Legal Issues

CE00303-3 Critical issues in Managing MIS in Organization

Legal Issues

Learning Outcome
Explain the various legal issues surrounding Information Systems

CE00303-3 Critical issues in Managing MIS in Organization

Legal Issues

Key Words
Patents copyright trademarks trade secrets Defamation ISP Liability Privacy Jurisdiction Issues
Legal Issues

CE00303-3 Critical issues in Managing MIS in Organization

Law Caveats
Some people read the text of the law and think they know it. Things are never so easy. If you have questions ask a lawyer. Others ignore the law relying on corporate lawyers in case something goes wrong. This is not a good idea. As in any other system, catching problems in the design phase is always better than in the debugging phase.
CE00303-3 Critical issues in Managing MIS in Organization Legal Issues

Life for Lawyers

Supreme court ultimate authority when disputes arise Guiding Philosophy - Laws are passed based on how society should run - even if enforcement and legal interpretation issues have yet to be nailed down.

CE00303-3 Critical issues in Managing MIS in Organization

Legal Issues

When Worlds Collide . . .

Legal community always behind the technology curve Lawyers and politicians typically have poor technical backgrounds Different interpretations would result in different laws

CE00303-3 Critical issues in Managing MIS in Organization

Legal Issues

Patents
Embodiment of a specific methodology Competing products must use different method for achieving same task to avoid payments Definite lifespan beyond which patent information freely available for use by the public

CE00303-3 Critical issues in Managing MIS in Organization

Legal Issues

Copyright
Specific work Automatically held when work is created, but easier to defend if it is registered Definite lifetime beyond which the work is freely available to the public

CE00303-3 Critical issues in Managing MIS in Organization

Legal Issues

Trademark
Specific name or phrase Generic terms cannot be trademarked Trademarks can be lost if they are not defended Lost trademarks: aspirin, kleenex Held Trademarks: Coke, Pepsi

CE00303-3 Critical issues in Managing MIS in Organization

Legal Issues

Trade Secrets
Does not expire - as long as it is kept secret Competitors may not use secrets obtained through extraordinary means Example: Walled chemical plant layout learned through helicopter use

CE00303-3 Critical issues in Managing MIS in Organization

Legal Issues

Defamation
Publishing damaging statements you cannot prove about others The publisher and author are both liable Slander is a less serious, but similar, crime where damaging statements that cannot be proven are made in a public arena

CE00303-3 Critical issues in Managing MIS in Organization

Legal Issues

Bally Total Fitness Vs. Faber

A Bally Sucks web site was created by Faber complaining about Bally fitness centers The trademarked Bally seal was placed on the site overlaid with the words Sucks Bally sued Faber making claims of trademark infringement, dilution, and unfair competition.
CE00303-3 Critical issues in Managing MIS in Organization Legal Issues

Bally Case Decision

No trademark infringement - little possibility of confusion No dilution - the defendant did not sell a competing product and did not convey confusion about the authors identity No dilution (lessening ability of the plaintiffs mark to identify its goods and services) since defendant was not marketing a competing product Incidentally - no slander, negative opinions protected under the first amendment
CE00303-3 Critical issues in Managing MIS in Organization Legal Issues

ISP Liability
What is an Internet Service Provider Like? Phone Company: Route information flows between individuals Newspaper: Package content for distribution in a public forum Answer determines ISPs legal liability The rules have been in a constant state of flux in recent years
CE00303-3 Critical issues in Managing MIS in Organization Legal Issues

Ancient History (~Decade Ago)

Defamatory posting on Prodigy (Stratton Oakmont Vs. Prodigy Services 1995) Prodigy a large ISP Claimed to be family friendly. Prodigy advertised that internal newsgroups monitored for bad/inappropriate language Role of a publisher - hence, Prodigy like a newspaper CompuServe did not monitor users activity like a telephone company (Cubby Inc. Vs. CompuServe Inc. in 1991)
CE00303-3 Critical issues in Managing MIS in Organization Legal Issues

Modern Era Communications Decency Act

ISP may monitor user activity (according to policy) If statement to the effect that ISP does not take responsibility for user traffic in place then no ISP liability, BUT Area for complaints must be available Complaint response must happen in a timely fashion
CE00303-3 Critical issues in Managing MIS in Organization Legal Issues

DMCA
Digital Millennium Copyright Act
If a copyright infringement is claimed a web site must be taken down (however tenuous the claim may be) Web site can only be reinstated after an appeals process.

