Digital content and the law

From Digipedia

Jump to: navigation, search

An understanding of legal issues is an essential requirement for any institution or individual who is in any way responsible for the development or deployment of digital content. Such an understanding must extend well beyond the recognition of intellectual property rights or the licensing for use of other people's content. With any developmental project there will be issues relating to contract and employment, data protection and freedom of information that must be dealt with, but in relation to digital content there will be in addition the need to address matters such as international issues and liability, e-security and dealing with inappropriate content. As more content is shared and more people external to the organisation can engage with that content, for example Web 2.0 blogs, tagging and Wiki technology legal issues become a major risk factor if they are not fully understood and built into the project or service of whatever size.


Contents

Purpose

The intention of this article is not to provide all of the answers that will be needed to deal effectively with any legal issues that may arise. Rather it is designed to provide a short introduction to the scope of legal issues to be considered and signposts to high-quality resources that has already been commissioned, some by the Strategic Content Alliance and some by the JISC. These resources - the IPR Toolkit and Web2Rights - provide a wide range of guidance and exemplars and taken together will provide for those involved in the digital content life cycle with the tools that they will need. These extracts ae licenced for use under the Creative Commons Attribution-Noncommercial Works 2.0 UK: England & Wales Licence.

Web2Rights

Web2Rights is a comprehensive guide to legal issues relating particularly to the use of Web 2.0 technologies in universities and colleges, funded by JISC. It covers legal matters likely to be faced when using Web 2.0 technologies but are equally relevant to the creation and licensing of digital content of all types, not least since it is now not uncommon for such services to exploit the new social technologies. The extracts from the Web2Rights Legal Issues Fact Sheet within this section refer specifically to universities and colleges, but they describe general duties that may apply across public sector institutions are therefore present a useful introduction to the range of legal issues that will need to be faced by those involved in digital content services. The reader is urged to explore the Web2Rights resource where there are animated guides, flow charts, diagnostic tools and podcasts along with references to other sources of guidance and information.

Strategic Content Alliance IPR Toolkit

The IPR Toolkit has been a part of the work of IPR consultants to produce a comprehensive toolkit for use by professionals and policy makers working across the public sector, which has been evaluated and amended following stakeholder peer review. It includes decision support tools, navigation resources with exemplars and detailed case studies from organisations representing interests of the sector represented by the sponsors of the Strategic Content Alliance, illustrating specific models adopted to deal with rights issues. Full details of the scope of of the IPR Toolkit and links to its content can be found at IPR and licensing.

A word of caution

It must be stressed that the guidance is just that, guidance, and cannot be used alone as insurance against particular problems that may arise. At the end of this entry there are further sources of advice that may be approached and if there remain uncertainties it will be important to seek professional help and advice.


Accessibility

(Extract Web2Rights Legal Issues Fact Sheet) Accessibility laws are in place to ensure that Web 2.0 services are accessible by users with disabilities. The Disability Discrimination Act 1995 (as amended by the Special Educational Needs and Disability Act 2001) requires service providers (including those offering education services) to ensure the accessibility of their services by users with disabilities. This includes a proactive duty to consider accessibility, and a requirement to make reasonable adjustments where necessarily to allow access. Although the legal duty applies in relation to users with disabilities, accessibility should be seen in a positive light as benefiting all.

For further information on the legal duties to which institutions are subject, please refer to the joint JISC Legal and TechDis webcast. The JISC TechDis service provides guidance as to accessibility policies, and in relation to technologies which might provide a reasonable adjustment as required by the law.


Contempt of court

(Extract Web2Rights Legal Issues Fact Sheet) Although perhaps less likely to arise than the other issues with regards to the legal issues arising from engagement with next generation technologies, disregard for the authority of the courts of justice e.g. ignoring a court order is criminal offence.


Data protection

(Extract Web2Rights Legal Issues Fact Sheet) If you are developing a digital content service that involves Web 2.0 technology and will be dealing with information about individuals then you will need to consider the Data Protection Act 1998. The applies to personal data about living, identifiable individuals. Thus if you develop digital content that might include which might include name, address, age, student number (which can then be linked with the name of the student elsewhere) then the terms of the Data Protection Act will apply. The Act imposes obligations on the data controller. A data controller is the organisation that makes the decisions as to how and why personal data is to be processed.

