Cloud Services Archives - IPOsgoode /osgoode/iposgoode/category/cloud-services/ An Authoritive Leader in IP Fri, 06 Aug 2021 16:00:00 +0000 en-CA hourly 1 https://wordpress.org/?v=6.9.4 Clouds Above the Pentagon /osgoode/iposgoode/2021/08/06/clouds-above-the-pentagon/ Fri, 06 Aug 2021 16:00:00 +0000 https://www.iposgoode.ca/?p=37948 The post Clouds Above the Pentagon appeared first on IPOsgoode.

]]>
Photo by Ěý (Unsplash)

Tiffany WangTiffany Wang is an IPilogue Writer, IP Innovation Clinic Fellow, and a 2L JD Candidate at Osgoode Hall Law School.

Ěý

In 2019, Microsoft and the Pentagon signed a via deploying cloud technology. One man was not too happy with the agreement. , Jeff Bezos, persisted in fighting for the lucrative contract, especially after the Biden Administration began work at White House.Ěý

Amazon Web Services, . Amazon’s efforts have not gone unnoticed.

, ending the feud between the two technology giants over the ten-year commercial contract. The DoD did not explicitly name the feud as the motivating factor for cancellation. Instead, the DoD announced that the ĚýJohn Sherman, acting Pentagon Chief Information Officer, stated that the inevitably call for novel strategies.

The JEDI deal has long been controversial. In 2019, Amazon suggested that the Pentagon award the contract to Microsoft due to . Moving away from a Microsoft monopoly, the current Biden administration welcomes bids from which satisfy the government’s standards. , and others have joined the ranks.

Companies anticipate competing for the new contract: . Attempting to canvass by military personnel.

The JEDI deal aims to upgrade the More than a contract duel, the JEDI deal acknowledges the rapid growth of the —and the pace at which the U.S. military needs to work to match this evolution.

Considering the forests rather than the trees, the Pentagon may have set its sights on competition from China instead of the clash amidst domestic technology titans. . In this cross-border military cloud computing race, the U.S. does not want China to win. If China wins the cloud computing marathon, the DoD will not celebrate on cloud nine.

The post Clouds Above the Pentagon appeared first on IPOsgoode.

]]>
Disruptive Innovation and Digital Integration /osgoode/iposgoode/2017/07/12/disruptive-innovation-and-digital-integration/ Wed, 12 Jul 2017 04:21:08 +0000 http://www.iposgoode.ca/?p=30797 Despite persistent fears of a surveillance state and artificial intelligence, the smart device market continues to expand with little chance of collapse. Accordingly, some of the sessions at the 2017 Canadian Telecom Summit (CTS17) focussed on how the telecommunications industry players in Canada are adapting to the rapid evolution of interconnected devices and an increasing […]

The post Disruptive Innovation and Digital Integration appeared first on IPOsgoode.

]]>
Despite persistent fears of a and , the smart device market . Accordingly, some of the sessions at the (CTS17) focussed on how the telecommunications industry players in Canada are adapting to the rapid evolution of interconnected devices and an increasing shift to digital media.

Included in these discussions were a keynote address by Sanjay Mewada (Chief Strategy Officer of Netcracker) on the shift to digital services and impact of tech giants expanding their territory on the competition telecom players will increasingly face. Companies like provide business support and operation support systems, software-defined networking, and network functions virtualization to help communication service providers meet the expectations of their customers.

At the CTS17, Mewada emphasized the importance of moving away from traditional communication services and towards the adoption of digital models in order to thrive in the modern telecommunications industry. He highlighted that emerging features, like being able to proactively control bandwidth allocation to optimize and enable active monitoring of usage by customers, are setting new standards for internet service providers.

With Google’s (allowing consumers to choose which device on a Wi-Fi network receives the fastest connection) and already on the market, Mewada asked if consumers “would really want to go back to not having any control over the allocation of your bandwidth?” Indeed, once these features become “a matter of priority and focus” in the eyes of telecommunication corporations, more and more consumers will “know what is possible, [and] no longer like to stay with the bare minimum,” he said.

So, what is the outcome of tech giants like Google, Apple, and Hulu introducing new features into the telecom sector? “Why did Google have to come in to show a cable service provider how to be a digital service provider?,” he asked.

Mewada noted, “it is not about coming up with a brand-new thing, it is about providing the consumer with the right digital experience.” This shift to focussing on the client experience is key in ensuring the success of the telecommunication industry and not losing substantial market share to tech competitors.

Of course, with any adaptation also comes challenge. Mewada emphasized how the need to accelerate the delivery of new services to market remains hurdle for services providers. With the expectations of clients constantly changing and the avant-garde of the home-digital experience being increasingly bombarded with new innovations, according to Mewada there “needs to be a retooling of the processes” behind moving products from conception to implementation.

Mewada noted that the innovations provided by Google, Netflix, and other tech giants are actually blessings in disguise because they “open the market to expect new things” from service providers. In response, service providers merely “need to be there to provide that” to stay competitive, he said.

One approach involves adopting a “fast-fail” model. The fast-fail model seeks to optimize the movement of a digital service from conception to market through the use of small sample sizes as a preliminary testing ground. If it succeeds, then escalate – if it fails, then forget it and move on. While fairly new to telecommunications, this model has been adopted by Alphabet’s X research division, which to everything from driverless cars to augmented reality eyewear.

Furthermore, he noted that part of remaining successful in the contemporary market will involve anticipating future trends and shortening the turn-around time for providing clients with the same quality of services and products competitors offer. When applications like can rise to billion dollar valuations in the span of a couple years, having an interdisciplinary team that is ready to roll out high-quality services is of the utmost importance for preventing clients from switching to a more up-to-date provider.

In the end, keeping pace with the rapidly evolving tech sector is paramount to remaining competitive and maintaining and expanding a telecom business’s market share. Accordingly, clients will consistently expect to receive the latest and greatest in home entertainment and utility without feeling left behind tech giants, like Google and Apple, who are putting pressure on the telecommunication sector to offer a higher standard of service. ĚýIn a dynamic and fast-paced field, perhaps Netcracker’s slogan of a business’s “most important step [they will take being] their next one” captures the pressure traditional telecommunications service providers will feel if they do not approach the industry proactively.

 

Dominic Cerilli is the IPilogue content editor and social media coordinator as well as a JD candidate at Osgoode Hall Law School.

***

ĚýThe brings together the leadership of Canada’s telecom, broadcast, and IT industries. For its 16th year, the CTS focussed on and featured keynote presentations and panel discussions on the range of issues facing industry and public policy makers in Canada. IP Osgoode and the IPilogue team members thank the CTS’ organizers ( and ) and for their generous support to allow us to attend.

The post Disruptive Innovation and Digital Integration appeared first on IPOsgoode.

]]>
An Interview with James Williams and Michael Power: Putting Privacy and Data Protection Under the Lens /osgoode/iposgoode/2013/12/06/an-interview-with-james-williams-and-michael-power-putting-privacy-and-data-protection-under-the-lens/ Fri, 06 Dec 2013 17:14:43 +0000 http://www.iposgoode.ca/?p=23707 The course Comparative Law: Privacy and Data Protection is offered this coming term at Osgoode Law School. IP Osgoode interviewed the course co-professors, James Williams (Osgoode site, personal site) and Michael Power (Osgoode site, personal site) for their insight on the exciting contemporary debates in the field. Whether you’re a law student interested in public […]

The post An Interview with James Williams and Michael Power: Putting Privacy and Data Protection Under the Lens appeared first on IPOsgoode.