CE00303-3 Critical issues in Managing MIS in Organization

Legal Issues

Near Future? . . .
European Computer Crime Treaty may be created by the end of this year ISPs may be required to monitor user traffic with a 40 day data-log. ISPs not explicitly exempt from liability Hacker/Security Tools Illegal Citizens must provide passwords for data seized by police
CE00303-3 Critical issues in Managing MIS in Organization Legal Issues

Privacy in the Workplace

Test for employers/employees - Do you have a reasonable expectation of privacy? A case can be made that private e-mail on business machines still private, but this is not the law Work-related material on business machines is definitely not private
CE00303-3 Critical issues in Managing MIS in Organization Legal Issues

Privacy in E-mail
Legally, e-mail is like a postal letter Expectation of privacy in transit Mail loses its special protected status once it leaves the letter carrier's grasp For e-mail, Expectation of privacy while signal travels over Internet E-mail loses its protected status at the mail server whether you have read it or not
CE00303-3 Critical issues in Managing MIS in Organization Legal Issues

Spam and Address Spoofing

Matthew Seidl v. Greentree Mortgage Co. (1998) Greentree hired third party to send mass e-mail to potential customers (spam) Return address spoofed to read nobody@localhost.com (an actual address) Over 7,000 complaints sent to nobody resulting in denial of service for 3 days Libel case dismissed since third party was a contractor. Likely that third party would, in fact, be vulnerable to a lawsuit.
CE00303-3 Critical issues in Managing MIS in Organization Legal Issues

Business E-mail
Electronic Communications Privacy Act (1986) says all business communication belongs to that business Deleting e-mail can be ruled spoliation (intentionally destroying company records) Archive worthless if it cannot be indexed effectively (in effect, saving everything can be equivalent to saving nothing)
CE00303-3 Critical issues in Managing MIS in Organization Legal Issues

What about Privacy at Home?

A lot of public information is considered private. An increasing amount of public information available on the Internet
Reverse phone lookups Campaign Contributions Housing prices (Thwarted) Drivers license information and photographs
CE00303-3 Critical issues in Managing MIS in Organization Legal Issues

Data Collection
Data collection has few boundaries in U.S. Check privacy policy (can change!!) EU Safe Harbor agreement may change things in the future (TRUSTe web site privacy seal program)

CE00303-3 Critical issues in Managing MIS in Organization

Legal Issues

Jurisdiction
The Internet has no boundaries Is that really true? If you break a law in Finland, but you were on the Internet in the United States, what happens to you? What if you are in California and you break a law in Minnesota?

CE00303-3 Critical issues in Managing MIS in Organization

Legal Issues

E-Commerce Big Questions

Did you sell an illegal item to a resident of community X? Did you try to stop the flow of illegal sales into X? An easy example of where this might come up is found in the on-line pornography boom.

CE00303-3 Critical issues in Managing MIS in Organization

Legal Issues

Obscene or Offensive?
Indecent speech and offensive speech protected under the 1st Amendment Obscene speech is not But what is obscene speech?

CE00303-3 Critical issues in Managing MIS in Organization

Legal Issues

International Jurisdiction
Extradition over civil suits unlikely Big Question #1: Do you have assets in the country in question? Big Question #2: Will you ever try to enter country X?

CE00303-3 Critical issues in Managing MIS in Organization

Legal Issues

Godfrey Vs. Dolenga

Dolenga was a Cornell Biochemistry Masters student from British Columbia Godfrey, a nuclear physicist from London, made anti-Canadian remarks in a newsgroup Dolenga responded by flaming Godfrey Godfrey notified Cornell of the offensive remarks, but they were not removed (First Amendment) Godfrey filed defamation suits against Dolenga and Cornell in Britain (one of at least seven such cases)
CE00303-3 Critical issues in Managing MIS in Organization Legal Issues

Dolenga Did Not Defend Himself . . .

Dolenga was found guilty by default in English court BUT - Dolenga does not have assets in England and it is unlikely that American courts will enforce the British judgement.

CE00303-3 Critical issues in Managing MIS in Organization

Legal Issues

Cornell Did Defend Itself

Cornell has assets in England (the Cornell abroad program) The suit was for roughly 80,000 pounds. The University could have settled, but chose to take the case to court The suit was brought to a successful conclusion (for Cornell) Lessons to be taken away from this . . .
CE00303-3 Critical issues in Managing MIS in Organization Legal Issues

Conclusions . . .
The law is constantly changing and never as simple as it seems You should try to be familiar with the law to protect yourself (corporate lawyers are like a fire department, not like a seeing eye dog) Even so, you DO need the help of someone with formal training when dealing with legal issues
CE00303-3 Critical issues in Managing MIS in Organization Legal Issues

Q&A
Source: Staffordshire University

CE00303-3 Critical issues in Managing MIS in Organization

Legal Issues