SlideShare ist ein Scribd-Unternehmen logo

Scriboard® - Internet Law and Policy [India]

Rodney D. Ryder
Rodney D. Ryder

Internet Law and Policy. Information Technology - Law and Compliance

BusinessTechnologie
1 von 40
‘Enforcing’ the Information Technology Act: Regulating Cyberspace – Version 2.0 Rodney D. Ryder Rodney D. Ryder Scriboard 1
Internet Security and Legal Compliance: Regulating Cyberspace – Version 2.0 Part 1 – Internet Law and Policy • Information Technology Act, 2000 • • Structuring a policy Current law in India Part 2 – Data Privacy and Information Security [Challenges and Strategies] • Data Protection legislation around the world [European Commission Directive and the UK Act; Data Protection model: the United States] Rodney D. Ryder Scriboard 2
The need for a national strategy Internet Law and Policy: New Media Regulation and India Rodney D. Ryder Scriboard 3
The Rise [and fall?] of Cyberspace • The Importance of Internet Architecture – ‘decentralised routing system’ – designed to carry messages from point to point even if intermediate communication exchanges are blocked, damaged or destroyed. <the dumb network> • ‘The net interprets censorship as damage, and routes around it’. John Gilmore, Lawless, The Economist, July 1995. • <Cyberspace>; <Neuromancer> and the “Network” [A place governed by its own laws - as introduced by William Gibson ] • “Law and Borders”: the ‘independent’ theory of cyberspace law [David Post and David Johnson, Stanford Law Review] • Benkler’s layers – the physical, the code and content [in communications theory] • Lessig <Code and other laws of Cyberspace> • Ryder <Regulating ‘Indian’ Cyberspace> • Goldsmith and Wu <Who Controls the Internet? The Illusions of a Borderless World> Rodney D. Ryder Scriboard 4
The ‘New Medium’ and the Law • The Information Technology Act, 2000 – in a phrase: ‘functional equivalence’ • ‘Electronic Commerce’ as an objective • Understanding the role of the medium – incidental [blackmail, stalking]; content [obscene or sensitive material]; integrity [unauthorised access and/or modification] • Adaptability and Enforcement of Indian law – lessons from the American experience [Adobe Systems v. Dmitry Skylarov] Rodney D. Ryder Scriboard 5
Structuring Information Systems Management • The Basics: the “machine” and the “medium” – What is a Cybercrime? • The criminal act – discovery [detection] and analysis • The Cybercrime Manual – fostering preparedness • Focussing on ‘relevant’ issues and appropriate classification of offences • Cyber forensics and the collection of evidence • Crisis management [internal and external] Rodney D. Ryder Scriboard 6
The Information Technology Act, 2000 • Chapter I: Preliminary [Definitions] • Chapter II: Digital Signatures and Electronic Signatures • Chapter III: Electronic Governance • Chapter IV: Attribution, Acknowledgement and Dispatch of Electronic Records • Chapter V: Secure Electronic Records and Secure Electronic Signatures • Chapter VI: Regulation of Certifying Authorities • Chapter VII: Electronic Signature Certificates Rodney D. Ryder Scriboard 7
The Information Technology Act, 2000 • Chapter VIII: Duties of Subscribers • Chapter IX: Penalties, Compensation and Adjudication • Chapter X: The Cyber Appellate Tribunal • Chapter XI: Offences • Chapter XII: Intermediaries not to be liable in certain cases • Chapter XIIA: Examiner of Electronic Evidence • Chapter XIII: Miscellaneous Rodney D. Ryder Scriboard 8
‘Offences’ under the Indian Information Technology Act, 2000 • Tampering with computer source documents/‘code’ [Section 65]; • Transmission of Offensive Messages through Communication [Section 66A]; • Dishonest receipt of stolen computer resource or communication device [Section 66B]; • Punishment for Identity Theft [Section 66C]; • Cheating by personation using computer resource [Section 66D]; • Violation of Privacy [Section 66E] • Cyber Terrorism [Section 66F]; • Publishing or transmitting obscene material in electronic form [Section 67]; Publishing or transmitting of material containing sexually explicit act in electronic form [Section 67A]; Publishing or transmitting of material depicting children in sexually explicit act in electronic form [Section 67B]. Rodney D. Ryder Scriboard 9
‘Duties’ under the Indian Information Technology Act • Duty of the Organisation “… maintain reasonable security practices and procedures” [Section 43A] – What is a reasonable Corporate Security System? [ISO 27001/27002] • “Offences by Companies” [Section 85] – “… every person who, at the time the contravention was committed, was in charge of, and was responsible to, the company for the conduct of business of the company as well as the company…” • Use of Organisation’s IT Resources should be governed by Internal IT Use and Security Policies Rodney D. Ryder Scriboard 10
E-Commerce and the Model Law - I • New Terms [and Issues]: Virtual Goods, Web hosting, Server [essence of business transactions remains the same] • Conventional law has not become obsolete... [a] ‘Online’ contracts are not different from ‘off line’; [b] Medium of a transaction is generally irrelevant for the law. • Traditional Legal concepts based on the existence of a tangible medium: ‘instrument’, ‘document’, ‘original’, ‘signature’… • Legal concepts based on geographic ‘dispatch’, ‘surrender’… Rodney D. Ryder Scriboard location: ‘delivery’, ‘receipt’, 11
E-Commerce and the Model Law - II Model Law: [a] to facilitate rather than regulate electronic commerce; [b] to adapt existing legal requirements; [c] to provide basic legal validity and raise legal certainty. Functional Equivalence: [a] Analyse purposes and functions of paper-based requirements [‘writing’, ‘record’, ‘signature’, ‘original’]; [b] consider criteria necessary to replicate those functions and give electronic data the same level of recognition as information on paper. Media and Technology Neutrality: [a] Equal treatment of paperbased and electronic transactions; [b] Equal treatment of different techniques [EDI, e-mail, Internet, telegram, telex, fax] Rodney D. Ryder Scriboard 12
E-Commerce and the Model Law - III – Party Autonomy: [a] Primacy of party agreement on whether and how to use e-commerce techniques; [b] Parties free to choose security level appropriate for their transactions – Article 7 [Signature]: Legal requirement is met in relation to a data message if: [a] a method is used to identify the signatory and to indicate his approval of the information contained in the data message; and [b] that method is as reliable as was appropriate for the purpose for which the data message was generated or communicated. – Article 8 [Original] Legal requirement is met by a data message if: [a] there exists a reliable assurance as to the integrity of the information from the time when it was first generated in its final form, as a data message or otherwise; and [b] information is capable of being displayed to the person to whom it is to be presented. Rodney D. Ryder Scriboard 13
E-Commerce and the Model Law - IV • Article 9 [Evidence]: In any legal proceedings, nothing in the rules of evidence shall apply so as to deny the admissibility of a data message in evidence solely because it is a data message. Article 11 [Use of data messages in contract formation] Article 12 [Non-repudiation] Article 13 [Attribution of data messages] Article 14 [Acknowledgement of receipt] Article 15 [Time and place of dispatch and receipt] Articles 16 and 17 [Electronic commerce and carriage of goods] Rodney D. Ryder Scriboard 14
