- Email: [email protected]
News and comment on recent developments from around the world
NEWS AND COMMENT ON RECENT DEVELOPMENTS FROM AROUND THE WORLD [ UNITED KIHeOM
j
EC SOFTWARE DIRECTIVE FINALISED After a protracted and contentious period of lobbying and dispute, the EC Software Directive has now completed all its stages, without further amendment, to the final draft, approved by the European Parliament at the turn of the year. The position now is that Member States must take the necessary steps to bring the Directive into force within their jurisdiction before 1 January 1993. Apart from the UK software copyright is currently provided for in Denmark, France, Germany and Spain with Belgium, Ireland, Italy, Netherlands and Portugal currently introducing legislation. Following the Directive, it seems that the UK Government does not envisage legislative changes to the 1988 Copyright, Designs and Patents Act by way of a further Act of Parliament, other than perhaps minor amendment by Statutory Instrument. Some changes may be necessary to deal in particular with the specific exceptions to the restricted acts in Article 5 of the Directive and the decompilation provisions of Article 6. These are specific measures that raise some difficulties for the 1988 Act which adopts a more general and less certain position in its reference to 'fair use' than might be permitted by the Directive. Other tidying amendments may also be necessary. In an attempt to reconcile the concerns of computer users, Emma Nicholson MP has convened a group (the Industry Software Protection Group) to discuss the way forward in the aftermath of the Directive. The particular concerns of users relate to maintenance (see the paper of Christopher White of Shell International and Robert Hart's response on p. 50-52 of this issue). It is suggested that one way forward might be through the development of a code of practice that suppliers might adopt in software licences. Such an approach would need to be adopted throughout the Member States if it is to be successful. However, this will depend to an extent on progress with the proposal for a Council Directive on Unfair Terms in
Consumer Contracts (COM (90) 322 fin. - SYN 285) submitted by the Commission on 24 July 1990. It could be that the Commission will now switch attention away from the copyright domain into the contractual field as consideration is given to the vexed question of unfair contract terms in software licences. This analysis is only just beginning and it will no doubt take until the mid t990s to determine what action if any the Commission will take on this. THE LAW COMMISSION PROPOSALS ON COMPUTER EVIDENCE The Law Commission has come up with new proposals concerning the admissibility of hearsay evidence in civil proceedings, following a reference to the Commission by the Lord Chancellor in October 1989. The Lord Chancellor wanted to learn whether the Commission recommended that the rule against hearsay, as modified by the Civil Evidence Acts, should be retain in whole or in part, and, depending on the outcome, what procedural changes might be required to implement the recommendations. The Hearsay Rule, in general terms, prevents an individual from testifying to the truth of what he has been told by another person. Exceptions gradually developed under the common law, particularly in relation to documentary evidence under certain defined circumstances. Difficulties have arisen in recent years, particularly in relation to computer evidence where statutory provision was made to deal with both civil and criminal evidence. The present Law Commission report relates only to civil proceedings, which currently regulates computer evidence through the Civil Evidence Act 1968. Section 5 of that Act enables a statement, contained in a document produced by a computer, to be admissible as evidence of any fact of which direct oral evidence would be admissible, if certain conditions are met in relation to the statement and the computer which generated it. Criticism of the conditions is centred on the now outdated considerations which were considered relevant in 1968. For example, para 3.63 of the report
86
notes that the safeguards directed at the batch processing of identical transactions, and mainframe computer operations processing large numbers of similar transactions daily, has now been superseded by new technology, including micro computers and more sophisticated software, that has changed the pattern of computer use. The report notes the view held by Tapper that special provisions for computerised records may be unnecessary. This approach has been followed by the Civil Evidence (Scotland) Act 1988, which does not distinguish between computerised records and other business records, The provisional conclusion reached by the Law Commission is that the Hearsay Rule is a most confusing rule of evidence, posing difficulties for courts, practitioners and witnesses alike. Reform would do much to improve evidence law as a whole. It proposes the abolition of the Exclusionary Rule, whilst retaining some elementary and simple safeguards against abuse of the power to adduce hearsay. It invites comments on these options and the issues related to the safeguards proposed. The Law Commission Consultation Paper No 117, The Hearsay Rule in Civil Proceedings, HMSO, 1991, ISBN 011730199X, £6.20 net. SOLICITORS HAPPY WITH IT SYSTEMS - THEY THINK! In its latest survey of 120 of the country's top law firms, the management consultancy, Robson Rhodes, reports that virtually all of Britain's leading law firms (96%) claim to be happy with the effectiveness of their computer systems. However, very few practices had measurement systems in place to monitor how effective they really were. The 'core' systems of Accounting, Time Recording and Client/Matter databases are well established, but, in the past year, there has been a significant increase in the implementation of fee earner support systems and marketing databases. Almost half the firms participating in the survey reported that the UK recession was having no impact on their IT spending plans. Although 84.5% believed that their
41
systems did provide good value for money, there was some dissatisfaction with the training and software support services provides by legal system suppliers. The proportion of respondents using the UNIX operating system increased over the year to 52%. The four leading software suppliers to the legal profession - AIM, Mannesmann, Kienzle, Norwell and Miles 33, all offer UNIX-based solutions. WordPerfect is the clear market leader for word processing. The vast majority of firms (75%) currently do not employ a computer specialist to manage IT, while 62.5% continue to have no IT committee in house. More than half of the practices surveyed did not have a formally documented business plan and less than one third had developed an IT strategy for their practice. Further information on the Annual Survey of Legal Firms - Use of Information Technology, 1991 Results, from Robson Rhodes, tel: 071-2511644. COMPUTER MISUSE: DOES BUSINESS NEED MORE EXPERTISE AND INFORMATION? A study commissioned by the DTI aims to discover whether sufficient expertise and information is available to discover and combat computer misuse. The study, to be carried out by management consultants, Coopers & Lybrand Deloite, aims to establish to what extent the supply of expertise available to business, commerce and the police meets their needs, enabling them to detect and prosecute offences under the Computer Misuse Act 1990. The study will also investigate whether new sources of advice may be required, and recommend action which might be taken to improve any inadequacies in the market for expertise and information. The objectives of the study reflect the DTI's recognition that effective enforcement of the Computer Misuse Act, and its value as a deterrent to potential criminal action, could also depend on police forces, the business community and prosecuting authorities having ready access to up-to-date advice to help in the detection, collection of evidence and prosecution of misuse offences. If advice is not readily available, there may be a risk that the police and business will be reluctant to bring prosecutions under the Act, or cases may be mishandled.
The study begins immediately and is expected to be completed by September of this year. It is hoped that the main conclusions of the study will be presented and discussed at a conference on the enforcement of the Act, currently planned for the Autumn. The Government has targeted the DTI as the department responsible for promoting awareness of the Act throughout business and commerce, and for seeking to ensure that the Act can be effectively applied. In addition to Coopers, the DTI has appointed the law firm of Cameron Markby Hewitt to carry out the market assessment study. Further information from Coopers & Lybrand Deloite: Roger Usher (te1:071-8224529) or Mark Ambler (tel: 071-8222885). SURVEY ON FRAUD LIMITATION AND COMPUTER SECURITY Coopers & Lybrand Deloite has published the findings of a survey of the Financial Times top 500 companies, commissioned with the GALLUP organisation in April, designed to find out to what extent the UK's top companies were suffering from fraud and computer misuse and how they were addressing the risks. The survey found the nearly one in four (24%) had suffered a virus attack in the past three years, but, in nearly all cases, no permanent damage was caused to the system. The survey examined the extent to which fraud and computer security matters were considered at Board level; whether formal written policies on fraud and computer security exist; what communication was made with employees about fraud and computer security matters; whether an individual or committee had been allocated responsibility for coordinating fraud limitation initiatives; what contingency plans companies had; their experience of fraud and whether confidentiality was important if frauds occur; what attitudes they had towards insurance, and perception as to who is most responsible for the prevention and detection of fraud. Despite the equal media prominence given to hacking, this appears less of a problem, with only one in 20 (5%) of companies identifying a hacking incident in the past three years. However, of the five cases identified, three had serious consequences, such as corruption of data or loss of
87
company assets. Participants also agreed that it was likely that, so called, 'benign hacking' still remained undetected by many companies. Companies appear to be starting to address computer security issues, with almost three in five (58%) of the companies having done so at Board level within the last year. However, fewer than half the companies interviewed (43%) had contingency plans which specifically addressed computer security risk. Rod Perry, Computer Security Partner at Deloites commented: "It is encouraging to see that company Boards are becoming involved in computer security issues, but there is still a long way to go. The relatively high incidence of reported virus attacks and hacking mean that Boards must convert concern to policies and action which secure the continued integrity of their computer systems." The report - Fraud Limitation and Computer Security. Survey of Financial Times Top 500 Companies, April 1981, Coopers & Lybrand Deloite. Contact Rod Perry, tel: 071-8224575. Editor's Note: The National Computing Centre are also conducting a campaign to improve security and reduce fraud in business. Information packs are available at £95 for NCC members, consisting of a manual, a video on how to improve your computer security, and an interactive disk designed to lead management through the problem on their PCs (the packs are available for £750 each for non-registered businesses). Contact NCC, tel: 061-2286333. SURVEY REVEALS SERVICE IS THE KEY TO FUTURE BUSINESS SUCCESS A recent survey, commissioned by Digital Equipment Corporation (DEC), reveals that 94% of managers in service related industries recognise that the key to competitive success in the 1990s will be achieved by improved customer service. The survey of the service industry included retailers, wholesalers, travel and tourism, import/export companies, professional services, eg legal and accounting firms, management consultants, and marketing and advertising companies. The survey was carried out in association with management consultant, John Humble, and Management Centre Europe, and
compared attitudes of senior managers internationally with those in UK businesses. Fourteen European companies were included, as well as Japan and the USA. Although improved customer service was important, the survey found that only 56% believed that their organisations were actually putting the customer first. The Japanese attributed greater importance to service than their UK counterparts, with 84% saying that service to their customers was more important today compared with 65% of British managers. Old fashioned bureaucracy seems to be the main problem, with nearly half (43%) of the managers in financial service related companies admitting that, when bureaucracy interfered with customer service, it was unlikely to be eliminated quickly. Bureaucracy was closely associated to company size, with more than half (51%) of companies employing 2,000 people admitting that they found it difficult to break down bureaucratic barriers. This compared with only 26% in small companies employing less than 100 people. Commenting, Digital UK's Chairman and Chief Executive, Geoff Shingles, said: "The problem is that, as organisations grow, they tend to become more involved in themselves than in the customers they must serve. Innovative organisation structures are needed to focus individual initiative and enterprise on the customer. This is illustrated by our own business: for example, our roots have been in selling computers, but, due to changing customer needs, 41% of our revenue now comes from business services, such as planning, designing, implementing and managing complete systems for customers." Further information from Karen Meeks at Digital, tel: 0734-205180. DATA PROTECTION NEWS • Data Protection Registrar Appeals Against Tribunal's Decision The Data Protection Registrar has appealed to the High Court against part of the decision of the Data Protection Tribunal on the appeals by CCN Systems Ltd and CCN Credit Systems Ltd against enforcement notices under 1984 Act. This appeal has been made on the advice of leading counsel. The original enforcement notices were issued
