Citation
Hannabuss, S. (2001), "The Law/Ethics", Library Hi Tech News, Vol. 18 No. 2. https://doi.org/10.1108/lhtn.2001.23918baf.001
Publisher
:Emerald Group Publishing Limited
Copyright © 2001, MCB UP Limited
The Law/Ethics
Stuart Hannabuss
Law and ethics are moving targets. Keeping up is a full-time job. That's why information professionals turn to lawyers. And that's also why they do their best to keep up. Not an easy task: law kicks in on intellectual property rights, the Internet, software, domain names, records, digitizing, employment, liability. The legislation alone moves on all the time now increasingly global, never wholly fixed, always a matter of dispute, throwing up opportunities and risks.
Information and knowledge (if you want to get philosophical for a moment) are indeterminate suspects in the affair. After all, you cannot copyright an idea, only the tangible form in which it is expressed. Materials designed for interactive use will, by definition, undergo all kinds of intended and unintended changes simply by being used. This tests the paternity and integrity issues of moral rights. It also leads us to ask just where copyright turns into copyleft and where true originality (if it exists) really lies.
What's Mine Is Not Yours
If we're dwarves on the shoulders of giants, intellectually, nothing is really new in the world. They say research is where you acknowledge 20 sources and plagiarism is where you use only one (or don't acknowledge the 20). If, on the other hand, we have an eye for the main chance, we'll stake our claim (say, to business method patents) in order to ease out the other guy, we'll commodify information products and services in order to generate income, we'll search for the best business models for our licences to digitize, and we'll keep a close eye on information liability just in case things go wrong.
Maybe those mediaeval monks got it right that copying is merely a matter of disseminating and paying homage to great works. With moveable type and the territoriality of the Stationers' Company, IPR tightened up and the Act of Anne pushed things along. Now a recent Paris Match case highlights the current interest with publication right, so that someone photographed can claim some ownership over an image. Moreover, there are issues of privacy too, and these will extend to any images taken of any players in any trial.
Copyright is mythical country. Let's meet some of the mythical beasts there. One is Notice there's no copyright notice so I can do what I like with it. This beast has a special sign on its forehead that looks like © but that has little legal effect. Another is Thanks Very Much there's no harm if I simply acknowledge what I've borrowed. What's more, I'm advertising their stuff. A third is No Harm Done they got there first and anyway they're likely to be a big company with plenty of money, so why not? Fourth comes No One Will Know my transient posting, e-mail, download, decompilation people have better things to do than try to police the unpoliceable. In any case, what I write I'm just a humble student has no commercial value. Fifth is I Did It My Way I had the idea independently, the domain name was genuinely based on an idea I had, OK I drew on the storybook of "Babylon 5" but look at what I did with it! And (making up the dirty half-dozen) there is Oh Dear!, I can't reproduce anything at all, can I, because everything out there is copyright. That's a beast which has simply never heard of fair use.
Copyright is a moving target. Even when moral rights got absorbed into UK IPR law with Copyright, Designs and Patents Act 1988, it took a while for the assumptions about authorship to find an easy fit with the economic and entrepreneurial framework. Moral rights last as long as the copyright in the work. If false attribution occurs, this can last 20 years after the death of the person falsely attributed. The rationale is to provide authors, IPR owners, with some control over the work and its recognition in and impact on the world at large. Like infringement, injunctions and damages can be made.
There may well be a case for defamation too. What you do to my Web site through framing, spreadsheet through creating look-alikes, software through testing for inter-operability, database or clip-art collection or MP3-deliverables through de minimis predations, don't only threaten my livelihood but also (I would allege) treat me derogatorily. However, be on your guard. Factors may exist which disable this.
Now You Have It, Now You Don't
Databases, for instance, we all know, attract copyright protection. Under the Copyright and Rights in Databases regulations 1997 (effective 1 January 1998), a collection of independent works, data or other materials which are arranged systematically or methodically, and which are accessible by electronic or other means, attract protection if they show enough intellectual creativity or selection in their creation.
