- Email: [email protected]
Encyclopedia of information technology law — A review
ENCYCLOPEDIA OF INFORMATION TECHNOLOGY LAW - A REVIEW General Editor: Stephen Saxby. London: Sweet & Maxwell, 1990 (first release). Two volumes, loose-leaf CHAPTER 1: INTRODUCTION
OVERVIEW All the chapters in this new Encyclopedia have been assessed by specialist practitioners working for Turner Kenneth Brown and their reviews follow. I intend in this Overview to make general points. This first issue of the Encyclopedia of Information Technology Law is seen by the editor and the publishers as an attempt to construct a prototype: they acknowledge that both the list of contents and the remit they give to contributors may be altered fundamentally. Some of the contributors are making first attempts to define certain interfaces between computer and telecommunications technologies and the law. In so doing they have laid themselves open to criticism by those made wiser by hindsight. The publishers have taken a commercial risk in placing on the market a tool for which many will not yet see a use. Is the Encylcopedia a value-for-money tool for the working practitioner who may buy it expecting its contents to reach the high standard set by the major publishers for legal reference works? The answer must be a very qualified, "Yes". Certain of the eighteen chapters are considered by my colleagues to be particularly useful (Chapter 2. Intellectual Property, Chapter 6. Computer Contracts, Chapter 11. Evidence, and Chapter 15. Taxation). A number of other chapters are thought to be half-good, but in need of revising and trimming. Practitioners, once they 'have found their way into the text (the Index is appalling) will have to do more hard reading than users of legal encylopedias expect, sometimes because the subject-matter will be unknown to them and they will need the information, but at times because the authors have written academic treatises rather than guidance for practitioners. Many chapters map out subject areas with little more than the salient features marked: this is inevitable, in view of the undeveloped state of the subjects and according to the editor details will be filled in as and when they manifest themselves. There are thirty-four authors, including the editors, and all but a few make their contributions in teams - Baker & McKenzie, for example, field a team of six for the Intellectual Property chapter. This way of constructing an encyclopedic work out of discreetly written units, rather than having one or two editors write the major part and ask for contributions on particularly recondite subjects, shows to adverse effect: the quality of the writing varies greatly between and within chapters, and one senses that the editor has not yet established firm control over his writers. One or two chapters fall so far short of what one should find in a practitioners' reference tool that one could wish the editor find had buckled to and written them himself, in the old mode. Explanations of technical matters are offered in some chapters. My colleague in Banking considers that the usefulness of the chapter on EFT is enhanced by such aids, but other reviewers regard similar material in other chapters as likely to be incomprehensible to lawyers. Technical explanations should be standardised, simplified and duplication eliminated throughout the text. This is a courageous enterprise. I hope the Encyclopedia soon will develop into the definitive practitioners' tool it is designed to be.
This introductory chapter consists of four sections: the Evolution of the Computer and Information Technology Industry; the Design Characteristics of Information Technology; Management and Use of Computers; and Current Trends in the Law. The third section is only three pages long and appears to be a very late addition: the author of section four states that he is writing the third of three sections. The authors supply basic data about information technologies and industries for the benefit of legal practitioners, apparently on the sound assumption that users of the Encyclopedia will know little or nothing about these things. In the first section a very young industry is approached through its history: it is an excellent summary in only fifteen pages. Where appropriate, acknowledged or probable legal problem areas are flagged in anticipation of later discussion. The second section provides a very clear description of the insides of computers. It would be difficult to find another exposition of a technical subject which is as concise, as jargon-less and as helpful as this. Sadly, the third section does reach the same standard. The people and the procedures aspects of the information technology industry merit more than such a sketchy outline. Section four is brief but seminal. Key legal issues are touched on: the need for release from the conceptual straightjacket of corporeal property in the context of information technology; whether the law of intellectual property is capable of adapting incrementally to technological change; computer programs as hydrid "functional works"; and the role of international agencies and nation states in developing (or imposing) law for technologies which are by definition transnational. Purchasers of the Encyclopedia who acquire it as a reference tool, and with no intention of approaching the text in any way but through the index, should none the less put aside a few minutes to read Chapter 1 right through. Gillian Bull
CHAPTER 2: INTELLECTUAL PROPERTY Chapter 2 is a chunky chapter of 144 pages. This is to be expected as it covers the core legal principles applicable to the subject matter of the Encyclopedia. After a short Introduction to the technology (a subject which is re-visited several times in this Chapter) there is a section on the Nature of Intellectual Property Rights, divided into patents, copyright, registered designs (including un-registered designs and design rights), confidential information/trade secrets, trade and service marks, passing off, the United States Semi-Conductor Chip Protection Act (strangely no crossreference is made to the lengthy section at the end of the chapter on semi-conductor chip protection) and European Community reform proposals. Each type of intellectual property is then applied to computer technology. This Chapter has been written by a number of authors, and there tends to be repetition, particularly of explanations of the technology and the position in overseas jurisdictions (especially the USA). However, given that the practioner will normally dip into the chapter rather than read
Gillian Bull
23
it from start to finish as a whole, the repetition may well be helpful. The Chapter ends with a section on legal protection of semiconductor chips which admirably endeavours to describe the technology with diagrams. Whether this will be comprehensible to lawyers remains a matter of doubt. While it is to be expected that in this field of computer technology law (where developments are taking place all the time) the main text will be slightly out of date and reliance will have to be placed upon Releases, the section on semi-conductor chips contains evidence that it was written some years ago. Why, for example, is the use of design right not tackled in the text rather than left for a later Release? In most sections cross-references are made to rules in overseas jurisdictions. There are particularly detailed paragraphs on legal developments in the US in the section on Application of Copyright and Designs to Computer Technology. The choice of overseas jurisdictions is somewhat arbitrary. For example, when dealing with the Application of Patents to Computer Technology only three European Community countries (France, Germany and the Netherlands) are covered. Under Application of Copyright and Designs, Italy is added to these three. It would be an improvement to include all the EC countries. Generally, the authors deal with the application of intellectual property rights to computer technology in a comprehensive and practical way, identifying and exploring many unresolved issues. In the particularly detailed section on the patent protection of computer software the issues are dealt with in more depth than in the average textbook devoted entirely to patents. The Chapter is a useful addition to the bookshelf of the practitioner in information technology law.
Part 3, Enforcement, is more polished and concrete tn t:~ conclusions as befits an area which is not rapidly changing. The author considers, first, the parties to legal proceedings. There is then a brief overview of normal proceedings to trial followed by a more details consideration of the emergency remedies vital in this area. The hurdles to be overcome on any application for emergency relief are set out and illustrated by examples. The examples are relevant and illuminating but, inevitably, cannot deal with the complexity of real life situations. This Part is at all times made relevant to the area of information technology. Criticisms are very minor: why no mention of a plaintiff's undertaking in damages (such as banks) served with Mareva injunctions; why the reference to Trade Descriptions Act 1968 proceedings being paid for by ratepayers in these days of the community charge? Part 3~ constitutes a good practical overview of enforcement in relation to information technology: it is not and does not attempt to be a definitive work. Finally, I was amused that the author of Part 3. has taken his own advice under the heading "Precautions: subsistence of copyright" and appended a copyright notice relating to part 3!
Lynda Farmer CHAPTER 4: TECHNOLOGY TRANSFER A N D EXPORT LICENSING CONTROL 1. TECHNOLOGY TRANSFER The first section of this Chapter contains a short description of technology transfer by licensing and by assignment. The author seeks to specify and comment upon the usual terms found in licensing agreements and assignments, and also covers the registration formalities. The section is competently written and may be useful as a summary of the formalities required for each type of transaction. However, one of the many precedent books on this subject probably will be more useful to the practitioner when it comes to the description of terms found in licensing agreements and assignments.
Rosemary Martin-Jones CHAPTER 3: EXPLOITATION A N D ENFORCEMENT OF INTELLECTUAL PROPERTY RIGHTS
Rosemary Martin-Jones
This Chapter is in three parts. Part 1. Introduction, is only half a page in length. Part 2. covers commercial exploitation of intellectual property rights and Part 3. deals with enforcement. The strengths and weaknesses of Parts 2. and 3. are different and must be considered separately. Part 2. Commercial Exploitation, deals shortly with assignment and, at greater length, with licensing. The author of this Part explains why licensing is the only commercially expedient method of exploitation; he goes on to deal with exploitation by licensing generally (with specific reference to copyright) and then with software licensing and software distribution policies. He succeeds in mapping out the present position and identifying the legal and market issues. However, as a practitioner looking for guidance, I found the sections lacking in even arguably definitive answers to many of the questions with which practitioners are faced. Competition law aspects are cross referenced - the author deals, finally, with software licensing and copyright; this section includes future EEC proposals. This is not a case of "leaving copyright until last"; copyright aspects are fully dealt with throughout. This final section mops up those aspects of, in particular, the Copyright Designs and Patents Act 1988 not dealt with elsewhere. It also deals with the proposals for an EC software protection directive (but the prediction of resolution by the end of this year now appears optimistic). It is to be hoped that future editions will deal more comprehensively with EC proposals. The overriding difficulty with Part 2. is a certain lack of clarity in the writing. Also, it should be shortened.