]]>
The course Comparative Law: Privacy and Data Protection is offered this coming term at Osgoode Law School. IP Osgoode interviewed the course co-professors, James Williams (, ) and Michael Power (, ) for their insight on the exciting contemporary debates in the field.

Whether you’re a law student interested in public sector law, regulated industries like banking or healthcare, technology trends or information management, this course is for you. IP Osgoode extends a warm thank you to Williams and Power for their time for the interview as well as their passion for the study of privacy and data protection.

What drew you into the privacy and big data field of law?

MP: While with the Department of Justice in the 1990s I served as Coordinator of the Department’s Electronic Commerce Secretariat. I was one of the principle authors of the Electronic Documents Act. When that bill was merged with the then Personal Information Protection Act, literally at the last minute, I had to learn about that statute. Later, when I left government for private practice, the information security aspects of my law practice found me explaining privacy obligations to clients and the privacy law practice evolved from there. Privacy law represents the legal side of a juxtaposition of consumer/human rights/civil liberties law with technological innovation, which I find fascinating. You can literally “wait a moment” and see new legal issues arise as the consequences of technology deployment play out.

JW: I became interested in this area through taking a privacy law course with David Loukidelis and Murray Rankin. Privacy is a very broad (and to some degree nebulous) concept that has attracted attention from a wide variety of disciplines, including psychology, philosophy, economics and computer science. In addition to being notoriously difficult to define, it is intertwined with other areas of law, including constitutional and commercial law. There are some very deep problems in this area, both in terms of theory and practice. It also turns out that privacy is very fertile ground for computer scientists. There is a rapidly expanding body of work in both industry and academia that presents techniques to address privacy risks posed by data aggregation, data mining, ubiquitous computing, social networks and other technologies. While some areas (e.g., anonymization methods for data) have advanced rapidly, a lot of work remains.

How do you feel Canada is doing compared to US/EU re: data privacy?

MP: In terms of law, generally I think we’re in a better position that the US in that our comprehensive approach can deal with evolving issues. The American “sectoral” approach may or may not be able to address something new. However there are aspects of American law — genetic privacy, for example, that are further ahead of Canada. I also think the European approach, while also comprehensive, is more regulatory in nature and more problematic in operational terms. In some respects, governments in Canada think “privacy” as a legislative issue is “done” and I don’t see that in Europe or the US. I think the future evolution of privacy law in Canada will occur at the provincial level because of the constitutional limitations of the federal government in this area. For example, “revenge porn” can’t easily be dealt with under a PIPEDA/PIPA framework aimed at commercial exploitation of personal information.

JW: That’s a tough question. Canada has really drawn inspiration from the US, not only from its jurisprudence but also for some of the fair information practices. Nevertheless, our data protection regime was really crafted in response to developments in the EU. As Michael mentioned, we have a comprehensive approach that is applicable across industries. There are some gaps and weaknesses in our law, of course. Select sectors in the US are definitely ahead of their Canadian counterparts, and I think that the FTC likely inspires more terror than our privacy commissioners. Comparing the two systems is difficult, and perhaps fertile ground for a paper.

Is "big data" hype all it's cracked up to be? Do we have the person-power capacity in Canada to properly utilize it?

MP: Data analytics, which is what “big data” is all about, is fine in theory, with a lot of benefits both at the institutional and individual level. However, we’re far from achieving those benefits in that organizations in Canada, whether large or small, have immature data management regimes. I suspect those benefits will come but not before a lot of time, effort and money is wasted figuring out how best to get them. The “cloud”, as a concept, first arose in the 90s and is only gained traction in the last few years. Data analytics may follow a similar timeline.

JW: One has to be careful with buzzwords. Data aggregation and analysis has been around for decades, and a brief look at the work of Arthur Miller and Alan Westin shows that legal scholars have been concerned about these activities since the late 60’s. Since then, computing power and availability has improved significantly, the amount of data collected has grown, and there are some novel techniques that complement traditional methods of statistical inference.

I do think large-scale data analytics is going to be very useful as a tool for disciplines like medical research, materials science, biology, urban planning and ecology. However, a lot of the techniques are not easy to deploy. There are major issues with data acquisition, data quality/cleansing, choosing appropriate methods, and validating the resulting models. Some techniques work best with massive amounts of data and computing power.

The firms that have the requisite resources (both human and computational) and tacit knowledge have a major advantage. As a result, most of the people with the background for large-scale, distributed machine learning and data analysis are being drawn to the US.

I think it will be difficult for Canada to compete. Innovation is unlikely to arise from those large firms (e.g., banks and insurance companies) or government agencies that have experience with traditional data analytics. Startups in Canada don’t have access to the scale of funding available in the US, and it doesn’t make sense for promising ventures to stay. This also affects human resources; while Canada has a few world-class statistics and computer science departments, the small number of industry-oriented PhD graduates from those programs will likely be lured south.

How effectively are federal and provincial privacy commissions protecting Canadians' personal data? What are some of their challenges?

MP: The effectiveness of Privacy Commissioners is constrained by the legislation we have in Canada, which defines their roles, and their budgets. I think they do the best they can but there are limitations and we should ask ourselves whether we our expectations are too high and whether we should rely too much on them. As for challenges, I suspect the answer varies depending whether you’re speaking about the public, private or healthcare sectors. Each has their own issues.

JW: I think they have had a lot of influence, but their effectiveness is circumscribed by their legal powers and budget. Given their limited resources, I think they have been quite effective at promoting awareness of privacy issues and investigating complaints. The federal commissioner has been particularly active in sponsoring relevant research. Apart from obvious challenges like resourcing, it is difficult to keep up with advances in technology. Another challenge arises from the fact that they have fairly limited powers to make orders or impose monetary penalties.

"Young people don't care about privacy" is a common retort to proponents of ethical and contentious data collection. Do you believe this to be true?

MP: True? Not at all. That is a general statement concerning a complex subject. How I define my “privacy interests” may be different from that of a 16-year-old. “Young people” may have different, more nuanced notions of privacy but they are there. And for both of us, our requirement/need for privacy evolves as we age. I tend to believe that privacy — in all its forms — is an inherent aspect of the human condition.Ěý If we don’t have it when we need it, we’re somehow less than human.

JW: A fair amount of empirical research has been done on this issue, and while there are some pessimistic results, it is clear that young people do care about privacy. However, privacy is ultimately a social norm that is expressed through a variety of practices in a surrounding social context. The way that people interpret and achieve privacy differs according to such factors as culture, communication modalities and individual preferences. I don’t think young people care less about their physical privacy, but they do differ from older generations in the way that they think about online privacy.

Denise Brunsdon is an IPilogue Editor, a Western University JD/MBA Candidate, and researcher for GRAND (Graphics, Research and New Media) Centre and Commercialization Engine.

The post An Interview with James Williams and Michael Power: Putting Privacy and Data Protection Under the Lens appeared first on IPOsgoode.

]]>
Diagnosing Ontario's Electronic Medical Records Bill: Healthier, but Not Out of the Woods Yet /osgoode/iposgoode/2013/10/23/diagnosing-ontarios-electronic-medical-records-bill-healthier-but-not-out-of-the-woods-yet/ Wed, 23 Oct 2013 13:40:02 +0000 http://www.iposgoode.ca/?p=22843 The Ontario Government's new electronic health records bill has passed its second reading. The Electronic Personal Health Information Protection Act (Bill 78, EPHIPA or EHR Act), is a responsive and important - yet still wanting - update to Ontario's 2004 electronic health records legislation. The main update is the addition of Part V.1, a framework […]

The post Diagnosing Ontario's Electronic Medical Records Bill: Healthier, but Not Out of the Woods Yet appeared first on IPOsgoode.