against the four main credit reference agencies, requiring them to cease extracting information about other individuals (third party information) from their files, as a result of processing personal data on the basis of a credit applicant's current or previous address. The Tribunal upheld the Registrar's general view of the law, but partially allowed CCN's appeal and added some provisos to the enforcement notice. The Registrar's appeal is, in effect, against these provisos, which allow the extraction, in some circumstances, of information about other individuals. New Data Protection Guidance for Financial Advisors To assist businesses, which arrange personal investment or provide financial advise to individuals, the DP Registrar has published a new Guidance Note, No 24 - the latest in a series examining specific data protection issues for the benefit of particular businesses or professions. Financial intermediaries must comply with the obligations contained in the eight principles of good practice that lie at the heart of the Act. tn particular, for financial advisors and tied agents, the first data protection principle stating that "the information to be contained in personal data shall be obtained, and personal data should be processed, fairly and lawfully'~ is likely to be especially important. The Guidance Note outlines general points to be kept in mind when obtaining information about individuals which is to be kept on computer. It also makes specific recommendations on how to apply this guidance in the context of the requirements of the Financial Services Act, particularly in situations requiring the use of a questionnaire. Commenting, Eric Howe said: "Over the years, we have received a number of complaints and enquiries from people who have been concerned about the extent and nature of the information they were being asked to supply to financial intermediaries. They were also often unclear about how this information would be used. This new Guidance Note aims to help those within the industry to
88
obtain personal data in a manner which reassures their customers whilst also avoiding breaking the law." Editor's Note: Under the Data Protection Act t984, any individual or organisation controlling the contents and use of information about living individuals, which is stored or processed on computer, is generally required to register with the Data Protection Registrar. tt has recently been announced that the fee for registration (for a three year period) will be increased from £56 to £75 from 1 June 1991. Failure to register is a criminal offence. DTI NEWS • New Security Export Control Booklet The DTI has published its new Security Export Control booklet, intended for guidance only, to allow exporters to the proscribed destinations to assess their products against the latest controls, which follow revisions to the COCOM Lists made during 1990. These changes introduced major relaxations to export controls in a number of areas, and many of these are reflected in subsequent amendments to the Export of Goods (Control) Order 1989, which is available from HMSO bookshops. It is noted that not all the COCOM agreed changes have been incorporated into that Order. As a further major revision of the COCOM controls is now underway, this booklet will serve only as an interim measure until the new controls are agreed and come into force later this year, at which time a new booklet will be issued. It will be some time before these new controls, once published, are reflected in a new Statutory Instrument. It should be noted that there are special restrictions covering traq, the details of which can be found in the Export of Goods (Control) Iraq and Kuwait Sanctions (Order) 1990. For further information, contact the Export Control Organisation on tel: 071-2158070. Copies of the booklet are available at £7.50 each.
• AIvey Report on Advanced IT Published An independent evaluation of the influence of the Alvey Programme for Advanced Information Technology has been published. The report was prepared for the DTI and the Science and Engineering Research Council (SERC) by the Science Policy Research Unit (SPRU) at Sussex University and the Programme of Policy Research in Engineering, Science and Technology at Manchester University. The report concludes that the programme "met many of the targets it could reasonably be expected to attain", and that it compares well with the achievements of the Japanese Fifth Generation Programme and the US Microelectronics and Computer Technology Corporation. The main findings are that the programme is correctly focused to benefit the UK; is a success from a technical perspective; has considerably broadened and strengthened the UK's IT R & D capability; has nurtured successful and enduring links between academic and industrial IT researchers; but has not yet achieved the exploitation of research results that might be anticipated. Among the lessons identified are the importance of improving company management of the interface between R & D and production activities; the need to involve 'user' companies in the research process to improve exploitation; the desirability of more education and training to compliment R & D, and particularly in the take-up of the new technology; and the need for yet further efforts to bridge the gap between academic and industrial research practice. The report - Evaluation of the Alvey Programme for Advanced Information Technology - is available from HMSO at £17.25 (ISBN 0115152814). • DTI Launches National IT Security Scheme The DTI and the CommunicationsElectronics Security Group has announced the full operational launch of a national scheme for the security, evaluation and certification of IT systems products. The scheme, announced as a pilot project in August 1990,
provides for third-party security testing and independent certification of IT products and systems. The evaluation service is provided by commercial bodies, licenced as Commercial Licenced Evaluation Facilities (CLEFs). CLEFs may work under contract to all branches of industry, commerce and Government. The CESG is the Government's national authority for the software and hardware aspects of IT security. It devises HMG standards for evaluation and certification, and establishes facilities in which software and hardware can be tested against these standards and certified accordingly. It also establishes a programme of research of development to ensure an adequate degree of security is achieved and provides advice on the planning and implementation of secure, computer-based systems. The scheme aims to promote an efficient and effective market in IT security and increase the choice of certified products, bringing benefits to both users and vendors of IT products. The aims is that users should gain from increased confidence in the security capabilities and value for money of their investment in secure IT products and systems, whereas vendors will gain from targeting future product developments to market requirements. This will improve market product marketability and availability of a fair and objective evaluation and certification service. A leaflet, °UK IT Security, Evaluation and Certification Scheme" explaining the scheme and its objectives, is available by contacting the agency on tel: 0443-821877. RECENT BRITISH IT STANDARDS The British Standards Institute has issued a number of recent IT related British Standards. They include: - BS ISO 8802-2 Information Processing Systems - Local Area Networks. - BS ISO/IEC 10021. IT - Text Communication - MessageOriented Text Interchange Systems. - BS 7369: 199t. Specification for Multi-Frequency Tone Signalling Protocol for Social Alarm Systems. - BS ISO/IECTR 9577: 1990. IT Telecommunications and
89
Information Exchange Between Systems - Protocol Identification in the Network Layer. - BS ISO/IEC 10022: 1990. IT Open Systems Interconnection Physical Service Definition. - BS ISO/IECTR 9575: 1990. IT Telecommunications and Information Exchange Between Systems - OSI Routeing Framework. - BS EN 27 810: 1991. Guide to Design, Construction and Use of identification Cards. - -DD 181: 1991. Techniques for Using Standard Generalised Markup Language (SGML). - BS ISO/IEC 9549: 1990. IT Galvanic isolation of Balanced Interchange Circuits. - BS ISO/IEC 9805: 1990. IT Open Systems Interconnection Protocol Specification for the Commitment Concurrency and Recovery Service Element. - BS ISO/IEC 8881: 1989. Information Processing Systems Data Communications - Use of X.25 Package Level Protocol in Local Area Networks. For further information, contact BSI, tel: 0908-220022. TELECOMS NEWS IN BRIEF SACOT Gives Qualified Welcome to Duopoly Review Decisions The Scottish Advisory Committee on Telecommunications (SACOT), at its first meeting since the issue of the Government's White Paper on telecommunications policy for the 1990s, has welcomed the concept of greater competition, but expressed concern about some of the effects which this might have on Scotland. The Committee, in two separate papers, expressed various concerns, which it felt were not addressed within the White Paper. The Committee believes that, if the less densely populated areas of Scotland, and the UK in general, are not to be disadvantaged, due regard must be paid to the policies of the Council of European Communities through the necessary Government stimulus. Scotland's particular problem, in connection with UXD-5 digital exchanges, has to be addressed to allow for at least the provision of itemised billing and call barring. The
Committee believes that dates should be set for the universal availability of narrowband integrated services digital networks, universal mobile 2-way systems, universal 2-way satellite systems, and, ultimately, universal availability of broadband ISDN via wireless or cable. William Begg, Chairman of SACOT, said: "Advanced telecom services are vital to the development of any area of the country and, if Scotland is not to be at a disadvantage within the EC, it is essential that views expressed by the Council of European Communities, in relations to telecoms, should be applied, as if little or no action is taken the gap between favoured regions and less favoured region will widen." Editor's Note: SACOT was set up by the Secretary of State for Trade and Industry, under Section 54 of the Telecommunications Act 1984, to advise the Director General of Telecommunications on all aspects of telecoms matters affecting consumers, purchasers and other users of telecoms services and apparatus in Scotland. • DG of Telecommunications Issues Statement on Proposed Modifications to BT's and Mercury's Licences Sir Bryan Carsberg, Director General of Telecommunications, has issued a statement setting out the position and his intentions for future action on the proposed modifications to BT's and Mercury's licences. The modifications were advertised on 7 March, following publication of the Government's White Paper on the duopoly review. The statement reports that most of the comments relate to the proposal to require BT's competitors to pay a contribution to BT's costs of providing exchange lines. Sir Bryan says that the main issue is the need to ensure that competition is free from bias. The policy decision to move to an environment in which most of telecommunications is open to competition creates a need to modify the present arrangements. Several substantial comments have been received on the proposed licence modifications, and many of these expressed
concern about the relatively short time available for consideration of the detailed proposals, which are tong and complex. Sir Bryan believes that to limit present uncertainties, and to provide a basis on which the additional competition envisaged by the White Paper can begin to develop, there is a need to take additional time to weigh the points raised in the representations. Further information from OFTEL, tel: 071-8221641. CELLNET to " O K " Mobile Data Products CELLNET, Britain's largest mobile phone network operator, has announced a scheme to stamp the new generation of mobile data products with 'CELLNET Compatible'. The stamp will reassure customers that the modems, fax machines and interface units they buy are ideally suited to mobile data communications. The CELLNET compatible scheme is announced at a time when developments in the computing and mobile communications industries have come together so that users of the latest computing equipment can make the most of the freedom that mobile communications can bring. During the past 18 months, CELLNET has tripled the capacity of its network with an investment of £220 million. CELLNET network covers over 97% of the UK population. The hope is that the scheme announced will enable customers to make an informed choice of products to meet their needs, assured that they are designed to be compatible with the CELLNET network.