E-Commerce and the Model Law - V A data message is deemed to be sent when it enters an information system outside the control of the originator. A data message is deemed to be received: [a] If the addressee has designated an information system to receive the message, when the message enters the designated system; or [b] If the message is sent to an information system other than the designated system, when the addressee retrieves the message. Rodney D. Ryder Scriboard 15
‘Jurisdiction’: Reading the Information Technology Act [I] • The relevance of physical location • Technology and the elimination of physical contact • Indian jurisdiction in cyberspace: a ‘simpler’ reading of section 75 [Indian Information Technology Act, 2000] • Wired [August 2000]: “Welcome to Sealand,…” Rodney D. Ryder Scriboard 16
‘Jurisdiction’: Reading the Information Technology Act [II] • The simplistic view: is Cyberspace a place? • Direct interaction or through an agent [bot]? • The arcane exercise: where to sue? • Blurring vision: product or service • The basic paradigm: the absoluteness of boundaries • The relevance of physical location [‘lex situs’] • Targeting Rodney D. Ryder Scriboard 17
‘Jurisdiction’: Reading the Information Technology Act [III] • Zippo Manufacturing Co. v. Zippo.com Inc. 952 F Supp 1119 [1997] the sliding scale test [‘… the nature and quality of commercial activity’] • Sliding – [a] entering into a contract, subsequently uploading files, Compuserve Inc. v. Patterson 89 F 2d 1257 (1996); [b] website, targeting users of a jurisdiction, Maritz Inc. v. Cybergold Inc 947 F Supp 1328 (1996) • Sliding – [a] Website not interactive, only contained general information Bensusan Restaurant Corp v King 937 F Supp 296 (1996); [b] ‘U-Hell’ website that described their experience with ‘UHaul’ U-Haul International Inc v. Osborne 1999 Us Dist LEXIS 14466 (1999); [c] Server only point of contact Pres-Kap Inc v. System One Direct Access Inc 636 So 2d 1351 (1994). Rodney D. Ryder Scriboard 18
‘Jurisdiction’: Reading the Information Technology Act [IV] • Calder v. Jones 465 US 783 (1984) – ‘targeting’ [emerging as the dominant test – direct relationship or referral] • Metro-Goldwyn Mayer Studios Inc. v. Grokster Ltd. 243 F Supp 2d 1073 (2003) – ‘… the software had an impact or effect…’ • ‘Free Speech’ and the Internet: Dow Jones & Company v. Gutnick, (2002) 77 AJLR 255; [2002] HCA 256. [Callinan J, ‘… American legal hegemony’ [‘accessibility’; ‘reputation’] • Publication – a bilateral act? • Reasonableness – reputation in the forum, whether the publisher knew or ought to have known this, ‘extent’ of publication, extent to which the plaintiff is a subject. Rodney D. Ryder Scriboard 19
Internet Cases in India [I] • Vodafone Essar Ltd v Raju Sud [Bombay High Court; Summary Suit No. 3264/2009 Dated : 22 November, 2011] - subscriber, challenged the authenticity of computer generated bills which contained the charges. The Court held that, “printouts taken from the computer/server by mechanical process as contemplated under Sections 65 and 65-A of the Evidence Act is permitted, irrespective of the compliance with the requirement of Section 65-B of the Act”. • State v. Navjot Sandhu [Supreme Court of India, Case No. : Appeal [Crl.] 373-375 of 2004, Date of Judgement : 04/08/2005] - The Hon’ble Supreme Court when examining Section 65B, held that even when an affidavit/certificate under Sec. 65B is not filed it would not foreclose the Court from examining such evidence provided it complies with the requirements of Section 63 and 65 of the Evidence Act. • Super Cassettes v. MySpace Inc. [Delhi High Court; CS [OS] No. 2682/2008] - One of India’s first judgments on the issue of intermediary liability specifically on the point of copyright infringement of recordings of the plaintiff. • Rodney D. Ryder Scriboard 20
Internet Cases in India [II] • Vinod Kaushik v. Madhvika Joshi [Adjudication Officer, Maharashtra. Complaint Case No. 2/2010] - the legality of accessing a spouse’s email account without their permission. Whether unauthorised access? • Eastern Book Company v. DB Modak [Supreme Court of India. Appeal [Civil] 6472 of 2004] - copyright protection available to electronic databases in India. • Dharambir v. Central Bureau of Investigation [Delhi High Court. 148 [2008] DLT 289] - the admissibility and reliability of digital evidence. • Societe des Products Nestle SA v/s Essar Industries, 2006 [33] PTC 469] – Admissibility of Electronic Evidence • Rodney D. Ryder Scriboard 21
Legal Issues and the ‘Cloud’ – I [Scenarios and Situations] • ‘Physical Location’ of the Data – [a] where is the data stored? [jurisdiction and legal governance of the data] [b] Dispute Resolution – in the event of conflict • Responsibility for the Data – Disaster Management [Indemnification? Insurance?] Is there liability coverage for the breach of privacy? What if the data center is hacked? • Intellectual Property – [a] Is the data protected under Intellectual; Property Law? How secure are trade secrets? What are the conditions under which the vendor grants third parties access to your data? Rodney D. Ryder Scriboard 22
Legal Issues and the ‘Cloud’ – II [Contracts and Enforcement] • Privileged User Access – Who has access and their backgrounds • Regulatory Compliance – Vendors must be willing to undergo audits and security certifications • Data Location • Security: the legal responsibility [Security Breach?] – [a] physical security; [b] operational security – ‘private cloud’ or the ‘utility model’; [c] programmatic or code-based security • Data Segregation and the use of Encryption • Recovery Rodney D. Ryder Scriboard 23
Privacy and the Internet Data Privacy and Information Security Rodney D. Ryder Scriboard 24
Privacy concerns A fundamental human right the right of the individual to be let alone • Information Privacy [data protection] - personal data • Bodily privacy - invasive procedures - search, drug testing; genetic testing; etc • Communications Privacy - mail, telephone, e-mail etc • Territorial privacy - domestic privacy; CCTV; ID checks etc “Public” aspects - surveillance, police powers and national security Rodney D. Ryder Scriboard 25
Growth of Importance of Privacy Overview - major International and US regulations HUMAN RIGHTS 1948 UN Universal Declaration of Human Rights 1970 US Fair Credit Reporting Act 1974 US Privacy Act 1976 International Covenant on Civil and Political Rights 1980 OECD Guidelines on Protection of Privacy 1980 US Privacy Protection Act 1995 European Commission Directive on Data Protection 1994 US Communications Assistance to Law Enforcement Act 1996 US Health Insurance Portability and Accountability Act 1998 US Children's Online Privacy Protection Act 1998 European Member States implement Directive 1999 US Financial Services Modernization Act Rodney D. Ryder Scriboard BUSINESS ISSUES 26
Privacy and Data Protection law in India There is no general privacy or data protection law in India: • Constitution Article 21 Right to life and liberty, interpreted by Supreme Court as including the “right to be let alone” • International Covenant on Civil and Political Rights 1966 Article 17: No one shall be subject to arbitrary or unlawful interference with his privacy, family, home or correspondence, nor to unlawful attacks on his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks. • Law of privacy [Tort Law] – Action for unlawful invasion of privacy Rodney D. Ryder Scriboard 27
The [Indian] Information Technology Act, 2000 Information Technology Act 2000 • Section 43 [a] Penalty for unauthorised access to a computer system • Section 43 [b] Penalty for unauthorised downloading or copying of data without permission • Section 72 Offence of accessing any electronic record, book, register, correspondence, information, document or other material and, without the consent of the person concerned, disclosing such information to another person Rodney D. Ryder Scriboard 28