]]>
The Ontario Government's new electronic health records bill has . The (Bill 78, EPHIPA or EHR Act), is a responsive and important - yet still wanting - update to Ontario's 2004 electronic health records legislation.

The main update is the addition of Part V.1, a framework for the administration of an electronic health record (EHA). and have provided strong shorthand summaries of the legislative changes. The Ontario Hospital Association (OHA) has also created a breaking Part V.1 down into its composite parts and providing descriptions for what the legislation actually means. The update mandates:

  • Privacy and security requirements that "prescribed organizations" managing EHRs must comply with, particularly in regards to collecting and sharing EHR data;
  • The process for consent directives –Ěýknown in some cases as the "lockbox" request or opt-out, where patients may refuse to share their their personal health information (PHI)Ěý–Ěýand the limits of consent directives (i.e. where third parties may be at risk of bodily harm);
  • An advisory committee be set up by the Minister of Health to provide EHR recommendations and guidance;
  • A requirement whereby the Minister of Health must take all direction intended for prescribed organizations to the advisory committee and Information and Privacy Commissioner before directing any prescribed organization; and
  • Increased breach of privacy fines of up to $100,000 for a convicted individual and $500,000 for a convicted organization.

Analysis

This is well-intentioned legislation. It is clearly aimed to provide much-needed privacy protections for citizens amidst the inevitable transition toward electronic medical data collection. My technical concerns centre on a few key issues, namely the ambiguity of a "prescribed organization", the opt-out limitations, the strength of the advisory committee, and the rigour of prescribed organization's accountability to the public. Not all of these need to be thoroughly addressed within the legislation. Certainly a technocratic bill can become impractical and quickly outdated, but it is my opinion that some of the issues could have been better fleshed out within the bill text.

Ambiguity of Prescribed Organization

Part V.1 is clearly a framework for EHRs, not regulatory guidelines for what bodies will be considered "prescribed organizations." It's conceptually difficult to agree on what powers prescribed organizations will (and will not) have without a conceptual understanding of which will fall under this term. eHealth Ontario is one group that will clearly receive "prescribed organization" status, but who else? In my opinion, the clear question that arises is to what extent private companies will be considered "prescribed organizations".

If there is no intent to allow private companies the designation, then why not draft the legislation more accurately and explicitly? The ambiguity of the term "prescribed organization" makes me uncomfortable.

The Opt-Out Limitations

Refusing patients to opt-out of PHI sharing is tricky. There are huge privacy and civil liberty concerns to allowing a health data collection group the right to override a patient's request for privacy. But, on the other hand, there are public safety implications that do merit some exceptions to the opt-out. In my opinion, the test for overriding the requested opt-out needs to be exceptionally high; to develop health care industry norms otherwise would be disastrous.

The OHA has also raised a valid point that the current wording of the legislation seems to imply that the opt-outs can only be made to the prescribed organizations (for example, eHealth Ontario). They rightly point out that health information custodians (HICs), such as doctors or long-term care facility staff, should also be allowed to take consent directives for patients wanting to opt out. This certainly seems to make sense from a patient care perspective; there is ease and intuitiveness associated with making your privacy requests directly to your health care practitioner.

Advisory Committee Strength

I believe in parliamentary committees, especially when they have teeth. Serious, legitimate, proactive, and credible committees staffed with a diverse mix of courageous and smart stakeholders are exactly what this province and country needs. Unfortunately, they are often susceptible to "committee-itus", passive rubber-stamping, or highly intellectual report-making. This advisory committee has a huge role to play in one of the most important public policy issues of the day. This committee needs to be implemented with immense focus and commitment by the Ministry. Also, the Privacy Commissioner should be involved in the committee structure and creation as a far more independent, less politicized body than the Government's health ministry.

Prescribed Organizations' Public Accountability

This legislation has a number of good public reporting requirements. It dictates that prescribed organizations must publicly account for their EHR safety and security measures, as well as other processes. One thing I noticed was missing - as did the OHA in their bulletin - was the risk management protocols for privacy breach disclosure process. What if a system is violated and information is shared? What onus is there on the prescribed organization to report the violation to the public? To the individuals whose information was breached? To the Ministry of Health? To the police? If they do need to report the breach, in how timely a manner does it need to be reported? Suffice it to say, there are a number of outstanding questions to be answered.

Increased fines are a strong incentive to prevent EHR privacy breaches but they are also a disincentive to report EHR privacy breaches. Realistically, there is a risk associated with electronic data. But the gains to efficiency and accuracy are so great, it seems as if we, as a society, are collectively agreeing to take on the increased risk. It's a logical, rational choice but we need to plan and manage that risk. In this legislation, the Government seems to say, "never allow privacy breaches." This is impractical. In my opinion, the Government instead needs to say, "do everything you can to prevent privacy breaches. If they happen, you must do the following..." Risk and crisis management protocols that make strong commitments to the public interest are a necessity.

The Bigger Picture

The more the world digitizes, the more important privacy becomes. With every piece of legislation of this nature, the Privacy Commissioner's office needs an adequate boost in funding and standing. The Ontario Privacy Commission is one of the best in the country, but it can only be so with apt resources.

We may need to think bigger. The public interest needs more than just a privacy watchdog, it needs government leadership on privacy. In the digital age, threats to our privacy civil liberties are coming from many more sides than ever before. On a daily basis, private corporations and the data they collect of us through information technology are one of the most important concerns for our privacy. They can collect and database our information about us when we write it and even when we play . If we're going to get serious about protecting our digital health information, I think we should get serious about protection.

Bill 78 is an attempt by the government to be proactive about digital privacy, but, in my opinion, it's only a drop in the bucket in the context of what we might need in the future. Is it time for ministries of public health to get more involved on privacy? Is it time to establish ministries of privacy? It's something to consider.

The concepts of ministries of privacy is a counterintuitive and controversial one, but I think something drastic needs to happen. Perhaps this is the way. The systems in place to protect citizen privacy need work. The current leadership in civil liberties and privacy offices are taking steps, but they are not keeping pace with developments in information technology. In the end, the solution isĚýmore information technology privacy legislation and only our governments can enact it.

Governments are now in an important and unique position to protect our privacy. We need a privacy commissioner to protect our privacy from intruding government action and we need a government to protect our private informationĚý– health-related and otherwise –Ěýfrom corporations that look to misuse it. Will they step up to the challenge?

DeniseĚýis an IPilogue Editor, a Western University JD/MBA Candidate, and researcher for GRAND (Graphics, Research and New Media) Centre and Commercialization Engine.

The post Diagnosing Ontario's Electronic Medical Records Bill: Healthier, but Not Out of the Woods Yet appeared first on IPOsgoode.

]]>
User-Generated Content Under Canadian Copyright Law /osgoode/iposgoode/2013/08/21/user-generated-content-under-canadian-copyright-law/ Wed, 21 Aug 2013 10:40:51 +0000 http://www.iposgoode.ca/?p=22173 User-Generated Content Under Canadian Copyright Law Featuring Professor Victor Nabhan Genest Global Faculty Thursday October 10, 2013, 9:30am to 5:00pm Osgoode Hall Law School, 91ŃÇÉŤ IP Osgoode and the Pierre Genest Memorial Fund are proud to present “User-Generated Content under Canadian Copyright Law”, a full day symposium focused on the legal and commercial aspects […]

The post User-Generated Content Under Canadian Copyright Law appeared first on IPOsgoode.