TECHNOLOGY CHALLENGES THE CONSTITUTION An interesting article appeared in Time magazine on April last that speculated whether the fast changing technologies of the late 20th Century will pose a challenge to American taws and principles already established. Into the debate came Harvard Law Professor, Laurence Tribe, who wondered
90
whether the Supreme Court was now incapable of keeping up with the pace of technological change. The background to the debate is the capacity of modern IT to translate text, pictures, film, sound and graphics etc into a digital medium able to record every phone call, cash withdrawal and credit card transaction and in which copies of the original can be created in a form indistinguishable from the real thing. The motivation for the article was the raid carried out in May of last year, when 150 Secret Service agents in 14 American cities, seized 42 computers and many thousands of floppy discs, in a raid designed to deal with a group of young computer enthusiasts who were allegedly dealing in stolen credit card numbers, telephone access codes and other types of information contraband. The issue of controlling such activity has now become one of conflict between computer related privacy and free speech. Recent illustrations of this have been covered in previous issues of CLSR. See, for example, Bernard Zajac's column on page 37 of the last issue, dealing with the caller ID issue - a device that displays the phone numbers (including unlisted ones) of incoming calls enabling the caller to see who is dialling them. Another example is Lotus Development Corporation's abandonment of its proposed joint venture with a leading credit rating bureau Equifax - to distribute a database listing the consumer habit of 120 million US households. The issue, however, is not perceived as simply one of control. The former president of Lotus, Mitch Kapor, whilst condemning unauthorised access into computer systems, nevertheless believes that the civil liberties case for freedom of information in the domain of digital communication and information storage has not been fully addressed. He is now providing a fighting fund to enable the civil liberties issue to be confronted in present litigation to avoid inappropriate legal precedents being set that might harm Americans in the next century. DATA PROTECTION BILL INTRODUCED IN CONGRESS Congressman Bob Weiss of Virginia has introduced the Data Protection Act of 1991, H.R.685 Cong. Rec. H755 (Jan 29 1991), to establish a specia/ised Government agency
responsible for privacy issues that arise in respect of the use and misuse of personal information stored in computer systems. The move for the legislation arises, in part, following concern that foreign data protection activities are having a direct and significant impact on American business interests. Commenting, representative Weiss said: "Many other countries have passed data protection laws and created governmental institutions with responsibilities to implement and enforce national data protection standards. Nervousness about the transborder flow of personal information has led to the preparation of a draft EC Directive on the protection of individuals in relation to the processing personal data. Adoption of this Directive could make it expensive or impossible for American companies that need to transfer personal data to and from Europe to do business. The result could be a loss of jobs, profits and business opportunities for America." The proposal is that a Data Protection Board be established to act as a consultant watchdog and facilitator to help Government and industry deal with the increasingly complex balance of privacy interest, data protection policies and exploitation of technology. TRAP DOOR LEGISLATION REVEALS CONSTITUTIONAL WARFARE The following bombshell resides in a counterterrorism bill now before Congress: "It is the sense of Congress that providers of electronic communications services and manufacturers of electronic communications service equipment shall ensure that communications systems permit the government to obtain the plain text contents of voice, data and other communications when appropriately authorized by law." This appears to be a broadside to encryption technology. It seemingly requires the purveyors of communications services and equipment to be able to unscramble encrypted messages without user consent. That might mean developers must construct trap doors or similar unwanted features in encryption schemes. The provision is worded as an unacceptably vague political
declaration rather than as a law. A properly crafted statute would be much more specific and would lay out the precise penalties for anyone violating it. This confusing bill should not, and likely will not, survive in its present form. It is, nevertheless, important. It constitutes the first shot in the latest battle of an eternal war. Our society harbors two blood enemies: privacy interest and law enforcement interests. Dispute between them erupts every time communication technology advances. When the telephone came out, lawsuits were fought over whether the police could tap conversations. Congress eventually passed the Wiretap ACt to strike a balance between privacy and law enforcement. The Act makes phone conversations private, but allows police eavesdropping under court supervision. In 1986, Congress had to amend the Act to confirm the privacy of computer messages, but it also installed procedures to permit some government discovery of those messages. Neither privacy nor law enforcement interests are ever total winners under our law. The Fourth Amendment to the Constitution protects us from our unreasonable searches by the government, not all searches. Privacy rights are always subject to controlled police surveillance. Encryption technology could unjustly tip the balance of power in favor of privacy. There are stories about wily drug traffickers encrypting their telephone conversations. An active imagination envisions the day when all messages are scrambled, and law enforcement is dealt a serious blow. But this does not mean we should undermine encryption technology. Encryption permits law abiding businesses to protect their trade secrets. So can we find a compromise? Formulation of a fair law requiring the construction of trap doors would be very challenging - but not necessarily impossible. Congress could license encryption equipment and require trap doors as a condition to obtaining a license. Congress would have to criminalize both the sale of unlicensed equipment and the use of it with the intent to conceal information. The trap doors themselves could be sured with cryptographic "locks." The keys to those locks could be collected and guarded by a new,
91
trustworthy body - maybe a government agency, a series of independent foundations or a combination thereof. Users would need ironclad asssurance from the body that the keys are secure. Unfortunately, the establishment of a trusted body would cost money. An obvious source of funds would be a charge on purchases of approved encryption equipment. That could adversely affect our nascent encryption industry. Further, the construction of trap doors might make encryption more cumbersome to use. The measure now before Congress is woefully deficient as it stands. But it does open legitimate debate on how to balance the use of a technology that can serve both good and evil. Information from Benjamin Wright Report Correspondent TWENTY TWO COUNTRIES CITED FOR INADEQUATE COPYRIGHT PROTECTION OF IP The International Intellectual Property Alliance representing the US copyright industries has identified 22 nations that it believes have failed to provide adequate copyright protection or fair market conditions for US films, music, records, books and software. According to the organisation, total losses suffered by these industries in the countries listed reached $4.17 billion in 1990. Four countries were identified for priority concern - China, India, Thailand and Indonesia. Such designation triggers a formal investigation under Section 301 of the 1988 Trade Act. Such investigation, if unsuccessful in resolving outstanding issues, could result in the imposition of trade sanctions. Countries targeted for inclusion in the US trade representative priority watch list were Mexico, Brazil, Greece, the Philippines, Poland, Turkey and the United Arab Emirates. Countries proposed for inclusion on the lesser 'watch lists' were Cyprus, Egypt, El Salvador, Germany, Italy, Korea, Pakistan, Saudi Arabia, Taiwan, the USSR and Yugoslavia. Recommended for removal from the watch list was Malaysia, following a "significant improvement in copyright protection and enforcement". Commenting, Jack Valenti, for the IIPA said: "In the two years the special 301 legislation has been in effect, the US trade representative has issued warning citations to countries which
have denied access to their markets and failed to protect our copyrights. Some countries have heeded to those warnings, others have not. It is now time for USTR to demonstrate to these countries that the US is serious about removing barriers to our copyrighted products. Countries which have refused to remove trade barriers or protect intellectual property should immediately be designated as 'priority foreign countries" according to the Congressional mandate in the 1988 Trade Act." Editor's Note: An EC report has strongly criticised the US for its use of Section 301 as a mechanism for resolving trade disputes. The report criticises Section 301 as being incompatible with the General Agreement on Tariffs and Trade (GATT). It also criticises US policy which seeks to impose controls on individuals and businesses beyond American jurisdiction. The EC states that barriers still exist in the field of telecommunications, public procurement and standard setting. SUPREME COURT REVIEWS DATA COMPILATION COPYRIGHT
As reported in the last issue of the CLSR at page 48, the United States Supreme Court has rules that the white pages of a telephone directory do not meet the constitutional or statutory copyright requirements for registration under the US Copyright Act. The issue is a board one and basically concerns the kind of copyright standards applicable to compilations of fact. The basic question that the court had to consider was whether the defendants, in appropriating the listings, has taken anything 'original' of the plaintiffs. The plaintiffs had made a 'selection' of a sort of gathering basic information - name, town and telephone numbers about each person applying to the company for telephone servies. However, this selection "lacks the modicum of creativity necessary to transform mere selection into copyrightable expressions" The court stated that, whilst facts themselves are not copyright, compilations that demonstrate some level of originality can be protected. Moreover, protection could also be granted for the "selection and arrangement" of material, such as a directory, that contains absolutely no protectible written expression. A subsequent compiler was free to use the facts
contained in another's work to aid the preparation of a competing work, provided the latter did not feature the same original selection and arrangement found in the first. Commenting on this, the court said: "It may seem unfair that much of the fruit of the compiler's labour may be used by others without compensation," but this may be consistent with copyright principles which "assures authors the right to their original expression, but encourages others to build freely upon the ideas and information conveyed by a work." See Feist Publications Inc v Royal Telephone Service Co Inc, US, Sup Ct, No 8 9 - 1 9 0 9 , 27 March 1991.
also insufficient to destroy the standard of originality required for copyright protection. Under US law, this required that a work be independently created by an author emboyding no more than a modest amount of intellectual effort. In this regard, "novelty and uniqueness is not essential". The case continues with the issue of substantial similarity and the scope of protection still to be considered by the court.
APPLE WINS FURTHER PRE-TRIAL SKIRMISHES
The Commission has published proposals aimed at making the EC electronics and information technology industry more competitive. However, Commission Vice-President, Philippo Pandolfi, responsible for technology, said no additional funds would be available. Instead, existing funding programmes would be retargeted to meet the demands of 1990's markets. The new approach involves action on five levels: First, Member States will be encouraged to improve connections between their public databases, for example on tax information, thus encouraging demand for IT products; secondly, the EC might start second generation research and development projects; thirdly, multidisciplinary training projects will be launched or strengthened; fourthly, equal access for European IT products on non-EC markets will be sought through both multilateral and bilateral agreement; lastly, the business environment for electronics will be improved by trying to speed up harmonisation of standards.
