Vidyalankarvidyalankar.org/file/bsc-it/Sem_VI_Classroom/CL _Soln.pdf · IPR and Cyber Laws Prelim...

0414/BSc/IT/TY/Pre_Pap/2014/CL_Soln 1

Vidyalankar T.Y. B.Sc. (IT) : Sem. VI

IPR and Cyber Laws Prelim Question Paper Solution

Intellectual Property Rights Intellectual property rights are like any other property right. They allow creators, or owners, of patents, trademarks or copyrighted works to benefit from their own work or investment in a creation. These rights are outlined in Article 27 of the Universal Declaration of Human Rights, which provides for the right to benefit from the protection of moral and material interests resulting from authorship of scientific, literary or artistic productions. The importance of intellectual property was first recognized in the Paris Convention for the Protection of Industrial Property (1883) and the Berne Convention for the Protection of Literary and Artistic Works (1886). Both treaties are administered by the World Intellectual Property Organization (WIPO). The progress and well-being of humanity rest on its capacity to create and invent new works in the areas of technology and culture. Second, the legal protection of new creations encourages the commitment of additional resources for further innovation. Third, the promotion and protection of intellectual property spurs economic growth, creates new jobs and industries, and enhances the quality and enjoyment of life. An efficient and equitable intellectual property system can help all countries to realize intellectual property’s potential as a catalyst for economic development and social and cultural well-being. The intellectual property system helps strike a balance between the interests of innovators and the public interest, providing an environment in which creativity and invention can flourish, for the benefit of all. Unfair Trade Practices Unfair competition in commercial law refers to a number of areas of law involving acts by one competitor or group of competitors which harm another in the field, and which may give rise to criminal offenses and civil causes of action. Unfair competition is a term applied to all dishonest or fraudulent rivalry in trade and commerce. This term is particularly applied to the practice of endeavoring to substitute one’s own goods or products in the market for those of another for the purpose of deceiving the public. This deception is commonly accomplished by imitating or counterfeiting the name title, size, color scheme, patterns, shape or distinctive peculiarities of the article, or by imitating the shape color, label, wrapper or general appearance of the package in such as way as to mislead the general public or deceive an unwary purchaser.

1. (a)

1. (b)

Vidyalankar : T.Y. B.Sc. (IT) Cyber Laws


Acts of unfair competition are generally characterized by deception, bad faith, fraud or oppression, or as against public policy because of their tendency to unduly hinder competition. Unfair competition laws have been established to protect consumers and businesses and help prevent illegal merchandizing. The most common actions falling under the banner of unfair competition include: Matters pertaining to antitrust law, known in the European Union as

competition law. Antitrust violations constituting unfair competition occur when one competitor attempts to force others out of the market (or prevent others from entering the market) through tactics such as predatory pricing or obtaining exclusive purchase rights to raw materials needed to make a competing product.

Trademark infringement and passing off, which occur when the maker of a product uses a name, logo, or other identifying characteristics to deceive consumers into thinking that they are buying the product of a competitor. In the United States, this form of unfair competition is prohibited under the common law and by state statutes, and governed at the federal level by the Lanham Act.

Misappropriation of trade secrets, which occurs when one competitor uses espionage, bribery, or outright theft to obtain economically advantageous information in the possession of another. In the United States, this type of activity is forbidden by the Uniform Trade Secrets Act and the Economic Espionage Act of 1996.

Trade libel, the spreading of false information about the quality or characteristics of a competitor's products, is prohibited at common law.

Tortious interference, which occurs when one competitor convinces a party having a relationship with another competitor to breach a contract with, or duty to, the other competitor is also prohibited at common law.

Examples: Examples of unfair competition include: Trademark infringement - such as using the Coca-Cola® trademark on a

soda container manufactured by a competing beverage maker. False advertising - such as making false claims about a drug's abilities to

promote weight loss. Unauthorized substitution of one brand of goods for another – such as

substituting a low-cost handbag for a designer handbag. Misappropriation of trade secrets - such as stealing a competitor’s soft

drink formula. False representation of products or services - such as exaggerating a

software program’s spellcheck capabilities. Industrial Design An industrial design refers to the ornamental or aesthetic aspects of an article. A design may consist of three-dimensional features, such as the shape or surface of an article, or two-dimensional features, such as patterns, lines or color. Industrial designs are applied to a wide variety of industrial products and handicrafts: from technical and medical instruments to watches, jewelry and other luxury items; from house wares and electrical appliances to vehicles and architectural structures; from textile designs to leisure goods.

1. (c)

Prelim Question Paper Solution


To be protected under most national levels, an industrial design must be new or original and non-functional. This means that an industrial design is primarily of an aesthetic nature, and any technical features of the article to which it is applied are not protected by the design registration. However, those features could be protected by a patent. Trade Secrets It may be confidential business information that provides an enterprise a competitive edge may be considered a trade secret. Usually these are manufacturing or industrial secrets and commercial secrets. These include sales methods, distribution methods, consumer profiles, advertising strategies, lists of suppliers and clients, and manufacturing processes. Contrary to patents, trade secrets are protected without registration. A trade secret can be protected for an unlimited period of time but a substantial element of secrecy must exist, so that, except by the use of improper means, there would be difficulty in acquiring the information. Considering the vast availability of traditional knowledge in the country the protection under this will be very crucial in reaping benefits from such type of knowledge. The Trades secret, traditional knowledge are also interlinked / associated with the geographical indications. Criteria for the information to be called as trade secret: It does not fall in category of general skills and knowledge. Economic value derived through trade secrets is not being generally known

to others. Economic value derived through trade secret cannot be easily obtained. Trade Secrets can be maintained through proper efforts on the part of the

organization. Trade Secrets under TRIPS Under the TRIPS Agreement, ‘trade secrets’ are referred to as ‘Undisclosed Information’. According to Agreement, An information is trade secret if : 1. It is not, as a body or in the precise configuration and assembly of its

components, generally known among or readily accessible to persons within the circles that normally deal with the kind of information in question