2. EXPORT LICENSING CONTROL Given the sheer volume of detail involved in explaining the "ins and outs" of UK and US export licensing control regulations, i am very impressed by this well thought out and easy to follow section. The headache of any author in addressing this subject must be keeping up with the recent avalanche of developments consequent upon the thaw of East/West relations. I therefore advise that any practitioner, before relying on specific references within this section (especially as to the provisions of the Export of Goods (Control) Order 1989), should double-check the up-to-date position with the Department of Trade and Industry's Export Licensing branch. Apart from this caveat my only reservation is that the author has rather disappointingly failed to discuss or even express an opinion on the conflict of US export legislation on the one hand and the application of the EEC competition rules on the other. This frequently causes nightmares for US information technology companies. Apart from this omission I found the text informative and I would recommend it to other practitioners in the field.
Robert Bell CHAPTER 5: ELECTRONIC FUND TRANSFER The preface to the Encylopedia prepared me to find in this Chapter an attempt to chart territory where the current state
24
MAR ~w APR
TtIE COMPUTER I,AW AND SECURITY REPORT
1 t 9 9 0 - 9 t t 6 CLSR
Act, the Misrepresentation ACt and the Unfair Contract Terms Act. It would have been useful if the standard clauses of a few major hardware suppliers had been analysed, with identification of the benefits and burdens for sellers and buyers. In the section on Software a distinction is made correctly between the different kinds of software licence. The writer sees three kinds: the shrink-wrap licence for off-the-shelf cheap packages; the standard licence for standard packages which form a basic part of the computer operations of many businesses and for which it is reasonable for a licensee to request a source code deposit arrangement; and the bespoke licence for software developed for a licensee from a standard "cost" package. Thereafter software development contracts are made for customers who commission software to be written for their own particular purposes. These distinctions are not clearly made by the authors, but there are some excellent points to enable practitioners to decide what should be included in software contracts. The sections on Distribution Agreements and Maintenance Agreements are excellent. Bureau Contracts are discussed but little attention is given to two important areas - the customer's need for protection (by source code deposit agreement) against the insolvency of either the bureau or the software owner; and the need for the customer to know on termination exactly what his rights are with regard to access to his data and the Bureau's programs. Not surprisingly, no mention is made in this Chapter of the now almost-finalised draft EEC Directive on the Legal Protection of Computer Programs. In future Releases, discussion of the contractual consequences for practitioners will be welcome. However it is surprising, in view of the international nature of computer contracting, that the authors' fail to compare and contrast the provisions of US computer contracts (on which there are a few excellent textbooks for practitioners). Finally, practitioners will have to accept that after reading this Chapter, they will still have a lot of work to do. No standard clauses are offered. Advice is offered from time to time on what might be expected by one or other of the parties but this is a little dangerous. When one lawyer suggests that a provision is standard, another lawyer can always be found to make the exception for the case in hand. This is a dynamic area of the law. The industry changes the technology and contractual arrangements: practitioners are constantly devising new contractual terms. But the Encyclopedia wil be updated and one hopes that these innovations will be included. Nigel Wildish
of development of the law is well behind the state of development of the technology. It appears that the technology has shot ahead rapidly whilst the law has not kept pace. The authors of necessity have had to attempt to analyse the legal implications raised by the continuing growth of a wide range of electronic fund transfer systems in the context of little or no relevant judicial or legislative guidance. The inevitable consequence of this is that the legal analysis in the second half of the Chapter largely consists of discussion of the way in which the authors consider the law might best be reformed, rather than of detailed guidance to the practitioner. In discussing reform of the law the authors review legislative examples from other jurisdictions such as the United States, Australia and Denmark, and the recommendations of the Jack Report (Banking Services: Law and Practice Report Cm 622, HMSO, 1989) in the United Kingdom. In the section on EFTsystems - Legal implications, the authors address the current state of the taw in the United Kingdom. They remark how, in the absence of relevant judicial or legislative authority establishing the rights and obligations of the various participants in the various fund transfer systems, the institutions which dominate the market have imposed their own comprehensive standard form terms and conditions. They contrast this with the paper-based regime, under which established legislation and case law have produced relationships between banks and their customers normally defined in short documents. The impact of these documents in the context of the Unfair Contract Terms 1977 and the Consumer Credit Act 1974 is discussed in some detail. A practitioner seeking to use the Encyclopedia for practical guidance on a specific client problem will find that the authors of this Chapter can do no more than speculate as to the approach that the courts might adopt when and if the standard form terms and conditions are presented before them. In view of this inevitably high proportion of speculative content the Chapter is not now as valuable a practitioner's work of reference as one would expect an encyclopedia in an established area of law to be. Given the current dearth of cases and legislation, this is inevitable. On the positive side I am impressed by the first sections in which the authors describe the technology, particularly their lucid explanations of the various types of electronic banking arrangements. The numerous diagrams are particularly helpful in clarifying the nature of these complex arrangements. I feel the division of the subject into "non-consumer activated" and "consumer-activated" fund transfer systems is a useful distinction in the light of the legal points which are raised. On the whole I find the Chapter enlightening. It plays a useful role in gathering together at one reference point different strands of information. Mark Smith
CHAPTER 7: LIABILITY At first glance a chapter in an encyclopaedia of information technology law dealing with "liability" as a separate topic seems like an adventurous, but prudent move. As is stated in the Introduction to this Chapter, it is concerned with the dark qualities of IT, the losses that can be caused and the law's responses to such losses. In theory a practitioner representing a supplier defending a claim, or a user making one should find useful a chapter dealing with a variety of heads of potential liability under one roof. In practice some practitioners may find the scheme of things used here a little frustrating as it generates the need to refer quite frequently to other chapters in the book. Chapter 7 is divided into sections dealing with contractual liability, contracts of service and for services, copyright, trade secrets and know-how, negligence, product liability, data protection and crime. Arguably these topics are strange bed
CHAPTER 6: COMPUTER CONTRACTS An encyclopedia is.for dipping into. For a busy practitioner the acid test for the Chapter on Computer Contracts is: will I find what I am looking for when I am drafting or amending a contract? By and large, this chapter satisfies this test. The authors cover hardware sales, software licences, software development, hardware leases and rentals, turnkey contracts, distribution and maintenance in some detail. Against that, perhaps not enough is said about source code escrow agreements or bureau contracts. After an excellent introduction, the authors take the reader through the key provisions of the contracts just listed. In the section on Hardware Sales and Purchase mention is made of relevant UK legislation such as the Sale of Goods
25
fellows, a few requiring a larger share of the textural bed (or indeed their own room) and several being perhaps best suited in different bedrooms with other partners. The section on Contractual Liability is well written and thought-provoking. However, as the Encyclopedia contains a separate chapter on Computer Contracts, there is some overlap and arguably little to be gained by treating liability separately. The authors' very interesting comments on the potential for an implied term of suitability for purpose at common law, as distinct from under statute law are of relevance to any practitioner dealing with computer contracts. The difficulties of treating liability as a separate topic without re-stating the underlying law either too much or too little do surface in some of the other sections. That on Copyright begins with a headnote referring the reader to further discussion on copyright as intellectual property in Chapter 2 and on employment issues relating to copyright in Chapter 14. The reader may already feel that the answer to his question lies elsewhere. Within the section questions of liability are correctly said to be linked to the enforce ability of the contract. This leads to a half-page review of the law of restraint of trade (and a further reference to further discussion on that topic in another chapter) and registerability of agreements under the Restrictive Trade Practices Act 1976. Again one is forced to the reluctant conclusion that dealing with liability under copyright as a separate topic does not really work: the section would find a better home in the Chapter 3, Enforcement of Intellectual Property Rights. Similarly the sections on Contracts of Service and for Services, Trade Secrets and Know-how, Data Protection and Crime would probably be more comfortable within the chapters dealing with those areas of law. By contrast the sections on Negligence and Product Liability, which are thought-provoking and incisive, overlap little with any other chapters and certainly merit separate consideration, if not significant enlargement to the benefit of the reader. For example, it would be helpful if the main context of product liability - the Consumer Protection Act 1987 - were emphasised rather more throughout that section: this particularly in view of the reference nature of the Encyclopedia, into which readers are likely to enter at specifically indexed paragraphs and so may miss comments at the beginning of sections. Sections in this chapter have not been updated as they might. It is disconcerting to see a reference to the current law protecting computer software as being the Copyright (Computer Software) Amendment Act 1985.
on airline computer reservation systems (see Commission Regulation (EEC) No. 2672•88) would be of particular relevance to some in the computer industry. I am puzzled by the comment [paragraph 8.267] that Regulation 556189, the know-how licence block exemption, is silent concerning software: software is specifically mentioned in Article 5(!)4 of that Regulation. The sections on the practical application of the law provide a helpful study of various distribution systems and also tackle the problem of how far a licensor of software can claim that restrictions are legitimate for the protection of copyright, i am particularly impressed by the treatment given to joint venture and co-operation agreements. However I am iess impressed with that given to certain aspects of the distribution issues, parts of which I consider to be superficial. I also find it surprising that there is no discussion of either the milestone ECJ judgment in Volvo v Veng or the Commission's decision inthe McGill iV Guide case on refusal to licence/suppty spare parts. These omissions undoubtedly detract from the otherwise sound text. Although this Chapter is a helpful guide, practitioners are likely to feel more at home with existing specialist competition law texts.