On 6 March last, Judge Vaughn Walker, in the court for the Northern District of California, ruled that Apple's copyright in the visual displays of its Macintosh computer user interface were not invalidated either by fraud on the copyright office or by lack of originality. Apple initiated legal action against Microsoft and Hewlett Packard in March 1988 alleging infringement in Hewlett Packard's "New Wave" program and Microsoft's "Windows", version 2.03. In the early stages of the litigation, the them presiding judge, William Schwarzer, ruled that a 1985 licence agreement between Apple and Microsoft enabled Microsoft to incorporate many of the features of the Mackintosh user interface into its windows operating system software and five application programs. However, there were 10 visual displays crucial to Apple's case which the earlier ruling had held were not subject to the 1985 agreement. These displays involved the use of overlapping application windows, and certain changes in the appearance and manipulation of icons. In the latest skirmish, Hewlett Packard argued that Apple's copyrights should be invalidated because the Mackintosh user interface was based on the "star" and "smalltalk" programs developed at Xerox Corporation's, Palo Alto Research Centre. Judge Walker held that, whilst it was clear that Apple had borrowed some of the ideas underlying Xerox's programs, there could be no question of this depriving Apple of the presumption of copyright validity in its own works. Such borrowing of ideas was
92
NEW PROPOSALS FOR EC ELECTRONICS INDUSTRY
NEW PROPOSALS FOR THE INFORMATION SERVICES MARKET
Following the implementation of the first two-year plan of action (IMPACT.I) adopted by the Council in July 1988, a further set of proposals has now been launched to continue Community policy and actions in the creation of an internal information services market. This is the IMPACT.2 program. This is regarded as a matter of priority because of the strategic importance of information for research, industry and commerce, and the new requirements arising from the creation of the single market.
In the Commission's view: "It is of vital importance for all sectors and all aspects of economic activity that modem information services using advanced computer and telecommunications technology should be available;' Such services are vital to the long-term viability of European manufacturing industry, which is increasingly dependent on its speed of reaction to the needs of the market, which in turn depends on the services which supply the technical and commercial information necessary for developing products. The technology has become the essential component of major sectors of the services industry, such as banking, finance, transport, insurance and tourism; yet, despite the progress made, the development of a European market for electronic professional information services remains hampered by numerous technical, legal and linguistic barriers. The Commission argues that most services have been developed within the Community on a mainly national basis and do not have much impact as a force for economic integration at Community level. It is to tackle these problems that the proposed new programme, covering a five year period, is to be launched. It takes up the general objectives of the first plan and amends the lines of action and support mechanisms in the light of experience gained and of subsequent market developments. There are four lines of action proposed which focus on improving the standing of the market, overcoming legal and administrative barriers, increasing the userfriendliness of the services and improving information literacy, and supporting strategic information operations, the cost of which is to be shared with the public and private sectors. There will increased Community support to allow participation by small and medium sized enterprises, in particular in the less favoured regions of the Community. Initially, ECU 100 million will be made available by the Commission and it is hoped that a further ECU 125 million will come from the information services industry to co-finance shared-costs projects. See further, proposal for a Council decision setting up a programme for an information services market ( t O M (90) 570 Final), Brussels, January 1991.
EC SEEKS VIEWS ON COPYRIGHT TERM OF PROTECTION As part of its programme concerning copyright laws and related matters, the Directorate General for Internal Market and Industrial Affairs (DG III) is seeking views of interested parties on the need for harmonisation of the term of protection under copyright and neighbouring rights. Among the questions being asked is whether harmonisation of the term is necessary at all and, if so, on what the term should be. In particular, views are sought on whether it is desirable to vary the term of protection according tothe type of work (literary works, computer programs, musical works, photographic works etc). Comments should be sent immediately to the European Commission, DG IllF-4, NERV 6•26, 200 Rue de la Loi, B-1049, Brussels. BACKGROUND REPORT ON LIABILITY OF SUPPLIERS OF SERVICE The European Commission has published a short statement outlining its policy on liability of suppliers of services. An essential feature of the completion of the internal market is the harmonisation of legislation within the different sectors of the Community. The service sector, which in economic terms currently accounts for more than half the added value produced in the Community each year, is also extremely important as regards consumer safety. As the service sector begins to take full advantage of free movement within the Common Market, protection measures must be enhanced in order to increase consumer confidence. Studies carried on consumer protection reveal that the situation in Member States is changing all the time in favour of persons injured by defective services. However, there are numerous variations within the community of the level of protection the consumer receives. These relate to the burden of proof where, in the UK, breach of contract or negligence must be proved against the supplier of a service. In other Member States, such as Spain, Denmark, Greece, Belgium and Germany, the burden of proof is reversed in favour of the consumer. The position of third parties also varies in the Community. The current proposal is to establish a general rule of safety, to prevent and
93
repair damage caused by the supplier of services. The consumer will no longer be required to prove the fault of the supplier of the services as the burden of proof will be reversed in favour of the consumer. If he can prove that the injury was a result of the provision of the service and the causal relationship between the damage and fault, then the supplier will be liable for damage caused either to the consumer's person or private property. Damages will be payable unless the supplier can show he was not at fault. Indirect loss or 'knockon' effects will not be covered. But, equally, there is no minimum amount of damage laid down by the proposal, so the victim will be entitled to full compensation in respect of those aspects of damage that can be claimed for. The Commission hope that legal uncertainty will be greatly reduced, making it easier for the consumer to claim for injury caused to his person or private property. It is too early to say what impact this will have on the information market, given the definition of service, which is held to mean anything other than the manufacture of goods or the transfer of rights. For further reference, see COM (90) 482 of 20 December 1990.
SEVEN HUNDRED ATTEND INTELSAT GLOBAL TRAFFIC MEETING Over 700 participants from 170 telecommunications providers and administrations attended the 17th Annual Global Traffic Meeting of the International Telecommunications Satellite Organisation held in Washington DC in early May. The meeting concluded with a traffic forecast indicating that the use of digital carriers for public-switched network traffic would double in the next five years. Overall, the preliminary forecast for total global circuits connected to the publicswitched network reveals a more rapid conversion from analogue to digital services, as compared to the results of last year's meeting. Revised forecasts also indicate that, relative to other ocean regions, the fasted growing region would the Indian sector, where circuit usage is expected
to increase up to 23% over the next five years due to connectivity opportunities in a coverage area stretching east from Europe to Eastern Asia and Australia.
WORLD TELECOMMUNICATION DAY CHOOSES THEME OF TELECOMS AND SAFETY OF HUMAN LIFE Every year, 17 May is celebrated by the member countries of the International Telecommunication Union (ITU) as World Telecommunication Day. This Day commemorates the signing in Paris in 1865 of the first international telecommunication agreement, known under the name of International Telegraph Convention. This Convention created the Union as the International Telegraph Union by signatories of the 20 founding States. This year, World Telecommunication Day was
celebrated as part of the Natural Disaster Prevention Decade which was proclaimed by the United Nations General Assembly. Other international organisations, whose activities are significantly dependent on tetecoms, have therefore been associated with celebrations. These include the International Civil Aviation Organisation, the International Maritime Organisation, the World Meteorological, the Office of the UN Disaster Relief Coordinator, and the League of Red Cross and Red Crescent Societies. Commenting, the ITU Secretary General, Pekka Tarjanne, said: "Today we possess an array of telecommunication services for use in disaster prevention, early warning and relief. Transportable satellite earth stations can be used for emergency communications and, coupled with land-based facilities, provide a vital tool for relief
operations. However, much remains to be done to ensure the fast transborder movement of such telecommunications equipment to disaster sites. With this in mind, the ITU, working with other concerned organisations, has proposed a project to facilitate the speedy movement and customs clearance of telecoms equipment for disaster use, which could, in due course, lead to an international convention. Also, cellular technology can prove to be a solution to the difficult problem of providing telecoms outside major urban centres and, in particular, for emergencies. It is my ambition to speed ~p the arrival of relief for anyone in danger or distress, wherever disaster may strike or, more generally, in need of assistance in rural and remote areas"
Compiled by Stephen Saxby Editor
BOOK REVIEWS TECHNOLOGY AND THE COURTS
EXPERT SYSTEMS
Electronically Recorded Evidence - A Guide to the Use of Tape and Video Recording in Criminal and Civil Proceedings, by Cybil Sharpe, 1989 (Fourmat Publishing), 126 pp., £14.95, ISBN 1851900713 As the author notes in her preface: "The extent to which
Expert Systems in Auditing, by J C Van Dyjk and Paul Williams, 1990 (MacMillan Publishers), 192 pp., £50, ISBN 0333556038 The purpose of this book is to examine the role of expert systems in the computerisation of auditing. It has been written primarily for the practising auditor, either in a public accounting firm or in an internal audit function. The authors point out that computerisation of the audit domain has been an objective for almost 25 years now, but, to date, there has only been limited success in eliminating some of the real bottle-necks in the audit process, since so much is dependent still upon skill and experience. Automation has not eliminated this requirement, but expert systems show promise, especially since the latter is involved in knowledge transfer. The objective, therefore, is to assist the reader to gain an understanding of the potential of expert systems for the auditor's practice, as well as an appreciation of their limitations. There are three parts examining artificial intelligence, auditing as an application of expert systems, and implementation considerations. Appendices deal with the audit process flow; expert audit systems; literature on artificial intelligence and expert systems; and a glossary of terms. In addition to its practical application for auditor and public accounting firms, the book would also be of value to teachers and students in auditing subjects at universities, as well as on training courses organised by the accountants' institutes. Available from: MacMillan Publishers Ltd, Brunel Road, Houndmills. Basingstoke, Hants, RG21 2XS.
the courts admit electronically recorded evidence underlines the current and increasing use of new technology in the judicial process." The courts are currently facing a quiet revolution in the application of technology ~ to the presentation of evidence. This is evident, in particular, ~:~: with developments in the past few years in the use made of video and tape recorded evidence and the legislation ~ passed to regulate its use. This new technology has highlighted a host of issues, not least the uneasy balance between video surveillance and the law of privacy. Many other issues arise too, from the concerns about the value, authenticity and admissibility of electronically recorded evidence, to the civil liberties questions that underlie its ~'~!~igathering and use. This book examines recent case law ~: developments on such evidence and reports on the Code ~! of Conduct on the tape recording of interviews made i:i pursuant to the 1984 Police and Criminal Evidence Act. ~:~ It also examines Crown Court rules concerning the interviewing of children by closed circuit television links. In addition, the provision of the Criminal Justice Act 19B8 ii#iii i~ concerning evidence are discussed generally, as well as in relation to child witnesses in particular. ,~, Available from: Fourmat Publishing, 27-28 St Albans
~i~ Place, Islington Green, London, N1 ONX.T
94
~ii ~:: ~,~ !!! ~:; ~!:;
:~i~ i~i i:i.