2. Has commercial value because it is secret, and 3. Has been subject to reasonable steps under the circumstances, by the

person lawfully in control of the information, to keep it secret. The following is the list to identify the potential trade secrets which need to be protected by the business firms: Technical information Formulas, compounds, prototypes, processes, laboratory notebooks, experimental data, experiments, calculations, drawings, diagrams, operation manuals, design data, design manuals, vendor/supplier information, R & D reports, etc. Production/Process Information Cost or price data on product or process, information on production/processes, special manufacturing machinery and technology production know-how.

1. (d)



Sales and Marketing Information Marketing plans, sales forecasts, marketing and sales promotion plans, sales call reports, marketing budget, information concerning customers, customer lists, sales leads and CRM Programmes.

Internal Financial Information Budgets, forecasting, product margins, product cost, profit and loss statements, operating reports

Quality Control Information Quality control procedures, methods, manuals and records.

Procurements and Materials Vendors/suppliers information, cost price data, inventory data, inventory records.

HR & Personnel Training Programmes, records of employees, salary structure, incentive schemes, HR Policies, recruitment tests.

Administrative Information Organization structure, decision makers, strategic business plans, software used. Security risk to database Security risks to database systems include, for example: Unauthorized or unintended activity or misuse by authorized database users,

database administrators, or network/systems managers, or by unauthorized users or hackers (e.g. inappropriate access to sensitive data, metadata or functions within databases, or inappropriate changes to the database programs, structures or security configurations).

Malware infections causing incidents such as unauthorized access, leakage or disclosure of personal or proprietary data, deletion of or damage to the data or programs, interruption or denial of authorized access to the database, attacks on other systems and the unanticipated failure of database services;

Overloads, performance constraints and capacity issues resulting in the inability of authorized users to use databases as intended.

Physical damage to database servers caused by computer room fires or floods, overheating, lightning, accidental liquid spills, static discharge, electronic breakdowns/equipment failures and obsolescence.

Design flaws and programming bugs in databases and the associated programs and systems, creating various security vulnerabilities (e.g. unauthorized privilege escalation), data loss/corruption, performance degradation etc.

Data corruption and/or loss caused by the entry of invalid data or commands, mistakes in database or system administration processes, sabotage/criminal damage etc.

Uniform Domain-Name Dispute-Resolution (UDRP) The Uniform Domain-Name Dispute-Resolution (UDRP) Policy is a process established by the Internet Corporation for Assigned Names and Numbers (ICANN) for the resolution of disputes involving the registration of Internet domain names. The UDRP applies to general top-level domains (gTLDs) and

2. (a)

2. (b)



some country code top-level domains (ccTLD). The World Intellectual Property Organization (WIPO) recommended the UDRP to ICANN. The WIPO Arbitration and Mediation Center, which administers domain name dispute resolution, is an internationally recognized resolution service for challenges related to cybersquatting. In both ICANN and WIPO, independent panels appointed by the organization decide disputes under the UDRP. Those Panels decide on the basis of the submitted complaint and response, without an oral hearing. The panel decides whether disputed domain name registration should be cancelled or transferred to the complainant. If the complaint is denied, the appropriate registrar (the entity with which the respondent registered the domain name) will unlock the domain name for the benefit of the respondent. The UDRP sets forth the type of disputes for which a person is required to submit to a mandatory administrative proceeding. A third party (complainant) asserts to an administrative-dispute-resolution service provider (Provider) that: 1. a person’s domain name is identical or confusingly similar to a trademark or

service mark in which the complainant has rights. 2. a person has no rights or legitimate interests in respect of the domain name, and 3. a person’s domain name has been registered and is being used in bad faith. The complainant must prove each of the three elements. In regards to a domain name being registered and used in bad faith, the following is evidence of such: 1. circumstances indicating that you have registered or you have acquired the

domain name primarily for the purpose of selling, renting, or otherwise transferring the domain name registration to the complainant who is the owner of the trademark or service mark or to a competitor of that complainant, for valuable consideration in excess of your documented out-of-pocket costs directly related to the domain name.

2. you have registered the domain name in order to prevent the owner of the trademark or service mark from reflecting the mark in a corresponding domain name, provided that you have engaged in a pattern of such conduct.

3. you have registered the domain name primarily for the purpose of disrupting the business of a competitor; or

4. by using the domain name, you have intentionally attempted to attract, for commercial gain, Internet users to your web site or other on-line location, by creating a likelihood of confusion with the complainant’s mark as to the source, sponsorship, affiliation, or endorsement of your web site or location or of a product or service on your web site or location.