Current law in India • Public Financial Institutions Act of 1983 codifies confidentiality of bank transactions • ISPs prohibited from violating privacy rights of subscribers by virtue of the licence to operate granted by the Department of Telecommunications • A general data protection law in India? National Task Force on IT and Software Development 1998 Submitted “IT Action Plan” calling for “National Policy on Information Security, Privacy and Data Protection Act for handling of computerised data” but no Act introduced to date Rodney D. Ryder Scriboard 29
Possible approaches to Data Protection Data Protection Worldwide Rodney D. Ryder Scriboard 30
Data Protection legislation worldwide NONE PENDING AFGHANISTAN CENTRAL AFRICAN REPUBLIC CHAD CHILE CHINA CHRISTMAS ISLAND COCOS [KEELING] ISLANDS COLOMBIA COMOROS CONGO ALBANIA ALGERIA AMERICAN SAMOA ANDORRA ANGOLA COOK ISLANDS COSTA RICA COTE D'IVOIRE CROATIA CUBA CYPRUS CZECH REPUBLIC DENMARK DJIBOUTI DOMINICA DOMINICAN REPUBLIC EAST TIMOR ECUADOR EGYPT EL SALVADOR EQUATORIAL GUINEA ERITREA ESTONIA ETHIOPIA FALKLAND ISLANDS [MALVINAS] FAROE ISLANDS FIJI FINLAND FRANCE FRENCH GUIANA FRENCH POLYNESIA FRENCH SOUTHERN TERRITORIES GABON GAMBIA GEORGIA GERMANY GHANA ANGUILLA ANTARCTICA ANTIGUA AND BARBUDA ARGENTINA ARMENIA ARUBA AUSTRALIA AUSTRIA AZERBAIJAN BAHAMAS BAHRAIN BANGLADESH BARBADOS BELARUS BELGIUM BELIZE BENIN BERMUDA BHUTAN IN PLACE GIBRALTAR GREECE GREENLAND GRENADA GUADELOUPE GUAM GUATEMALA GUINEA GUINEA-BISSAU GUYANA HAITI HEARD ISLAND AND MCDONALD ISLANDS HOLY SEE [VATICAN CITY STATE] HONDURAS HONG KONG HUNGARY ICELAND INDIA INDONESIA IRAN IRAQ IRELAND ISRAEL ITALY JAMAICA JAPAN JORDAN KAZAKSTAN KENYA KIRIBATI KUWAIT KYRGYZSTAN LAO PEOPLE'S DEMOCRATIC REPUBLIC LATVIA LEBANON LESOTHO LIBERIA LIBYAN ARAB JAMAHIRIYA LIECHTENSTEIN EUD or ‘ADEQUATE’ LITHUANIA OURG LUXEMBOURG MACAU MACEDONIA MADAGASCAR MALAWI MALAYSIA MALDIVES MALI MALTA MARSHALL ISLANDS MARTINIQUE MAURITANIA MAURITIUS MAYOTTE MEXICO MICRONESIA, FEDERATED STATES OF MOLDOVA, REPUBLIC OF MONACO MONGOLIA MONTSERRAT MOROCCO MOZAMBIQUE MYANMAR NAMIBIA NAURU NEPAL NETHERLANDS NETHERLANDS ANTILLES NEW CALEDONIA NEW ZEALAND NICARAGUA NIGER NIGERIA NIUE NORFOLK ISLAND NORTH KOREA NORTHERN MARIANA ISLANDS NORWAY OMAN PAKISTAN PALAU PALESTINIAN TERRITORY, OCCUPIED PANAMA PAPUA NEW GUINEA PARAGUAY PERU PHILIPPINES PITCAIRN POLAND PORTUGAL PUERTO RICO QATAR REUNION ROMANIA RUSSIAN FEDERATION RWANDA SAINT HELENA SAINT KITTS AND NEVIS SAINT LUCIA SAINT PIERRE AND MIQUELON SAINT VINCENT AND THE GRENADINES SAMOA SAN MARINO SAO TOME AND PRINCIPE SAUDI ARABIA SENEGAL SEYCHELLES SIERRA LEONE SINGAPORE SLOVAKIA SLOVENIA SOLOMON ISLANDS SOMALIA SOUTH AFRICA SOUTH GEORGIA SOUTH KOREA SPAIN SRI LANKA SUDAN SURINAME SVALBARD AND JAN MAYEN SWAZILAND SWEDEN SWITZERLAND SYRIAN ARAB REPUBLIC TAIWAN TAJIKISTAN TANZANIA, UNITED REPUBLIC OF THAILAND TOGO TOKELAU TONGA TONGA TRINIDAD AND TOBAGO TUNISIA TURKEY TURKMENISTAN TURKS AND CAICOS ISLANDS TUVALU UGANDA UKRAINE UNITED ARAB EMIRATES UNITED KINGDOM UNITED STATES [safe harbor] US MINOR OUTLYING ISLANDS URUGUAY UZBEKISTAN VANUATU VENEZUELA VIET NAM VIRGIN ISLANDS, BRITISH VIRGIN ISLANDS, U.S. WALLIS AND FUTUNA WESTERN SAHARA YEMEN YUGOSLAVIA ZAMBIA ZIMBABWE BOLIVIA BOSNIA AND HERZEGOVINA BOTSWANA BOUVET ISLAND BRAZIL BRITISH INDIAN OCEAN TERRITORY BRUNEI DARUSSALAM BULGARIA BURKINA FASO BURUNDI CAMBODIA CAMEROON CANADA CAPE VERDE CAYMAN ISLANDS Rodney D. Ryder Scriboard 31
Industrialised Countries Legislation timeline Norway Personal D Reg Act Finland Personal DP Act In force 14 April 2000 In force 1 June 1999 Sweden Personal Data Act Denmark Act on Processing f PD In force 24 October 1998 In force 1 July 2000 Belgium Data Protection Act Ireland - In force 1 Sep 2001 Germany Data Protection Act United Kingdom Data Protection Act In force 23 May 2001 In force 1 March 2000 Austria Data Protection Act Luxembourg - In force 1 January 2000 Canada PIP&ED Act Commenced 1 Jan 2001 Italy Data Protection Act Mexico eCommerce Act Netherlands Law on Protection PD ct In force 8 May 1997 In force 7 June 2000 In force 1 Sep 2001 France - United States [includes] CPP Act 1984 VPP Act 1988 COPP Act 1998 Hong Kong Personal Data [Privacy] Australia Privacy Act Spain Data Protection Act In force 20 Dec 1996 In force 21 Dec 2001 In force 13 January 2000 In force 21 April 2000 Taiwan Computer Processed DP New Zealand Privacy Act Portugal Personal DP Act In force 11 August 1995 In force 1 July 1993 In force 27 October 1998 Switzerland Data Protection Act South Korea eCommerce Act In force 1 June 1999 In force January 1999 Eastern Europe Estonia [96] Poland [98] Solovak [98] Slovenia [99] Hungary [99] Czech [00] Latvia [00] Lithuania [00] HIPA Act In force 14 April 2001 GLB Act In force 1 July 2001 ‘General’ Act Rodney D. Ryder Scriboard Under consideration Greece Protection Processing In force 10 April 1997 32
Possible approaches to Data Protection Data Protection in Europe Rodney D. Ryder Scriboard 33
European Data Protection Directive • Directive 95/46/EC of the European Commission • Now implemented in almost all Member States e.g. UK previously - UK Data Protection Act 1984 now - UK Data Protection Act 1998 [in force March 2000] [“DPA”] Rodney D. Ryder Scriboard 34
UK DPA 1998 - The Eight Principles 1. Personal data must be processed fairly and lawfully 2. Personal data must be collected and used only for notified purposes. 3. Personal data must be adequate, relevant and not excessive. 4. Personal data must be accurate and, where necessary, kept up-todate. 5. Personal data must only be retained for as long as is necessary to carry out the purposes for which it is collected. 6. Personal data must be processed in accordance with the rights of data subjects as set out under the 1998 Act. Rodney D. Ryder Scriboard 35
UK DPA 1998 - The Eight Principles 7. Appropriate technical and organisational measures must be in place to protect against unauthorised access, amendment or loss of personal data. There must be a contractual obligation, in writing, upon any data processor to comply with the relevant legislation and to ensure that such measures have been put in place. 8. Personal information must not be transferred out of the European Economic Area ["EEA"] unless the receiving country ensures "an adequate level of protection" for the rights and freedoms of the data subjects vis-à-vis the processing of personal data. Rodney D. Ryder Scriboard 36
Transfers of Personal Data from Europe to India The Eighth Principle Personal information must not be transferred out of the European Economic Area ["EEA"] unless the receiving country ensures "an adequate level of protection" for the rights and freedoms of the data subjects vis-à-vis the processing of personal data. Rodney D. Ryder Scriboard 37
Alternative Grounds: “Seventh-Principle” type contract Notwithstanding lack of country adequate status, a Data Controller can nevertheless conclude there is adequate protection in respect of a particular transfer if: There is sufficient protection for individual data subjects Having regard to: - nature of data being transferred; - purposes for processing; - security measures in place; - individual rights to redress if things go wrong Note - all of these could be covered in a Seventh-Principle type contract Rodney D. Ryder Scriboard 38
Any questions? Rodney D. Ryder Scriboard 39
Legal Services Technology, Media and Communications Technology, Media and Communications ‘Enforcing’ the Information Technology Act Regulating Cyberspace – Version 2.0 Rodney D. Ryder rodney@scriboard.com