Data protection principles

The Act requires the data controller to act in accordance with eight principles:

  • Personal data shall be processed fairly and lawfully
  • Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes.
  • Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.
  • Personal data shall be accurate and, where necessary, kept up to date.
  • Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
  • Personal data shall be processed in accordance with the rights of data subjects under this Act.
  • Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
  • Personal data shall not be transferred to a country or territory outside the European Economic Area, unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.


Defamatory, obscene and other unlawful content

(Extract Web2Rights Legal Issues Fact Sheet) Of particular concern to the providers of next generation technologies may be the potential liability for hosting infringing material (for example if contributors post defamatory or obscene material or works which infringe copyright). The E- commerce Directive and Regulations provide for some immunity against liability for a service provider which hosts, caches or acts as a conduit for unlawful content so long as certain criteria are met. Broadly the service provider who hosts or caches unlawful information will not be liable for damages or for any other pecuniary remedy or for any criminal sanction so long as they do not have actual knowledge of the unlawful activity or information and is not aware of facts or circumstances from which it would have been apparent that the activity or information was unlawful. Neither should the service provider have had a hand in transmitting or in any way altering the information. Please note that the E-Commerce Directive and Regulations do not apply to ISP's located outside the European Union. So if the plan is to use an ISP located in the US, make sure that the service complies with the legislation of the country where the ISP is located.

Although the rules are somewhat complex (for instance they do not state what is meant by expeditiously, nor how actual knowledge is obtained by a service provider), in general service providers have sought to mitigate liability that might arise by putting into place a notice and take down procedure and by making the service subject to specific terms and conditions (which usually exclude liability of the service provider. Such terms and conditions can be found on the website of the service provider. Most notice and take down procedures provide that when a service provider receives notice that allegedly infringing material is on the site and/or on the equipment operated by the service provider, then the material is removed. While instituting such a procedure is good practice, there are factors that providers of Web 2.0 technologies within the academic sector might like to consider:

  • The procedure for taking down allegedly infringing material. Will any investigation be made as to the identity and provenance of the complainer prior to removing the material?
  • Put-back Procedure. Will the service provider consider instituting a ‘put-back’ procedure whereby the material is automatically re-instated should it be found to be non-infringing?

A number of jurisdictions are starting to require service providers to install filtering software (dealing notably with material that infringes copyright) in order to maintain immunity from suit. Whereas liability in these cases tends to arise where the provider of the next generation technology is profiting from a business model that infringes copyright belonging to third parties (such as a service that makes clips of videos available profiting from advertising revenue) some thought might be given to the possibility of building filtering tools in educational Web 2.0 technologies.


e-Security

(Extract Web2Rights Legal Issues Fact Sheet) This is generally taken to mean the laws and technologies involved in keeping information secure. Issues that may arise and their relationship to specific legal regulations include:

  • The lawful interception of data under controlled conditions (The Regulation of Investigatory Powers Act (2000) and Regulation of Investigatory Powers (Scotland) Act (2000) (RIPA) and the Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 (Lawful Business Regulations))
  • Security of personal data (Data Protection Act 1998);
  • Regulating the information to be made available via cookies and other tracking devices (The Privacy and Electronic Communications (EC Directive) Regulations 2003 (the Anti-Terrorism Crime and Security Act 2001)
  • Also of relevance are the Prevention of Terrorism Act 2005 and the Terrorism Act 1996 (which permit orders to be made in specified circumstances prohibiting the use of inter alia the Internet), and the Human Rights Act 1998.

Further information about E-Security can be found on the JISC legal site Interception and Monitoring of Communications in FE and HE, April 2006 and related podcasts.


Freedom of information

(Extract Web2Rights Legal Issues Fact Sheet) Universities and other public higher education establishments are subject to the Freedom of Information Act 2000 (or, for Scottish-based institutions, the Freedom of Information (Scotland) Act 2002). This requires institutions to have adopted a publications scheme, giving details of routinely produced information and how it may be obtained, and it requires institutions to supply information upon request (subject to certain exceptions).