The following findings by the Administrative Panel presiding over the proceeding shall demonstrate a person’s rights or legitimate interest to a domain name: 1. before any notice to you of the dispute, your use of, or demonstrable

preparations to use, the domain name or a name corresponding to the domain name in connection with a bona fide offering of goods or services.

2. you (as an individual, business, or other organization) have been commonly known by the domain name, even if you have acquired no trademark or service mark rights; or



3. you are making a legitimate noncommercial or fair use of the domain name, without intent for commercial gain to misleadingly divert consumers or to tarnish the trademark or service mark at issue.

The remedies available to a complainant pursuant to any proceeding before an Administrative Panel shall be limited to requiring the cancellation of the domain name or the transfer of the domain name registration to the complainant. Semiconductor Chip Protection Act At the behest of the semiconductor industry and to safeguard the semiconductor industry’s significant contribution to the US economy, the US Congress enacted the “Semiconductor Chip Protection Act” (SCPA) in 1984. The SCPA grants the owner of a mask work the exclusive rights to reproduce the mask work through optical, electronic or any other means and to “import or distribute a semiconductor chip product in which the mask work is embodied”. The SCPA also allows the owner of the exclusive rights to transfer or license all or some of the exclusive rights. The mask works prepared by an officer or employee of the US Government as part of that person’s official duties is not protected under the SCPA. However, the US Government is not vetoed from receiving and holding exclusive rights in mask works transferred to the Government by the employee. The owner of a mask work granted under the SCPA may affix a notice indicating such protection. The notice of protection may consist of the words “mask work”, or the symbol *M*, or the letter M in a circle. The notice of protection can also be shown by indicating the name of the owner or owners of the mask work or an abbreviation by which the name is recognized or is generally known. However, mask work that is “not original” or “consists of designs that are staple, commonplace, or familiar in the semiconductor industry, or variations of such designs, combined in a way that, considered as a whole, is not original” are not eligible for protection under 17 U.S.C. 902 of the SCPA. This means that commonly used designs cannot be protected either individually or in combination if the combination is obvious to a Person Ordinarily Skilled In The Art (POSITA). Moreover, any variants of the known designs and combination of the variants cannot be protected if either the variants or the combination is obvious to the POSITA. Further, the SCPA does not extend protection to “any idea, procedure, process, system, method of operation, concept, principle, or discovery, regardless of the form in which it is described, explained, illustrated, or embodied in such work.” The protection granted to mask works shall commence on the date on which the mask work is registered or on the date on which the mask work was first commercially exploited anywhere in the world, whichever occurs first. The protection provided to mask works shall extend till the end of the calendar year of the tenth year from the date on which such protection commences. For example, if the protection of a mask work commenced on January 1, 2000 then the protection will not expire on January 1, 2010 but will expire on December 31, 2010.

2. (c)



UK Data Protection Act Principles Used fairly and lawfully: Personal data shall be processed fairly and

lawfully. Used for limited, specifically stated purposes: Personal data shall be

obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes.

Used in a way that is adequate, relevant and not excessive: Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.

Accurate: Personal data shall be accurate and, where necessary, kept up to date.

Kept for no longer than is absolutely necessary: Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

Handled according to people’s data protection rights: About the rights of individuals e.g. personal data shall be processed in accordance with the rights of data subjects (individuals).

Kept safe and secure: Appropriate technical and organizational measures shall be taken against unauthorized or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.

Not transferred outside the UK without adequate protection: Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.

Patent Infringement Patent infringement is the commission of a prohibited act with respect to a patented invention without permission from the patent holder. Permission may typically be granted in the form of a license. The definition of patent infringement may vary by jurisdiction, but it typically includes using or selling the patented invention. In many countries, a use is required to be commercial (or to have a commercial purpose) to constitute patent infringement. The scope of the patented invention or the extent of protection is defined in the claims of the granted patent. In other words, the terms of the claims inform the public of what is not allowed without the permission of the patent holder. Patents are territorial, and infringement is only possible in a country where a patent is in force. For example, if a patent is filed in the United States, then anyone in the United States is prohibited from making, using, selling or importing the patented item, while people in other countries may be free to make the patented item in their country. The scope of protection may vary from country to country, because the patent is examined by the patent office in each country or region and may have some difference of patentability, so that a granted patent is difficult to enforce worldwide.

2. (d)

3. (a)



Distinguish between Trademark Infringement and Passing off Passing off Infringement

i) Mostly confined to trade name, symbols, signs, devices and unregistered trademarks

Action shall be confined to registered trademarks

ii) There should be first misinterpretation and then consequential damage to the reputation and goodwill of another

Action shall be confined to the acts described or defined as infringements of rights of the rights assured under the statutes such as Copyright Act, Trademark Act, Patent Act, etc.

iii) Trademark registration is not relevant for taking action against passing off

Trademark registrations is a must to take action against infringement

iv) Transactions covered under passing off are non-trading, non-commercial, non-profit making and professions in addition to commercial transaction

In infringement, transactions are limited to goods and services

v) Every action of passing off does not necessarily result into infringement

Every act of infringement has in it implied passing off

vi) Passing off is related to name, mark, symbol and the offending mark may not be related to same and similar goods of the others. It can relate to the business of the owner of name, symbol and mark

In infringement action, registration assumes the current use

Defenses for trademark infringement There are two main defenses against trademark infringement. They are fair use and parody. There are different types of defenses within those two main defenses. Trademark infringement defenses all fall somewhere into the criteria consisting of eight key elements that make up trademark infringement. If a defendant can prove their use of a trademark was either fair use or a parody, the court could possibly rule in their favor in an infringement case.