Empfohlen

Scriboard® - Creating Value from Intellectual Property [India]
Scriboard® - Creating Value from Intellectual Property [India]Scriboard® - Creating Value from Intellectual Property [India]
Scriboard® - Creating Value from Intellectual Property [India]Rodney D. Ryder
 
IDNs and the new gTLDs: Evolving a Strategy
IDNs and the new gTLDs: Evolving a StrategyIDNs and the new gTLDs: Evolving a Strategy
IDNs and the new gTLDs: Evolving a StrategyRodney D. Ryder
 
Introducing the Information Technology Act [Scriboard]
Introducing the Information Technology Act [Scriboard]Introducing the Information Technology Act [Scriboard]
Introducing the Information Technology Act [Scriboard]Rodney D. Ryder
 
Maximizing and protecting ip
Maximizing and protecting ipMaximizing and protecting ip
Maximizing and protecting ipeophiladelphia
 
A Legal Options Approach To Ec Company Law
A Legal Options Approach To Ec Company LawA Legal Options Approach To Ec Company Law
A Legal Options Approach To Ec Company Lawlegalinfo
 
Lean IP
Lean IPLean IP
Lean IPScott Sherwin
 
Contego Intellectual Property
Contego Intellectual PropertyContego Intellectual Property
Contego Intellectual Propertydjkcontegoip
 
Inventor boot camp 2010
Inventor boot camp 2010Inventor boot camp 2010
Inventor boot camp 2010dr2tom
 

Empfohlen

Scriboard® - Creating Value from Intellectual Property [India]
Scriboard® - Creating Value from Intellectual Property [India]Scriboard® - Creating Value from Intellectual Property [India]
Scriboard® - Creating Value from Intellectual Property [India]Rodney D. Ryder
 
IDNs and the new gTLDs: Evolving a Strategy
IDNs and the new gTLDs: Evolving a StrategyIDNs and the new gTLDs: Evolving a Strategy
IDNs and the new gTLDs: Evolving a StrategyRodney D. Ryder
 
Introducing the Information Technology Act [Scriboard]
Introducing the Information Technology Act [Scriboard]Introducing the Information Technology Act [Scriboard]
Introducing the Information Technology Act [Scriboard]Rodney D. Ryder
 
Maximizing and protecting ip
Maximizing and protecting ipMaximizing and protecting ip
Maximizing and protecting ipeophiladelphia
 
A Legal Options Approach To Ec Company Law
A Legal Options Approach To Ec Company LawA Legal Options Approach To Ec Company Law
A Legal Options Approach To Ec Company Lawlegalinfo
 
Lean IP
Lean IPLean IP
Lean IPScott Sherwin
 
Contego Intellectual Property
Contego Intellectual PropertyContego Intellectual Property
Contego Intellectual Propertydjkcontegoip
 
Inventor boot camp 2010
Inventor boot camp 2010Inventor boot camp 2010
Inventor boot camp 2010dr2tom
 
Current Issues in IP for Software Engineers and Web Developers
Current Issues in IP for Software Engineers and Web DevelopersCurrent Issues in IP for Software Engineers and Web Developers
Current Issues in IP for Software Engineers and Web DevelopersFrisina & Smith
 
Intellectual Property Strategies
Intellectual Property StrategiesIntellectual Property Strategies
Intellectual Property StrategiesEnvisioning Labs
 
Cruickshank Presentation - Intellectual Property
Cruickshank Presentation - Intellectual PropertyCruickshank Presentation - Intellectual Property
Cruickshank Presentation - Intellectual PropertyDonegal Local Enterprise Office
 
Chicago business affairs workshop (ip)
Chicago business affairs workshop (ip)Chicago business affairs workshop (ip)
Chicago business affairs workshop (ip)Adler Law Group
 
RRS_Group
RRS_GroupRRS_Group
RRS_GroupRishi Singh
 
The Basics of Intellectual Property and Patent Strategy for Maximizing Busine...
The Basics of Intellectual Property and Patent Strategy for Maximizing Busine...The Basics of Intellectual Property and Patent Strategy for Maximizing Busine...
The Basics of Intellectual Property and Patent Strategy for Maximizing Busine...The Hutter Group: IP Business Strategy
 
Investigation and discovery tools in law firms
Investigation and discovery tools in law firmsInvestigation and discovery tools in law firms
Investigation and discovery tools in law firmsClio - Cloud-Based Legal Technology
 
Rockit Warsaw
Rockit Warsaw Rockit Warsaw
Rockit Warsaw Rockit Conference
 
Castillo sta. Cruz
Castillo sta. CruzCastillo sta. Cruz
Castillo sta. Cruzalberto
 
Adv 420 final ppt
Adv 420 final pptAdv 420 final ppt
Adv 420 final pptRielly Whims
 
Career
CareerCareer
Careerchristian franks
 
Pacific Towers CIREC Presentation 2016
Pacific Towers CIREC Presentation 2016Pacific Towers CIREC Presentation 2016
Pacific Towers CIREC Presentation 2016Sam Pham
 
Coue my method_12-20-99
Coue my method_12-20-99Coue my method_12-20-99
Coue my method_12-20-99Monjur Morshed
 
Winning Shelf Space: Private Labels or FMCG Brands?
Winning Shelf Space: Private Labels or FMCG Brands?Winning Shelf Space: Private Labels or FMCG Brands?
Winning Shelf Space: Private Labels or FMCG Brands?Aranca
 
2.4 G Remote Control Car(1)
2.4 G Remote Control Car(1)2.4 G Remote Control Car(1)
2.4 G Remote Control Car(1)Chomp Microelectronics Ltd
 
Knowledge sharing : Targeting in online advertising
Knowledge sharing : Targeting in online advertisingKnowledge sharing : Targeting in online advertising
Knowledge sharing : Targeting in online advertisingLode Lauwers
 
Progressive Insurance By Aditya Patni - IIT Dhanbad
Progressive Insurance By Aditya Patni - IIT DhanbadProgressive Insurance By Aditya Patni - IIT Dhanbad
Progressive Insurance By Aditya Patni - IIT DhanbadAditya Jain
 
Alteration of share capital
Alteration of share capitalAlteration of share capital
Alteration of share capitalCS Neelam Rathi
 
Mangerial remuneration
Mangerial remuneration Mangerial remuneration
Mangerial remuneration kiran kumar
 
Appointment and Remuneration of Managerial Personnel COMPANIES ACT, 2013
Appointment and Remuneration of Managerial Personnel COMPANIES ACT, 2013Appointment and Remuneration of Managerial Personnel COMPANIES ACT, 2013
Appointment and Remuneration of Managerial Personnel COMPANIES ACT, 2013Proglobalcorp India
 
Tracxn Remittance Startup Landscape Report, July 2016
Tracxn Remittance Startup Landscape Report, July 2016Tracxn Remittance Startup Landscape Report, July 2016
Tracxn Remittance Startup Landscape Report, July 2016Tracxn
 
Inflamación
InflamaciónInflamación
InflamaciónPAMELA ARLEENN
 

Weitere ähnliche Inhalte

Was ist angesagt?

Current Issues in IP for Software Engineers and Web Developers
Current Issues in IP for Software Engineers and Web DevelopersCurrent Issues in IP for Software Engineers and Web Developers
Current Issues in IP for Software Engineers and Web DevelopersFrisina & Smith
 
Intellectual Property Strategies
Intellectual Property StrategiesIntellectual Property Strategies
Intellectual Property StrategiesEnvisioning Labs
 
Chicago business affairs workshop (ip)
Chicago business affairs workshop (ip)Chicago business affairs workshop (ip)
Chicago business affairs workshop (ip)Adler Law Group
 
The Basics of Intellectual Property and Patent Strategy for Maximizing Busine...
The Basics of Intellectual Property and Patent Strategy for Maximizing Busine...The Basics of Intellectual Property and Patent Strategy for Maximizing Busine...
The Basics of Intellectual Property and Patent Strategy for Maximizing Busine...The Hutter Group: IP Business Strategy
 

Was ist angesagt? (7)

Current Issues in IP for Software Engineers and Web Developers
Current Issues in IP for Software Engineers and Web DevelopersCurrent Issues in IP for Software Engineers and Web Developers
Current Issues in IP for Software Engineers and Web Developers
 
Intellectual Property Strategies
Intellectual Property StrategiesIntellectual Property Strategies
Intellectual Property Strategies
 
Cruickshank Presentation - Intellectual Property
Cruickshank Presentation - Intellectual PropertyCruickshank Presentation - Intellectual Property
Cruickshank Presentation - Intellectual Property
 
Chicago business affairs workshop (ip)
Chicago business affairs workshop (ip)Chicago business affairs workshop (ip)
Chicago business affairs workshop (ip)
 
RRS_Group
RRS_GroupRRS_Group
RRS_Group
 
The Basics of Intellectual Property and Patent Strategy for Maximizing Busine...
The Basics of Intellectual Property and Patent Strategy for Maximizing Busine...The Basics of Intellectual Property and Patent Strategy for Maximizing Busine...
The Basics of Intellectual Property and Patent Strategy for Maximizing Busine...
 
