18. Protection of databases

Databases form a vitally important part of the information society. The traditional approach in the United Kingdom has been to protect their contents as compilations under the law of copyright. This contrasts with the approach adopted in civil law states which have historically required a more significant qualitative element as a condition for the award of copyright than has been the case in the United Kingdom. Databases would not meet this requirement – although many states would offer protection under unfair competition laws. The European Union’s database directive strikes something of a compromise between the two approaches. The chapter will consider the extent of the sui generis database right and consider its practical application in the, albeit limited, number of cases in which it has been considered by the courts.

14. Key elements of the patent system

This chapter considers the nature and manner of operation of the patent system. Patents date back to around the 14th century. For the United Kingdom they began as a means to encourage the importation of foreign skills and technology, fell into disrepute as they were used by monarchs to confer monopolies in respect of the sale of well-known objects such as playing cards and eventually from the late seventeenth century settled into their present role of granting temporary monopolies to those who make inventions. The chapter examines the criteria that will be applied in determining whether an invention is eligible for patent protection and the procedures that will required to be followed in order to obtain this. Unlike copyright which applies effectively on a global basis, the patent system has operated on a national basis. A UK patent will be valid and enforceable in the UK but nowhere else. There are international agreements, however, designed to simplify the task of obtaining protection in a range of countries and the operation of these will be considered as well as the treatment of intellectual property within the General Agreement on Trade in Services and the World Trade Organisation. Within the European Union, the possible introduction of a unitary patent has been the subject of discussion for many years and appears likely to come to fruition in the near future although the involvement of the UK post Brexit is uncertain.

12. Detecting and prosecuting computer crime

This chapter examines key forms of computer related crimes. Computer fraud is a topic that attracts much legal and media attention. As the name suggests, it is essentially a variant of well-established principles of this area of the law. If a perpetrator obtains funds belonging to a victim through some form of deception or manipulation, this will be considered criminal with the most significant legal issues being concerned with the question when or where an offence has occurred. The deliberate promulgation of computer viruses or malware is also generally regarded as a criminal offence although there are issues regarding the degree of intent that needs to be established to secure a conviction. Viruses are generally spread through the conduct of individuals other than those who create to program. Conduct might be characterized as negligent rather than deliberate and will generally not be criminal. Similar issues of intent and knowledge may arise in respect of other forms of conduct such as denial of service attacks.

11. Virtual criminality

This chapter examines the law on virtual crimes, including those covering Internet pornography, photographs and pseudo-photographs, and multimedia products. It discusses the difficulty of applying localised concepts of obscenity—which are dictated by cultural, religious, and societal values—in the global environment of the Internet. It also considers the issue of cyber bullying and harassment. It is shown that nation states have difficulty enforcing their own policies regarding what is or is not acceptable. However, matters assume a different perspective when there is a commonality of approach between the jurisdiction where material is hosted and where it is accessed. In this, the Council of Europe Convention on Cybercrime is a significant, albeit limited, development.

9. National and international responses to computer-related crime

Computer related crime features increasingly prominently in criminal statistics. As we move towards a cashless society where money is represented by data held on a computer system, so the range and scale of conduct is assuming almost epidemic proportions. Significant issues arise whether and where particular forms of conduct constitute criminal offences. These decisions have historically been a matter for national authorities. As with many issues covered in this book, the emergence of the Internet has brought about significant changes as it has become increasingly apparent that national legislation can be of limited effectiveness. Although cross-border conduct has occurred for very many years and the doctrine of extradition is a well-established one, such actions were the exception to a norm in which all aspects of conduct occurred in a single jurisdiction. The United Kingdom’s legislative history in the field of computer related crime date to the Computer Misuse Act of 1990. In many respects, this legislation restated the position that had been reached under common law where a number of cases had determined that computer related conduct could be prosecuted under existing provisions of the criminal law. In 2001 the Council of Europe Cybercrime Convention was opened for signature and remains the most significant international instrument in the field, having been ratified by almost all European States and a number, including the United States, of non-European jurisdictions. As well as making provision for harmonising substantive criminal offences, there have been moves to enhance cooperation between law enforcement agencies at a procedural level.

4. Supervisory agencies

This chapter first describes the rationale for the establishment of supervisory agencies for data protection in EU States. This marks a significant divergence in approach from other countries such as the United States and continues to constitute a barrier to harmonisation in the data protection field. Specific attention is paid to the status and role of the United Kingdom’s Information Commissioner and the investigative and enforcement powers conferred on the Commissioner. The evolving nature of the requirements of registration of data controllers is considered as is the role of the Register of Data Controllers. Attention is given also to the appeal mechanisms established under the Act and to the role of the First Tier Tribunal.

16. Copyright protection

This chapter discusses protection under the law of copyright. Topics covered include copyright basics; obtaining copyright; forms of protected work; the requirement of originality; copyright ownership; copyright infringement; the nature of copying; other rights belonging to the copyright owner; the development of software copyright; and literal and non-literal copying. The law of copyright is perhaps the major branch of intellectual property law relevant to computer software. Virtually every piece of software will be protected by copyright. The main issue concerns the extent of the protection that is offered. Computer programs are generally protected as literary works. This was appropriate in the early days where computers performed essentially functional tasks – often associated with mathematical calculations. It is arguable that modern software, which often makes extensive use of graphical images, is more akin to an artistic work than a literary one. Regardless of categorization, the courts in the United Kingdom have applied a narrow interpretation of the scope of copyright. Reproduction of the underlying code will be unlawful but replication through independent work of the effects produced by the code (often referred to a non-literal copying) will not.

10. Substantive criminal law provisions

This chapter examines the provisions of the Council of Europe’s Convention on Cybercrime to determine the major headings under which computer-related conduct might be prosecuted and to analyse the effectiveness of UK legislation in the field. The focus is on offences against the confidentiality, integrity, and availability of computer data and systems, which essentially refers to computer hacking and to attempts to impair the operation of computer systems through interception of communications, the promulgation of viruses, or the launching of denial of service attacks. The chapter discusses also the law on computer-related fraud and forgery.

24. Contractual issues

Any product can have defects – or at least fail to meet the expectations of a purchaser. A range of statutory provisions confer rights on a party acquiring goods if these are not of satisfactory quality. Software and what is referred to as “digital content” is covered by these provisions although their application gives rise to a number of difficulties. Unlike most physical products where defects will be found in one or a small number of the items, every digital work will be an exact copy of the original. If one product is considered faulty, the same fate may await all of the others. In most instances software is licenced rather than sold. It is commonplace for a licence to seek to restrict or exclude liabilities that might otherwise arise. The question may then be whether the terms of the licence are enforceable. In many instances they may be brought to the customer’s attention after the contract for supply has been concluded. The use of “click-wrap” licences where a user has to click on a box indication acceptance of contractual terms prior to using the software may assist but questions of time will again be very significant.

21. Internet domain names

Internet access is dependent on two major factors: Internet (generally referred to as IP) addresses, which are a functional equivalent to telephone numbers, and domain names. The former element raises a number of technical issues but is generally non-contentious. Systems of domain names—which effectively serve as an alias for IP numbers—are much more controversial and raise major issues how the Internet should be regulated. This chapter begins with a discussion of the emergence of Internet regulation. It then turns to domain names and the regulation of the domain-name system at both a global and country specific level.