Fair Use Fair use occurs when someone uses a trademarked term for its primary definition and not its secondary meaning. For instance, if there is a series of summer sneakers coming out and they all consist of being either all blue or all white sneakers, a painting company that uses the trademarked slogan "all white" cannot sue because someone else used the words "all white" in a descriptive purpose. The descriptive purpose would be considered the word's primary meaning with the trademarked meaning being the secondary meaning. There was no intent to support or denounce the painting company in anyway when the sneakers appearance was being described as all white. Another trademark infringement defense that falls under the fair use umbrella is nominative use. Nominative use takes place when a trademarked term is needed

3. (b)

3. (c)



to describe another thing or that thing's product. For example, the New York Yankees cannot sue if a newspaper uses their trademark name to describe tourist attractions in New York City. The use of the trademarked name is only to used to describe and identify the team. There is also no other way to effectively identify the New York Yankees. One could not even describe them as New York's baseball team because there is more than one team in the city. The newspaper's use of the trademarked term was only for descriptive and identifiable purposes, not as a way to sell a product with the assistance of someone else's trademark. Parody Parody is an accepted trademark infringement defense. Parodies are accepted because they are believed to serve a artistic and editorial purpose in society. Parodies to a degree are also protected under free speech in the first amendment. Parodies are meant to clearly mock or carry the opposite message of the original trademark. This should free anyone of any possible confusion regarding which is the real trademark and which is the organization responsible for the parody. As long as the parody is clearly making fun of or mentioning the original message or trademark, parody is a proper trademark infringement defense. The creator of a parody must be sure to clearly show they are not trying to pass off the original idea as one of their own. The parody must not cause any financial losses or bring down the value of the original trademark. The rights owned by the owner of a copyright include The Right to Reproduce the Work. This is the right to reproduce, copy, duplicate or transcribe the work in any fixed form. Copyright infringement would occur if someone other than the copyright owner made a copy of the work and resold it. The Right to Derivative Works. This is the right to modify the work to create a new work. A new work that is based upon an existing work is a "derivative work." Copyright infringement would occur here if someone wrote a screenplay based on his favorite John Grisham book and sold or distributed the screenplay, or if someone releases or remixes of one of your songs without your consent. The Right to Distribution. This is simply the right to distribute the work to the public by sale, rental, lease or lending. The music industry lawsuits targeting file-sharing web services claim that these services violate the right to distribution held by record labels. The Public Display Right. This is the right to show a copy of the work directly to the public by hanging up a copy of the work in a public place, displaying it on a website, putting it on film or transmitting it to the public in any other way. Copyright infringement occurs here if the someone other than the copyright holder offers a work for public display. The Public Performance Right. This is the right to recite, play, dance, act or show the work at a public place or to transmit it to the public. Copyright infringement would occur here if someone decided to give performances of the musical "Oliver!" without obtaining permission from the owner.

3. (d)



There are three exceptions to the copyright infringement rules, which allow one to reproduce another's work without obtaining a license or assignment of rights: Fair Use. This is a doctrine which permits the reproduction of copyrighted material for a limited purpose of teaching, reviewing, literary criticism and the like. Without the “fair use” doctrine, books and movies could not be reviewed and colleges and high schools would not be able to study works by people like Arthur Miller. This is also how television programs such as The Daily Show are able to use copyrighted material in their commentary. "Fair use," however, is determined on a case-by-case basis. Public Domain. This refers to works which are no longer covered by copyright law. For example, the song “The Star-Spangled Banner” can be performed without ever paying license fees to anyone because the copyright has expired. Non-Copyrightable Works. Copyright infringement cannot occur when someone uses material that cannot be protected by copyright, such as facts or ideas. However, if someone puts a bunch of facts into the form of a book (e.g. The Farmer’s Almanac), copying all or part of that book would constitute copyright infringement. Enforcement of Intellectual Property Rights CIVIL REMEDIES The most importance civil remedy is the grant of interlocutory injunction since most actions start with an application for some interlocutory relief and in most cases the matter never goes beyond the interlocutory stage. The other civil remedies include damages - actual and conversion; rendition of accounts of profits and delivery up. This paper is confined to remedies available in common law jurisdictions and it may well be that in civil law countries, the emphasis or focus is somewhat different. CRIMINAL REMEDIES Criminal remedies for copyright violation include: i) Punishment through imprisonment which, under Indian law, may not be less

than six months but which may extend to three years; ii) Fines which, under Indian law, shall not be less than Rs.50.000. and which

may extend to Rs.200,000. iii) Search and seizure of the infringing goods including plates which are defined

as including blocks, moulds, transfers, negatives, duplicating equipment or any other device used or intended to be used for printing or reproducing copies of the work.

Components of Licensing Agreement i) Identification of the Parties Although self-evident, the Agreement should be made between the party who

has the right to grant the license and the party who will be exercising that license. Additional details, including the addresses for each of the parties, the jurisdiction of incorporation (for corporate entities) and the effective date of the Agreement, may also be included in the identification section of the Agreement.