Robert Bell CHAPTER 9: TELECOMMUNICATIONS Chapter 9 provides a useful background on the subject for lawyers with little or no experience of it. The author introduces the various types of services which can be grouped together under the single heading of "telecommunications" and makes it clear that the definition of telecommunications is extremely wide in scope. As a definition she offers "the transmission of intelligence between two or three points". Thus, as well as the public telephone network, such diverse activities as cable television, satellite broadcasting and mobile telephone networks all come within the scope of this subject and are controlled by a regulatory framework founded in statute. This Chapter is a useful starting point for research into this subject but it falls some way short of being an exhaustive guide to telecommunications law. From the point of view of a practitioner undue emphasis is placed upon explaining the political background to the legislative changes which have come about in recent years. This is interesting but perhaps misplaced in a reference work. One section provides a useful introduction to the regulatory environment followed by another describing in some detail the licensing framework set up by successive Acts of Parliament. The nature of the subject matter necessarily means that much of the explanation is extremely technical. As an aid to the reader with little background knowledge or technical understanding of the subject matter the Chapter would have benefitted from the inclusion of a number of practical examples or case studies to demonstrate the applicability and operation of the legislation. It would also have been helpful if the author had included details of points of contact within the various regulatory bodies. This would enable the busy practitioner (once armed with the necessary background information) to make enquiries with the relevant authorities. The Chapter does not contain copies or refer to appendices of the relevant legislation or of any of the licences issued pursuant thereto. It would be of considerable assistance if these could be included and updated on an ongoing basis. After reviewing the regulatory environment the author focuses on areas of activity which are directly affected by the relevant legislation. In my opinion this Chapter would have benefitted
Tony Bailes CHAPTER 8: COMPETITION LAW This Chapter is one of the first specialist texts to deal in detail with the interface of competition law with information technology issues: I find it a little disappointing. The author places too much emphasis on the theoretical and academic discussion of UK and EEC competition law and not enough on its application in practice to the problems of the IT industry. Of the six sections in this particular Chapter only two are of particular relevance to IT issues. The sections on UK and EEC competition law are well written but in some places the order in which subjects are approached is less than user friendly. I also get the impression that in other places accuracy has been sacrificed for the sake of brevity. Mention is made [paragraph 8.97] that there are only eight block exemption regulations in existence. No mention is made of any of the specialist block exemptions on aviation and maritime transport nor of the proposed block exemption on insurance agreements. I would have thought that the block exemption
26
)~IAI{ , AP11
II1~ COMPUTER LAW AND SECURITY REPORT
1 9 9 0 - 9 t i 6 CLSR
of evidence on the one hand, and its weight once admitted on the other. This follows a sizeable summary of the rules governing the admissibility of computer evidence in foreign jurisdictions. Although this is a text written for practitioners the Chapter is concluded by some suggestions for reform of the law in this area.
substantially if the repeated use of words and phrases with a technical meaning had been avoided. The resulting opacity defeats the author's attempt to apply the regulatory framework to practical situations in the real world.
Paul Golding
Paul Golding
CHAPTER 10: INTERNATIONAL TELECOMMUNICATIONS
CHAPTER 12: CRIME
In their introduction to this Chapter the authors highlight the important distinction between public international law and private international law. The former governs relationships between sovereign states: the latter is more appropriately called "the conflict of laws". This Chapter deals almost exclusively with the public international law aspect. Perhaps the reason for this is that the authors consider private international law to be dealt with adequately in specialist texts dealing with that subject. However, from the point of view of a practitioner requested to advice a client involved, or thinking of becoming involved, in international telecommunications matters it would have been extremely helpful if the authors had included a section which summarised private international law and its application to those involved in the international telecommunications field. This Chapter provides an interesting summary of the respective roles of the International Telecommunications Union, National Government and various satellite operating agencies. However, in my opinion the authors give undue emphasis to the internal administrative arrangements of these bodies. The Chapter would be improved if it outlined the practical aspects of the regulatory framework and gave detailed attention to the impact on international telecommunications of copyright, data protection and other fields of law. I find this Chapter particularly frustrating as it fails to provide answers to many of the practical questions which practitioners may well be asked by their clients. It is to be hoped that this will be remedied in subsequent Releases.
Chapter 12 consists of an introduction to the nature of computer crime, an analysis of the existing law and a discussion of the international aspects of this subject. The main difficulty presented by this Chapter is that much of it is out of date at the time of publication (October 1990). The Computer Misuse Act received Royal Assent on 29th June 1990 and came into effect on 29th August: it created three statutory offences relating to "hacking". In these circumstances the discussion of the common law relating to hacking offences, whilst useful for historical purposes, is now superceded. A second problem is that both the outdated and the still current sections of the text are likely to be of more use to students that to practitioners since the approach is so historically analytical that it is difficult for a practitioner to extract points of law relevant to clients' problems from the mass of material. Furthermore it would have been helpful if the author has provided a checklist or table which the practitioner could use when considering whether or not particular conduct falls within the ambit of this complex area of criminal law. The most useful parts of this Chapter are the discussions of computer-related fraud (in the section on existing law) and of the international dimension. The section on fraud successfully provides an analysis of a very complicated area of criminal law (although here too some kind of checklist would have been useful). Comparisons with Canadian legislation and Australian case law are particularly informative and interesting. It is necessaryto consider the international dimension in order to construct a strategy for the prosecution of an offence committed across several different jurisdiction. This is a problem which is likely to arise with increasing frequency and a more comprehensive discussion than is provided here would be appreciated (this section is only three pages long). Most of the information in this Chapter is already available in standard textbooks on computer law. Although well written it does not provide the practitioner with the reference tool he or she will look for under the term "Encyclopedia".
Paul Golding CHAPTER 11: EVIDENCE Chapter 11 covers problems associated with the use in evidence of materials generated by computers. The author provides a useful introduction to the variety of uses of computers in modern society and the nature of computer records. This is followed by a summary of the admissibility of computer records at common law and the ways in which judges have set about interpreting long-standing rules of evidence with a view to accommodating modern technology. The common law rules have largely been superceded and amended by statute. However, in an attempt to reflect the increasing importance of computer technology in modern society, legislation has been introduced in a piecemeal fashion and this has resulted in an unsatisfactorily complex and technical set of rules governing the admissibility of computer records. The author makes clear the differences between the rules of evidence applicable in civil and criminal cases, and the excessive technicality of the legislation. He gives consideration to the admissibility of computer records and to the practical problems involved in bringing computer evidence before a court (including the possible impact of Anton Piller Orders in this context). Whilst acknowledging the efforts of the judiciary to interpret the legislation in such a way as to permit the admission of computer evidence the author highlights the failure of the legislation to distinguish adequately between the admissibility
Nick Kounoupias CHAPTER 13: RISK MANAGEMENT Any encyclopaedic work on information technology law requires a chapter on insurance law: computer and network systems are notoriously fragile in all sorts of ways and the organisations that use them have to consider the risks and try to get cover against them. This Chapter on Risk Management is not what this Encyclopedia requires. It seems to have strayed in from another publication. It is very interesting and covers subjects with which lawyers who deal with computer contracts should acquire more than a nodding acquaintance: risk analysis and control, the limitations of insurance, computer insurances, treasury management systems (TMS) cover, book debts, etc. However, it contains not one word on insurance law. There is nothing on contracts of insurance, drafting policies, the burden of proof, the duty of disclosure, indemnification, reinsurance,
27
agents, or any topic a legal practitioner might look for. An equivalent chapter in an encyclopedia of maritime law would deal with shipboard safety and would be quite as out of place. The interconnection of law, insurance and the sea has been long and complex: out of it came Lloyds and a major part of what we now identify as the institutions and business the City of London. I suspect that the relationship between law, insurance and information technology will be equally fertile. I look forward to the appearance of a chapter in this Encyclopedia which deals with insurance law. Gillian Bull
practical aspects.