A recent Lexis-Nexis case, hingeing on the compilation and its allegedly unique (or at least commercially distinctive) arrangement, moves us on from hoary classics like Feist (not enough creativity there). Copyright subsists here with its usual terms and duration. There is also the database right, of 15 years, which with ongoing revision (which happens all the time), could (and probably will) last for ever. Shades of the Stationers' Company with their perpetual copyright over Bibles. All that said, however, moral rights exist theoretically in databases as literary works.
Yet most databases are created by employees in the course of employment and as such don't attract moral rights. I'm still exploring the logic of this one. The ALCS (Authors' Licensing and Collecting Society, at their Web site http://www.alcs.co.uk, and also by way of the JISC, Joint Information Systems Committee Web site at http://www.jisc.ac.uk/) describe moral rights as particularly important for electronic products.
Academic authors, for example, can, like any others, assign rights or waive them, and that includes moral rights. The ALCS naturally urges authors not to do this. Digitization of a work makes it far more vulnerable to copying and duplication. More and more attention is given today to electronic rights. The Tasini case makes the point. Licensing electronic rights separately makes sense for the canny author: they are not subsidiary rights, even though some players like to think so.
Behind it all, there's the issue of who owns the rights. There's also the option of owning the rights but licensing the use. Everyone is in on the act even traditional not-for-profit organizations like universities are vigilant for the competitive advantage intangible assets (like IPR, know-how, reputation and brand equity) can offer, and we see terms and conditions in employment contracts tightening up on this.
Just Passing Through
We have now got closer to a "common position" on copyright and related rights. The Draft Directive has been teasing its way through the snake of pluralist discussion in the EU. Readers with long memories will recall how vexed information people were at the possibility that electronic materials would be protected so fully that fair use or dealing might be threatened.
The larger debate about that continues, too think of the patent disputes currently over Basmati rice, let alone data about genetic materials. Fair use in the digital age will always be a complex matter. Recent debate about the Digital Millennium Copyright Act reveals concern for scholarship and creativity. Section 120(a)(1) of the Act was drafted to allow exemptions from prohibitions on getting around technological protection. Who could be exempted ? "persons who are users of a copyrighted work which is in a particular class of works, if such persons are, or are likely to be . . . adversely affected".
The scholarly and information community are concerned that any exemptions should be grounded in fair use or fair dealing. This would ensure members of the public to get reasonable access to lawfully gathered information. This is the lifeblood of a working democracy and a vigorous world of research, scholarship, comment and criticism. Intellectual property is hot property: it is one of the largest commercial issues today, and its resonances for policy and politics are enormous.
Going back to the directive, this confirms existing rights reproduction and distribution. Something new, though a communication to the public right. This deals with how copyright materials might be sent to third parties. Lots of problems here think of forwarding e-mails, posting newsgroup comments, ISPs and their role as common carriers or conduits. New to the scene is the need to get copyright permission for communicating to third parties. Given the ease with which things can be sent on, this is going to run and run.
All kinds of messages have been sent to the ISPs from the Demon case and Dr Godfrey. ISP liability, and the way it pivots on subtle practical differences between "common carrier" and "publisher/editor", highlight just what is involved. Such ISPs appear to be able to carry on as normal, although content providers and third parties (including third parties on the look-out for copyright infringement and piracy) are likely to be ever more vigilant. The directive introduces new offences for anyone attempting to get around the security technology of ECMSs (electronic copyright management systems) or ERMSs (electronic rights management systems) like evading encryption or firewalls. Removing or altering data on such systems also becomes an offence.
Just Pointing the Digit
A great deal of work is taking place to reshape JISC's DNER. The Joint Information Systems Committee has a wide brief (see http://www.jisc.ac.uk). The Distributed National Electronic Resource is a managed environment for assessing quality assured information resources on the Internet. Such resources include scholarly journals and monographs, textbooks and abstracts, manuscripts and maps, music scores and still images, geospatial images, moving pictures and sound collections. The Web site is full of topical professional interest (at http://www.jisc.ac.uk/dner/).
A pre-publication draft workbook on Preservation Management of Digital Materials has recently gone up on the Internet. No surprise for regular readers about the activities of JSTOR and CEDAR and other schemes involving digitization, but much of topical legal interest. Legal matters focus around two points IPR and rights management. Copyright and other intellectual property rights like moral rights have a substantial impact on digital preservation, say the authors, Neil Beagrie of JISC Digital Preservation Focus and Maggie Jones of the Arts and Humanities Data Service. Consideration needs to be given not only to content but also to any associated software.