4. (a)

4. (b)



ii) Recitals The recitals tell the “story” of the parties and their relationship up to the time

of the Agreement. For example, if the parties are entering into a license agreement as part of a settlement to an infringement action, the recitals can lay out the sequence of events leading up to the settlement. If the intellectual property rights that are the subject of the license were assigned or transferred, and the license is intended only to assist the seller in transitioning its business, this can also be set out in the recitals.

iii) Definitions The definition clause is the dictionary for the Agreement. The parties to the

Agreement can define terms like "licensed patents", "use" and "royalty" to make clear the rights and obligations of the Agreement. The definitions can be used to simplify drafting; for example, if a series or family of patents is being licensed, the full list can be scheduled and then captured by the defined term “licensed patents”.

iv) License Grant The license grant provision is one of the most critical elements of the

Agreement. It sets out the scope and extent of the rights granted to the licensee, as well as any limitations on those rights.

v) Compensation The provisions dealing with compensation set forth the consideration that the

licensee is expected to pay to the licensor in exchange for the license rights granted to it. The compensation provisions of the Agreement may deal with the amount of compensation owing to the licensor, the timing and frequency of payments, liability for taxes and often include details on any reports that the licensee must provide to the licensor with payments.

vi) Obligations of the Parties Depending on the type and complexity of the Agreement, each of the

licensee and licensor may have specific obligations that must be fulfilled during the term of the Agreement and even beyond the expiry or termination of the Agreement. These obligations may range from positive obligations such as a duty to report infringement, to negative obligations such as a duty not to compete with the licensor. It is imperative that the obligations of the parties be clear and unambiguous; if they are too vague, it may make it difficult for a party to terminate the Agreement without liability for a failure of one party to fulfill its obligations.

vii) Term and Termination As with any type of commercial agreement, a license agreement should have

both a defined term and provisions outlining when a party may terminate the agreement, and for what reason. It is also recommended to deal with the effect of termination in advance, so that each party can plan an exit strategy with full knowledge of the consequences of any termination of the Agreement.



viii) Conflict Resolution Intellectual property disputes can be extremely costly, even if they arise in

the context of a license arrangement. Most license agreements include provisions that attempt to regulate the manner in which disputes between the parties may be resolved, in an effort to ensure that costs are contained.

ix) Other Common Clauses The remainder of the skeleton of the Agreement will include other clauses

that are common in a license agreement. These may include representations and warranties, provisions that govern the treatment of confidential information, and standard legal “boilerplate”.

Technology Licensing By a technology licensing agreement the licensor authorizes the licensee to use the technology under certain agreed terms and conditions. It is, therefore, a contract freely entered into between two parties and contains terms and conditions so agreed. Joint Ventures A joint venture may consist of any variety of business relationships that involve two or more enterprises pooling their resources with the objective of implementing a common business purpose. Often, in such agreements, one party will contribute technology or know-how of which he is the proprietor and the other party may contribute financial and expertise of his own to the project. The joint venture will, therefore, often include a license agreement concluded by the parties concerned to regulate the use of the proprietary information and compensation for its use. Franchise or Trademark License Agreements If your SME is interested in: marketing a product or service and the brand (trademark) of that product is

owned by others, or entering or expanding the existing market for your product or service for

which your SME owns the rights conferred by a trademark, You may consider a trademark license agreement or a franchise agreement.

The principle function of a trademark or service mark is to distinguish the goods and services of one enterprise from that of another, thereby often identifying the source and making an implied reference to quality and reputation. Through a franchise agreement the owner of certain technical or other expertise who has usually gained a reputation in connection with the use of a trade or service mark (the franchiser) may team up with another enterprise (franchisee) who will bring in expertise of his own or financial resources to provide goods or services directly to the consumer. The franchiser will ensure, through the supply of technical and management skills, that the franchisee maintains the quality and other standards in relation to the use of the trade or service mark which often require certain standardized features like, for example, a uniform trade dress.

4. (c)



Copyright License Agreements Copyright licensing is done for Manufacturing, distributing or marketing the results of the literary and artistic

efforts of creators, or Entering a market or expanding or extending your existing market for the

literary and artistic efforts of your enterprise Risk and benefits in licensing Licensee Benefits: (i) the licensee can get a faster access

to certain markets (ii) license agreements can be a route

to get access to innovative technologies and expertise, an important competitive advantage in particular for SMEs without in-house R&D

Licensor Benefits: (i) additional source of income (ii) to solve situations of infringement (iii) the organization is not well

equipped to directly exploit the technology

(iv) to enter into new markets

Licensee Risks: (i) the licensed IP may be challenged

and the technology become obsolete

(ii) the royalties to be paid may be too burdensome

Licensor Risks: (i) losing control on information (ii) the licensee becomes a competitor (iii) an unskilled licensee affects the

income the licensor receives, which is particularly dangerous in exclusive licenses

Cyber Crime & Cyber Law Cybercrime is a generic term that refers to all criminal activities done using the medium of computers, the Internet, cyber space and the worldwide web. There isn’t really a fixed definition for cybercrime. The Indian Law has not given any definition to the term ‘cyber crime’. In fact, the Indian Penal Code does not use the term ‘cyber crime’ at any point even after its amendment by the Information Technology (amendment) Act 2008, the Indian Cyber law. But “Cyber Security” is defined under Section (2) (b) means protecting information, equipment, devices computer, computer resource, communication device and information stored therein from unauthorized access, use, disclosure, disruption, modification or destruction. Cyber law is a term used to describe the legal issues related to use of communications technology, particularly “cyberspace”, i.e. the Internet. It is less of a distinct field of law in the way that property or contract are, as it is an intersection of many legal fields, including intellectual property, privacy, freedom of expression, and jurisdiction. In essence, cyber law is an attempt to apply laws designed for the physical world, to human activity on the Internet. In India, The IT Act, 2000 as amended by The IT (Amendment) Act, 2008 is known as the Cyber law. It has a separate chapter XI entitled “Offences” in which various cyber crimes have been declared as penal offences punishable with imprisonment and fine.