Valmai Adams CHAPTER 15: TAXATION This Chapter of the Encyclopaedia is an excellent, cohesive and comprehensive summary of relevant taxation law, set in the context of common commercial transactions. The differing strands and analyses required in pulling together and explaining in simple terms corporation tax, income tax, capital allowances, stamp duty, customs duty and VAT are presented in a style which covers all the major and necessary taxation points, without becoming turgid and difficult to understand. This section is highly recommended as being of practical assistance to the busy practitioner, although, as is the case with other publications of this nature, deeper knowledge and research is likely to be required when addressing complex individual client problems. Nevertheless this Chapter does provide ready signposts of where further researches should be undertaken as and when necessary. The sections on Customs Duty and VAT are particularly comprehensive and helpful, not least because of the focus given to European Community regulatory legislation. The background explanations and discussions of sometimes anomalous VAT practice is thorough and illuminating almost to the extent of removing completely any trepidation which busy practitioners might feel at venturing into the partcharted waters of VAT where knowledge of practice and background is often far more valuable than strict statutory interpretation. If there is a small weakness in this Chapter, it is perhaps in the internal cross-referencing. The introductory explanations of the interaction of international taxes and cross-border company structures could include better signposts in the direction of the controlled foreign company legislation and double tax treaty tax withholding provisions, both of which are well covered as separate topics later in the section. Having given such fulsome praise to the general approach of this Chapter, is it perhaps carping to criticise the fact that, because of the obviously long lead time in producing a volume of this nature, statutory references in relation to capital allowances are nearly a year out of date - there is no reference in the text, footnotes or Stop Press Information to the CapitalAllowances Act 1990 - all references are to prior legislation and there is no destination table enabling statutory references to be easily followed though by any reader who is not a tax expert. In summary, highly recommended.
CHAPTER 14: EMPLOYMENT This Chapter falls into two parts. In the first (Impact of Information Technology on Employment Law; Trade Secrets; Restraint of Trade) the authors cover common law duties in the relationship of employer and employee, the protection that may be found in common law, types of confidential information that may be protected and the law relating to convenants and restraint of trade. Existing statutory provisions which govern matters such as copyright and patent law are dealt with in the second part. A reversal of this order might have been more useful. The reader would then understand what was specifically covered by statute, together with the limitations of those provisions, and would see why it is necessary to rely on common law and restrictive covenants to provide adequate protection, despite problems of enforcement. In the first part a number of cases are dealt with in detail, but on closer examination there appears to be no logical sequence, repetition and few conclusions drawn. For example, after a detailed discussion of the Faccenda Chicken case there is no summary of its effect on the definitions of types of confidential information and no analysis of the criticism of that case that has appeared in journals and subsequent judgments. There are a number of omissions, some of which are major, instances of incomplete information and opportunities for readers to draw wrong conclusions. It is also unclear on occasion whether the authors are discussing implied terms or the actual written terms included by an employer to restrain an employee either during the employment or after its termination. In particular there is no summary at the end as to what practical steps should be taken by an employer to protect information, including advice that employers should review restrictive covenants regularly, and there are no practical examples of precedent clauses. The second part is more logically structured and offers the reader a sound analysis of the statutory law. The section on Moral Rights is detailed and useful, although it would have been helpful to state at the beginning that computer programs are excluded from the ambit of moral rights and then to specify clearly for those dealing with information technology, the relevance of considering moral rights at all. Certainly the analysis refers to many types of works (such as photographs, architects' drawings, etc.) which do not appear to be directly relevant to information technology law. The summaries at the end are again too short and there are specific weaknesses, notably concerning the possibility of employees waiving their rights. There is a useful summary of the specific provisions in the Patents Act 1977 relating to the rights of employees in the section on Employee Inventions but here too the authors fail to refer to the practical aspects and to the possibility of contracting out of the Act via collective agreements. Practitioners should approach this Chapter cautiously. I would hope that the next Release would be preceded by more careful and accurate editing with a greater emphasis on the
Stephen Arthur CHAPTER 16: DATA PROTECTION Although introduced in 1984, the Data Protection Act only fully came into force in late 1987. This fact, combined with the somewhat peripheral role which data protection has thus far played in the field of computer law, means that many practitioners, even those specialising in information technology, have only a vague knowledge of the Act. If only for this reason, the detailed information given here about the Act and the background to it is most welcome; especially as the effects of the Act are now beginning to be felt as its impact increases. This Chapter is divided into four sections: an introduction; basic issues of data protection; European issues; and data protection in the United Kingdom. A section dealing with basic issues is, I think, necessary because the Act is based upon eight principles which in turn define the scope of the Act's impact. Without some understanding of these
28
MAR .... APR
T l t [ COMPU°HTR I,AW AND SECUR[fY REPORT
principles it is difficult to gauge either the Acts's importance or its wide-ranging effect. That said, there is however an important difference in emphasis between a practitioner's reference book and an academic work. The former gives specific information which the practitioner needs to quickly deal with the problem at hand and so information should be easy to locate; the latter sets out to cover all relevant matters in detail and is not usually "dipped into". The section on basic issues is more academic than reference in style. The information does not lend itself to quick reference and covers a variety of peripheral issues such as the data protection experience of other countries; the independence of the Data Registrar from governmental influence; funding of the Data Registrar and staffing levels in the UK and abroad. However, this is a very minor gripe, as it concerns the supply of too much rather than too little information. It is also the only gripe about an otherwise valuable and well researched work. The most relevant section from a practitioner's point of view is that dealing exclusively with the United Kingdom. The author begins by pointing the reader towards other sources of information, gives a clear concise summary of the Data Protection Act and its underlying principles and ends by considering a number of matters which may arise in litigation involving the Act. A final section deals with data protection and security. This is possibly the most difficult area to deal with as it is fast-changing and there seems to exist an presumption that computer security is not relevant to data protection. Overall, the author manages to make a potentially dry subject interesting. He also skilfully mixes straight legal fact with comment and opinion. Although on occasions this could be regarded as slightly self-indulgent from a practitioner's viewpoint, it does at least have the merit of making the Chapter as a whole more enjoyable to read. James O'Connell
APPENDICES A blue dividing card labelled "Appendices" has been supplied but without any appendices. According to the editor writing in the Preface, these items will not appear until the first Release (which I understand is planned for early 1991). This is a considerable inconvenience to purchasers as there are several references throughout the text to the appendices and the authors clearly assumed that these would be published at the same time as their main contributions. Most notable by their absence are the appendices to Chapter 5: Electronic Funds Transfer, and Chapter 8: Competition. Most anomolous is the missing appendix containing the EC draft Directive on
1t 990~9 t. 1 6 CLSR
the Legal Protection of Computer Programs. By mid-1991 this may have long ceased to have been a draft. Gillian" Bull
INDEX AND GUIDANCE The Index to the entire work is supplied at the back of both volumes. It is in a format familiar to UK practitioners, but that is no excuse for producing a semi-classified, semi-alphabetical index to a work on information technology when software for far more effective indexing systems is available on the market, tried and tested. A search in this index for a specific term, "shrink-wrap licence", draw a blank. One mentally rotates the terms and looks under "licence" at "U': not there. It is not under "Software Licensing". Casting one's eye up the preceding page (where "Licence" commences) one stops are "shrink-wrapped, as products" under "Software" (there are two and a half indented columns under this entry). The reference is to 7.74, the Liability chapter. One is searching for discussion of the validity of these licences, so one abandons the Index and rummages through the Contracts and Intellectual Property chapters - or one gives up. I should like to suggest a different set of search tools for the next Release:(1) the List of Contents (chapter titles and main chapter sections) as now published, at the beginning of each volume, followed immediately by (2) an expanded List of Contents i.e. (1) with the sub-section headings added, supplemented by (3) a full list of the contents (sections, sub-sections, subsubsections) at the beginning of each chapter, and (1), (2) and (3) complemented by (4) a straightforward, unclassified alphabetical Index of specific subjects, eg: Shrink-wrap licences: contracts - 6.(?) Shrink-wrap licences: liability - 7.74 etc. It is essential to provide guidance of good quality in a work intended for use by practitioners to whom the terminology of high technology law is unfamiliar. It is pointless to publish a reference book the full range of which cannot be comprehended without reading it from cover to cover. Cross-referencing between chapters is patchy, but accurate where done: careful editing should improve this. The tables of cases and legislation at the front of Volume I appear to be of a high standard. It would be useful if all contents lists and tables were supplied in Volume II. Gillian Bull
The Editor comments: Many thanks to all those at TKB who contributed to this review. I am glad that, on the whole, the works gets a qualified "thumbs up". As Editor I recognise that having reached the first base with the encyclopedia there is still muc'h work to be done in developing and deepening the analysis. From its conception the encyclopedia has taken five years to produce. During that time of course the law has evolved and these developments will be accounted for as the released are published. More than thirty contributors have taken part so far, each of whom was writing without the benefit of the work in front of them. Now that it is here I expect to see rapid progress in dealing with the constructive criticisms mentioned in this review. Two releases are already published - the first a "stop press" update and the second containing the appendices. Perhaps the real assessment of the work ought to wait for a year or two by which time all the contributors will have had the opportunity to update and complete their material as required. Exciting times are ahead! There is just one point I would take issue with. I do believe there is room in this work for risk management analysis. An appreciation by lawyers of the nature of computer risks and the security implications will expand the knowledge base of the practitioner to good effect. The absence, so far, of discussion on insurance law is something that would be remedied with an additional section, but experience to date suggests that the insurance industry has yet to address the real needs of the computer user with policies that cover what the latter requires.