]]>
User-Generated Content Under Canadian Copyright Law

Featuring Professor Victor Nabhan
Genest Global Faculty

Thursday October 10, 2013, 9:30am to 5:00pm
Osgoode Hall Law School, 91ŃÇÉŤ

IP Osgoode and the Pierre Genest Memorial Fund are proud to present “User-Generated Content under Canadian Copyright Law”, a full day symposium focused on the legal and commercial aspects of user generated content (“UGC”) featuring , the Genest Global Faculty member for the fall 2013 term at Osgoode Hall Law School.

The symposium promises to be an informative, lively and entertaining one with live performances and demonstrations by various UGC artists and practitioners, followed by presentations by leading experts in academia, the legal profession, and industry.

Some of the topics for discussion include an analysis of the UGC exception under Canadian copyright law, the interaction of the UGC exception with fair dealing, specific legal aspects of fan fiction and appropriation art, and whether the UGC exception is in conformity with international treaty standards.Ěý Representatives from SOCAN, YouTube and BCE will also provide some insights on the commercial aspects of UGC and practical strategies for minimizing risks associated with UGC.

The panel sessions will be chaired by IP Osgoode faculty members, Professor David Vaver, Professor Carys Craig, Professor Ikechi Mgebeoji, and IP Osgoode’s founder & director, Professor Giuseppina D’Agostino.

Lunch will be served.Ěý Please RSVP to (Event Code: UGC) by October 3, 2013.Ěý All are welcome and there is no registration fee.Ěý Click for more information and the latest version of the symposium agenda.

The post User-Generated Content Under Canadian Copyright Law appeared first on IPOsgoode.

]]>
Acknowledging Copyright’s Illegitimate Offspring: User-Generated Content and Canadian Copyright Law /osgoode/iposgoode/2013/08/07/acknowledging-copyrights-illegitimate-offspring-user-generated-content-and-canadian-copyright-law/ Wed, 07 Aug 2013 10:49:48 +0000 http://www.iposgoode.ca/?p=22022 Bill C-11[1] provides for a new exception to infringement for user-generated content (UGC), along with new grounds for fair dealing. These provisions, combined with a strong and clear message Ěýfrom the Supreme Court of Canada’s pentalogy of copyright cases Ěýregarding users’ rights and the copyright balance, signal a new paradigm Ěýfor copyright law in Canada—one […]

The post Acknowledging Copyright’s Illegitimate Offspring: User-Generated Content and Canadian Copyright Law appeared first on IPOsgoode.

]]>
Bill C-11[1] provides for a new exception to infringement for user-generated content (UGC), along with new grounds for fair dealing. These provisions, combined with a strong and clear message Ěýfrom the Supreme Court of Canada’s pentalogy of copyright cases Ěýregarding users’ rights and the copyright balance, signal a new paradigm Ěýfor copyright law in Canada—one that tolerates a much greater level Ěýof interaction with copyright-protected works.

This chapter considers the shape Parliament has given to the UGC exception and examines its place within the scheme of the Copyright Act, particularly in light of recent Supreme Court of Canada jurisprudence. The chapter begins with a discussion of the definition of UGC, followed by an analysis of the statutory exception. It next considers the relationship between the UGC exception and the fair dealing exception. Although opponents Ěýmight characterize both the UGC exception and expanded fair Ěýdealing as unjustifiable encroachments upon the rights of copyright Ěýowners, this chapter argues that these exceptions reflect the shifting Ěýrealities of cultural production and dissemination.

 

1. Defining User-Generated Content

User-generated content, or UGC,[2] is a term that has been used to describe a fairly wide range of Internet-based activity from blogging to file-sharing.[3] Gervais, admitting the difficulty of defining a term that covers such a broad range of conduct, has characterized it as “content that is created in whole or in part using tools specific to the online environment and/or disseminated using such tools.”[4] Hilbert defines it not so much in terms of what it is, but in terms of who makes it, writing that UGC is “used to describe activities engaged in by those typically seen not as cultural producers but cultural consumers.”[5]

Although these characterizations emphasize different features of UGC, together they highlight the profound transformations wrought by the digital information context. On the one hand, digital technologies empower users of digital works to interact in new ways with copyright-protected content; at the same time, the proliferation of new and modified content from non-professional sources has undermined the traditional content intermediaries, creating a radically transformed context for the dissemination of information and cultural content.[6] It is precisely this new paradigm that underpins the recent Supreme Court of Canada copyright jurisprudence.[7]

The expansive definitions of UGC have led to further attempts to categorize UGC for the purposes of legal analysis. Trosow et al[8] offer a taxonomy for UGC that features three broad categories: creative content, small-scale tools (such as apps) and collaborative projects (such as wikis). In this taxonomy, the focus is on function, and it is certainly worth reflecting upon the broad range of purposes served by UGC. UGC may be innovative, creative or informative. Indeed, in fields of activity where UGC has had an impact on knowledge generation and dissemination, the focus of inquiry has been on the substantive issues around the quality and reliability of the new content, rather than on issues of copyright.[9] Copyright lawyers employ a different taxonomy. Gervais offers a taxonomy based on the nature of the content in relation to copyright principles. He would divide UGC into three broad categories[10]: content authored by users,[11] content derived by users[12] and content copied by users.[13] This taxonomy emphasizes the different ways in which individuals now engage with digital works and digital modes of dissemination. The focus on the characterization of the user’s activity, as opposed to, for example, the Ěýform of the work, is echoed as well in the Supreme Court of Canada’s Ěýemphasis in ĚýSOCAN v Bell Canada [ Bell ] on the importance of the perspective of “the ultimate users” and their purposes in relation to Ěýthe works at issue.[14]

The UGC exception in Bill C-11 is oriented only toward the second category in Gervais’ taxonomy: content that is created by users and that incorporates, to a greater or lesser extent, copyright works by others. It is therefore this category of UGC that will be the focus of this chapter. Because this chapter is about intellectual property law, it is the copyright lawyers’ taxonomy that is adopted. Nevertheless, it is Ěýimportant to note that UGC in its many forms is already becoming Ěýaccepted in different fields of activity as a source of information and Ěýcreativity, and inquiries in these fields have moved ahead to issues of Ěýhow best to use, integrate and derive benefit from these new modes of Ěýknowledge creation.

 

Featured here is the first part of a book chapter written by Teresa Scassa, Canada Research Chair in Information Law and Professor at the University of Ottawa. The full chapter is available for download . The book is entitled "The Copyright Pentalogy: How the Supreme Court of Canada Shook the Foundations of Canadian Copyright Law" edited by Michael Geist, and is available for purchase or download .

 


[1] Bill C-11, An Act to amend the Copyright Act, 1st Sess, 41st Parl, 2011. At the time of writing, the Bill has been passed into law, but its coming into effect has yet to be proclaimed. This is a matter of some concern. It is possible that ongoing industry opposition to provisions such as the UGC exception and expanded fair dealing is delaying and may derail the coming into effect of these amendments. They cannot, however, derail the fundamental transformations that have made addressing UGC and its relationship to copyright law essential.

[2] Note that the OECD has used the term “user-created content” or “UCC” to describe the same phenomenon. See: OECD Directorate for Science, Technology and Industry, Committee for Information, Computer, and Communications Policy, “Participative Web: User-Created Content” (12 April 2007) <>.