Investigation and discovery tools in law firms
Investigation and discovery tools in law firmsInvestigation and discovery tools in law firms
Investigation and discovery tools in law firms
 

Andere mochten auch

Castillo sta. Cruz
Castillo sta. CruzCastillo sta. Cruz
Castillo sta. Cruzalberto
 
Pacific Towers CIREC Presentation 2016
Pacific Towers CIREC Presentation 2016Pacific Towers CIREC Presentation 2016
Pacific Towers CIREC Presentation 2016Sam Pham
 
Coue my method_12-20-99
Coue my method_12-20-99Coue my method_12-20-99
Coue my method_12-20-99Monjur Morshed
 
Winning Shelf Space: Private Labels or FMCG Brands?
Winning Shelf Space: Private Labels or FMCG Brands?Winning Shelf Space: Private Labels or FMCG Brands?
Winning Shelf Space: Private Labels or FMCG Brands?Aranca
 
Knowledge sharing : Targeting in online advertising
Knowledge sharing : Targeting in online advertisingKnowledge sharing : Targeting in online advertising
Knowledge sharing : Targeting in online advertisingLode Lauwers
 
Progressive Insurance By Aditya Patni - IIT Dhanbad
Progressive Insurance By Aditya Patni - IIT DhanbadProgressive Insurance By Aditya Patni - IIT Dhanbad
Progressive Insurance By Aditya Patni - IIT DhanbadAditya Jain
 
Alteration of share capital
Alteration of share capitalAlteration of share capital
Alteration of share capitalCS Neelam Rathi
 
Mangerial remuneration
Mangerial remuneration Mangerial remuneration
Mangerial remuneration kiran kumar
 
Appointment and Remuneration of Managerial Personnel COMPANIES ACT, 2013
Appointment and Remuneration of Managerial Personnel COMPANIES ACT, 2013Appointment and Remuneration of Managerial Personnel COMPANIES ACT, 2013
Appointment and Remuneration of Managerial Personnel COMPANIES ACT, 2013Proglobalcorp India
 
Tracxn Remittance Startup Landscape Report, July 2016
Tracxn Remittance Startup Landscape Report, July 2016Tracxn Remittance Startup Landscape Report, July 2016
Tracxn Remittance Startup Landscape Report, July 2016Tracxn
 

Andere mochten auch (15)

Rockit Warsaw
Rockit Warsaw Rockit Warsaw
Rockit Warsaw
 
Castillo sta. Cruz
Castillo sta. CruzCastillo sta. Cruz
Castillo sta. Cruz
 
Adv 420 final ppt
Adv 420 final pptAdv 420 final ppt
Adv 420 final ppt
 
Career
CareerCareer
Career
 
Pacific Towers CIREC Presentation 2016
Pacific Towers CIREC Presentation 2016Pacific Towers CIREC Presentation 2016
Pacific Towers CIREC Presentation 2016
 
Coue my method_12-20-99
Coue my method_12-20-99Coue my method_12-20-99
Coue my method_12-20-99
 
Winning Shelf Space: Private Labels or FMCG Brands?
Winning Shelf Space: Private Labels or FMCG Brands?Winning Shelf Space: Private Labels or FMCG Brands?
Winning Shelf Space: Private Labels or FMCG Brands?
 
2.4 G Remote Control Car(1)
2.4 G Remote Control Car(1)2.4 G Remote Control Car(1)
2.4 G Remote Control Car(1)
 
Knowledge sharing : Targeting in online advertising
Knowledge sharing : Targeting in online advertisingKnowledge sharing : Targeting in online advertising
Knowledge sharing : Targeting in online advertising
 
Progressive Insurance By Aditya Patni - IIT Dhanbad
Progressive Insurance By Aditya Patni - IIT DhanbadProgressive Insurance By Aditya Patni - IIT Dhanbad
Progressive Insurance By Aditya Patni - IIT Dhanbad
 
Alteration of share capital
Alteration of share capitalAlteration of share capital
Alteration of share capital
 
Mangerial remuneration
Mangerial remuneration Mangerial remuneration
Mangerial remuneration
 
Appointment and Remuneration of Managerial Personnel COMPANIES ACT, 2013
Appointment and Remuneration of Managerial Personnel COMPANIES ACT, 2013Appointment and Remuneration of Managerial Personnel COMPANIES ACT, 2013
Appointment and Remuneration of Managerial Personnel COMPANIES ACT, 2013
 
Tracxn Remittance Startup Landscape Report, July 2016
Tracxn Remittance Startup Landscape Report, July 2016Tracxn Remittance Startup Landscape Report, July 2016
Tracxn Remittance Startup Landscape Report, July 2016
 
Inflamación
InflamaciónInflamación
Inflamación
 

Ähnlich wie Scriboard® - Internet Law and Policy [India]

Internet Security and Legal Compliance: Cyber Law in India
Internet Security and Legal Compliance: Cyber Law in IndiaInternet Security and Legal Compliance: Cyber Law in India
Internet Security and Legal Compliance: Cyber Law in IndiaRodney D. Ryder
 
Unit-5.3 Information Technology Act, 2000-MLP.pptx
Unit-5.3 Information Technology Act, 2000-MLP.pptxUnit-5.3 Information Technology Act, 2000-MLP.pptx
Unit-5.3 Information Technology Act, 2000-MLP.pptxSanjith261
 
Guide to Cybersecurity Compliance in China
Guide to Cybersecurity Compliance in ChinaGuide to Cybersecurity Compliance in China
Guide to Cybersecurity Compliance in ChinaAlibaba Cloud
 
Cloud computing legal issues
Cloud computing legal issuesCloud computing legal issues
Cloud computing legal issuesAdv Prashant Mali
 
Cyberpolicy laws
Cyberpolicy lawsCyberpolicy laws
Cyberpolicy lawsesther_sonu
 
Cloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
Cloud Computing: Legal Issues and Safety Risks by Brian Miller SolicitorCloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
Cloud Computing: Legal Issues and Safety Risks by Brian Miller SolicitorBrian Miller, Solicitor
 
The Cyber Law Regime in India
The Cyber Law Regime in IndiaThe Cyber Law Regime in India
The Cyber Law Regime in IndiaDr. Prashant Vats
 
Cyber crime legislation part 1
Cyber crime legislation part 1Cyber crime legislation part 1
Cyber crime legislation part 1MohsinMughal28
 

Ähnlich wie Scriboard® - Internet Law and Policy [India] (20)

Internet Security and Legal Compliance: Cyber Law in India
Internet Security and Legal Compliance: Cyber Law in IndiaInternet Security and Legal Compliance: Cyber Law in India
Internet Security and Legal Compliance: Cyber Law in India
 
Unit-5.3 Information Technology Act, 2000-MLP.pptx
Unit-5.3 Information Technology Act, 2000-MLP.pptxUnit-5.3 Information Technology Act, 2000-MLP.pptx
Unit-5.3 Information Technology Act, 2000-MLP.pptx
 
Workshop on Cyber Laws
Workshop on Cyber LawsWorkshop on Cyber Laws
Workshop on Cyber Laws
 
Introduction to cyber law.
Introduction to cyber law. Introduction to cyber law.
Introduction to cyber law.
 
Guide to Cybersecurity Compliance in China
Guide to Cybersecurity Compliance in ChinaGuide to Cybersecurity Compliance in China
Guide to Cybersecurity Compliance in China
 
Cyber
CyberCyber
Cyber
 
CRI Retail Cyber Threats
CRI Retail Cyber ThreatsCRI Retail Cyber Threats
CRI Retail Cyber Threats
 
Cyber law final
Cyber law finalCyber law final
Cyber law final
 
Cloud computing legal issues
Cloud computing legal issuesCloud computing legal issues
Cloud computing legal issues
 
Cyberpolicy laws
Cyberpolicy lawsCyberpolicy laws
Cyberpolicy laws
 
Cyber law-it-act-2000
Cyber law-it-act-2000Cyber law-it-act-2000
Cyber law-it-act-2000
 
Business Law - Unit 3
Business Law - Unit 3Business Law - Unit 3
Business Law - Unit 3
 
Cloud Technology & Law Firms
Cloud Technology & Law FirmsCloud Technology & Law Firms
Cloud Technology & Law Firms
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
Cloud Computing: Legal Issues and Safety Risks by Brian Miller SolicitorCloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
Cloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
 
Cyber Security
Cyber Security Cyber Security
Cyber Security
 
IT ACT 2000
IT ACT 2000IT ACT 2000
IT ACT 2000
 
The Cyber Law Regime in India
The Cyber Law Regime in IndiaThe Cyber Law Regime in India
The Cyber Law Regime in India
 
Cyber crime legislation part 1
Cyber crime legislation part 1Cyber crime legislation part 1
Cyber crime legislation part 1
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 

Kürzlich hochgeladen

Unlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdfUnlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdfOnline Income Engine
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageMatteo Carbone
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxAndy Lambert
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.Aaiza Hassan
 
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxB.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxpriyanshujha201
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdfRenandantas16
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANIlamathiKannappan
 
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 DelhiCall Girls in Delhi
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableDipal Arora
 
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...Suhani Kapoor
 
Understanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key InsightsUnderstanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key Insightsseri bangash
 
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature SetCreating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature SetDenis Gagné
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRavindra Nath Shukla
 
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Delhi Call girls
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...Aggregage
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMRavindra Nath Shukla
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Neil Kimberley
 
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒anilsa9823
 

Kürzlich hochgeladen (20)

Unlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdfUnlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdf
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptx
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.
 