29
OVERVIEW All the chapters in this new Encyclopedia have been assessed by specialist practitioners working for Turner Kenneth Brown and their reviews follow. I intend in this Overview to make general points. This first issue of the Encyclopedia of Information Technology Law is seen by the editor and the publishers as an attempt to construct a prototype: they acknowledge that both the list of contents and the remit they give to contributors may be altered fundamentally. Some of the contributors are making first attempts to define certain interfaces between computer and telecommunications technologies and the law. In so doing they have laid themselves open to criticism by those made wiser by hindsight. The publishers have taken a commercial risk in placing on the market a tool for which many will not yet see a use. Is the Encylcopedia a value-for-money tool for the working practitioner who may buy it expecting its contents to reach the high standard set by the major publishers for legal reference works? The answer must be a very qualified, "Yes". Certain of the eighteen chapters are considered by my colleagues to be particularly useful (Chapter 2. Intellectual Property, Chapter 6. Computer Contracts, Chapter 11. Evidence, and Chapter 15. Taxation). A number of other chapters are thought to be half-good, but in need of revising and trimming. Practitioners, once they 'have found their way into the text (the Index is appalling) will have to do more hard reading than users of legal encylopedias expect, sometimes because the subject-matter will be unknown to them and they will need the information, but at times because the authors have written academic treatises rather than guidance for practitioners. Many chapters map out subject areas with little more than the salient features marked: this is inevitable, in view of the undeveloped state of the subjects and according to the editor details will be filled in as and when they manifest themselves. There are thirty-four authors, including the editors, and all but a few make their contributions in teams - Baker & McKenzie, for example, field a team of six for the Intellectual Property chapter. This way of constructing an encyclopedic work out of discreetly written units, rather than having one or two editors write the major part and ask for contributions on particularly recondite subjects, shows to adverse effect: the quality of the writing varies greatly between and within chapters, and one senses that the editor has not yet established firm control over his writers. One or two chapters fall so far short of what one should find in a practitioners' reference tool that one could wish the editor find had buckled to and written them himself, in the old mode. Explanations of technical matters are offered in some chapters. My colleague in Banking considers that the usefulness of the chapter on EFT is enhanced by such aids, but other reviewers regard similar material in other chapters as likely to be incomprehensible to lawyers. Technical explanations should be standardised, simplified and duplication eliminated throughout the text. This is a courageous enterprise. I hope the Encyclopedia soon will develop into the definitive practitioners' tool it is designed to be.
This introductory chapter consists of four sections: the Evolution of the Computer and Information Technology Industry; the Design Characteristics of Information Technology; Management and Use of Computers; and Current Trends in the Law. The third section is only three pages long and appears to be a very late addition: the author of section four states that he is writing the third of three sections. The authors supply basic data about information technologies and industries for the benefit of legal practitioners, apparently on the sound assumption that users of the Encyclopedia will know little or nothing about these things. In the first section a very young industry is approached through its history: it is an excellent summary in only fifteen pages. Where appropriate, acknowledged or probable legal problem areas are flagged in anticipation of later discussion. The second section provides a very clear description of the insides of computers. It would be difficult to find another exposition of a technical subject which is as concise, as jargon-less and as helpful as this. Sadly, the third section does reach the same standard. The people and the procedures aspects of the information technology industry merit more than such a sketchy outline. Section four is brief but seminal. Key legal issues are touched on: the need for release from the conceptual straightjacket of corporeal property in the context of information technology; whether the law of intellectual property is capable of adapting incrementally to technological change; computer programs as hydrid "functional works"; and the role of international agencies and nation states in developing (or imposing) law for technologies which are by definition transnational. Purchasers of the Encyclopedia who acquire it as a reference tool, and with no intention of approaching the text in any way but through the index, should none the less put aside a few minutes to read Chapter 1 right through. Gillian Bull
CHAPTER 2: INTELLECTUAL PROPERTY Chapter 2 is a chunky chapter of 144 pages. This is to be expected as it covers the core legal principles applicable to the subject matter of the Encyclopedia. After a short Introduction to the technology (a subject which is re-visited several times in this Chapter) there is a section on the Nature of Intellectual Property Rights, divided into patents, copyright, registered designs (including un-registered designs and design rights), confidential information/trade secrets, trade and service marks, passing off, the United States Semi-Conductor Chip Protection Act (strangely no crossreference is made to the lengthy section at the end of the chapter on semi-conductor chip protection) and European Community reform proposals. Each type of intellectual property is then applied to computer technology. This Chapter has been written by a number of authors, and there tends to be repetition, particularly of explanations of the technology and the position in overseas jurisdictions (especially the USA). However, given that the practioner will normally dip into the chapter rather than read
Gillian Bull
23
it from start to finish as a whole, the repetition may well be helpful. The Chapter ends with a section on legal protection of semiconductor chips which admirably endeavours to describe the technology with diagrams. Whether this will be comprehensible to lawyers remains a matter of doubt. While it is to be expected that in this field of computer technology law (where developments are taking place all the time) the main text will be slightly out of date and reliance will have to be placed upon Releases, the section on semi-conductor chips contains evidence that it was written some years ago. Why, for example, is the use of design right not tackled in the text rather than left for a later Release? In most sections cross-references are made to rules in overseas jurisdictions. There are particularly detailed paragraphs on legal developments in the US in the section on Application of Copyright and Designs to Computer Technology. The choice of overseas jurisdictions is somewhat arbitrary. For example, when dealing with the Application of Patents to Computer Technology only three European Community countries (France, Germany and the Netherlands) are covered. Under Application of Copyright and Designs, Italy is added to these three. It would be an improvement to include all the EC countries. Generally, the authors deal with the application of intellectual property rights to computer technology in a comprehensive and practical way, identifying and exploring many unresolved issues. In the particularly detailed section on the patent protection of computer software the issues are dealt with in more depth than in the average textbook devoted entirely to patents. The Chapter is a useful addition to the bookshelf of the practitioner in information technology law.
Part 3, Enforcement, is more polished and concrete tn t:~ conclusions as befits an area which is not rapidly changing. The author considers, first, the parties to legal proceedings. There is then a brief overview of normal proceedings to trial followed by a more details consideration of the emergency remedies vital in this area. The hurdles to be overcome on any application for emergency relief are set out and illustrated by examples. The examples are relevant and illuminating but, inevitably, cannot deal with the complexity of real life situations. This Part is at all times made relevant to the area of information technology. Criticisms are very minor: why no mention of a plaintiff's undertaking in damages (such as banks) served with Mareva injunctions; why the reference to Trade Descriptions Act 1968 proceedings being paid for by ratepayers in these days of the community charge? Part 3~ constitutes a good practical overview of enforcement in relation to information technology: it is not and does not attempt to be a definitive work. Finally, I was amused that the author of Part 3. has taken his own advice under the heading "Precautions: subsistence of copyright" and appended a copyright notice relating to part 3!
Lynda Farmer CHAPTER 4: TECHNOLOGY TRANSFER A N D EXPORT LICENSING CONTROL 1. TECHNOLOGY TRANSFER The first section of this Chapter contains a short description of technology transfer by licensing and by assignment. The author seeks to specify and comment upon the usual terms found in licensing agreements and assignments, and also covers the registration formalities. The section is competently written and may be useful as a summary of the formalities required for each type of transaction. However, one of the many precedent books on this subject probably will be more useful to the practitioner when it comes to the description of terms found in licensing agreements and assignments.
Rosemary Martin-Jones CHAPTER 3: EXPLOITATION A N D ENFORCEMENT OF INTELLECTUAL PROPERTY RIGHTS
Rosemary Martin-Jones
This Chapter is in three parts. Part 1. Introduction, is only half a page in length. Part 2. covers commercial exploitation of intellectual property rights and Part 3. deals with enforcement. The strengths and weaknesses of Parts 2. and 3. are different and must be considered separately. Part 2. Commercial Exploitation, deals shortly with assignment and, at greater length, with licensing. The author of this Part explains why licensing is the only commercially expedient method of exploitation; he goes on to deal with exploitation by licensing generally (with specific reference to copyright) and then with software licensing and software distribution policies. He succeeds in mapping out the present position and identifying the legal and market issues. However, as a practitioner looking for guidance, I found the sections lacking in even arguably definitive answers to many of the questions with which practitioners are faced. Competition law aspects are cross referenced - the author deals, finally, with software licensing and copyright; this section includes future EEC proposals. This is not a case of "leaving copyright until last"; copyright aspects are fully dealt with throughout. This final section mops up those aspects of, in particular, the Copyright Designs and Patents Act 1988 not dealt with elsewhere. It also deals with the proposals for an EC software protection directive (but the prediction of resolution by the end of this year now appears optimistic). It is to be hoped that future editions will deal more comprehensively with EC proposals. The overriding difficulty with Part 2. is a certain lack of clarity in the writing. Also, it should be shortened.