[3] Daniel J Gervais, “The Tangled Web of UGC: Making Copyright Sense of User-Generated Content” (2009) 11 Vand J Ent & Tech L 841 at 842 <www.jetlaw.org/wp-content/journal-pdfs/Gervais.pdf>. See also Steven Hetcher, “User-Generated Content and the Future of Copyright: Part One – Investiture of Ownership” (2007-08) 10 Vand J Ent & Tech L 863.

[4] Gervais, supra note 4 at 842. Note that the UGC provision in Bill C-11, supra note 2, is not limited to digital works and digital dissemination. Hetcher, supra note 4 at 873, also argues that digitization is a key element of UGC.

[5] Debora Hilbert, “Mass Culture and the Culture of the Masses: A Manifest for User-Generated Rights” (2009) 11 Vand J Ent & Tech L 921 at 924 <www.jetlaw.org/wp-content/journal-pdfs/Halbert.pdf>.

[6] See e.g. Yochai Benkler, The Wealth of Networks: How Social Production Transforms Markets and Freedom (New Haven: Yale University Press, 2006) <>; Cass R Sunstein, Infotopia: How Many Minds Produce Knowledge (Oxford: Oxford University Press, 2006); Mary WS Wong, “‘Transformative’ User-Generated Content in Copyright Law: Infringing Derivative Works or Fair Use?” (2009) 11 Vand J Ent & Tech L 1076 at 1077.

[7] For example, in Rogers Communications Inc. v Society of Composers, Authors and Music Publishers of Canada, 2012 SCC 35 at para 30, [2012] 2 SCR 283 <> [Rogers], the Court emphasizes the need to look beyond the “technicalities of the alleged infringer’s chosen method of operation”, and to focus on the substance rather than the form of online activities.

[8] Samuel E Trosow et al, “Mobilizing User-Generated Content for Canada’s Digital Advantage” (1 December 2010) <>.

[9] In the context of Volunteered Geographic Information (VGI), a subset of UGC, see, for example: Christopher C Miller, “A beast in the field: The Google Maps mashup as GIS/2” (2006) 41:3 Cartographica 187 <>; Michael F Goodchild, “Citizens as sensors: The world of volunteered geography” (2007) 69:4 GeoJournal 211; Sarah Elwood, “Volunteered Geographic Information: Key Questions, Concepts and Methods to Guide Emerging Research and Practice” (2008) 72 GeoJournal 133.

[10] Gervais, supra note 4.

[11] This type of content could include reviews of products or services, blog postings and photographs uploaded to social networking sites. (See e.g. Len Glickman and Jessica Fingerhut, “User-Generated Content: Recent Developments in Canada and the U.S.” (2011-12) 12:6 IECLC 49 at 49).

[12] This would be new content created through the modification of existing works.

[13] Note that others have argued as well that user-copied content takes on a new significance in certain contexts, and can thus also pose challenges for copyright law and policy. For example, the copying of copyright-protected content for viral dissemination on the Internet may be a way in which important ideas are shared more broadly than the copyright owner might wish (see e.g. Hilbert, supra note 6 at 937-38). Such issues are interesting and important, but are beyond the immediate scope of this chapter.

[14] Society of Composers, Authors and Music Publishers of Canada v Bell Canada, 2012 SCC 36 at para 34, [2012] 2 SCR 326 <> [Bell].

The post Acknowledging Copyright’s Illegitimate Offspring: User-Generated Content and Canadian Copyright Law appeared first on IPOsgoode.

]]>
Technological Neutrality: (Pre)Serving the Purposes of Copyright Law /osgoode/iposgoode/2013/07/04/technological-neutrality-preserving-the-purposes-of-copyright-law/ Thu, 04 Jul 2013 10:30:54 +0000 http://www.iposgoode.ca/?p=21629 In the realm of law, neutrality is widely hailed as a fundamental principle of fairness, justice and equity; it is also, however, widely criticized as a myth that too often obscures the inevitable reality of perspective, interest or agenda. It should come as little surprise, then, that the principle of technological neutrality, recently employed by […]

The post Technological Neutrality: (Pre)Serving the Purposes of Copyright Law appeared first on IPOsgoode.

]]>
In the realm of law, neutrality is widely hailed as a fundamental principle of fairness, justice and equity; it is also, however, widely criticized as a myth that too often obscures the inevitable reality of perspective, interest or agenda. It should come as little surprise, then, that the principle of technological neutrality, recently employed by the Supreme Court of Canada when applying copyright law to online activities, seems similarly fundamental in the copyright realm—but also largely mythical and potentially obfuscatory.

In what is now dubbed the Supreme Court’s “copyright pentalogy”—five copyright judgments released concurrently by the Court in July 2012[1]—the unprecedented importance accorded by the Court to the principle of technological neutrality is clear; what remains unclear is precisely what “technological neutrality” means, why it matters, and whether or how it can (or should) ever be attained.

This chapter aims to critically assess the significance of the principle and its potential to guide the future development of copyright law and policy in Canada. In Part 2, I set out the various shades of meaning that can be attached to technological neutrality, first as a principle of sound regulation, and then as a principle of statutory interpretation by the courts. I review, in Part 3, the reasons delivered by the Justices in three of the five cases to examine the various and divergent ways in which the principle of technological neutrality was defined and rationalized by members of the Court. I proceed to explore the application of the principle and its role in resolving the legal issues before the Court, drawing connections between conceptualizations of the principle and its interpretive impact, and focusing on its capacity to support the extension and/or circumscription of owners’ and users’ rights.

In Part 4, I consider whether the role accorded to technological neutrality as a guiding principle is justifiable or appropriate in the context of Canadian copyright policy. Arguing that its justification is found in, and flows from, the concept of balance at the heart of the copyright system, I proceed to offer some thoughts on its potential significance in the future of Canadian copyright law and in light of the recent amendments to the Copyright Act.[2] Part 5 concludes that the new emphasis placed by the Court on technological neutrality as a guiding principle is an important and positive development for Canada’s copyright system. The caveat, however, is that the principle cannot perform this role effectively if conceived (or rhetorically invoked) as a limited principle of formal non-discrimination that merely justifies the extension of copyright’s reach. Rather, I argue, it must be conceived in a functional sense, shaping copyright norms to produce a substantively equivalent effect across technologies, with a view to preserving the copyright balance in the digital realm.

 

Featured here is the first part of a book chapter written by Carys Craig, Associate Professor at Osgoode Hall Law School. The full chapter is available for download . The book is entitled "The Copyright Pentalogy: How the Supreme Court of Canada Shook the Foundations of Canadian Copyright Law" edited by Michael Geist, and is available for purchase or download .

 


[1] Entertainment Software Association v Society of Composers, Authors and Music Publishers of Canada, 2012 SCC 34, [2012] 2 SCR 231 <> [ESA]; Rogers Communications Inc. v Society of Composers, Authors and Music Publishers of Canada, 2012 SCC 35, [2012] 2 SCR 283 <http://scc.lexum.org/decisia-scc-csc/scc-csc/scc-csc/en/ item/9995/index.do> [Rogers]; Society of Composers, Authors and Music Publishers of Canada v Bell Canada, 2012 SCC 36, [2012] 2 SCR 326 <> [Bell]; Alberta (Education) v Canadian Copyright Licensing Agency (Access Copyright), 2012 SCC 37, [2012] 2 SCR 345 <> [Alberta (Education)]; Re:Sound v Motion Picture Theatre Associations of Canada, 2012 SCC 38, [2012] 2 SCR 376 <> [Re:Sound].