ii:~
~i
j
EC SOFTWARE DIRECTIVE FINALISED After a protracted and contentious period of lobbying and dispute, the EC Software Directive has now completed all its stages, without further amendment, to the final draft, approved by the European Parliament at the turn of the year. The position now is that Member States must take the necessary steps to bring the Directive into force within their jurisdiction before 1 January 1993. Apart from the UK software copyright is currently provided for in Denmark, France, Germany and Spain with Belgium, Ireland, Italy, Netherlands and Portugal currently introducing legislation. Following the Directive, it seems that the UK Government does not envisage legislative changes to the 1988 Copyright, Designs and Patents Act by way of a further Act of Parliament, other than perhaps minor amendment by Statutory Instrument. Some changes may be necessary to deal in particular with the specific exceptions to the restricted acts in Article 5 of the Directive and the decompilation provisions of Article 6. These are specific measures that raise some difficulties for the 1988 Act which adopts a more general and less certain position in its reference to 'fair use' than might be permitted by the Directive. Other tidying amendments may also be necessary. In an attempt to reconcile the concerns of computer users, Emma Nicholson MP has convened a group (the Industry Software Protection Group) to discuss the way forward in the aftermath of the Directive. The particular concerns of users relate to maintenance (see the paper of Christopher White of Shell International and Robert Hart's response on p. 50-52 of this issue). It is suggested that one way forward might be through the development of a code of practice that suppliers might adopt in software licences. Such an approach would need to be adopted throughout the Member States if it is to be successful. However, this will depend to an extent on progress with the proposal for a Council Directive on Unfair Terms in
Consumer Contracts (COM (90) 322 fin. - SYN 285) submitted by the Commission on 24 July 1990. It could be that the Commission will now switch attention away from the copyright domain into the contractual field as consideration is given to the vexed question of unfair contract terms in software licences. This analysis is only just beginning and it will no doubt take until the mid t990s to determine what action if any the Commission will take on this. THE LAW COMMISSION PROPOSALS ON COMPUTER EVIDENCE The Law Commission has come up with new proposals concerning the admissibility of hearsay evidence in civil proceedings, following a reference to the Commission by the Lord Chancellor in October 1989. The Lord Chancellor wanted to learn whether the Commission recommended that the rule against hearsay, as modified by the Civil Evidence Acts, should be retain in whole or in part, and, depending on the outcome, what procedural changes might be required to implement the recommendations. The Hearsay Rule, in general terms, prevents an individual from testifying to the truth of what he has been told by another person. Exceptions gradually developed under the common law, particularly in relation to documentary evidence under certain defined circumstances. Difficulties have arisen in recent years, particularly in relation to computer evidence where statutory provision was made to deal with both civil and criminal evidence. The present Law Commission report relates only to civil proceedings, which currently regulates computer evidence through the Civil Evidence Act 1968. Section 5 of that Act enables a statement, contained in a document produced by a computer, to be admissible as evidence of any fact of which direct oral evidence would be admissible, if certain conditions are met in relation to the statement and the computer which generated it. Criticism of the conditions is centred on the now outdated considerations which were considered relevant in 1968. For example, para 3.63 of the report
86
notes that the safeguards directed at the batch processing of identical transactions, and mainframe computer operations processing large numbers of similar transactions daily, has now been superseded by new technology, including micro computers and more sophisticated software, that has changed the pattern of computer use. The report notes the view held by Tapper that special provisions for computerised records may be unnecessary. This approach has been followed by the Civil Evidence (Scotland) Act 1988, which does not distinguish between computerised records and other business records, The provisional conclusion reached by the Law Commission is that the Hearsay Rule is a most confusing rule of evidence, posing difficulties for courts, practitioners and witnesses alike. Reform would do much to improve evidence law as a whole. It proposes the abolition of the Exclusionary Rule, whilst retaining some elementary and simple safeguards against abuse of the power to adduce hearsay. It invites comments on these options and the issues related to the safeguards proposed. The Law Commission Consultation Paper No 117, The Hearsay Rule in Civil Proceedings, HMSO, 1991, ISBN 011730199X, £6.20 net. SOLICITORS HAPPY WITH IT SYSTEMS - THEY THINK! In its latest survey of 120 of the country's top law firms, the management consultancy, Robson Rhodes, reports that virtually all of Britain's leading law firms (96%) claim to be happy with the effectiveness of their computer systems. However, very few practices had measurement systems in place to monitor how effective they really were. The 'core' systems of Accounting, Time Recording and Client/Matter databases are well established, but, in the past year, there has been a significant increase in the implementation of fee earner support systems and marketing databases. Almost half the firms participating in the survey reported that the UK recession was having no impact on their IT spending plans. Although 84.5% believed that their
41
systems did provide good value for money, there was some dissatisfaction with the training and software support services provides by legal system suppliers. The proportion of respondents using the UNIX operating system increased over the year to 52%. The four leading software suppliers to the legal profession - AIM, Mannesmann, Kienzle, Norwell and Miles 33, all offer UNIX-based solutions. WordPerfect is the clear market leader for word processing. The vast majority of firms (75%) currently do not employ a computer specialist to manage IT, while 62.5% continue to have no IT committee in house. More than half of the practices surveyed did not have a formally documented business plan and less than one third had developed an IT strategy for their practice. Further information on the Annual Survey of Legal Firms - Use of Information Technology, 1991 Results, from Robson Rhodes, tel: 071-2511644. COMPUTER MISUSE: DOES BUSINESS NEED MORE EXPERTISE AND INFORMATION? A study commissioned by the DTI aims to discover whether sufficient expertise and information is available to discover and combat computer misuse. The study, to be carried out by management consultants, Coopers & Lybrand Deloite, aims to establish to what extent the supply of expertise available to business, commerce and the police meets their needs, enabling them to detect and prosecute offences under the Computer Misuse Act 1990. The study will also investigate whether new sources of advice may be required, and recommend action which might be taken to improve any inadequacies in the market for expertise and information. The objectives of the study reflect the DTI's recognition that effective enforcement of the Computer Misuse Act, and its value as a deterrent to potential criminal action, could also depend on police forces, the business community and prosecuting authorities having ready access to up-to-date advice to help in the detection, collection of evidence and prosecution of misuse offences. If advice is not readily available, there may be a risk that the police and business will be reluctant to bring prosecutions under the Act, or cases may be mishandled.
The study begins immediately and is expected to be completed by September of this year. It is hoped that the main conclusions of the study will be presented and discussed at a conference on the enforcement of the Act, currently planned for the Autumn. The Government has targeted the DTI as the department responsible for promoting awareness of the Act throughout business and commerce, and for seeking to ensure that the Act can be effectively applied. In addition to Coopers, the DTI has appointed the law firm of Cameron Markby Hewitt to carry out the market assessment study. Further information from Coopers & Lybrand Deloite: Roger Usher (te1:071-8224529) or Mark Ambler (tel: 071-8222885). SURVEY ON FRAUD LIMITATION AND COMPUTER SECURITY Coopers & Lybrand Deloite has published the findings of a survey of the Financial Times top 500 companies, commissioned with the GALLUP organisation in April, designed to find out to what extent the UK's top companies were suffering from fraud and computer misuse and how they were addressing the risks. The survey found the nearly one in four (24%) had suffered a virus attack in the past three years, but, in nearly all cases, no permanent damage was caused to the system. The survey examined the extent to which fraud and computer security matters were considered at Board level; whether formal written policies on fraud and computer security exist; what communication was made with employees about fraud and computer security matters; whether an individual or committee had been allocated responsibility for coordinating fraud limitation initiatives; what contingency plans companies had; their experience of fraud and whether confidentiality was important if frauds occur; what attitudes they had towards insurance, and perception as to who is most responsible for the prevention and detection of fraud. Despite the equal media prominence given to hacking, this appears less of a problem, with only one in 20 (5%) of companies identifying a hacking incident in the past three years. However, of the five cases identified, three had serious consequences, such as corruption of data or loss of
87
company assets. Participants also agreed that it was likely that, so called, 'benign hacking' still remained undetected by many companies. Companies appear to be starting to address computer security issues, with almost three in five (58%) of the companies having done so at Board level within the last year. However, fewer than half the companies interviewed (43%) had contingency plans which specifically addressed computer security risk. Rod Perry, Computer Security Partner at Deloites commented: "It is encouraging to see that company Boards are becoming involved in computer security issues, but there is still a long way to go. The relatively high incidence of reported virus attacks and hacking mean that Boards must convert concern to policies and action which secure the continued integrity of their computer systems." The report - Fraud Limitation and Computer Security. Survey of Financial Times Top 500 Companies, April 1981, Coopers & Lybrand Deloite. Contact Rod Perry, tel: 071-8224575. Editor's Note: The National Computing Centre are also conducting a campaign to improve security and reduce fraud in business. Information packs are available at £95 for NCC members, consisting of a manual, a video on how to improve your computer security, and an interactive disk designed to lead management through the problem on their PCs (the packs are available for £750 each for non-registered businesses). Contact NCC, tel: 061-2286333. SURVEY REVEALS SERVICE IS THE KEY TO FUTURE BUSINESS SUCCESS A recent survey, commissioned by Digital Equipment Corporation (DEC), reveals that 94% of managers in service related industries recognise that the key to competitive success in the 1990s will be achieved by improved customer service. The survey of the service industry included retailers, wholesalers, travel and tourism, import/export companies, professional services, eg legal and accounting firms, management consultants, and marketing and advertising companies. The survey was carried out in association with management consultant, John Humble, and Management Centre Europe, and
compared attitudes of senior managers internationally with those in UK businesses. Fourteen European companies were included, as well as Japan and the USA. Although improved customer service was important, the survey found that only 56% believed that their organisations were actually putting the customer first. The Japanese attributed greater importance to service than their UK counterparts, with 84% saying that service to their customers was more important today compared with 65% of British managers. Old fashioned bureaucracy seems to be the main problem, with nearly half (43%) of the managers in financial service related companies admitting that, when bureaucracy interfered with customer service, it was unlikely to be eliminated quickly. Bureaucracy was closely associated to company size, with more than half (51%) of companies employing 2,000 people admitting that they found it difficult to break down bureaucratic barriers. This compared with only 26% in small companies employing less than 100 people. Commenting, Digital UK's Chairman and Chief Executive, Geoff Shingles, said: "The problem is that, as organisations grow, they tend to become more involved in themselves than in the customers they must serve. Innovative organisation structures are needed to focus individual initiative and enterprise on the customer. This is illustrated by our own business: for example, our roots have been in selling computers, but, due to changing customer needs, 41% of our revenue now comes from business services, such as planning, designing, implementing and managing complete systems for customers." Further information from Karen Meeks at Digital, tel: 0734-205180. DATA PROTECTION NEWS • Data Protection Registrar Appeals Against Tribunal's Decision The Data Protection Registrar has appealed to the High Court against part of the decision of the Data Protection Tribunal on the appeals by CCN Systems Ltd and CCN Credit Systems Ltd against enforcement notices under 1984 Act. This appeal has been made on the advice of leading counsel. The original enforcement notices were issued