2. EXPORT LICENSING CONTROL Given the sheer volume of detail involved in explaining the "ins and outs" of UK and US export licensing control regulations, i am very impressed by this well thought out and easy to follow section. The headache of any author in addressing this subject must be keeping up with the recent avalanche of developments consequent upon the thaw of East/West relations. I therefore advise that any practitioner, before relying on specific references within this section (especially as to the provisions of the Export of Goods (Control) Order 1989), should double-check the up-to-date position with the Department of Trade and Industry's Export Licensing branch. Apart from this caveat my only reservation is that the author has rather disappointingly failed to discuss or even express an opinion on the conflict of US export legislation on the one hand and the application of the EEC competition rules on the other. This frequently causes nightmares for US information technology companies. Apart from this omission I found the text informative and I would recommend it to other practitioners in the field.
Robert Bell CHAPTER 5: ELECTRONIC FUND TRANSFER The preface to the Encylopedia prepared me to find in this Chapter an attempt to chart territory where the current state
24
MAR ~w APR
TtIE COMPUTER I,AW AND SECURITY REPORT
1 t 9 9 0 - 9 t t 6 CLSR
Act, the Misrepresentation ACt and the Unfair Contract Terms Act. It would have been useful if the standard clauses of a few major hardware suppliers had been analysed, with identification of the benefits and burdens for sellers and buyers. In the section on Software a distinction is made correctly between the different kinds of software licence. The writer sees three kinds: the shrink-wrap licence for off-the-shelf cheap packages; the standard licence for standard packages which form a basic part of the computer operations of many businesses and for which it is reasonable for a licensee to request a source code deposit arrangement; and the bespoke licence for software developed for a licensee from a standard "cost" package. Thereafter software development contracts are made for customers who commission software to be written for their own particular purposes. These distinctions are not clearly made by the authors, but there are some excellent points to enable practitioners to decide what should be included in software contracts. The sections on Distribution Agreements and Maintenance Agreements are excellent. Bureau Contracts are discussed but little attention is given to two important areas - the customer's need for protection (by source code deposit agreement) against the insolvency of either the bureau or the software owner; and the need for the customer to know on termination exactly what his rights are with regard to access to his data and the Bureau's programs. Not surprisingly, no mention is made in this Chapter of the now almost-finalised draft EEC Directive on the Legal Protection of Computer Programs. In future Releases, discussion of the contractual consequences for practitioners will be welcome. However it is surprising, in view of the international nature of computer contracting, that the authors' fail to compare and contrast the provisions of US computer contracts (on which there are a few excellent textbooks for practitioners). Finally, practitioners will have to accept that after reading this Chapter, they will still have a lot of work to do. No standard clauses are offered. Advice is offered from time to time on what might be expected by one or other of the parties but this is a little dangerous. When one lawyer suggests that a provision is standard, another lawyer can always be found to make the exception for the case in hand. This is a dynamic area of the law. The industry changes the technology and contractual arrangements: practitioners are constantly devising new contractual terms. But the Encyclopedia wil be updated and one hopes that these innovations will be included. Nigel Wildish
of development of the law is well behind the state of development of the technology. It appears that the technology has shot ahead rapidly whilst the law has not kept pace. The authors of necessity have had to attempt to analyse the legal implications raised by the continuing growth of a wide range of electronic fund transfer systems in the context of little or no relevant judicial or legislative guidance. The inevitable consequence of this is that the legal analysis in the second half of the Chapter largely consists of discussion of the way in which the authors consider the law might best be reformed, rather than of detailed guidance to the practitioner. In discussing reform of the law the authors review legislative examples from other jurisdictions such as the United States, Australia and Denmark, and the recommendations of the Jack Report (Banking Services: Law and Practice Report Cm 622, HMSO, 1989) in the United Kingdom. In the section on EFTsystems - Legal implications, the authors address the current state of the taw in the United Kingdom. They remark how, in the absence of relevant judicial or legislative authority establishing the rights and obligations of the various participants in the various fund transfer systems, the institutions which dominate the market have imposed their own comprehensive standard form terms and conditions. They contrast this with the paper-based regime, under which established legislation and case law have produced relationships between banks and their customers normally defined in short documents. The impact of these documents in the context of the Unfair Contract Terms 1977 and the Consumer Credit Act 1974 is discussed in some detail. A practitioner seeking to use the Encyclopedia for practical guidance on a specific client problem will find that the authors of this Chapter can do no more than speculate as to the approach that the courts might adopt when and if the standard form terms and conditions are presented before them. In view of this inevitably high proportion of speculative content the Chapter is not now as valuable a practitioner's work of reference as one would expect an encyclopedia in an established area of law to be. Given the current dearth of cases and legislation, this is inevitable. On the positive side I am impressed by the first sections in which the authors describe the technology, particularly their lucid explanations of the various types of electronic banking arrangements. The numerous diagrams are particularly helpful in clarifying the nature of these complex arrangements. I feel the division of the subject into "non-consumer activated" and "consumer-activated" fund transfer systems is a useful distinction in the light of the legal points which are raised. On the whole I find the Chapter enlightening. It plays a useful role in gathering together at one reference point different strands of information. Mark Smith
CHAPTER 7: LIABILITY At first glance a chapter in an encyclopaedia of information technology law dealing with "liability" as a separate topic seems like an adventurous, but prudent move. As is stated in the Introduction to this Chapter, it is concerned with the dark qualities of IT, the losses that can be caused and the law's responses to such losses. In theory a practitioner representing a supplier defending a claim, or a user making one should find useful a chapter dealing with a variety of heads of potential liability under one roof. In practice some practitioners may find the scheme of things used here a little frustrating as it generates the need to refer quite frequently to other chapters in the book. Chapter 7 is divided into sections dealing with contractual liability, contracts of service and for services, copyright, trade secrets and know-how, negligence, product liability, data protection and crime. Arguably these topics are strange bed
CHAPTER 6: COMPUTER CONTRACTS An encyclopedia is.for dipping into. For a busy practitioner the acid test for the Chapter on Computer Contracts is: will I find what I am looking for when I am drafting or amending a contract? By and large, this chapter satisfies this test. The authors cover hardware sales, software licences, software development, hardware leases and rentals, turnkey contracts, distribution and maintenance in some detail. Against that, perhaps not enough is said about source code escrow agreements or bureau contracts. After an excellent introduction, the authors take the reader through the key provisions of the contracts just listed. In the section on Hardware Sales and Purchase mention is made of relevant UK legislation such as the Sale of Goods
25
fellows, a few requiring a larger share of the textural bed (or indeed their own room) and several being perhaps best suited in different bedrooms with other partners. The section on Contractual Liability is well written and thought-provoking. However, as the Encyclopedia contains a separate chapter on Computer Contracts, there is some overlap and arguably little to be gained by treating liability separately. The authors' very interesting comments on the potential for an implied term of suitability for purpose at common law, as distinct from under statute law are of relevance to any practitioner dealing with computer contracts. The difficulties of treating liability as a separate topic without re-stating the underlying law either too much or too little do surface in some of the other sections. That on Copyright begins with a headnote referring the reader to further discussion on copyright as intellectual property in Chapter 2 and on employment issues relating to copyright in Chapter 14. The reader may already feel that the answer to his question lies elsewhere. Within the section questions of liability are correctly said to be linked to the enforce ability of the contract. This leads to a half-page review of the law of restraint of trade (and a further reference to further discussion on that topic in another chapter) and registerability of agreements under the Restrictive Trade Practices Act 1976. Again one is forced to the reluctant conclusion that dealing with liability under copyright as a separate topic does not really work: the section would find a better home in the Chapter 3, Enforcement of Intellectual Property Rights. Similarly the sections on Contracts of Service and for Services, Trade Secrets and Know-how, Data Protection and Crime would probably be more comfortable within the chapters dealing with those areas of law. By contrast the sections on Negligence and Product Liability, which are thought-provoking and incisive, overlap little with any other chapters and certainly merit separate consideration, if not significant enlargement to the benefit of the reader. For example, it would be helpful if the main context of product liability - the Consumer Protection Act 1987 - were emphasised rather more throughout that section: this particularly in view of the reference nature of the Encyclopedia, into which readers are likely to enter at specifically indexed paragraphs and so may miss comments at the beginning of sections. Sections in this chapter have not been updated as they might. It is disconcerting to see a reference to the current law protecting computer software as being the Copyright (Computer Software) Amendment Act 1985.
on airline computer reservation systems (see Commission Regulation (EEC) No. 2672•88) would be of particular relevance to some in the computer industry. I am puzzled by the comment [paragraph 8.267] that Regulation 556189, the know-how licence block exemption, is silent concerning software: software is specifically mentioned in Article 5(!)4 of that Regulation. The sections on the practical application of the law provide a helpful study of various distribution systems and also tackle the problem of how far a licensor of software can claim that restrictions are legitimate for the protection of copyright, i am particularly impressed by the treatment given to joint venture and co-operation agreements. However I am iess impressed with that given to certain aspects of the distribution issues, parts of which I consider to be superficial. I also find it surprising that there is no discussion of either the milestone ECJ judgment in Volvo v Veng or the Commission's decision inthe McGill iV Guide case on refusal to licence/suppty spare parts. These omissions undoubtedly detract from the otherwise sound text. Although this Chapter is a helpful guide, practitioners are likely to feel more at home with existing specialist competition law texts.