4. (d)

5. (a)



Scope of Cyber Law Though study of cyber laws is a new branch of law, but it is touching all other areas of law having a technology component. Laws related to ecommerce, online contracts, copyright, trademark, business software patenting, e-taxation, e-governance and cyber crimes fall within the meaning and scope of cyber laws. i) E-commerce Law E-commerce defined simply, is the commercial transaction of services in an

electronic format. It is also referred to as “any transaction conducted over the Internet or through Internet access, comprising the sale, lease, license, offer or delivery of property, goods, services or information, whether or not for consideration, and includes the provision of Internet access”.

Any dispute involving any e-commerce activity, whether at buyer or seller’s

end, would mean dispute happening in the cyberspace. ii) Online Contracts The Indian Contract Act, 1872 lays down that for a contract to happen there

has to be proposal, assent to the proposal, which transforms into a promise. A promise supported by consideration becomes an agreement and an agreement enforceable by law is contract. Online contracts represent the formation of series of contractual obligations in an online environment. From a legal perspective, an online contract follows the same pre-requisite as being followed in offline (physical) contract. At a basic level, online contract formation requires online offer/proposal by one party and its online acceptance by the other party.

iii) Copyright Copyright is about protecting original expression. Copyright protects “original

works of authorship” that are fixed in any tangible medium of expression from which they can be perceived, reproduced, or otherwise communicated either directly or with the aid of a machine or device.

Copyright arises as soon as a ‘work’ is created (or fixed). It does not extend

to any idea, procedure, process, system, method of operation, concept, principle or discovery, unless fixed in a tangible form. In the digital medium, every web page accessible or published in the World Wide Web is to be taken as a literary ‘copyrightable’ work. It protects all written text materials, graphic images/ designs, drawings, any linked sound, video files or films, whether part of a web page or a website. That is, copyright protects the “look and feel” of a website.

A copyright owner has five exclusive statutory rights such as: a) to fix (store) the information in a tangible form. b) to reproduce the copyrighted work. c) to sell, rent, lease, or otherwise distribute copies of the copyright work to

the public. d) to perform and display publicly the copyright work. e) to prepare derivative works based on the copyright work.

5. (b)



It is significant to note that the activities like caching, mirroring, downloading, scanning, peer-to-peer file sharing etc. prima facie, infringe exclusive statutory rights of a copyright owner.

(d) Trademark Internet and the worldwide web represent the online medium. It is natural that

a business entity claiming ownership of certain trademarks would like to extend its monopoly to this new medium as well. But the monopoly rights of trademark owners to own, license, sell, exhibit, market or promote are being threatened by web based technology tools, like search engines, meta tags, and hyperlinks.

(e) Business Software Patenting Patent protects a process, while copyright protects expression. Patents

confer stronger rights than copyrights. One computer programme consists of thousands of instructions. Every programme is unique, as it is a combination of logically arranged algorithms and techniques. Programmes are covered under copyright law, whereas, algorithms and techniques qualify for patenting.

Whether, it could be Amazon’s 1Click model, or Priceline’s reverse auction

mechanism. By patenting such business methods, companies are not only protecting their revenue models but are also adding significant business value to their sites. Extending patents in e-business environment would mean monopolysing commonplace ‘e-business methods’.

Digital Signature Private companies and governments agencies all around the word make huge investments for the automation of their processes and in the management of the electronic documentation. The main requirement in the management of digital documentation is its equivalence, from a legal perspective, to paperwork, affixing a signature on a digital document is the fundamental principle on which are based the main processes of authorization and validation, apart from the specific area of application. Main benefits for the introduction of digital signing processes are cost reduction and complete automation of documental workflow, including authorization and validation phases. In essence, digital signatures allow you to replace the approval process on paper, slow and expensive, with a fully digital system, faster and cheaper. The digital signature is simply a procedure which guarantees the authenticity and integrity of messages and documents exchanged and stored with computer tools, just as in traditional handwritten signature for documents. Essentially The digital signature of an electronic document aims to fulfill the following requirements: that the recipient can verify the identity of the sender (authenticity) that the sender can not deny that he signed a document (non-repudiation)

5. (c)



that the recipient is unable to invent or modify a document signed by someone else (integrity).

Fig. 1 : Digital document lifecycle

A typical digital signature scheme consists of three algorithms: i) An algorithm for generating the key that produces a key pair (PK, SK): PK

(public key, public key) is the public key signature verification while SK (Secret Key) is the private key held by the petitioner, used to sign the document.

ii) A signature algorithm which, taken as input a message m and a private key SK produces a signature .

iii) A verification algorithm which, taken as input the message m, public key PK and a signature , accepts or rejects the signature.

