Second Life: a fresh approach to a cease and desist letter
Cease and desist letters are usually heavy-handed.
But when Darren Barefoot put up a parody of Second Life called Get a First Life, using a variation of Second Life's logo, Second Life's lawyers responded with a nonexclusive, nontransferable, nonsublicenseable, revocable, limited license to use the modified eye-in-hand logo rather than a prohibition demand.
Legal liability of employee web designers
In Houghton v Arms  HCA 59, the High Court of Australia has held that two website designers who misled an internet wine business about the operation of a bank’s financial transactions facility were liable for misleading and deceptive conduct under the Victorian Fair Trading Act 1999 even though they were employees. The representations were fundamental to the wine merchant's decision to structure his business in a particular way.
Mr Arms traded under the name "Australian Cellar Door" and formulated a proposal for the provision by means of an internet web site, www.auscellardoor.com.au, of a service for the direct marketing of the products of small to medium independent wineries. The expectation was that direct "cellar door" sales would attract sales tax at a much lower rate and would avoid the need for the payment by the wineries of the margin, usually in the order of 30 per cent, required by agents or distributors when sales were effected by retail outlets. However the promised payment mechanism could not achieve that result.
The trial judge had accepted that representations had been made to their client Mr Arms, the substance of which was that, in order to run his business effectively and operate the auscellardoor web site, Mr Arms was not required to obtain any documentation from the wineries other than a form, with provision for banking details; WSA (the employer)had engaged in that conduct when it was incumbent upon it to alert Mr Arms to the existence of the additional requirements of the ANZ Bank, or to ascertain that there were no such additional requirements in order for a winery to become an ANZ e-Gate merchant. Ryan J found that, had Mr Arms known the true position, he would have changed the auscellardoor web site to a profitable method of trading by November 2000, not June 2001, and would not have lost the sum of $58,331 from the seven month "set back".
While the trial judge gave judgment against the employer but refused judgment against the employees, the Federal Court of Appeal allowed the action and the High Court upheld the Appeal Court decision.
Podcasting Legal Guide
Creative Commons have published a Podcasting Legal Guide. Whilst it's based on US law only, it identifies many issues which need to be addressed if a podcast is broadcast in other jurisdictions.
For example, it discusses the copyright status of unpublished works in the US:
"Every unpublished work from around the world of authors who died before 1936 is in the public domain in the United States. That means that the unpublished diary of an Australian who died in 1930 will be in the public domain in the U.S.; however, that same diary may still be subject to copyright under Australian copyright law in Australia. So, if you are marketing or targeting your podcast for a particular territory, you need to be aware of the copyright laws in that country as well as in the U.S. Moreover, because of the borderless nature of the Internet, you can't really stop your podcast from distributing to Australia, in which case you may be violating laws in another country."
ANAO Report on internet security in government agencies
The ANAO has published its audit report of internet security at six government agencies. For the six agencies audited, the
ANAO concluded that the current level of Internet security was insufficient, given the risks and problems identified through the audit findings.
The ANAO noted that a number of agencies could improve performance in some key areas, particularly email filtering, and all agencies audited could improve performance in one or more aspects of managing Internet security, such as the development of system security plans.
The ANAO made 5 key recommendations for the six agencies audited for the report, including Customs, the Australian Federal Police, the Nuclear Safety Authority, Medicare, Department of Industry, Tourism and Resources and the Department of Workplace Relations.
Extension of content regulation
The Minister for Communications, Information Technology and the Arts, Senator Helen Coonan, has announced that new safeguards will be put in place to protect consumers from inappropriate or harmful material on emerging content services such as 3G mobile phones and subscription-based Internet portals.
A recent Review of the Regulation of Content Delivered Over Convergent Devices found there is a need for specific safeguards for users of these services.
New laws will extend the current safeguards that apply to content delivered over the Internet or television to be applied to content delivered over convergent devices. This will include prohibition of content rated X18+ and above, requirements for consumer advice and age-restricting access to content suited only to adults.
Commonwealth Bank releases Australian internet banking survey
When I was researching Australian financial services website compliance I found little data about internet banking usage.
So the release of details from the Commonwealth Bank’s inaugural E-Money survey - an annual index of electronic banking usage in Australia, is a welcome addition.