Robert Bell CHAPTER 9: TELECOMMUNICATIONS Chapter 9 provides a useful background on the subject for lawyers with little or no experience of it. The author introduces the various types of services which can be grouped together under the single heading of "telecommunications" and makes it clear that the definition of telecommunications is extremely wide in scope. As a definition she offers "the transmission of intelligence between two or three points". Thus, as well as the public telephone network, such diverse activities as cable television, satellite broadcasting and mobile telephone networks all come within the scope of this subject and are controlled by a regulatory framework founded in statute. This Chapter is a useful starting point for research into this subject but it falls some way short of being an exhaustive guide to telecommunications law. From the point of view of a practitioner undue emphasis is placed upon explaining the political background to the legislative changes which have come about in recent years. This is interesting but perhaps misplaced in a reference work. One section provides a useful introduction to the regulatory environment followed by another describing in some detail the licensing framework set up by successive Acts of Parliament. The nature of the subject matter necessarily means that much of the explanation is extremely technical. As an aid to the reader with little background knowledge or technical understanding of the subject matter the Chapter would have benefitted from the inclusion of a number of practical examples or case studies to demonstrate the applicability and operation of the legislation. It would also have been helpful if the author had included details of points of contact within the various regulatory bodies. This would enable the busy practitioner (once armed with the necessary background information) to make enquiries with the relevant authorities. The Chapter does not contain copies or refer to appendices of the relevant legislation or of any of the licences issued pursuant thereto. It would be of considerable assistance if these could be included and updated on an ongoing basis. After reviewing the regulatory environment the author focuses on areas of activity which are directly affected by the relevant legislation. In my opinion this Chapter would have benefitted
Tony Bailes CHAPTER 8: COMPETITION LAW This Chapter is one of the first specialist texts to deal in detail with the interface of competition law with information technology issues: I find it a little disappointing. The author places too much emphasis on the theoretical and academic discussion of UK and EEC competition law and not enough on its application in practice to the problems of the IT industry. Of the six sections in this particular Chapter only two are of particular relevance to IT issues. The sections on UK and EEC competition law are well written but in some places the order in which subjects are approached is less than user friendly. I also get the impression that in other places accuracy has been sacrificed for the sake of brevity. Mention is made [paragraph 8.97] that there are only eight block exemption regulations in existence. No mention is made of any of the specialist block exemptions on aviation and maritime transport nor of the proposed block exemption on insurance agreements. I would have thought that the block exemption
26
)~IAI{ , AP11
II1~ COMPUTER LAW AND SECURITY REPORT
1 9 9 0 - 9 t i 6 CLSR
of evidence on the one hand, and its weight once admitted on the other. This follows a sizeable summary of the rules governing the admissibility of computer evidence in foreign jurisdictions. Although this is a text written for practitioners the Chapter is concluded by some suggestions for reform of the law in this area.
substantially if the repeated use of words and phrases with a technical meaning had been avoided. The resulting opacity defeats the author's attempt to apply the regulatory framework to practical situations in the real world.
Paul Golding
Paul Golding
CHAPTER 10: INTERNATIONAL TELECOMMUNICATIONS
CHAPTER 12: CRIME
In their introduction to this Chapter the authors highlight the important distinction between public international law and private international law. The former governs relationships between sovereign states: the latter is more appropriately called "the conflict of laws". This Chapter deals almost exclusively with the public international law aspect. Perhaps the reason for this is that the authors consider private international law to be dealt with adequately in specialist texts dealing with that subject. However, from the point of view of a practitioner requested to advice a client involved, or thinking of becoming involved, in international telecommunications matters it would have been extremely helpful if the authors had included a section which summarised private international law and its application to those involved in the international telecommunications field. This Chapter provides an interesting summary of the respective roles of the International Telecommunications Union, National Government and various satellite operating agencies. However, in my opinion the authors give undue emphasis to the internal administrative arrangements of these bodies. The Chapter would be improved if it outlined the practical aspects of the regulatory framework and gave detailed attention to the impact on international telecommunications of copyright, data protection and other fields of law. I find this Chapter particularly frustrating as it fails to provide answers to many of the practical questions which practitioners may well be asked by their clients. It is to be hoped that this will be remedied in subsequent Releases.
Chapter 12 consists of an introduction to the nature of computer crime, an analysis of the existing law and a discussion of the international aspects of this subject. The main difficulty presented by this Chapter is that much of it is out of date at the time of publication (October 1990). The Computer Misuse Act received Royal Assent on 29th June 1990 and came into effect on 29th August: it created three statutory offences relating to "hacking". In these circumstances the discussion of the common law relating to hacking offences, whilst useful for historical purposes, is now superceded. A second problem is that both the outdated and the still current sections of the text are likely to be of more use to students that to practitioners since the approach is so historically analytical that it is difficult for a practitioner to extract points of law relevant to clients' problems from the mass of material. Furthermore it would have been helpful if the author has provided a checklist or table which the practitioner could use when considering whether or not particular conduct falls within the ambit of this complex area of criminal law. The most useful parts of this Chapter are the discussions of computer-related fraud (in the section on existing law) and of the international dimension. The section on fraud successfully provides an analysis of a very complicated area of criminal law (although here too some kind of checklist would have been useful). Comparisons with Canadian legislation and Australian case law are particularly informative and interesting. It is necessaryto consider the international dimension in order to construct a strategy for the prosecution of an offence committed across several different jurisdiction. This is a problem which is likely to arise with increasing frequency and a more comprehensive discussion than is provided here would be appreciated (this section is only three pages long). Most of the information in this Chapter is already available in standard textbooks on computer law. Although well written it does not provide the practitioner with the reference tool he or she will look for under the term "Encyclopedia".
Paul Golding CHAPTER 11: EVIDENCE Chapter 11 covers problems associated with the use in evidence of materials generated by computers. The author provides a useful introduction to the variety of uses of computers in modern society and the nature of computer records. This is followed by a summary of the admissibility of computer records at common law and the ways in which judges have set about interpreting long-standing rules of evidence with a view to accommodating modern technology. The common law rules have largely been superceded and amended by statute. However, in an attempt to reflect the increasing importance of computer technology in modern society, legislation has been introduced in a piecemeal fashion and this has resulted in an unsatisfactorily complex and technical set of rules governing the admissibility of computer records. The author makes clear the differences between the rules of evidence applicable in civil and criminal cases, and the excessive technicality of the legislation. He gives consideration to the admissibility of computer records and to the practical problems involved in bringing computer evidence before a court (including the possible impact of Anton Piller Orders in this context). Whilst acknowledging the efforts of the judiciary to interpret the legislation in such a way as to permit the admission of computer evidence the author highlights the failure of the legislation to distinguish adequately between the admissibility
Nick Kounoupias CHAPTER 13: RISK MANAGEMENT Any encyclopaedic work on information technology law requires a chapter on insurance law: computer and network systems are notoriously fragile in all sorts of ways and the organisations that use them have to consider the risks and try to get cover against them. This Chapter on Risk Management is not what this Encyclopedia requires. It seems to have strayed in from another publication. It is very interesting and covers subjects with which lawyers who deal with computer contracts should acquire more than a nodding acquaintance: risk analysis and control, the limitations of insurance, computer insurances, treasury management systems (TMS) cover, book debts, etc. However, it contains not one word on insurance law. There is nothing on contracts of insurance, drafting policies, the burden of proof, the duty of disclosure, indemnification, reinsurance,
27
agents, or any topic a legal practitioner might look for. An equivalent chapter in an encyclopedia of maritime law would deal with shipboard safety and would be quite as out of place. The interconnection of law, insurance and the sea has been long and complex: out of it came Lloyds and a major part of what we now identify as the institutions and business the City of London. I suspect that the relationship between law, insurance and information technology will be equally fertile. I look forward to the appearance of a chapter in this Encyclopedia which deals with insurance law. Gillian Bull
practical aspects.