[2]ĚýCopyright Act, RSC 1985, c C-42 <>; Copyright Modernization Act, SC 2012, c 20 <>.

The post Technological Neutrality: (Pre)Serving the Purposes of Copyright Law appeared first on IPOsgoode.

]]>
Who Inherits Your Likes? /osgoode/iposgoode/2013/05/06/who-inherits-your-likes/ Mon, 06 May 2013 18:11:45 +0000 http://www.iposgoode.ca/?p=20843 Our myriad of online accounts for social media and other cloud services will all persist after our deaths. Until recently, not much thought was given to managing these digital assets after we pass.   Estate planning is something most people generally think aboutĚýas little as possible. Physical assets are often unbequeathed, and sometimes require complex […]

The post Who Inherits Your Likes? appeared first on IPOsgoode.

]]>
Our myriad of online accounts for social media and other cloud services will all persist after our deaths. Until recently, not much thought was given to managing these digital assets after we pass.

 

Estate planning is something most people generally think aboutĚýas little as possible. Physical assets are often unbequeathed, and sometimes require complex and extensive litigation to determine who inherits what. Many of us plan even less for what will happen to our digital assets.ĚýSome commentators have suggested dealing with digital inheritance simply byĚý. However this may run afoul of many end user agreements and terms of use, whichĚý. Many other people will make no estate plans at all, leaving these accounts to go dark, or requireĚý. Some technology companies, however, are now developing services and policies to deal with this very issue.

 

Service Provider Policies

In early April, Ěýa service to help users decide what will happen to their digital assets when they die. Named the "Inactive Account Manager," the service allows users to name a beneficiary for their accounts, or have their account data deleted. The service is triggered upon an account becoming inactive for a period of time defined by the user, who will also receive a notification before the period lapses. The announcement on Google's policy blog suggests the purpose is to plan for one's "digital afterlife," and to protect the privacy and security of a user's information when they die. This follows the implementation ofĚýsimilar policies by bothĚýandĚý.

Twitter and Facebook's systems operate through the reporting of deceased users.ĚýFacebook allows forĚýor removal of a deceased individual's account, while Twitter these accounts.Ěý Neither service allows for the accounts to be passed on to surviving friends or family; this is where Google's service stands out. Unlike Facebook and Twitter, Google implicitly acknowledges the value in theseĚýdigitalĚýassets, and provides for the ability to transfer those assets of value to others. This new feature covers accounts for Google's social media services like Google+ Profiles, Picasa Albums and YouTube, and can also apply to Google DriveĚýcloud storage and Gmail email accounts.

 

Discussion

From a broader perspective, this move by Google suggests that many online accounts are not merely for users to consume services, but these accounts develop into actual assets unto themselves. As these various online assets continue to be developed and increase in value, ownership and division of these assets may present serious legal questions. As Google's new service is enabling the inheritance of digital assets (thereby implicitly recognizing the value in them), a number of questions are raised about novel forms of property and what is included in the bundle of rights associated with them. There has been much discussion about who owns the data created in online services, but what about access to those accounts?ĚýAre social media accounts property? If so, who owns access to them? Are the accounts or access to them alienable, and if so in what circumstances? What about extending recognition of these accounts or access to them as property to other areas of law?ĚýIf these digital assets represent significant value, could they also be subject to matrimonial property division, orĚýotherĚýclaims of unjust enrichment? These will all be questions that are likely to be answered in the coming years.

SomeĚýcommentators have suggested thatĚý, develop laws governing inheritance of digital assets, and provisions to avoid executors from committing crimes by using log-in credentials left to them.Ěý This issue, however, has yet toĚýreceiveĚýmuch attention in Canada, and it seems that politicians have not yet been urged to address it. Only time will tell if governments will step in to legislate inheritance of digital assets as they have done with physical assets, or if they will leave it to a patchwork of inconsistent policies enacted on the whim of individual service providers.

 

Alex Buonassisi is an IPilogue Editor and a JD Candidate at Thompson Rivers University.

The post Who Inherits Your Likes? appeared first on IPOsgoode.

]]>
How Music Can Help You, And You Can Help Music – An Interview With Graham Henderson /osgoode/iposgoode/2013/03/21/how-music-can-help-you-and-you-can-help-music-an-interview-with-graham-henderson/ Thu, 21 Mar 2013 05:11:09 +0000 http://www.iposgoode.ca/?p=20566 I recently had the pleasure of sitting down with Graham Henderson, President of Music Canada, who will be inducted into the Canadian Music Industry Hall of Fame on Thursday, March 21 as part of Canadian Music Week 2013. In addition to representing record labels such as Sony, Universal and Warner, Music Canada’s role is to […]

The post How Music Can Help You, And You Can Help Music – An Interview With Graham Henderson appeared first on IPOsgoode.

]]>
I recently had the pleasure of sitting down with Graham Henderson, President of , who will be inducted into the Canadian Music Industry Hall of Fame on Thursday, March 21 as part of . In addition to representing record labels such as , and , Music Canada’s role is to “create a business environment where their members can flourish” using advocacy, political outreach, and other efforts.

Music Canada also runs the (i.e. certifying when a record has made platinum). Although famous for their efforts to strengthen copyright laws, copyright is not all that Music Canada does. For example, one of the initiatives Graham mentioned is in the area of ticketing/towing bylaws. When musicians play in clubs in Austin or Nashville, there are dedicated “artist loading zones” where the artists can park and load their equipment. The same is not true in Toronto. Many small clubs have very limited loading zones, and limited nearby parking. A single parking ticket can wipe out an entire night’s profit for some musicians, making it very difficult to practice their craft.

Another Music Canada concern is improving relations between the City of Toronto and the music industry to a similar level that the film industry has with the city. ĚýFor instance, the helps arrange location permits, police presence, emergency medical services, tax credits, and other services for film and television shoots on fairly short notice. In comparison, no such program exists for the music industry.

For example, Graham told a story about how the held in Toronto attempted to obtain a permit for . The planning process was initiated 8 months before the concert date, and the final permits to use the square did not come through until 3 days before the concert. As one might imagine, by that point the acts had been booked, media announcements had been made, etc. The organizers were taking a massive risk - had the permit not come through, the concert would have had to be cancelled, and the organizers would still have been on the hook for all costs – without the associated profits.

“Music is one of the most open formats in the universe, for all the credit they get for it.”

When asked what the biggest accomplishment from the recent Canadian copyright reform initiatives was, Graham didn’t cite digital locks or TPM protection, or the new part of the legislation targeted at pirate sites. The greatest accomplishment, he said, was the fact that we passed a bill at all. While there may be disagreement on the content of the reform, one thing many agree on was that copyright reform itself was badly needed. After three previous failed attempts, the fact that Bill C-11 passed in a global political climate where other copyright focused bills crashed and burned (e.g., and ), was nothing short of miraculous. “Our government passed a bill when SOPA and ACTA failed.”

He pointed to that stated that if the government enacted the bill, DRM would “lock up” content. It has been months since bill C-11 came into force, even longer since it was passed, and this assertion has not been true, at least with respect to music. To this day, music remains one of the most open, consumer-friendly content industries, a fact that Graham thinks the music industry does not get enough credit for. Today, music is sold in one of the most open, flexible formats available. The restrictive DRM you may find on other types of media is not present here. When you buy a song on iTunes, or elsewhere, you can play it on any device you own, anywhere you want, at any time you want.