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxB.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMAN
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
 
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
 
Understanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key InsightsUnderstanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key Insights
 
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature SetCreating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear Regression
 
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSM
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023
 
Forklift Operations: Safety through Cartoons
Forklift Operations: Safety through CartoonsForklift Operations: Safety through Cartoons
Forklift Operations: Safety through Cartoons
 
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
 

Scriboard® - Internet Law and Policy [India]

  • 1. ‘Enforcing’ the Information Technology Act: Regulating Cyberspace – Version 2.0 Rodney D. Ryder Rodney D. Ryder Scriboard 1
  • 2. Internet Security and Legal Compliance: Regulating Cyberspace – Version 2.0 Part 1 – Internet Law and Policy • Information Technology Act, 2000 • • Structuring a policy Current law in India Part 2 – Data Privacy and Information Security [Challenges and Strategies] • Data Protection legislation around the world [European Commission Directive and the UK Act; Data Protection model: the United States] Rodney D. Ryder Scriboard 2
  • 3. The need for a national strategy Internet Law and Policy: New Media Regulation and India Rodney D. Ryder Scriboard 3
  • 4. The Rise [and fall?] of Cyberspace • The Importance of Internet Architecture – ‘decentralised routing system’ – designed to carry messages from point to point even if intermediate communication exchanges are blocked, damaged or destroyed. <the dumb network> • ‘The net interprets censorship as damage, and routes around it’. John Gilmore, Lawless, The Economist, July 1995. • <Cyberspace>; <Neuromancer> and the “Network” [A place governed by its own laws - as introduced by William Gibson ] • “Law and Borders”: the ‘independent’ theory of cyberspace law [David Post and David Johnson, Stanford Law Review] • Benkler’s layers – the physical, the code and content [in communications theory] • Lessig <Code and other laws of Cyberspace> • Ryder <Regulating ‘Indian’ Cyberspace> • Goldsmith and Wu <Who Controls the Internet? The Illusions of a Borderless World> Rodney D. Ryder Scriboard 4
  • 5. The ‘New Medium’ and the Law • The Information Technology Act, 2000 – in a phrase: ‘functional equivalence’ • ‘Electronic Commerce’ as an objective • Understanding the role of the medium – incidental [blackmail, stalking]; content [obscene or sensitive material]; integrity [unauthorised access and/or modification] • Adaptability and Enforcement of Indian law – lessons from the American experience [Adobe Systems v. Dmitry Skylarov] Rodney D. Ryder Scriboard 5
  • 6. Structuring Information Systems Management • The Basics: the “machine” and the “medium” – What is a Cybercrime? • The criminal act – discovery [detection] and analysis • The Cybercrime Manual – fostering preparedness • Focussing on ‘relevant’ issues and appropriate classification of offences • Cyber forensics and the collection of evidence • Crisis management [internal and external] Rodney D. Ryder Scriboard 6
  • 7. The Information Technology Act, 2000 • Chapter I: Preliminary [Definitions] • Chapter II: Digital Signatures and Electronic Signatures • Chapter III: Electronic Governance • Chapter IV: Attribution, Acknowledgement and Dispatch of Electronic Records • Chapter V: Secure Electronic Records and Secure Electronic Signatures • Chapter VI: Regulation of Certifying Authorities • Chapter VII: Electronic Signature Certificates Rodney D. Ryder Scriboard 7
  • 8. The Information Technology Act, 2000 • Chapter VIII: Duties of Subscribers • Chapter IX: Penalties, Compensation and Adjudication • Chapter X: The Cyber Appellate Tribunal • Chapter XI: Offences • Chapter XII: Intermediaries not to be liable in certain cases • Chapter XIIA: Examiner of Electronic Evidence • Chapter XIII: Miscellaneous Rodney D. Ryder Scriboard 8
  • 9. ‘Offences’ under the Indian Information Technology Act, 2000 • Tampering with computer source documents/‘code’ [Section 65]; • Transmission of Offensive Messages through Communication [Section 66A]; • Dishonest receipt of stolen computer resource or communication device [Section 66B]; • Punishment for Identity Theft [Section 66C]; • Cheating by personation using computer resource [Section 66D]; • Violation of Privacy [Section 66E] • Cyber Terrorism [Section 66F]; • Publishing or transmitting obscene material in electronic form [Section 67]; Publishing or transmitting of material containing sexually explicit act in electronic form [Section 67A]; Publishing or transmitting of material depicting children in sexually explicit act in electronic form [Section 67B]. Rodney D. Ryder Scriboard 9
  • 10. ‘Duties’ under the Indian Information Technology Act • Duty of the Organisation “… maintain reasonable security practices and procedures” [Section 43A] – What is a reasonable Corporate Security System? [ISO 27001/27002] • “Offences by Companies” [Section 85] – “… every person who, at the time the contravention was committed, was in charge of, and was responsible to, the company for the conduct of business of the company as well as the company…” • Use of Organisation’s IT Resources should be governed by Internal IT Use and Security Policies Rodney D. Ryder Scriboard 10
  • 11. E-Commerce and the Model Law - I • New Terms [and Issues]: Virtual Goods, Web hosting, Server [essence of business transactions remains the same] • Conventional law has not become obsolete... [a] ‘Online’ contracts are not different from ‘off line’; [b] Medium of a transaction is generally irrelevant for the law. • Traditional Legal concepts based on the existence of a tangible medium: ‘instrument’, ‘document’, ‘original’, ‘signature’… • Legal concepts based on geographic ‘dispatch’, ‘surrender’… Rodney D. Ryder Scriboard location: ‘delivery’, ‘receipt’, 11
  • 12. E-Commerce and the Model Law - II Model Law: [a] to facilitate rather than regulate electronic commerce; [b] to adapt existing legal requirements; [c] to provide basic legal validity and raise legal certainty. Functional Equivalence: [a] Analyse purposes and functions of paper-based requirements [‘writing’, ‘record’, ‘signature’, ‘original’]; [b] consider criteria necessary to replicate those functions and give electronic data the same level of recognition as information on paper. Media and Technology Neutrality: [a] Equal treatment of paperbased and electronic transactions; [b] Equal treatment of different techniques [EDI, e-mail, Internet, telegram, telex, fax] Rodney D. Ryder Scriboard 12
  • 13. E-Commerce and the Model Law - III – Party Autonomy: [a] Primacy of party agreement on whether and how to use e-commerce techniques; [b] Parties free to choose security level appropriate for their transactions – Article 7 [Signature]: Legal requirement is met in relation to a data message if: [a] a method is used to identify the signatory and to indicate his approval of the information contained in the data message; and [b] that method is as reliable as was appropriate for the purpose for which the data message was generated or communicated. – Article 8 [Original] Legal requirement is met by a data message if: [a] there exists a reliable assurance as to the integrity of the information from the time when it was first generated in its final form, as a data message or otherwise; and [b] information is capable of being displayed to the person to whom it is to be presented. Rodney D. Ryder Scriboard 13