against the four main credit reference agencies, requiring them to cease extracting information about other individuals (third party information) from their files, as a result of processing personal data on the basis of a credit applicant's current or previous address. The Tribunal upheld the Registrar's general view of the law, but partially allowed CCN's appeal and added some provisos to the enforcement notice. The Registrar's appeal is, in effect, against these provisos, which allow the extraction, in some circumstances, of information about other individuals. New Data Protection Guidance for Financial Advisors To assist businesses, which arrange personal investment or provide financial advise to individuals, the DP Registrar has published a new Guidance Note, No 24 - the latest in a series examining specific data protection issues for the benefit of particular businesses or professions. Financial intermediaries must comply with the obligations contained in the eight principles of good practice that lie at the heart of the Act. tn particular, for financial advisors and tied agents, the first data protection principle stating that "the information to be contained in personal data shall be obtained, and personal data should be processed, fairly and lawfully'~ is likely to be especially important. The Guidance Note outlines general points to be kept in mind when obtaining information about individuals which is to be kept on computer. It also makes specific recommendations on how to apply this guidance in the context of the requirements of the Financial Services Act, particularly in situations requiring the use of a questionnaire. Commenting, Eric Howe said: "Over the years, we have received a number of complaints and enquiries from people who have been concerned about the extent and nature of the information they were being asked to supply to financial intermediaries. They were also often unclear about how this information would be used. This new Guidance Note aims to help those within the industry to
88
obtain personal data in a manner which reassures their customers whilst also avoiding breaking the law." Editor's Note: Under the Data Protection Act t984, any individual or organisation controlling the contents and use of information about living individuals, which is stored or processed on computer, is generally required to register with the Data Protection Registrar. tt has recently been announced that the fee for registration (for a three year period) will be increased from £56 to £75 from 1 June 1991. Failure to register is a criminal offence. DTI NEWS • New Security Export Control Booklet The DTI has published its new Security Export Control booklet, intended for guidance only, to allow exporters to the proscribed destinations to assess their products against the latest controls, which follow revisions to the COCOM Lists made during 1990. These changes introduced major relaxations to export controls in a number of areas, and many of these are reflected in subsequent amendments to the Export of Goods (Control) Order 1989, which is available from HMSO bookshops. It is noted that not all the COCOM agreed changes have been incorporated into that Order. As a further major revision of the COCOM controls is now underway, this booklet will serve only as an interim measure until the new controls are agreed and come into force later this year, at which time a new booklet will be issued. It will be some time before these new controls, once published, are reflected in a new Statutory Instrument. It should be noted that there are special restrictions covering traq, the details of which can be found in the Export of Goods (Control) Iraq and Kuwait Sanctions (Order) 1990. For further information, contact the Export Control Organisation on tel: 071-2158070. Copies of the booklet are available at £7.50 each.
• AIvey Report on Advanced IT Published An independent evaluation of the influence of the Alvey Programme for Advanced Information Technology has been published. The report was prepared for the DTI and the Science and Engineering Research Council (SERC) by the Science Policy Research Unit (SPRU) at Sussex University and the Programme of Policy Research in Engineering, Science and Technology at Manchester University. The report concludes that the programme "met many of the targets it could reasonably be expected to attain", and that it compares well with the achievements of the Japanese Fifth Generation Programme and the US Microelectronics and Computer Technology Corporation. The main findings are that the programme is correctly focused to benefit the UK; is a success from a technical perspective; has considerably broadened and strengthened the UK's IT R & D capability; has nurtured successful and enduring links between academic and industrial IT researchers; but has not yet achieved the exploitation of research results that might be anticipated. Among the lessons identified are the importance of improving company management of the interface between R & D and production activities; the need to involve 'user' companies in the research process to improve exploitation; the desirability of more education and training to compliment R & D, and particularly in the take-up of the new technology; and the need for yet further efforts to bridge the gap between academic and industrial research practice. The report - Evaluation of the Alvey Programme for Advanced Information Technology - is available from HMSO at £17.25 (ISBN 0115152814). • DTI Launches National IT Security Scheme The DTI and the CommunicationsElectronics Security Group has announced the full operational launch of a national scheme for the security, evaluation and certification of IT systems products. The scheme, announced as a pilot project in August 1990,
provides for third-party security testing and independent certification of IT products and systems. The evaluation service is provided by commercial bodies, licenced as Commercial Licenced Evaluation Facilities (CLEFs). CLEFs may work under contract to all branches of industry, commerce and Government. The CESG is the Government's national authority for the software and hardware aspects of IT security. It devises HMG standards for evaluation and certification, and establishes facilities in which software and hardware can be tested against these standards and certified accordingly. It also establishes a programme of research of development to ensure an adequate degree of security is achieved and provides advice on the planning and implementation of secure, computer-based systems. The scheme aims to promote an efficient and effective market in IT security and increase the choice of certified products, bringing benefits to both users and vendors of IT products. The aims is that users should gain from increased confidence in the security capabilities and value for money of their investment in secure IT products and systems, whereas vendors will gain from targeting future product developments to market requirements. This will improve market product marketability and availability of a fair and objective evaluation and certification service. A leaflet, °UK IT Security, Evaluation and Certification Scheme" explaining the scheme and its objectives, is available by contacting the agency on tel: 0443-821877. RECENT BRITISH IT STANDARDS The British Standards Institute has issued a number of recent IT related British Standards. They include: - BS ISO 8802-2 Information Processing Systems - Local Area Networks. - BS ISO/IEC 10021. IT - Text Communication - MessageOriented Text Interchange Systems. - BS 7369: 199t. Specification for Multi-Frequency Tone Signalling Protocol for Social Alarm Systems. - BS ISO/IECTR 9577: 1990. IT Telecommunications and
89
Information Exchange Between Systems - Protocol Identification in the Network Layer. - BS ISO/IEC 10022: 1990. IT Open Systems Interconnection Physical Service Definition. - BS ISO/IECTR 9575: 1990. IT Telecommunications and Information Exchange Between Systems - OSI Routeing Framework. - BS EN 27 810: 1991. Guide to Design, Construction and Use of identification Cards. - -DD 181: 1991. Techniques for Using Standard Generalised Markup Language (SGML). - BS ISO/IEC 9549: 1990. IT Galvanic isolation of Balanced Interchange Circuits. - BS ISO/IEC 9805: 1990. IT Open Systems Interconnection Protocol Specification for the Commitment Concurrency and Recovery Service Element. - BS ISO/IEC 8881: 1989. Information Processing Systems Data Communications - Use of X.25 Package Level Protocol in Local Area Networks. For further information, contact BSI, tel: 0908-220022. TELECOMS NEWS IN BRIEF SACOT Gives Qualified Welcome to Duopoly Review Decisions The Scottish Advisory Committee on Telecommunications (SACOT), at its first meeting since the issue of the Government's White Paper on telecommunications policy for the 1990s, has welcomed the concept of greater competition, but expressed concern about some of the effects which this might have on Scotland. The Committee, in two separate papers, expressed various concerns, which it felt were not addressed within the White Paper. The Committee believes that, if the less densely populated areas of Scotland, and the UK in general, are not to be disadvantaged, due regard must be paid to the policies of the Council of European Communities through the necessary Government stimulus. Scotland's particular problem, in connection with UXD-5 digital exchanges, has to be addressed to allow for at least the provision of itemised billing and call barring. The
Committee believes that dates should be set for the universal availability of narrowband integrated services digital networks, universal mobile 2-way systems, universal 2-way satellite systems, and, ultimately, universal availability of broadband ISDN via wireless or cable. William Begg, Chairman of SACOT, said: "Advanced telecom services are vital to the development of any area of the country and, if Scotland is not to be at a disadvantage within the EC, it is essential that views expressed by the Council of European Communities, in relations to telecoms, should be applied, as if little or no action is taken the gap between favoured regions and less favoured region will widen." Editor's Note: SACOT was set up by the Secretary of State for Trade and Industry, under Section 54 of the Telecommunications Act 1984, to advise the Director General of Telecommunications on all aspects of telecoms matters affecting consumers, purchasers and other users of telecoms services and apparatus in Scotland. • DG of Telecommunications Issues Statement on Proposed Modifications to BT's and Mercury's Licences Sir Bryan Carsberg, Director General of Telecommunications, has issued a statement setting out the position and his intentions for future action on the proposed modifications to BT's and Mercury's licences. The modifications were advertised on 7 March, following publication of the Government's White Paper on the duopoly review. The statement reports that most of the comments relate to the proposal to require BT's competitors to pay a contribution to BT's costs of providing exchange lines. Sir Bryan says that the main issue is the need to ensure that competition is free from bias. The policy decision to move to an environment in which most of telecommunications is open to competition creates a need to modify the present arrangements. Several substantial comments have been received on the proposed licence modifications, and many of these expressed
concern about the relatively short time available for consideration of the detailed proposals, which are tong and complex. Sir Bryan believes that to limit present uncertainties, and to provide a basis on which the additional competition envisaged by the White Paper can begin to develop, there is a need to take additional time to weigh the points raised in the representations. Further information from OFTEL, tel: 071-8221641. CELLNET to " O K " Mobile Data Products CELLNET, Britain's largest mobile phone network operator, has announced a scheme to stamp the new generation of mobile data products with 'CELLNET Compatible'. The stamp will reassure customers that the modems, fax machines and interface units they buy are ideally suited to mobile data communications. The CELLNET compatible scheme is announced at a time when developments in the computing and mobile communications industries have come together so that users of the latest computing equipment can make the most of the freedom that mobile communications can bring. During the past 18 months, CELLNET has tripled the capacity of its network with an investment of £220 million. CELLNET network covers over 97% of the UK population. The hope is that the scheme announced will enable customers to make an informed choice of products to meet their needs, assured that they are designed to be compatible with the CELLNET network.