Further information on the Freedom of Information legislation is available in the JISC Legal Freedom of Information Overview paper and the JISC Legal Essentials paper.


Incitement of racial hatred

(Extract Web2Rights Legal Issues Fact Sheet) Inciting either racial or religious hatred is a criminal offence. Publishing and disseminating online materials that are likely to incite such hatred is also a criminal offence. As corporate entities FE and HE institutions, and therefore JISC projects, have a responsibility not to publish and disseminate racist materials in any format including electronically. As well as the likely reputational damage, as public authorities, FE and HE institutions have a general statutory duty under The Race Relations Act 1976 (as amended), in carrying out their functions, to consider the need to eliminate unlawful discrimination and to promote equality of opportunity and good relations between people of different racial groups. Incitement to racial hatred is governed by section 21 of the Public Order Act 1986, whilst the Racial and Religious Hatred Act 2006 makes it illegal to threaten people because of their religion, or to stir up hatred against a person because of their faith. It is designed to fill gaps in the current laws, which makes it illegal to threaten people on the basis of race or ethnic background. This Act extends to England and Wales only.


Intellectual property rights and licensing

(Extract IPR Toolkit) Intellectual Property Rights (IPR) and licensing issues will be central to the creation, sharing and delivery of e-content, amongst sponsors of the Strategic Content Alliance and other public-sector organisations. However, the complexity of rights and permissions associated with the broad range of e-content held by public-sector bodies, plus the necessity for succinct processes, documentation and staff awareness to manage such issues, means that access and use of e-content may not always be optimised. In typical circumstances where public-sector bodies are likely to generate their own IPR, as well as be responsible for providing access to IPR owned by third-party rights holders, it is important that these issues are addressed in order to maximise opportunities and also remove potential barriers in the sharing of e-content within and across the public sector.

The types of e-content that are typically encountered, owned and generated by public sector bodies include a combination of both born-digital and digital surrogate material, including:

  • Research data and derived data
  • Photographs and images
  • Audio visual material such as broadcasts, footage, sound recordings and film
  • Journals, books, newspapers, policy documents, and other print material
  • Ephemera (postcards, posters, flyers etc)
  • Archival and unpublished material such as manuscripts, letters and diaries
  • User-generated content
  • Databases
  • Multimedia

Much of this content, particularly in digital form, will combine various different varieties of content-types.

Crucially, the length of copyright protection, the heterogeneity of this content and the likelihood of mash-ups and creations of media-rich works, will result in multiple layers of rights, owned by a diverse range of rights holders. Rights holders can include any of the following and a combination thereof located across international jurisdictions:

  • Public-sector bodies themselves
  • Creators
  • The Crown
  • Licensing agencies and other nominated agents and administrators
  • Business and other sectors
  • Non-staff and other third-party rights holders

However, out of all these, a growing and unresolved issue for public-sector bodies remains the vast quantity of culturally, historically and academically valuable works, usually of low commercial value, for which the rights holders are unknown or cannot be traced, (so called ’orphans works'). A recent survey of 503 respondents across the public sector, carried by the SCA and the Collections Trust, has revealed the figure to be around 5–10% of all works, which at a minimum extrapolation, would amount to 25 million works across the cultural heritage sector alone. Evidence pulled from the SCA IPR Case Studies also reveals that in most digitisation projects, the costs of identifying and negotiating with rights owners exceed the costs of acquiring the actual licences.

Dealing with copyright-protected works and, specifically, those that might be classed as ’orphan works‘ reinforces the importance of basic IPR and licensing literacy across the public sector. In particular, the effective management of rights needs to be supported by standard forms, documentation systems and high levels of staff awareness about copyright and risk management. This is important in order for public-sector bodies to make informed decisions to take full advantage of their content, providing public access and reducing risks. Certainly, rights management should be seen as an ongoing process within a broader IP ecosystem of events, workflows and standards, rather than an occasional, one-off event.