There are no complicated digital hoops to jump through in order to satisfy a DRM mechanism or prove that you have the right to use the content you paid for. There is no need to purchase a new device that supports the DRM format of the file you purchased. Moving a song from your computer to an iPod (or a cell phone, laptop, MP3 Player, tablet, etc.) is as simple as cutting and pasting a file. It is truly a consumer’s dream.

There were in the music industry, but they were uniformly abandoned. It all comes down to history and market expectations. When the CD was introduced back in 1982, it was in a DRM free format. Conversely, as Graham notes, “the first DVDs were locked up, and people accepted that. But how many times do you re-watch a DVD?” It’s hard to watch a movie while jogging, or when you’re at work. But the same isn’t true for music. Many people listen to music throughout their entire day, playing the same songs over and over again. They take their music with them everywhere they go. Such behaviour requires a level of flexibility and convenience that would be very hard, if not impossible, to achieve with DRM protected content.

But it’s not just consumers that benefit from the openness of the music industry, its other artists too. “When you publish a song, that is fair game to create a cover.” When was the last time anyone tried to create a cover of a movie? Or a TV show? Or even a book? Well, with a song, you can.

Another thing Graham says the Canadian music industry deserves credit for is their response to the problem of piracy. While the to sue consumers in the US, these types of lawsuits are notably absent in Canada. And Canadian consumers mainly have Graham to thank for that.

“My policy was, we shouldn’t be suing people while we’re waiting for legislation.”

When Graham took over CRIA (as Music Canada was then known), there were a few brief lawsuits that went through the federal court system. This resulted in that basically stated that downloading music was legal in Canada. These lawsuits were appealed to the Federal Court of Appeal, not because of an intention to follow through with suing their customers, but as Graham noted “we simply had to appeal it to set the record straight.”

And they eventually did. The Federal Court of Appeal ended up . At that point, the music industry could have continued the lawsuits against the individual downloaders directly, however, they chose not to.

“The US did it to make a point. Because they had been polling people and practically everyone thought that downloading was OK. The objective was to make the point that, NO, it is illegal.” Similarly in Canada, there was pressure from a lot of sources, including independents and artists, to initiate a similar series of lawsuits, or otherwise send the message that downloading is illegal. But Graham decided to take a different route. “My policy was, we shouldn’t be suing people while we’re waiting for legislation.” Graham instead decided to focus on lobbying the government to pass copyright reform. It was hoped that a renewed message from Parliament, in the form of the passage of a new copyright bill and all the media coverage surrounding it, would send a message to Canadians that downloading music without compensation was not appropriate. To continue a lawsuit against consumers while lobbying for legislation would taint that process, attract undue notice and probably wouldn’t even work to curb downloading ().

Today, there are more ways to consume music than there ever was. From buying a CD in stores, to single song online retailers like , to digital radio services or even streaming subscription services like and , it has never been easier to get the music the music you want, how you want it, whenever you want.

“They are the canary, the first down the coal mine.”

The music industry has come a long way since it began. Usually it is on the forefront of the culture industries. Music was the first industry to switch to digital with . The MP3 player was the first digital media player. Digital download stores like iTunes started with music sales.

But with this innovation came its own set of problems. Graham joked that “they are the canary, the first down the coal mine.” Music had to forge its own path. And, for the most part, it has succeeded.

2013 marks the first year in over a decade that , and have even risen slightly. When asked for the reason for these changes, Graham cites many factors. Copyright reform is an issue, not just for any advantages the law provides, but for the fact that the law was actually passed. Canada is a law abiding country, and when the government sends a message that downloading is illegal, people take them at their word.

Digital music now , and labels are just getting better at marketing into this space. There are also more legal music services in Canada than ever before. As legal options for purchasing music are becoming easier and more convenient, consumers are changing their purchasing habits to include more paid music and less illegal downloads. But things are still not ideal for the music industry.

“There was a time when even if you never sold another CD anywhere else in the world, you could still make a living in a middle class life [in Canada].”

The addition of more legal services in Canada is a good thing, but they are contributing a very minute portion to the overall revenue picture as yet. For example, streaming services, at least as they exist today, do not represent a sustainable model. This unsustainability is due to the fact that streaming services usually only pay out fractions of a penny per stream.

He points to a now famous exchange between the band Grizzly Bear and their fans. In it, the band emphasises the fact that . While this generated the usual “your music stinks” or “go on tour” comments, many fans were also interested in how they could help. For those who are unaware, Grizzly Bear is a somewhat well known indie music band. They have played sold out shows at Radio City Music Hall yet .

“We have to build this back up for our young artists. They are aware that [older musicians] used to have homes, but now they can’t afford that.” Graham notes that many young artists are missing the same benefits given to artists in music’s heyday. “There was a time when even if you never sold another CD anywhere else in the world, you could still make a living in a middle class life [in Canada].”

One of the goals of Music Canada is to “create an environment where you can earn your living as a musician.” There are many ways to do this that fall outside the traditional realms of copyright and digital media. For example, ensuring that there areartist loading zones for bands as mentioned above. Cities and governments can also provide tax incentives to record albums in Canada, similar to the .

And it’s harder to earn a living as a musician today than it was a few decades ago. One of the main problems, of course, is copyright infringement.

“The musical middle class is at risk.”

Of course, copyright infringement has an effect on the industry, Graham noted. But the conversation needs to get away from copyright infringement or, as used in the popular vernacular, piracy. People don’t like to talk about piracy, but people care about artists. “I think the conversation needs to switch to… the effect of the digital age.”

One of the first policies Graham initiated as soon as he took over Music Canada was no lawsuits. So how else could they mitigate piracy? One way is to go after the pirate websites themselves. They do this by attacking their sources of funding. that advertise on pirate websites, and like MasterCard, Visa and PayPal.

When asked what message he would have for Canada’s youth, Graham’s message was simple: “support your artists.” As noted, there are fewer artists today that are able to own their own home and make a living in the industry. “The musical middle class is at risk.” Music plays a big part of our lives. Imagine games without music? Movies without music? When major events in your life happen, songs are playing. “Understand that the creation of music is not easy.” There are thousands of good jobs, where people go to work with nothing other than music and making careers work for people in their mind. “It will help you get through your depressions; it will help you get through your joy. To the government, it will create jobs, help the tax base and bring tourists to our great nation. Music can help you, and you can help music.”

 

Mark Kohras is an IP Osgoode alum and the current Features Editor for IP Osgoode. For more coverage of Graham Henderson and Music Canada, see our blog on Graham’s .

The post How Music Can Help You, And You Can Help Music – An Interview With Graham Henderson appeared first on IPOsgoode.

]]>
Developments in Data Protection in 2012 and Trends for 2013 /osgoode/iposgoode/2013/03/05/developments-in-data-protection-in-2012-and-trends-for-2013/ Tue, 05 Mar 2013 19:08:40 +0000 http://www.iposgoode.ca/?p=20375 The re-posting of thisĚýanalysisĚýis part of a cross-posting collaboration with MediaLaws: Law and Policy of the Media inĚýa Comparative Perspective. 2012 was a very busy year for Italian lawmakers. Several laws significantly amended the Italian data protection legal framework, as set forth in the Italian Data Protection Code (Legislative Decree No. 196/2003). It is, however, […]

The post Developments in Data Protection in 2012 and Trends for 2013 appeared first on IPOsgoode.