  • 14. E-Commerce and the Model Law - IV • Article 9 [Evidence]: In any legal proceedings, nothing in the rules of evidence shall apply so as to deny the admissibility of a data message in evidence solely because it is a data message. Article 11 [Use of data messages in contract formation] Article 12 [Non-repudiation] Article 13 [Attribution of data messages] Article 14 [Acknowledgement of receipt] Article 15 [Time and place of dispatch and receipt] Articles 16 and 17 [Electronic commerce and carriage of goods] Rodney D. Ryder Scriboard 14
  • 15. E-Commerce and the Model Law - V A data message is deemed to be sent when it enters an information system outside the control of the originator. A data message is deemed to be received: [a] If the addressee has designated an information system to receive the message, when the message enters the designated system; or [b] If the message is sent to an information system other than the designated system, when the addressee retrieves the message. Rodney D. Ryder Scriboard 15
  • 16. ‘Jurisdiction’: Reading the Information Technology Act [I] • The relevance of physical location • Technology and the elimination of physical contact • Indian jurisdiction in cyberspace: a ‘simpler’ reading of section 75 [Indian Information Technology Act, 2000] • Wired [August 2000]: “Welcome to Sealand,…” Rodney D. Ryder Scriboard 16
  • 17. ‘Jurisdiction’: Reading the Information Technology Act [II] • The simplistic view: is Cyberspace a place? • Direct interaction or through an agent [bot]? • The arcane exercise: where to sue? • Blurring vision: product or service • The basic paradigm: the absoluteness of boundaries • The relevance of physical location [‘lex situs’] • Targeting Rodney D. Ryder Scriboard 17
  • 18. ‘Jurisdiction’: Reading the Information Technology Act [III] • Zippo Manufacturing Co. v. Zippo.com Inc. 952 F Supp 1119 [1997] the sliding scale test [‘… the nature and quality of commercial activity’] • Sliding – [a] entering into a contract, subsequently uploading files, Compuserve Inc. v. Patterson 89 F 2d 1257 (1996); [b] website, targeting users of a jurisdiction, Maritz Inc. v. Cybergold Inc 947 F Supp 1328 (1996) • Sliding – [a] Website not interactive, only contained general information Bensusan Restaurant Corp v King 937 F Supp 296 (1996); [b] ‘U-Hell’ website that described their experience with ‘UHaul’ U-Haul International Inc v. Osborne 1999 Us Dist LEXIS 14466 (1999); [c] Server only point of contact Pres-Kap Inc v. System One Direct Access Inc 636 So 2d 1351 (1994). Rodney D. Ryder Scriboard 18
  • 19. ‘Jurisdiction’: Reading the Information Technology Act [IV] • Calder v. Jones 465 US 783 (1984) – ‘targeting’ [emerging as the dominant test – direct relationship or referral] • Metro-Goldwyn Mayer Studios Inc. v. Grokster Ltd. 243 F Supp 2d 1073 (2003) – ‘… the software had an impact or effect…’ • ‘Free Speech’ and the Internet: Dow Jones & Company v. Gutnick, (2002) 77 AJLR 255; [2002] HCA 256. [Callinan J, ‘… American legal hegemony’ [‘accessibility’; ‘reputation’] • Publication – a bilateral act? • Reasonableness – reputation in the forum, whether the publisher knew or ought to have known this, ‘extent’ of publication, extent to which the plaintiff is a subject. Rodney D. Ryder Scriboard 19
  • 20. Internet Cases in India [I] • Vodafone Essar Ltd v Raju Sud [Bombay High Court; Summary Suit No. 3264/2009 Dated : 22 November, 2011] - subscriber, challenged the authenticity of computer generated bills which contained the charges. The Court held that, “printouts taken from the computer/server by mechanical process as contemplated under Sections 65 and 65-A of the Evidence Act is permitted, irrespective of the compliance with the requirement of Section 65-B of the Act”. • State v. Navjot Sandhu [Supreme Court of India, Case No. : Appeal [Crl.] 373-375 of 2004, Date of Judgement : 04/08/2005] - The Hon’ble Supreme Court when examining Section 65B, held that even when an affidavit/certificate under Sec. 65B is not filed it would not foreclose the Court from examining such evidence provided it complies with the requirements of Section 63 and 65 of the Evidence Act. • Super Cassettes v. MySpace Inc. [Delhi High Court; CS [OS] No. 2682/2008] - One of India’s first judgments on the issue of intermediary liability specifically on the point of copyright infringement of recordings of the plaintiff. • Rodney D. Ryder Scriboard 20
  • 21. Internet Cases in India [II] • Vinod Kaushik v. Madhvika Joshi [Adjudication Officer, Maharashtra. Complaint Case No. 2/2010] - the legality of accessing a spouse’s email account without their permission. Whether unauthorised access? • Eastern Book Company v. DB Modak [Supreme Court of India. Appeal [Civil] 6472 of 2004] - copyright protection available to electronic databases in India. • Dharambir v. Central Bureau of Investigation [Delhi High Court. 148 [2008] DLT 289] - the admissibility and reliability of digital evidence. • Societe des Products Nestle SA v/s Essar Industries, 2006 [33] PTC 469] – Admissibility of Electronic Evidence • Rodney D. Ryder Scriboard 21
  • 22. Legal Issues and the ‘Cloud’ – I [Scenarios and Situations] • ‘Physical Location’ of the Data – [a] where is the data stored? [jurisdiction and legal governance of the data] [b] Dispute Resolution – in the event of conflict • Responsibility for the Data – Disaster Management [Indemnification? Insurance?] Is there liability coverage for the breach of privacy? What if the data center is hacked? • Intellectual Property – [a] Is the data protected under Intellectual; Property Law? How secure are trade secrets? What are the conditions under which the vendor grants third parties access to your data? Rodney D. Ryder Scriboard 22
  • 23. Legal Issues and the ‘Cloud’ – II [Contracts and Enforcement] • Privileged User Access – Who has access and their backgrounds • Regulatory Compliance – Vendors must be willing to undergo audits and security certifications • Data Location • Security: the legal responsibility [Security Breach?] – [a] physical security; [b] operational security – ‘private cloud’ or the ‘utility model’; [c] programmatic or code-based security • Data Segregation and the use of Encryption • Recovery Rodney D. Ryder Scriboard 23
  • 24. Privacy and the Internet Data Privacy and Information Security Rodney D. Ryder Scriboard 24
  • 25. Privacy concerns A fundamental human right the right of the individual to be let alone • Information Privacy [data protection] - personal data • Bodily privacy - invasive procedures - search, drug testing; genetic testing; etc • Communications Privacy - mail, telephone, e-mail etc • Territorial privacy - domestic privacy; CCTV; ID checks etc “Public” aspects - surveillance, police powers and national security Rodney D. Ryder Scriboard 25
  • 26. Growth of Importance of Privacy Overview - major International and US regulations HUMAN RIGHTS 1948 UN Universal Declaration of Human Rights 1970 US Fair Credit Reporting Act 1974 US Privacy Act 1976 International Covenant on Civil and Political Rights 1980 OECD Guidelines on Protection of Privacy 1980 US Privacy Protection Act 1995 European Commission Directive on Data Protection 1994 US Communications Assistance to Law Enforcement Act 1996 US Health Insurance Portability and Accountability Act 1998 US Children's Online Privacy Protection Act 1998 European Member States implement Directive 1999 US Financial Services Modernization Act Rodney D. Ryder Scriboard BUSINESS ISSUES 26
  • 27. Privacy and Data Protection law in India There is no general privacy or data protection law in India: • Constitution Article 21 Right to life and liberty, interpreted by Supreme Court as including the “right to be let alone” • International Covenant on Civil and Political Rights 1966 Article 17: No one shall be subject to arbitrary or unlawful interference with his privacy, family, home or correspondence, nor to unlawful attacks on his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks. • Law of privacy [Tort Law] – Action for unlawful invasion of privacy Rodney D. Ryder Scriboard 27