Looking two ways, like Janus, towards rights owners on the one side and towards actual and potential users of copyrightable materials on the other, such players know that simply copying ("refreshing") digital materials onto other media, encapsulating content and software for emulation, and migrating content to new hardware and software, are processes only legally advisable where permissions have been sought. The duration of IPR in electronic materials often extends beyond the duration of time where there is active commercial interest, and may even survive beyond any technology used to store and disseminate them. There are legal issues where access and security are concerned, because materials can easily be copied and redistributed. The relevance of that communication to third parties issue in the Common Position Directive hits home here.
There are two main ways to acquire digital resources by purchase (or if not that, by legal deposit), or by licence (usually for a given period of time). Access will always be a complex matter, because the mere availability acts as both a spur and inhibitor. Increasingly popular are licences, and these are part of many business models in this field. Already decoupled from physical access, licencees are always concerned about being decoupled from intellectual access to material.
Professional interest has led to active dissemination of advice about licences and the provision of templates for information services and information players to consider for use. The paradigm Web site for these is NESLI (National Electronic Site Licensing Initiative) at http://www.nesli.ac.uk, although I often visit the LibLicence Web site of Yale University for a broad sweep of the field.
The other angle is rights management. This takes centre ground in collection management strategy in this area. Rights need to be negotiated, above all between preservation agencies and depositors, and the rights holders. Again there is a proliferation of model letters for staff clearing rights and model deposit agreements. In most cases received wisdom is to investigate as fully as you can but then, when push comes to shove and your library or institution has to take the plunge, get in a lawyer to guide and shape your documentation.
Permissions of many kinds are required content, associated software, for copying for preservation purposes, for future migration of content to new formats, for emulation, and for copyright protection. Many of the conditions and terms of use will gather around any contractual agreement made. The JISC/TLTP Copyright Guidelines (1998) provide useful exemplary letters for copyright clearance, and examples of consortium agreements. The source is http://www.ukoln.ac.uk/services/elib/papers/other/jisc-tltp/jisc.pdf.
Licence to Use and Re-use
Digital environments have pushed IPR on and alerted professionals to the importance of knowing what's what. Among the evaluative criteria for acquisitions, Managing Digital Collections: AHDS [Arts and Humanities Data Service] Policies, Standards and Practices (at http://www.ahds.ac.uk/public/srg.html), intellectual content, relevance, and re-use value come out high on the scale. High quality material, with rigorous review, facilitates research and teaching. Data structure, format and documentation bear directly on the costs and effectiveness of the project. Copyright and IPR in the data need to be identified, especially if ownership is fragmented. The AHDS is typical in providing a pro forma licence form in its depositors' packs. Guidelines provide recommendations about preferred formats and transfer media for deposited resources. Management, preservation, and dissemination costs need to be considered, along with potential and plans for re-use and long-term preservation.
Creators and despositors of data all need to watch their step. Permissions need to be cleared prior to deposition, and ownership established (or reasonable attempts made to establish it). This is particularly important if data or material derive from various sources, or are a compilation from various sources. The same legal challenge, in fact, as multimedia. Add to that the issue of ownership, which may be affected by the fact that data exists because they were gathered on a project funded by a research organization. This organization may well have an interest.
Challenges exist for users when they wish to combine such data with data of their own. In such cases, users may well not have sole copyright on the results. Originators of such data will retain economic and moral rights over their own data, since a licence does not entail waiving rights or assigning them. Licences, of course, apply in two directions, too : the licence between depositor and data archive, and that between data archive and data user. Typical of arrangements is a player like UK Data Archive (at http://www.data-archive.ac.uk), a site well worth visiting.
Who's to Know ?
A key legal issue is that of confidentiality. This includes references in the physical data and in support documentation, and draws on a range of legal issues as well as the exacting ethical standards of responsible research. In social science research, for instance, the privacy of respondents or subjects (data subjects, using Data Protection law terminology) could be undermined. Information may well have been gathered under strict conditions of consent and anonymity.