TECHNOLOGY CHALLENGES THE CONSTITUTION An interesting article appeared in Time magazine on April last that speculated whether the fast changing technologies of the late 20th Century will pose a challenge to American taws and principles already established. Into the debate came Harvard Law Professor, Laurence Tribe, who wondered
90
whether the Supreme Court was now incapable of keeping up with the pace of technological change. The background to the debate is the capacity of modern IT to translate text, pictures, film, sound and graphics etc into a digital medium able to record every phone call, cash withdrawal and credit card transaction and in which copies of the original can be created in a form indistinguishable from the real thing. The motivation for the article was the raid carried out in May of last year, when 150 Secret Service agents in 14 American cities, seized 42 computers and many thousands of floppy discs, in a raid designed to deal with a group of young computer enthusiasts who were allegedly dealing in stolen credit card numbers, telephone access codes and other types of information contraband. The issue of controlling such activity has now become one of conflict between computer related privacy and free speech. Recent illustrations of this have been covered in previous issues of CLSR. See, for example, Bernard Zajac's column on page 37 of the last issue, dealing with the caller ID issue - a device that displays the phone numbers (including unlisted ones) of incoming calls enabling the caller to see who is dialling them. Another example is Lotus Development Corporation's abandonment of its proposed joint venture with a leading credit rating bureau Equifax - to distribute a database listing the consumer habit of 120 million US households. The issue, however, is not perceived as simply one of control. The former president of Lotus, Mitch Kapor, whilst condemning unauthorised access into computer systems, nevertheless believes that the civil liberties case for freedom of information in the domain of digital communication and information storage has not been fully addressed. He is now providing a fighting fund to enable the civil liberties issue to be confronted in present litigation to avoid inappropriate legal precedents being set that might harm Americans in the next century. DATA PROTECTION BILL INTRODUCED IN CONGRESS Congressman Bob Weiss of Virginia has introduced the Data Protection Act of 1991, H.R.685 Cong. Rec. H755 (Jan 29 1991), to establish a specia/ised Government agency
responsible for privacy issues that arise in respect of the use and misuse of personal information stored in computer systems. The move for the legislation arises, in part, following concern that foreign data protection activities are having a direct and significant impact on American business interests. Commenting, representative Weiss said: "Many other countries have passed data protection laws and created governmental institutions with responsibilities to implement and enforce national data protection standards. Nervousness about the transborder flow of personal information has led to the preparation of a draft EC Directive on the protection of individuals in relation to the processing personal data. Adoption of this Directive could make it expensive or impossible for American companies that need to transfer personal data to and from Europe to do business. The result could be a loss of jobs, profits and business opportunities for America." The proposal is that a Data Protection Board be established to act as a consultant watchdog and facilitator to help Government and industry deal with the increasingly complex balance of privacy interest, data protection policies and exploitation of technology. TRAP DOOR LEGISLATION REVEALS CONSTITUTIONAL WARFARE The following bombshell resides in a counterterrorism bill now before Congress: "It is the sense of Congress that providers of electronic communications services and manufacturers of electronic communications service equipment shall ensure that communications systems permit the government to obtain the plain text contents of voice, data and other communications when appropriately authorized by law." This appears to be a broadside to encryption technology. It seemingly requires the purveyors of communications services and equipment to be able to unscramble encrypted messages without user consent. That might mean developers must construct trap doors or similar unwanted features in encryption schemes. The provision is worded as an unacceptably vague political
declaration rather than as a law. A properly crafted statute would be much more specific and would lay out the precise penalties for anyone violating it. This confusing bill should not, and likely will not, survive in its present form. It is, nevertheless, important. It constitutes the first shot in the latest battle of an eternal war. Our society harbors two blood enemies: privacy interest and law enforcement interests. Dispute between them erupts every time communication technology advances. When the telephone came out, lawsuits were fought over whether the police could tap conversations. Congress eventually passed the Wiretap ACt to strike a balance between privacy and law enforcement. The Act makes phone conversations private, but allows police eavesdropping under court supervision. In 1986, Congress had to amend the Act to confirm the privacy of computer messages, but it also installed procedures to permit some government discovery of those messages. Neither privacy nor law enforcement interests are ever total winners under our law. The Fourth Amendment to the Constitution protects us from our unreasonable searches by the government, not all searches. Privacy rights are always subject to controlled police surveillance. Encryption technology could unjustly tip the balance of power in favor of privacy. There are stories about wily drug traffickers encrypting their telephone conversations. An active imagination envisions the day when all messages are scrambled, and law enforcement is dealt a serious blow. But this does not mean we should undermine encryption technology. Encryption permits law abiding businesses to protect their trade secrets. So can we find a compromise? Formulation of a fair law requiring the construction of trap doors would be very challenging - but not necessarily impossible. Congress could license encryption equipment and require trap doors as a condition to obtaining a license. Congress would have to criminalize both the sale of unlicensed equipment and the use of it with the intent to conceal information. The trap doors themselves could be sured with cryptographic "locks." The keys to those locks could be collected and guarded by a new,
91
trustworthy body - maybe a government agency, a series of independent foundations or a combination thereof. Users would need ironclad asssurance from the body that the keys are secure. Unfortunately, the establishment of a trusted body would cost money. An obvious source of funds would be a charge on purchases of approved encryption equipment. That could adversely affect our nascent encryption industry. Further, the construction of trap doors might make encryption more cumbersome to use. The measure now before Congress is woefully deficient as it stands. But it does open legitimate debate on how to balance the use of a technology that can serve both good and evil. Information from Benjamin Wright Report Correspondent TWENTY TWO COUNTRIES CITED FOR INADEQUATE COPYRIGHT PROTECTION OF IP The International Intellectual Property Alliance representing the US copyright industries has identified 22 nations that it believes have failed to provide adequate copyright protection or fair market conditions for US films, music, records, books and software. According to the organisation, total losses suffered by these industries in the countries listed reached $4.17 billion in 1990. Four countries were identified for priority concern - China, India, Thailand and Indonesia. Such designation triggers a formal investigation under Section 301 of the 1988 Trade Act. Such investigation, if unsuccessful in resolving outstanding issues, could result in the imposition of trade sanctions. Countries targeted for inclusion in the US trade representative priority watch list were Mexico, Brazil, Greece, the Philippines, Poland, Turkey and the United Arab Emirates. Countries proposed for inclusion on the lesser 'watch lists' were Cyprus, Egypt, El Salvador, Germany, Italy, Korea, Pakistan, Saudi Arabia, Taiwan, the USSR and Yugoslavia. Recommended for removal from the watch list was Malaysia, following a "significant improvement in copyright protection and enforcement". Commenting, Jack Valenti, for the IIPA said: "In the two years the special 301 legislation has been in effect, the US trade representative has issued warning citations to countries which
have denied access to their markets and failed to protect our copyrights. Some countries have heeded to those warnings, others have not. It is now time for USTR to demonstrate to these countries that the US is serious about removing barriers to our copyrighted products. Countries which have refused to remove trade barriers or protect intellectual property should immediately be designated as 'priority foreign countries" according to the Congressional mandate in the 1988 Trade Act." Editor's Note: An EC report has strongly criticised the US for its use of Section 301 as a mechanism for resolving trade disputes. The report criticises Section 301 as being incompatible with the General Agreement on Tariffs and Trade (GATT). It also criticises US policy which seeks to impose controls on individuals and businesses beyond American jurisdiction. The EC states that barriers still exist in the field of telecommunications, public procurement and standard setting. SUPREME COURT REVIEWS DATA COMPILATION COPYRIGHT
As reported in the last issue of the CLSR at page 48, the United States Supreme Court has rules that the white pages of a telephone directory do not meet the constitutional or statutory copyright requirements for registration under the US Copyright Act. The issue is a board one and basically concerns the kind of copyright standards applicable to compilations of fact. The basic question that the court had to consider was whether the defendants, in appropriating the listings, has taken anything 'original' of the plaintiffs. The plaintiffs had made a 'selection' of a sort of gathering basic information - name, town and telephone numbers about each person applying to the company for telephone servies. However, this selection "lacks the modicum of creativity necessary to transform mere selection into copyrightable expressions" The court stated that, whilst facts themselves are not copyright, compilations that demonstrate some level of originality can be protected. Moreover, protection could also be granted for the "selection and arrangement" of material, such as a directory, that contains absolutely no protectible written expression. A subsequent compiler was free to use the facts
contained in another's work to aid the preparation of a competing work, provided the latter did not feature the same original selection and arrangement found in the first. Commenting on this, the court said: "It may seem unfair that much of the fruit of the compiler's labour may be used by others without compensation," but this may be consistent with copyright principles which "assures authors the right to their original expression, but encourages others to build freely upon the ideas and information conveyed by a work." See Feist Publications Inc v Royal Telephone Service Co Inc, US, Sup Ct, No 8 9 - 1 9 0 9 , 27 March 1991.
also insufficient to destroy the standard of originality required for copyright protection. Under US law, this required that a work be independently created by an author emboyding no more than a modest amount of intellectual effort. In this regard, "novelty and uniqueness is not essential". The case continues with the issue of substantial similarity and the scope of protection still to be considered by the court.
APPLE WINS FURTHER PRE-TRIAL SKIRMISHES
The Commission has published proposals aimed at making the EC electronics and information technology industry more competitive. However, Commission Vice-President, Philippo Pandolfi, responsible for technology, said no additional funds would be available. Instead, existing funding programmes would be retargeted to meet the demands of 1990's markets. The new approach involves action on five levels: First, Member States will be encouraged to improve connections between their public databases, for example on tax information, thus encouraging demand for IT products; secondly, the EC might start second generation research and development projects; thirdly, multidisciplinary training projects will be launched or strengthened; fourthly, equal access for European IT products on non-EC markets will be sought through both multilateral and bilateral agreement; lastly, the business environment for electronics will be improved by trying to speed up harmonisation of standards.