The results include:
- of 6.8 million Australians that have used online banking, 85 per cent prefer the internet to manage their day-to-day banking needs;
- Convenience is the main benefit of online banking for half of all online users (50%); followed by time savings (29%), ease of use over traditional banking methods (10%);
- customers aged 25-34 year olds and full-time workers were the most likely to use internet banking, while those over 50 years of age preferred using branches;
- The most popular online transaction is funds transfer/bill payment;
- among those yet to try internet banking, only 32 per cent are concerned about internet security.
The technology behind Australia's access card
MIS Magazine's story on Australia's health and services access card highlights the huge planning and implementation obstacles to this project: there are already arguments over its specifications and the technology to be used.
Privacy and RFID
A group of multinational companies including IBM, Intel and Microsoft have issued draft guidelines for Privacy Best Practices for Deployment of RFID Technology.
RFID (radio frequency identification) raises privacy concerns when its use enables parties to obtain personally identifiable information, including location information, about particular individuals that those parties otherwise would be unable or unauthorized to obtain. This information may be a person's location; it may be that the person has a certain product in his or her possession; it may be that the person has used a particular service. Security concerns arise if unauthorized parties are able to obtain such information either from interception of the radio communications between tags and readers, through unauthorized reading of the tags, or via unauthorized access to the network or the database.
Representatives from various consumer groups and commercial enterprises developed these guidelines in an effort to address current privacy concerns, as well as to limit future concerns regarding the deployment of RFID technology.
The guidelines cover:
- giving of notice when information, including location information, is collected through an RFID system and linked, or is intended by a commercial entity to become linked, to an individual's personal information either on the RFID tag itself or through a database.
- Consumers should be offered such choice before the conclusion of the transaction to obtain a good or service, wherever practicable, so that, when coupled with robust notice, consumers are given the tools to effectively exercise their choice with respect to the use of RFID technology.
- Companies should exercise reasonable and appropriate efforts to secure RFID tags, readers and, whenever applicable, any corollary linked information from unauthorized reading, logging and tracking, including any network or database transmitting or containing that information and radio transmissions between readers and tags. In addition, companies should exercise reasonable and appropriate efforts to secure the linked information from unauthorized access, loss or tampering.
Australia is to have a health smartcard
The access card will replace 17 health and social services cards and vouchers across the Human Services portfolio.
The card will have the cardholder’s name, a digital photograph, their signature and card number. A microchip in the card will store a photo, address, date of birth and details of any children or other dependants. The card will also provide cardholders with the option to voluntarily store other information such as emergency contact details, allergies, health alerts, chronic illnesses, immunisation information and organ donor status. Information held on the access card will be subject to strict protections and will only be accessible by authorised people.
The access card will be phased in over a two year registration period beginning in 2008. From early 2010, people will only be able to obtain government health and social service benefits if they have an access card.
Privacy Commissioner, Karen Curtis response to the announcement was that the privacy rights of individuals needed to be respected:
it is essential that appropriate privacy protections are built in early, particularly into the system design of the access card and registration process, rather than trying to 'bolt' these on later...it will be important to ensure that as the proposal is developed the uses and safeguards are clearly identified and legislated. This will help to ensure that the Government's intention that this not be a national identity card is met.
First Australian Spam Act decision
In Australian Communications and Media Authority v Clarity1 Pty Ltd  FCA 410 Federal Court Justice Nicholson found Clarity1and its sole director had breached the Spam Act by sending unsolicited commercial electronic messages (‘CEMs’) and using harvested electronic addresses. The matter has been adjourned to determine the amount of civil penalties.
From 15 October 2003 Clarity1 carried on business under the business name of Business Seminars Australia and the name of the Maverick Partnership. ACMA alleged Clarity1 sent at least 56 million unsolicited emails.
Clarity1 claimed that they were exempt as they were sending the emails for charities and to educational institutions but no evidence was provided.
Justice Nicholson also rejected the company’s defence that the recipients of emails had consented to receive them. He further rejected the defence that the company could use harvested lists acquired before the Spam Act commenced to send Spam emails at any time.
The judgment is a useful analysis of the Spam Act.