To generate a digital signature is necessary to use the digital asymmetric key pair, attributed unequivocally to a person, called holder of the key pair: The private key is known only by the owner, it is used to generate the digital

signature for a specific document; The public key is used to verify the authenticity of the signature. Once the document is signed with the private key, the signature can be verified successfully only with the corresponding public key. Security is guaranteed by the impossibility to reconstruct the private key (secret) from the public, even if the two keys are uniquely connected.



Functions of Certifying Authority Certificate Authority (CA) is a trusted entity that issues Digital Certificates and public-private key pairs. The role of the Certificate Authority (CA) is to guarantee that the individual granted the unique certificate is, in fact, who he or she claims to be. The Certificate Authority (CA) verifies that the owner of the certificate is who he says he is. A Certificate Authority (CA) can be a trusted third party which is responsible for physically verifying the legitimacy of the identity of an individual or organization before issuing a digital certificate. A Certificate Authority (CA) can be an external (public) Certificate Authority (CA) like verisign, thawte or comodo, or an internal (private) Certificate Authority (CA) configured inside our network. Certificate Authority (CA) is a critical security service in a network. A Certificate Authority (CA) performs the following functions. Certificate Authority (CA) Verifies the identity: The Certificate Authority (CA) must validate the identity of the entity who requested a digital certificate before issuing it. Certificate Authority (CA) issues digital certificates: Once the validation process is over, the Certificate Authority (CA) issues the digital certificate to the entity who requested it. Digital certificates can be used for encryption (Example: Encrypting web traffic), code signing, authentication etc. Certificate Authority (CA) maintains Certificate Revocation List (CRL): The Certificate Authority (CA) maintains Certificate Revocation List (CRL). A certificate revocation list (CRL) is a list of digital certificates which are no longer valid and have been revoked and therefore should not be relied by anyone. Functions of Controller The Controller may perform all or any of the following functions, namely: i) exercising supervision over the activities of the Certifying Authorities; ii) certifying public keys of the Certifying Authorities; iii) laying down the standards to be maintained by the Certifying Authorities; iv) specifying the qualifications and experience which employees of the

Certifying Authorities should possess; v) specifying the conditions subject to which the Certifying Authorities shall

conduct their business; vi) specifying the contents of written, printed or visual materials and

advertisements that may be distributed or used in respect of a Digital Signature Certificate and the public key;

vii) specifying the form and content of a Digital Signature Certificate and the key, viii) specifying the form and manner in which accounts shall be maintained by the

Certifying Authorities; ix) specifying the terms and conditions subject to which auditors may be

appointed and the remuneration to be paid to them;

5. (d)

6. (a)



x) facilitating the establishment of any electronic system by a Certifying Authority either solely or jointly with other Certifying Authorities and regulation of such systems;

xi) specifying the manner in which the Certifying Authorities shall conduct their dealings with the subscribers;

xii) resolving any conflict of interests between the Certifying Authorities and the subscribers;

xiii) laying down the duties of the Certifying Authorities; xiv) maintaining a data base containing the disclosure record of every Certifying

Authority containing such particulars as may be specified by regulations, which shall be accessible to public.

Functions of Controller 48. Establishment of Cyber Appellate Tribunal i) The Central Government shall, by notification, establish one or more

appellate tribunals to be known as the Cyber Regulations Appellate Tribunal. ii) The Central Government shall also specify, in the notification referred to in

subsection (1), the matters and places in relation to which the Cyber Appellate Tribunal may exercise jurisdiction.

49. Composition of Cyber Appellate Tribunal i) A Cyber Appellate Tribunal shall consist of one person only (hereinafter

referred to as the Residing Officer of the Cyber Appellate Tribunal) to be appointed, by notification, by the Central Government

50. Qualifications for appointment as Presiding Officer of the Cyber

Appellate Tribunal. A person shall not be qualified for appointment as the Presiding Officer of a Cyber Appellate Tribunal unless he a) is, or has been. or is qualified to be, a Judge of a High Court; or b) is or has been a member of the Indian Legal Service and is holding or has

held a post in Grade I of that Service for at least three years. 51. Term of office The Presiding Officer of a Cyber Appellate Tribunal shall hold office for a term of five years from the date on which he enters upon his office or until he attains the age of sixty-five years, whichever is earlier. 52. Salary, allowances and other terms and conditions of service of

Presiding Officer. The salary and allowances payable to, and the other terms and conditions of service including pension, gratuity and other retirement benefits of the Presiding Officer of a Cyber Appellate Tribunal shall be such as may be prescribed: Provided that neither the salary and allowances nor the other terms and conditions of service of the Presiding Officer shall be varied to his disadvantage after appointment.

6. (b)



53. Filling up of vacancies If, for reason other than temporary absence, any vacancy occurs in the office n the Presiding Officer of a Cyber Appellate Tribunal, then the Central Government shall appoint another person in accordance with the provisions of this Act to fill the vacancy and the proceedings may be continued before the Cyber Appellate Tribunal from the stage at which the vacancy is filled. 54. Resignation and removal i) The Presiding Officer of a Cyber Appellate Tribunal may, by notice in writing

under his hand addressed to the Central Government, resign his office: Provided that the said Presiding Officer shall, unless he is permitted by the

Central Government to relinquish his office sooner, continue to hold office until the

expiry of three months from the date of receipt of such notice or until a person duly appointed as his successor enters upon his office or until the expiry of his term of office, whichever is the earliest.

ii) The Presiding Officer of a Cyber Appellate Tribunal shall not be removed from his office except by an order by the Central Government on the ground of proved misbehaviour or incapacity after an inquiry made by a Judge of the Supreme Court in which the Presiding Officer concerned has been informed of the charges against him and given a reasonable opportunity of being heard in respect of these charges.

iii) The Central Government may, by rules, regulate the procedure for the investigation of misbehaviour or incapacity of the aforesaid Presiding Officer.