Valmai Adams CHAPTER 15: TAXATION This Chapter of the Encyclopaedia is an excellent, cohesive and comprehensive summary of relevant taxation law, set in the context of common commercial transactions. The differing strands and analyses required in pulling together and explaining in simple terms corporation tax, income tax, capital allowances, stamp duty, customs duty and VAT are presented in a style which covers all the major and necessary taxation points, without becoming turgid and difficult to understand. This section is highly recommended as being of practical assistance to the busy practitioner, although, as is the case with other publications of this nature, deeper knowledge and research is likely to be required when addressing complex individual client problems. Nevertheless this Chapter does provide ready signposts of where further researches should be undertaken as and when necessary. The sections on Customs Duty and VAT are particularly comprehensive and helpful, not least because of the focus given to European Community regulatory legislation. The background explanations and discussions of sometimes anomalous VAT practice is thorough and illuminating almost to the extent of removing completely any trepidation which busy practitioners might feel at venturing into the partcharted waters of VAT where knowledge of practice and background is often far more valuable than strict statutory interpretation. If there is a small weakness in this Chapter, it is perhaps in the internal cross-referencing. The introductory explanations of the interaction of international taxes and cross-border company structures could include better signposts in the direction of the controlled foreign company legislation and double tax treaty tax withholding provisions, both of which are well covered as separate topics later in the section. Having given such fulsome praise to the general approach of this Chapter, is it perhaps carping to criticise the fact that, because of the obviously long lead time in producing a volume of this nature, statutory references in relation to capital allowances are nearly a year out of date - there is no reference in the text, footnotes or Stop Press Information to the CapitalAllowances Act 1990 - all references are to prior legislation and there is no destination table enabling statutory references to be easily followed though by any reader who is not a tax expert. In summary, highly recommended.
CHAPTER 14: EMPLOYMENT This Chapter falls into two parts. In the first (Impact of Information Technology on Employment Law; Trade Secrets; Restraint of Trade) the authors cover common law duties in the relationship of employer and employee, the protection that may be found in common law, types of confidential information that may be protected and the law relating to convenants and restraint of trade. Existing statutory provisions which govern matters such as copyright and patent law are dealt with in the second part. A reversal of this order might have been more useful. The reader would then understand what was specifically covered by statute, together with the limitations of those provisions, and would see why it is necessary to rely on common law and restrictive covenants to provide adequate protection, despite problems of enforcement. In the first part a number of cases are dealt with in detail, but on closer examination there appears to be no logical sequence, repetition and few conclusions drawn. For example, after a detailed discussion of the Faccenda Chicken case there is no summary of its effect on the definitions of types of confidential information and no analysis of the criticism of that case that has appeared in journals and subsequent judgments. There are a number of omissions, some of which are major, instances of incomplete information and opportunities for readers to draw wrong conclusions. It is also unclear on occasion whether the authors are discussing implied terms or the actual written terms included by an employer to restrain an employee either during the employment or after its termination. In particular there is no summary at the end as to what practical steps should be taken by an employer to protect information, including advice that employers should review restrictive covenants regularly, and there are no practical examples of precedent clauses. The second part is more logically structured and offers the reader a sound analysis of the statutory law. The section on Moral Rights is detailed and useful, although it would have been helpful to state at the beginning that computer programs are excluded from the ambit of moral rights and then to specify clearly for those dealing with information technology, the relevance of considering moral rights at all. Certainly the analysis refers to many types of works (such as photographs, architects' drawings, etc.) which do not appear to be directly relevant to information technology law. The summaries at the end are again too short and there are specific weaknesses, notably concerning the possibility of employees waiving their rights. There is a useful summary of the specific provisions in the Patents Act 1977 relating to the rights of employees in the section on Employee Inventions but here too the authors fail to refer to the practical aspects and to the possibility of contracting out of the Act via collective agreements. Practitioners should approach this Chapter cautiously. I would hope that the next Release would be preceded by more careful and accurate editing with a greater emphasis on the
Stephen Arthur CHAPTER 16: DATA PROTECTION Although introduced in 1984, the Data Protection Act only fully came into force in late 1987. This fact, combined with the somewhat peripheral role which data protection has thus far played in the field of computer law, means that many practitioners, even those specialising in information technology, have only a vague knowledge of the Act. If only for this reason, the detailed information given here about the Act and the background to it is most welcome; especially as the effects of the Act are now beginning to be felt as its impact increases. This Chapter is divided into four sections: an introduction; basic issues of data protection; European issues; and data protection in the United Kingdom. A section dealing with basic issues is, I think, necessary because the Act is based upon eight principles which in turn define the scope of the Act's impact. Without some understanding of these
28
MAR .... APR
T l t [ COMPU°HTR I,AW AND SECUR[fY REPORT
principles it is difficult to gauge either the Acts's importance or its wide-ranging effect. That said, there is however an important difference in emphasis between a practitioner's reference book and an academic work. The former gives specific information which the practitioner needs to quickly deal with the problem at hand and so information should be easy to locate; the latter sets out to cover all relevant matters in detail and is not usually "dipped into". The section on basic issues is more academic than reference in style. The information does not lend itself to quick reference and covers a variety of peripheral issues such as the data protection experience of other countries; the independence of the Data Registrar from governmental influence; funding of the Data Registrar and staffing levels in the UK and abroad. However, this is a very minor gripe, as it concerns the supply of too much rather than too little information. It is also the only gripe about an otherwise valuable and well researched work. The most relevant section from a practitioner's point of view is that dealing exclusively with the United Kingdom. The author begins by pointing the reader towards other sources of information, gives a clear concise summary of the Data Protection Act and its underlying principles and ends by considering a number of matters which may arise in litigation involving the Act. A final section deals with data protection and security. This is possibly the most difficult area to deal with as it is fast-changing and there seems to exist an presumption that computer security is not relevant to data protection. Overall, the author manages to make a potentially dry subject interesting. He also skilfully mixes straight legal fact with comment and opinion. Although on occasions this could be regarded as slightly self-indulgent from a practitioner's viewpoint, it does at least have the merit of making the Chapter as a whole more enjoyable to read. James O'Connell
APPENDICES A blue dividing card labelled "Appendices" has been supplied but without any appendices. According to the editor writing in the Preface, these items will not appear until the first Release (which I understand is planned for early 1991). This is a considerable inconvenience to purchasers as there are several references throughout the text to the appendices and the authors clearly assumed that these would be published at the same time as their main contributions. Most notable by their absence are the appendices to Chapter 5: Electronic Funds Transfer, and Chapter 8: Competition. Most anomolous is the missing appendix containing the EC draft Directive on
1t 990~9 t. 1 6 CLSR
the Legal Protection of Computer Programs. By mid-1991 this may have long ceased to have been a draft. Gillian" Bull
INDEX AND GUIDANCE The Index to the entire work is supplied at the back of both volumes. It is in a format familiar to UK practitioners, but that is no excuse for producing a semi-classified, semi-alphabetical index to a work on information technology when software for far more effective indexing systems is available on the market, tried and tested. A search in this index for a specific term, "shrink-wrap licence", draw a blank. One mentally rotates the terms and looks under "licence" at "U': not there. It is not under "Software Licensing". Casting one's eye up the preceding page (where "Licence" commences) one stops are "shrink-wrapped, as products" under "Software" (there are two and a half indented columns under this entry). The reference is to 7.74, the Liability chapter. One is searching for discussion of the validity of these licences, so one abandons the Index and rummages through the Contracts and Intellectual Property chapters - or one gives up. I should like to suggest a different set of search tools for the next Release:(1) the List of Contents (chapter titles and main chapter sections) as now published, at the beginning of each volume, followed immediately by (2) an expanded List of Contents i.e. (1) with the sub-section headings added, supplemented by (3) a full list of the contents (sections, sub-sections, subsubsections) at the beginning of each chapter, and (1), (2) and (3) complemented by (4) a straightforward, unclassified alphabetical Index of specific subjects, eg: Shrink-wrap licences: contracts - 6.(?) Shrink-wrap licences: liability - 7.74 etc. It is essential to provide guidance of good quality in a work intended for use by practitioners to whom the terminology of high technology law is unfamiliar. It is pointless to publish a reference book the full range of which cannot be comprehended without reading it from cover to cover. Cross-referencing between chapters is patchy, but accurate where done: careful editing should improve this. The tables of cases and legislation at the front of Volume I appear to be of a high standard. It would be useful if all contents lists and tables were supplied in Volume II. Gillian Bull
The Editor comments: Many thanks to all those at TKB who contributed to this review. I am glad that, on the whole, the works gets a qualified "thumbs up". As Editor I recognise that having reached the first base with the encyclopedia there is still muc'h work to be done in developing and deepening the analysis. From its conception the encyclopedia has taken five years to produce. During that time of course the law has evolved and these developments will be accounted for as the released are published. More than thirty contributors have taken part so far, each of whom was writing without the benefit of the work in front of them. Now that it is here I expect to see rapid progress in dealing with the constructive criticisms mentioned in this review. Two releases are already published - the first a "stop press" update and the second containing the appendices. Perhaps the real assessment of the work ought to wait for a year or two by which time all the contributors will have had the opportunity to update and complete their material as required. Exciting times are ahead! There is just one point I would take issue with. I do believe there is room in this work for risk management analysis. An appreciation by lawyers of the nature of computer risks and the security implications will expand the knowledge base of the practitioner to good effect. The absence, so far, of discussion on insurance law is something that would be remedied with an additional section, but experience to date suggests that the insurance industry has yet to address the real needs of the computer user with policies that cover what the latter requires.
29