s position
is morally acceptable.