55. Orders constituting Appellate Tribunal to be final and not to invalidate

its proceedings. No order of the Central Government appointing any person as the Presiding Officer of a Cyber Appellate Tribunal shall be called in question in any manner and no act or proceeding before a Cyber Appellate Tribunal shall be called in question in any manner on the ground merely of any defect in the constitution of a Cyber Appellate Tribunal. 56. Staff of the Cyber Appellate Tribunal i) The Central Government shall provide the Cyber Appellate Tribunal with

such officers and employees as that Government may think fit. ii) The officers and employees of the Cyber Appellate Tribunal shall discharge

their functions under general superintendence of the Presiding Officer. iii) The salaries, allowances and other conditions of service of the officers and

employees or' the Cyber Appellate Tribunal shall be such as may be prescribed by the Central Government.

DUTIES OF SUBSCRIBERS (section 40 to 42 of IT ACT 2000) 40. Generating key pair. Where any Digital Signature Certificate, the public key of which corresponds to the private key of that subscriber which is to be listed in the Digital Signature Certificate has been accepted by a subscriber, then, the subscriber shall generate the key pair by applying the security procedure.

6. (c)



41. Acceptance of Digital Signature Certificate. i) A subscriber shall be deemed to have accepted a Digital Signature

Certificate if he publishes or authorizes the publication of a Digital Signature Certificate a) to one or more persons; b) in a repository, or otherwise demonstrates his approval of the Digital

Signature Certificate in any manner. ii) By accepting a Digital Signature Certificate the subscriber certifies to all who

reasonably rely on the information contained in the Digital Signature Certificate that a) the subscriber holds the private key corresponding to the public key

listed in the Digital Signature Certificate and is entitled to hold the same; b) all representations made by the subscriber to the Certifying Authority and

all material relevant to the information contained in the Digital Signature Certificate are true;

c) all information in the Digital Signature Certificate that is within the knowledge of the subscriber is true.

42. Control of private key. i) Every subscriber shall exercise reasonable care to retain control of the

private key corresponding to the public key listed in his Digital Signature Certificate and take all steps to prevent its disclosure to a person not authorised to affix the digital signature of the subscriber.

ii) If the private key corresponding to the public key listed in the Digital Signature Certificate has been compromised, then, the subscriber shall communicate the same without any delay to the Certifying Authority in such manner as may be specified by .the regulations.

Explanation. For the removal of doubts, it is hereby declared that the subscriber shall be liable till he has informed the Certifying Authority that the private key has been compromised. Sections under MISCELLANEOUS in IT ACT 2000 80. Power of police officer and other officers to enter, search, etc. i) Notwithstanding anything contained in the Code of Criminal Procedure, 1973,

any police officer, not below the rank of a Deputy Superintendent of Police, or any other officer of the Central Government or a State Government authorised by the Central Government in this behalf may enter any public place and search and arrest without warrant any person found therein who is reasonably suspected or having committed or of committing or of being about to commit any offence under this Act.

Explanation For the purposes of this sub-section, the expression "public place" includes any public conveyance, any hotel, any shop or any other place intended for use by, or accessible to the public.

ii) Where any person is arrested under sub-section (1) by an officer other than a police officer, such officer shall, without unnecessary delay, take or send the person arrested before a magistrate having jurisdiction in the case or before the officer-in-charge of a police station.

6. (d)



iii) The provisions of the Code of Criminal Procedure, 1973 shall, subject to the provisions of this section, apply, so far as may be, in relation to any entry, search or arrest, made under this section.

81. Act to have overriding effect. The provisions of this Act shall have effect notwithstanding anything inconsistent therewith contained in any other law for the time being in force. 82. Controller, Deputy Controller and Assistant Controllers to be public servants. The Presiding Officer and other officers and employees of a Cyber Appellate Tribunal, the Controller, the Deputy Controller and the Assistant Controllers shall be deemed to be public servants within the meaning of section 21 of the Indian Penal Code. 83. Power to give directions. The Central Government may give directions to any State Government as to the carrying into execution in the State of any of the provisions of this Act or of any rule, regulation or order made thereunder. 84. Protection of action taken in good faith. No suit, prosecution or other legal proceeding shall lie against the Central Government, the State Government, the Controller or any person acting on behalf of him, the Presiding Officer, adjudicating officers and the staff of the Cyber Appellate Tribunal for anything which is in good faith done or intended to be done in pursuance of this Act or any rule, regulation or order made thereunder.

Vidyalankarvidyalankar.org/file/bsc-it/Sem_VI_Classroom/CL _Soln.pdf · IPR and Cyber Laws Prelim...

Documents

Transcript of Vidyalankarvidyalankar.org/file/bsc-it/Sem_VI_Classroom/CL _Soln.pdf · IPR and Cyber Laws Prelim...