Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Legal Issues Arising from Providing IT Services & Facilities Alex Reid Director, OUCS ITSSC-2000 - Legal Issues - Alex Reid, OUCS 29-Jun-00 1 CONTENTS Background Membership Status Report Recommendations Current Status ITSSC-2000 - Legal Issues - Alex Reid, OUCS 29-Jun-00 2 Background Initiative of the IT Committee (under Joe Stoy) Rationale: Increasing numbers using networks Increasing potential or real threats Changing legal framework (see on) Extent of University’s liability for actions of its staff & students First Set Up May 98 First Report Feb 99 Council Augmented Membership Final Report Nov 99 ITSSC-2000 - Legal Issues - Alex Reid, OUCS 29-Jun-00 3 Changing Legal Framework Defamation Act 1996 Godfrey vs Demon (Times 20/4/99) WIPO Copyright Treaty 1996 EU Directive being drafted Obscene Publications Act 1959, 1964 & Criminal Justice & Public Order Act 1994 publishing obscene material for gain Protection of Children Act 1978 & Criminal Justice Act 1988 Computer Misuse Act 1990 JISC Briefing Paper (New Developments in UK Internet Law http://www.jisc.ac.uk/pub/index.html#briefing) Morrell, Peel & Gamlen: Electronic Networks - Potential Liabilities for Network Providers and User Organisations, 1995 Manches: Caught in the Web - Law and the Internet (2nd ed), 1998 Fyfe Ireland: Issues of Internet Liability (Report for Glasgow University), 1996 ITSSC-2000 - Legal Issues - Alex Reid, OUCS 29-Jun-00 4 Membership Chaired by Chairman of IT Committee (Stoy, then Woodhouse) OUCS Director (Reid) University Legal Services Director (Anelay) Professor of IP & IT Law (Vaver) Council member (Hackney) Secretary from Legal Services Office (Barnwell) Later afforced by: Departmental Administrator (Plummer) College Bursar (Ruck-Keene) College Senior Tutor (Kirwan) College IT Fellow (Matthews) ITSSC-2000 - Legal Issues - Alex Reid, OUCS 29-Jun-00 5 Main Recommendations Council adopt a statement denying “right to private use” Council adopt a statement limiting “right to privacy” IT Committee have the power to make Rules IT Committee make and regularly revise Rules Revise the Rules now Procedures for authorising research using otherwise prohibited material Visibility of servers of various kinds outside Oxford be controlled Content on visible servers be subject to regulation Third parties (including colleges) connected to Janet via Oxford’s network be required to provide indemnities Clear authority for College action ITSSC-2000 - Legal Issues - Alex Reid, OUCS 29-Jun-00 6 Right to Private Use The University provides computer facilities and access to its computer networks only for purposes directly connected with the work of the University and the colleges and with the normal academic activities of their members. Individuals have no right to use University facilities for any other purpose. ITSSC-2000 - Legal Issues - Alex Reid, OUCS 29-Jun-00 7 Limitation on Right to Privacy The University reserves the right to exercise control over all activities employing its computer facilities, including examining the content of users’ data, such as e-mail, where that is necessary (a) for the proper regulation of the University’s facilities; (b) in connection with properly authorised investigations in relation to breaches or alleged breaches of provisions in the University’s statutes, decrees and regulations, and the rules on computer use published by the IT Committee from time to time; or (c) to meet legal obligations. Such action will only be undertaken in accordance with guidelines laid down and published from time to time by the IT Committee ITSSC-2000 - Legal Issues - Alex Reid, OUCS 29-Jun-00 8 Power to Make Rules OUCS has the power in relation to its facilities Could rely on that Too narrow a legal point Library Committee analogy Guidance/Direction to departments Ensures proper consultation Added weight to the Rules IT Committee to make and regularly revise Rules Issue revised Rules now: fairly straightforward revision of current OUCS Rules; guidelines on when/how privacy can be invaded derived from existing SecPriv Guidelines ITSSC-2000 - Legal Issues - Alex Reid, OUCS 29-Jun-00 9 Authorising Research Accessing “forbidden” material for legitimate research purposes Case at Bristol University (Guardian, 27/5/99) Cases here (offensive material & child porn) Case at University of Central England (book of photographs by Robert Mapplethorpe - Oct 97, Independent, 7/3/98) Staff members and students Who is authorised to endorse such research? Proper procedures RSO, CVCP, UCISA, SCONUL, Peter Sommer (Computer Security Research Centre, LSE - aka Hugo Cornwall, author of Hacker’s Handbook), ... ITSSC-2000 - Legal Issues - Alex Reid, OUCS 29-Jun-00 10 External Visibility of Web Servers Improper material being mounted on a Web site (pornography, libel, offence, IPR infringement,…) Possible defences against legal consequences: Denial of responsibility; Scan all sites for offending material; Have clear-cut policies and ensure they are well-publicised; Act swiftly if brought to your attention; Do spot checks; Have proper procedure for maintaining appropriate balance between freedom of expression and giving offence; Defence of innocent dissemination. Ensure all Web sites/servers are under proper “supervision” Deny external visibility to any that are not Applies also to Newsgroups, Hotline, anon-ftp, IRC, email, etc. ITSSC-2000 - Legal Issues - Alex Reid, OUCS 29-Jun-00 11 Third Party Indemnities UKERNA’s requirement (for connected 3rd parties): UKERNA and the Funding Councils “are indemnified for any and all losses caused to them by improper use of the facilities granted to the organisation” being connected. Applies to those organisations which, while not being a part of the University, have association with it, and are connected to Janet via the University network Applies also to Colleges And to anyone connected via a College Colleges currently being consulted ITSSC-2000 - Legal Issues - Alex Reid, OUCS 29-Jun-00 12 Third Party Indemnities Proposed Indemnity: The University is indemnified by xxx College for any and all losses caused to it by the improper use of the University’s computing or network facilities accessed via college facilities where the use in question is by: 1. A third party authorised by the college to use college facilities; 2. A member or employee of the college, for purposes unconnected with the University or with academic study or research; 3. A member or employee of the University who is not a member or employee of the college, for purposes unconnected with the University or with academic study or research; 4. A person or persons, whether or not known to the college, who has obtained access to University facilities in breach of University and/or college rules. ITSSC-2000 - Legal Issues - Alex Reid, OUCS 29-Jun-00 13 Clear Authority for College Action Ultimate Sanction - Cut Off External appearance is of a unitary university Need to act in concert Need to act quickly Need to identify someone with the authority to act quickly ITSSC-2000 - Legal Issues - Alex Reid, OUCS 29-Jun-00 14 END QUESTIONS? ITSSC-2000 - Legal Issues - Alex Reid, OUCS 29-Jun-00 15