So identifiers become important. They can be direct (e.g. collected as part of survey administration like names and phone numbers) or indirect (e.g. information which, when linked with other publicly available information, could result in breaches of confidentiality, like geographical or workplace data). UK Data Archive recommend tactics like removal (eliminate the variable), bracketing (recoding into broader ranges), top-coding (restricting the upper range of a variable), and collapsing or combining variables (e.g. merging them, so, say, pediatrics and obstetrics are coded as one).
Many such players and information providers take great care to ensure users of data, of Web sites, cannot fail to know what the terms and conditions of use are for the material. A vigorous area of legal territory here is that of disclaimers, which may extend from claims that users take the data "as is" (i.e. any consequential damage is contributory) to assertions that no liability will be taken if the privacy of third parties is impugned. Disclaimers and privacy policies are often siamese twins clinging to homepages.
It's an interesting debate from a legal viewpoint because it takes us back to what intellectual property actually is. It's not possible to copyright a fact as such (say, my shoe-size or my phone number). However, increasingly, such facts, numerical and otherwise, are taking on identifiers in their own right. For example, with mobile telephony and more customization of phone numbers, such numbers are being loaded with personal identifiers. By that token, they become vulnerable to breaches of privacy.
Furthermore, they become personally attributable enough for us to argue that they are no longer uncopyrightable "facts". They are now unique identifiers, and, as such, copyright. This debate has relevance to trademarks, too, and domain names, where several recent cases, about people trying to trademark colours and other generic and disembodied abstractions, suggest that very soon the public domain, legally and phenomenologically, will disappear and everthing will become a legally definable commodity. And if everything can be owned, there may be social and ethical issues about access and freedom of information.
Privacy for You and Me and Him
FoI in the UK keeps its interest. There's controversy over exemptions information already available to the public, information held with a view to publication in the future, and information associated with national security. FoI Bills have come and gone, satisfying first one and then another interest group here. Controversy about privacy and confidentiality has many heads, like the Hydra.
RIP (the Regulation of Investigatory Powers Act 2000) allows employers to intercept communications "for the purpose of keeping a record" in a company. This includes preventing or detecting crime, investigating or detecting unauthorised use of the system, and ensuring the effective operation of the system. It implements the Telecommunications Data Protection Directive of the EU. Many see RIP as a licence to snoop.
Out of RIP came more regulations the Lawful Business Practice Regulations. Under this employers may intercept workplace e-mails "for operational purposes", for "routine access to business communications during the absence of staff", "interception for control purposes", and "monitoring for unauthorised use". This includes preventing computer viruses.
At the same time, Data Protection has kept busy. A Code of Practice came from the Data Protection Commissioner in November 2000. It is called The Use of Personal Data in Employer/ Employee Relationships. It can be accessed at the DP Web site at http://www.dataprotection.gov.uk. Section 6 deals with employee monitoring. This takes the form of behavioural monitoring or surveillance, and is often electronic (using CCTV or e-mail interception).
The Code recommends that employers should not monitor e-mails and phone calls. Private e-mails should not be opened. Its emphasis is on protecting employee privacy. RIP and LBPR seem to pull one way and the draft DP Code the other. To add to the business, there are the provisions of the Human Rights Act 1998 which provides for a right to respect for privacy, including respect for correspondence.
Records management is a field where digitization and confidentiality/privacy seem to come together in interesting ways. Prowling around the Public Record Office Web site (at http://www.pro.gov.uk/recordsmanagement/), you'll see how this is emerging in what is said about Access to Public Records. There's a new (second edition) manual of guidance about this for records managers with a strong emphasis on data protection and its principles.
The importance of DPA (Data Protection Act) comes through time and time again in the PRO newsletter, Records Management News. A guide for records managers and archivists to the Data Protection Act 1998 (published 2000) is also available, produced by the PRO, the National Archives of Scotland, and the PRO of Northern Ireland. Definitions, exemptions, and transitional arangements are fully discussed.
Signing off . . .
I could go on to Carnivore and how it's upset privacy interest groups, to cyber-squatting and Virtual Works Inc., to getting advice for setting up your Web site, the vexed world of software after Altai and Richardson, and the battle between telemarketers over brands like Budweiser. Maybe tasters of things to come.