  • 28. The [Indian] Information Technology Act, 2000 Information Technology Act 2000 • Section 43 [a] Penalty for unauthorised access to a computer system • Section 43 [b] Penalty for unauthorised downloading or copying of data without permission • Section 72 Offence of accessing any electronic record, book, register, correspondence, information, document or other material and, without the consent of the person concerned, disclosing such information to another person Rodney D. Ryder Scriboard 28
  • 29. Current law in India • Public Financial Institutions Act of 1983 codifies confidentiality of bank transactions • ISPs prohibited from violating privacy rights of subscribers by virtue of the licence to operate granted by the Department of Telecommunications • A general data protection law in India? National Task Force on IT and Software Development 1998 Submitted “IT Action Plan” calling for “National Policy on Information Security, Privacy and Data Protection Act for handling of computerised data” but no Act introduced to date Rodney D. Ryder Scriboard 29
  • 30. Possible approaches to Data Protection Data Protection Worldwide Rodney D. Ryder Scriboard 30
  • 31. Data Protection legislation worldwide NONE PENDING AFGHANISTAN CENTRAL AFRICAN REPUBLIC CHAD CHILE CHINA CHRISTMAS ISLAND COCOS [KEELING] ISLANDS COLOMBIA COMOROS CONGO ALBANIA ALGERIA AMERICAN SAMOA ANDORRA ANGOLA COOK ISLANDS COSTA RICA COTE D'IVOIRE CROATIA CUBA CYPRUS CZECH REPUBLIC DENMARK DJIBOUTI DOMINICA DOMINICAN REPUBLIC EAST TIMOR ECUADOR EGYPT EL SALVADOR EQUATORIAL GUINEA ERITREA ESTONIA ETHIOPIA FALKLAND ISLANDS [MALVINAS] FAROE ISLANDS FIJI FINLAND FRANCE FRENCH GUIANA FRENCH POLYNESIA FRENCH SOUTHERN TERRITORIES GABON GAMBIA GEORGIA GERMANY GHANA ANGUILLA ANTARCTICA ANTIGUA AND BARBUDA ARGENTINA ARMENIA ARUBA AUSTRALIA AUSTRIA AZERBAIJAN BAHAMAS BAHRAIN BANGLADESH BARBADOS BELARUS BELGIUM BELIZE BENIN BERMUDA BHUTAN IN PLACE GIBRALTAR GREECE GREENLAND GRENADA GUADELOUPE GUAM GUATEMALA GUINEA GUINEA-BISSAU GUYANA HAITI HEARD ISLAND AND MCDONALD ISLANDS HOLY SEE [VATICAN CITY STATE] HONDURAS HONG KONG HUNGARY ICELAND INDIA INDONESIA IRAN IRAQ IRELAND ISRAEL ITALY JAMAICA JAPAN JORDAN KAZAKSTAN KENYA KIRIBATI KUWAIT KYRGYZSTAN LAO PEOPLE'S DEMOCRATIC REPUBLIC LATVIA LEBANON LESOTHO LIBERIA LIBYAN ARAB JAMAHIRIYA LIECHTENSTEIN EUD or ‘ADEQUATE’ LITHUANIA OURG LUXEMBOURG MACAU MACEDONIA MADAGASCAR MALAWI MALAYSIA MALDIVES MALI MALTA MARSHALL ISLANDS MARTINIQUE MAURITANIA MAURITIUS MAYOTTE MEXICO MICRONESIA, FEDERATED STATES OF MOLDOVA, REPUBLIC OF MONACO MONGOLIA MONTSERRAT MOROCCO MOZAMBIQUE MYANMAR NAMIBIA NAURU NEPAL NETHERLANDS NETHERLANDS ANTILLES NEW CALEDONIA NEW ZEALAND NICARAGUA NIGER NIGERIA NIUE NORFOLK ISLAND NORTH KOREA NORTHERN MARIANA ISLANDS NORWAY OMAN PAKISTAN PALAU PALESTINIAN TERRITORY, OCCUPIED PANAMA PAPUA NEW GUINEA PARAGUAY PERU PHILIPPINES PITCAIRN POLAND PORTUGAL PUERTO RICO QATAR REUNION ROMANIA RUSSIAN FEDERATION RWANDA SAINT HELENA SAINT KITTS AND NEVIS SAINT LUCIA SAINT PIERRE AND MIQUELON SAINT VINCENT AND THE GRENADINES SAMOA SAN MARINO SAO TOME AND PRINCIPE SAUDI ARABIA SENEGAL SEYCHELLES SIERRA LEONE SINGAPORE SLOVAKIA SLOVENIA SOLOMON ISLANDS SOMALIA SOUTH AFRICA SOUTH GEORGIA SOUTH KOREA SPAIN SRI LANKA SUDAN SURINAME SVALBARD AND JAN MAYEN SWAZILAND SWEDEN SWITZERLAND SYRIAN ARAB REPUBLIC TAIWAN TAJIKISTAN TANZANIA, UNITED REPUBLIC OF THAILAND TOGO TOKELAU TONGA TONGA TRINIDAD AND TOBAGO TUNISIA TURKEY TURKMENISTAN TURKS AND CAICOS ISLANDS TUVALU UGANDA UKRAINE UNITED ARAB EMIRATES UNITED KINGDOM UNITED STATES [safe harbor] US MINOR OUTLYING ISLANDS URUGUAY UZBEKISTAN VANUATU VENEZUELA VIET NAM VIRGIN ISLANDS, BRITISH VIRGIN ISLANDS, U.S. WALLIS AND FUTUNA WESTERN SAHARA YEMEN YUGOSLAVIA ZAMBIA ZIMBABWE BOLIVIA BOSNIA AND HERZEGOVINA BOTSWANA BOUVET ISLAND BRAZIL BRITISH INDIAN OCEAN TERRITORY BRUNEI DARUSSALAM BULGARIA BURKINA FASO BURUNDI CAMBODIA CAMEROON CANADA CAPE VERDE CAYMAN ISLANDS Rodney D. Ryder Scriboard 31
  • 32. Industrialised Countries Legislation timeline Norway Personal D Reg Act Finland Personal DP Act In force 14 April 2000 In force 1 June 1999 Sweden Personal Data Act Denmark Act on Processing f PD In force 24 October 1998 In force 1 July 2000 Belgium Data Protection Act Ireland - In force 1 Sep 2001 Germany Data Protection Act United Kingdom Data Protection Act In force 23 May 2001 In force 1 March 2000 Austria Data Protection Act Luxembourg - In force 1 January 2000 Canada PIP&ED Act Commenced 1 Jan 2001 Italy Data Protection Act Mexico eCommerce Act Netherlands Law on Protection PD ct In force 8 May 1997 In force 7 June 2000 In force 1 Sep 2001 France - United States [includes] CPP Act 1984 VPP Act 1988 COPP Act 1998 Hong Kong Personal Data [Privacy] Australia Privacy Act Spain Data Protection Act In force 20 Dec 1996 In force 21 Dec 2001 In force 13 January 2000 In force 21 April 2000 Taiwan Computer Processed DP New Zealand Privacy Act Portugal Personal DP Act In force 11 August 1995 In force 1 July 1993 In force 27 October 1998 Switzerland Data Protection Act South Korea eCommerce Act In force 1 June 1999 In force January 1999 Eastern Europe Estonia [96] Poland [98] Solovak [98] Slovenia [99] Hungary [99] Czech [00] Latvia [00] Lithuania [00] HIPA Act In force 14 April 2001 GLB Act In force 1 July 2001 ‘General’ Act Rodney D. Ryder Scriboard Under consideration Greece Protection Processing In force 10 April 1997 32
  • 33. Possible approaches to Data Protection Data Protection in Europe Rodney D. Ryder Scriboard 33
  • 34. European Data Protection Directive • Directive 95/46/EC of the European Commission • Now implemented in almost all Member States e.g. UK previously - UK Data Protection Act 1984 now - UK Data Protection Act 1998 [in force March 2000] [“DPA”] Rodney D. Ryder Scriboard 34
  • 35. UK DPA 1998 - The Eight Principles 1. Personal data must be processed fairly and lawfully 2. Personal data must be collected and used only for notified purposes. 3. Personal data must be adequate, relevant and not excessive. 4. Personal data must be accurate and, where necessary, kept up-todate. 5. Personal data must only be retained for as long as is necessary to carry out the purposes for which it is collected. 6. Personal data must be processed in accordance with the rights of data subjects as set out under the 1998 Act. Rodney D. Ryder Scriboard 35
  • 36. UK DPA 1998 - The Eight Principles 7. Appropriate technical and organisational measures must be in place to protect against unauthorised access, amendment or loss of personal data. There must be a contractual obligation, in writing, upon any data processor to comply with the relevant legislation and to ensure that such measures have been put in place. 8. Personal information must not be transferred out of the European Economic Area ["EEA"] unless the receiving country ensures "an adequate level of protection" for the rights and freedoms of the data subjects vis-à-vis the processing of personal data. Rodney D. Ryder Scriboard 36
  • 37. Transfers of Personal Data from Europe to India The Eighth Principle Personal information must not be transferred out of the European Economic Area ["EEA"] unless the receiving country ensures "an adequate level of protection" for the rights and freedoms of the data subjects vis-à-vis the processing of personal data. Rodney D. Ryder Scriboard 37
  • 38. Alternative Grounds: “Seventh-Principle” type contract Notwithstanding lack of country adequate status, a Data Controller can nevertheless conclude there is adequate protection in respect of a particular transfer if: There is sufficient protection for individual data subjects Having regard to: - nature of data being transferred; - purposes for processing; - security measures in place; - individual rights to redress if things go wrong Note - all of these could be covered in a Seventh-Principle type contract Rodney D. Ryder Scriboard 38
  • 39. Any questions? Rodney D. Ryder Scriboard 39
  • 40. Legal Services Technology, Media and Communications Technology, Media and Communications ‘Enforcing’ the Information Technology Act Regulating Cyberspace – Version 2.0 Rodney D. Ryder rodney@scriboard.com