On 6 March last, Judge Vaughn Walker, in the court for the Northern District of California, ruled that Apple's copyright in the visual displays of its Macintosh computer user interface were not invalidated either by fraud on the copyright office or by lack of originality. Apple initiated legal action against Microsoft and Hewlett Packard in March 1988 alleging infringement in Hewlett Packard's "New Wave" program and Microsoft's "Windows", version 2.03. In the early stages of the litigation, the them presiding judge, William Schwarzer, ruled that a 1985 licence agreement between Apple and Microsoft enabled Microsoft to incorporate many of the features of the Mackintosh user interface into its windows operating system software and five application programs. However, there were 10 visual displays crucial to Apple's case which the earlier ruling had held were not subject to the 1985 agreement. These displays involved the use of overlapping application windows, and certain changes in the appearance and manipulation of icons. In the latest skirmish, Hewlett Packard argued that Apple's copyrights should be invalidated because the Mackintosh user interface was based on the "star" and "smalltalk" programs developed at Xerox Corporation's, Palo Alto Research Centre. Judge Walker held that, whilst it was clear that Apple had borrowed some of the ideas underlying Xerox's programs, there could be no question of this depriving Apple of the presumption of copyright validity in its own works. Such borrowing of ideas was
92
NEW PROPOSALS FOR EC ELECTRONICS INDUSTRY
NEW PROPOSALS FOR THE INFORMATION SERVICES MARKET
Following the implementation of the first two-year plan of action (IMPACT.I) adopted by the Council in July 1988, a further set of proposals has now been launched to continue Community policy and actions in the creation of an internal information services market. This is the IMPACT.2 program. This is regarded as a matter of priority because of the strategic importance of information for research, industry and commerce, and the new requirements arising from the creation of the single market.
In the Commission's view: "It is of vital importance for all sectors and all aspects of economic activity that modem information services using advanced computer and telecommunications technology should be available;' Such services are vital to the long-term viability of European manufacturing industry, which is increasingly dependent on its speed of reaction to the needs of the market, which in turn depends on the services which supply the technical and commercial information necessary for developing products. The technology has become the essential component of major sectors of the services industry, such as banking, finance, transport, insurance and tourism; yet, despite the progress made, the development of a European market for electronic professional information services remains hampered by numerous technical, legal and linguistic barriers. The Commission argues that most services have been developed within the Community on a mainly national basis and do not have much impact as a force for economic integration at Community level. It is to tackle these problems that the proposed new programme, covering a five year period, is to be launched. It takes up the general objectives of the first plan and amends the lines of action and support mechanisms in the light of experience gained and of subsequent market developments. There are four lines of action proposed which focus on improving the standing of the market, overcoming legal and administrative barriers, increasing the userfriendliness of the services and improving information literacy, and supporting strategic information operations, the cost of which is to be shared with the public and private sectors. There will increased Community support to allow participation by small and medium sized enterprises, in particular in the less favoured regions of the Community. Initially, ECU 100 million will be made available by the Commission and it is hoped that a further ECU 125 million will come from the information services industry to co-finance shared-costs projects. See further, proposal for a Council decision setting up a programme for an information services market ( t O M (90) 570 Final), Brussels, January 1991.
EC SEEKS VIEWS ON COPYRIGHT TERM OF PROTECTION As part of its programme concerning copyright laws and related matters, the Directorate General for Internal Market and Industrial Affairs (DG III) is seeking views of interested parties on the need for harmonisation of the term of protection under copyright and neighbouring rights. Among the questions being asked is whether harmonisation of the term is necessary at all and, if so, on what the term should be. In particular, views are sought on whether it is desirable to vary the term of protection according tothe type of work (literary works, computer programs, musical works, photographic works etc). Comments should be sent immediately to the European Commission, DG IllF-4, NERV 6•26, 200 Rue de la Loi, B-1049, Brussels. BACKGROUND REPORT ON LIABILITY OF SUPPLIERS OF SERVICE The European Commission has published a short statement outlining its policy on liability of suppliers of services. An essential feature of the completion of the internal market is the harmonisation of legislation within the different sectors of the Community. The service sector, which in economic terms currently accounts for more than half the added value produced in the Community each year, is also extremely important as regards consumer safety. As the service sector begins to take full advantage of free movement within the Common Market, protection measures must be enhanced in order to increase consumer confidence. Studies carried on consumer protection reveal that the situation in Member States is changing all the time in favour of persons injured by defective services. However, there are numerous variations within the community of the level of protection the consumer receives. These relate to the burden of proof where, in the UK, breach of contract or negligence must be proved against the supplier of a service. In other Member States, such as Spain, Denmark, Greece, Belgium and Germany, the burden of proof is reversed in favour of the consumer. The position of third parties also varies in the Community. The current proposal is to establish a general rule of safety, to prevent and
93
repair damage caused by the supplier of services. The consumer will no longer be required to prove the fault of the supplier of the services as the burden of proof will be reversed in favour of the consumer. If he can prove that the injury was a result of the provision of the service and the causal relationship between the damage and fault, then the supplier will be liable for damage caused either to the consumer's person or private property. Damages will be payable unless the supplier can show he was not at fault. Indirect loss or 'knockon' effects will not be covered. But, equally, there is no minimum amount of damage laid down by the proposal, so the victim will be entitled to full compensation in respect of those aspects of damage that can be claimed for. The Commission hope that legal uncertainty will be greatly reduced, making it easier for the consumer to claim for injury caused to his person or private property. It is too early to say what impact this will have on the information market, given the definition of service, which is held to mean anything other than the manufacture of goods or the transfer of rights. For further reference, see COM (90) 482 of 20 December 1990.
SEVEN HUNDRED ATTEND INTELSAT GLOBAL TRAFFIC MEETING Over 700 participants from 170 telecommunications providers and administrations attended the 17th Annual Global Traffic Meeting of the International Telecommunications Satellite Organisation held in Washington DC in early May. The meeting concluded with a traffic forecast indicating that the use of digital carriers for public-switched network traffic would double in the next five years. Overall, the preliminary forecast for total global circuits connected to the publicswitched network reveals a more rapid conversion from analogue to digital services, as compared to the results of last year's meeting. Revised forecasts also indicate that, relative to other ocean regions, the fasted growing region would the Indian sector, where circuit usage is expected
to increase up to 23% over the next five years due to connectivity opportunities in a coverage area stretching east from Europe to Eastern Asia and Australia.
WORLD TELECOMMUNICATION DAY CHOOSES THEME OF TELECOMS AND SAFETY OF HUMAN LIFE Every year, 17 May is celebrated by the member countries of the International Telecommunication Union (ITU) as World Telecommunication Day. This Day commemorates the signing in Paris in 1865 of the first international telecommunication agreement, known under the name of International Telegraph Convention. This Convention created the Union as the International Telegraph Union by signatories of the 20 founding States. This year, World Telecommunication Day was
celebrated as part of the Natural Disaster Prevention Decade which was proclaimed by the United Nations General Assembly. Other international organisations, whose activities are significantly dependent on tetecoms, have therefore been associated with celebrations. These include the International Civil Aviation Organisation, the International Maritime Organisation, the World Meteorological, the Office of the UN Disaster Relief Coordinator, and the League of Red Cross and Red Crescent Societies. Commenting, the ITU Secretary General, Pekka Tarjanne, said: "Today we possess an array of telecommunication services for use in disaster prevention, early warning and relief. Transportable satellite earth stations can be used for emergency communications and, coupled with land-based facilities, provide a vital tool for relief
operations. However, much remains to be done to ensure the fast transborder movement of such telecommunications equipment to disaster sites. With this in mind, the ITU, working with other concerned organisations, has proposed a project to facilitate the speedy movement and customs clearance of telecoms equipment for disaster use, which could, in due course, lead to an international convention. Also, cellular technology can prove to be a solution to the difficult problem of providing telecoms outside major urban centres and, in particular, for emergencies. It is my ambition to speed ~p the arrival of relief for anyone in danger or distress, wherever disaster may strike or, more generally, in need of assistance in rural and remote areas"
Compiled by Stephen Saxby Editor
BOOK REVIEWS TECHNOLOGY AND THE COURTS
EXPERT SYSTEMS
Electronically Recorded Evidence - A Guide to the Use of Tape and Video Recording in Criminal and Civil Proceedings, by Cybil Sharpe, 1989 (Fourmat Publishing), 126 pp., £14.95, ISBN 1851900713 As the author notes in her preface: "The extent to which
Expert Systems in Auditing, by J C Van Dyjk and Paul Williams, 1990 (MacMillan Publishers), 192 pp., £50, ISBN 0333556038 The purpose of this book is to examine the role of expert systems in the computerisation of auditing. It has been written primarily for the practising auditor, either in a public accounting firm or in an internal audit function. The authors point out that computerisation of the audit domain has been an objective for almost 25 years now, but, to date, there has only been limited success in eliminating some of the real bottle-necks in the audit process, since so much is dependent still upon skill and experience. Automation has not eliminated this requirement, but expert systems show promise, especially since the latter is involved in knowledge transfer. The objective, therefore, is to assist the reader to gain an understanding of the potential of expert systems for the auditor's practice, as well as an appreciation of their limitations. There are three parts examining artificial intelligence, auditing as an application of expert systems, and implementation considerations. Appendices deal with the audit process flow; expert audit systems; literature on artificial intelligence and expert systems; and a glossary of terms. In addition to its practical application for auditor and public accounting firms, the book would also be of value to teachers and students in auditing subjects at universities, as well as on training courses organised by the accountants' institutes. Available from: MacMillan Publishers Ltd, Brunel Road, Houndmills. Basingstoke, Hants, RG21 2XS.
the courts admit electronically recorded evidence underlines the current and increasing use of new technology in the judicial process." The courts are currently facing a quiet revolution in the application of technology ~ to the presentation of evidence. This is evident, in particular, ~:~: with developments in the past few years in the use made of video and tape recorded evidence and the legislation ~ passed to regulate its use. This new technology has highlighted a host of issues, not least the uneasy balance between video surveillance and the law of privacy. Many other issues arise too, from the concerns about the value, authenticity and admissibility of electronically recorded evidence, to the civil liberties questions that underlie its ~'~!~igathering and use. This book examines recent case law ~: developments on such evidence and reports on the Code ~! of Conduct on the tape recording of interviews made i:i pursuant to the 1984 Police and Criminal Evidence Act. ~:~ It also examines Crown Court rules concerning the interviewing of children by closed circuit television links. In addition, the provision of the Criminal Justice Act 19B8 ii#iii i~ concerning evidence are discussed generally, as well as in relation to child witnesses in particular. ,~, Available from: Fourmat Publishing, 27-28 St Albans
~i~ Place, Islington Green, London, N1 ONX.T
94
~ii ~:: ~,~ !!! ~:; ~!:;
:~i~ i~i i:i.
ii:~
~i