]]>
The re-posting of thisĚýĚýis part of a cross-posting collaboration with MediaLaws: Law and Policy of the Media inĚýa Comparative Perspective.

2012 was a very busy year for Italian lawmakers. Several laws significantly amended the Italian data protection legal framework, as set forth in the Italian Data Protection Code (Legislative Decree No. 196/2003).

It is, however, questionable whether these changes genuinely succeeded in achieving their main objective: reducing the administrative burdens on enterprises processing personal data. Furthermore, the various amendments to the Data Protection Code made the overall framework even less clear.

Here follows a selection of the most relevant innovations in the Italian data protection legal framework and a preview of the trends for 2013.

REVIEW OF 2012

• New definition of personal data and data subject
In December 2011 the Italian Government passed Decree no. 201/2011, which excluded legal entities from the definitions of “data subject” and “personal data”.

These amendments aimed at reducing the bureaucratic requirements and administrative burdens on data controllers processing personal data. However, uncertainty arose as to whether legal entities had been excluded in toto from the protection afforded by the Data Protection Code.

With its Resolution of September 20, 2012 the Italian Data Protection Authority (Garante) gave an official interpretation of the aforementioned amendments, clarifying that legal entities were still included in the definition of “subscribers”, and that the provisions set forth by the Data Protection Code for the latter (e.g. unsolicited marketing communications and telemarketing rules) therefore still apply to them.

• Cookies
With long-awaited Legislative Decree no. 69/2012, after almost a year of delay, Italy implemented EU e-Privacy Directive no. 2009/136/EC, which amended Directive 2002/58/EC and provided for an “opt-in” principle regarding the use of cookies (i.e. small files that store information on users’ computer equipment).

As a result of the implementation of the e-Privacy Directive:

− Storing information on users’ computer equipment and retrieving said information in the form of cookies is lawful only after having obtained users’ consent.

− Consent must be informed, i.e. data subjects shall be provided with an information notice, which can be simplified according to a resolution issued by the Garante.

− Consent can be expressed through the settings of a piece of software or other device.

User consent is not always required. In line with the guidance provided by the Article 29 Data Protection Working Party, users’ prior consent shall not be obtained for technical cookies such as session-ID cookies (e.g. shopping cart session cookies used for purchasing items online); authentication cookies and multimedia player cookies (e.g. FlashPlayer cookies), provided they expire at the end of each session; customization cookies (e.g. language preference cookies) or social network content sharing cookies for users who are “logged in” to the relevant social network.

Information shall in any case be provided to users, although consent need not be obtained.

As regards the information requirement, with Resolution of November 22, 2012 the Garante launched a public consultation among consumers and the main relevant operators to gather proposals and lay down appropriate user information mechanisms. The public consultation, which opened on December 19, 2012, will close on March 19, 2013.

• New data breach notification requirements
Legislative Decree no. 69/2012 required providers of publicly available electronic communications services (e.g. telecoms operators and Internet access providers) to deal with personal data breaches (i.e. breaches of security leading to the accidental destruction, loss, or unauthorized disclosure of, or access to, personal data processed in connection with the provision of a publicly available electronic communications service).

Under the new provisions, providers shall notify the Garante of the personal data breach without undue delay. In the most serious cases, providers shall also report breaches to the subscriber or other relevant individuals without delay.

On July 26, 2012, the Garante issued guidelines and instructions for the implementation of the new security requirements in specific connection with the circumstances in which a provider shall be obliged to notify of personal data breaches, the format of the notification and the manner in which the notification shall be made.

Furthermore, the Garante launched a public consultation on certain topics related to the implementation of the new requirements in order to harmonize the procedures and modalities of the notification of personal data breaches.

While the public consultation is closed, its outcome has not yet been published.

• Security measures
A recent Decree (no. 5/2012) simplified the security obligations imposed on data controllers.

In particular, the Decree abolished the obligations of those processing sensitive data (e.g. data disclosing racial or ethnic origin, sexual orientation or health) or judicial data (e.g. data disclosing convictions for criminal offences) by electronic means to draft and update a security policy document (“Documento Programmatico sulla Sicurezza”) by March 31 of each year.

This document shall include, amongst other content, a description of the relevant data processing operations carried out and the security measures implemented. In addition, the adoption of, and any significant update to, the security policy document shall be referred to in the minutes of a Board of Directors’ meeting.

Nonetheless, the other security measures prescribed by the Data Protection Code remain in place (e.g. computerized authentication, such as usernames and passwords, the use of authorization systems, and the implementation of back-up and restoration procedures for safeguarding data and systems).

• The processing of judicial data
Decree no. 5/2012 extended the possibility of data controllers processing judicial data. Before the Decree, the processing of judicial data was only allowed where authorized by either a specific statutory provision or by the Garante, specifying a substantial public interest justification, the categories of the processed data and the operations that may be performed on the data.

The Decree introduced the additional possibility of processing judicial data in accordance with agreements to prevent and counter organized crime entered into with the Ministry for Home Affairs and/or its peripheral offices. Such agreements shall specify the categories of processed data and the processing operations to be performed.

PREVIEW OF 2013

In 2013 there will be a new government in Italy, which will hopefully move towards a more comprehensive approach to data protection. Here follows a preview of the top privacy trends for 2013.

• Cookies
Recent changes to the rules on cookies are less substantial in Italy than in the rest of Europe. Indeed, the opt-in rule was actually already provided by the Italian Data Protection Code, even though it only applied to technical cookies. Any other type of unauthorized access or storage in the user’s PC was prohibited.

This rule, however, had never been enforced by the Garante and an opt-out through the user’s browser settings had been (and still is) common practice.

The opt-in rule for the use of cookies by website operators has stirred controversy about how to implement it from a practical standpoint.

Will the Garante’s new guidance on cookies help website operators to deal with the “opt-in” rule?

• Data breaches
2013 should be the year that more companies embrace the concept of security breaches within the context of their broader IT strategy in order to deal with security vulnerabilities.

Security on mobile devices should also be a major issue in 2013.

Guidance from the Garante is expected based on the recently closed public consultation.

• Mobile advertising
As the use of mobile devices and apps grows, tracking and profiling technologies will pose increasing risks to users’ online privacy and new challenges for the online/mobile business.

• Privacy by design and privacy by default
Mobile devices pose privacy challenges that are unique to the mobile context. Specifically, controllers and app developers will increasingly consider privacy issues from the very outset of the design process, under a privacy by design and privacy by default approach.

This approach will also characterize the development of any product or software involving the processing of personal data.

• Cloud computing
The ever-expanding adoption of cloud computing technologies by companies will raise significant issues, mainly surrounding a lack of control over personal data and questions about how, where and by whom personal data is processed.

• Binding corporate rules (BCR)
BCR are internal codes of conduct that establish policies for the transference of personal data outside the EU. European Data Protection Authorities launched BCR for processors on January 1, 2013. Over the next twelve months we expect an increasing number of multinational companies to start using BCR.

• EU Data Protection Regulation
The Italian data protection framework is set to be shaken up by the future EU Data Protection Regulation, proposed by the European Commission on January 25, 2012, which aims to reform data protection laws across the EU. The proposal is currently under scrutiny at EU level. Once it is formally adopted, the Regulation will be directly applicable to all Member States and businesses will have a two-year timetable to become compliant with the new obligations. Companies may wish to start considering the new requirements now in order to be well prepared once the Regulation enters into force.

The post Developments in Data Protection in 2012 and Trends for 2013 appeared first on IPOsgoode.

]]>