Liability issues

(Extract Web2Rights Legal Issues Fact Sheet) There are three types of liability issue which should be taken into account in relation to an institution’s use of Web 2.0 technologies:

Contract liabilities due to breach of contract

In an increasingly business-like environment, more students are likely to see themselves as customers of a service-provider. In litigious times, this may mean students considering bringing an action for breach of contract where the education provision does not meet the standard to which they thought themselves entitled. This may become particularly prominent in England and Wales, due to the current student fees regime. Such actions may be based, for example, on an institution’s failure to deliver the promised number of teaching hours, or a failure to provide a specified level of support otherwise.

Negligence based liability due to failure to meet the required standard of care

The law of negligence represents the second category of liability. Even in the absence of contract, the law requires each institution to take reasonable care in the exercise of its business, and failure to reach the required standard of care will open the institution to potential liability. This sort of liability will apply where an institution fails to take the precautions that a reasonable man would take in that situation to avoid the potential loss or damage occurring. For example, the public posting of security information about a business allowing thieves “inside knowledge” of that business’s premises might lead to a claim if the premises are burgled as a result.

Specific liabilities

The third category of liability includes legal risk in respective of specific actions, such as secondary infringement of copyright, as described under intellectual property above, or vicarious liability for defamatory statements published by way of a Web 2.0 technology. Further details of liability for illegal materials, including obscene publications, defamatory materials, and materials relating to terrorism can be found in two JISC Legal Information Service papers on ISP Liability (1), (2). It is also clear that, in addition to (and irrespective of, in many cases) any judgment found against the institution, the publicity surrounding a breach of contract or failure of duty will affect the institution’s reputation.


Prevention of terrorism

(Extract Web2Rights Legal Issues Fact Sheet) The Terrorism Act 2006 aims to outlaw incitement to terrorist activities and will include incitement through websites and email communications and is of relevance to the educational sector. The Terrorism Act 2006 contains a comprehensive package of measures designed to ensure that the police, intelligence agencies and courts have the tools they require to tackle terrorism and bring perpetrators to justice. Although not specifically information technology related, new criminal offences have been created including:

  • Acts Preparatory to Terrorism
  • Encouragement to Terrorism
  • Dissemination of Terrorist Publications
  • Terrorist training offences

Many of these crimes may be committed or facilitated by computer use and FE and HE institutions should play their part in ensuring that such crimes are not committed or facilitated on their computer systems. Reporting suspicious activity to the police is essential. Universities and colleges are being urged by the UK government to take seriously the problem of extremism on their campuses. Practical guidance has been issued which points out universities and colleges responsibilities within the law and clarifies the legal position. .


Sensitive personal data

(Extract Web2Rights Legal Issues Fact Sheet) Where personal data becomes ‘sensitive’ then the data controller has additional responsibilities. Data becomes sensitive if it includes any of the following types of information about an identifiable, living individual:

  • Racial or ethnic origin
  • Political opinions
  • Religious beliefs
  • Trade union membership
  • Physical of mental health
  • exual life
  • Commission of offences or alleged offences.

Where processing is of sensitive personal data then, in general, consent to processing must be explicit. When using Web 2.0 technologies in the educational environment it may be that the contributors to the project and/or the users of the technology disclose sensitive personal data as part of the educational experience, or the project might include personal clinical content. If this is likely to be the case, then explicit consent of contributors should be obtained to processing of the data.

The same project plan developed for the purposes of defining the copyright strategy can be used to define a data protection strategy. The JISC Legal Information Service have a most useful Data Protection Compliance Check List. Further information and guidance is available in the JISC Legal Code of Practice on Data Protection and in particular s.12.6 Web 2 Services. In the context of e-administration, the JISC Legal paper on Data Sharing in FE and HE Administration considers the issues of personal data transfers.


Links to IPR Toolkit Resources as PDFs

Reports

IPR Toolkit Overview

IPR Case Studies Full Report

Practical tools

3.1 Getting Permissions

3.2 IPR Risk Assessments

3.3 Terminology Toolkit Paper

3.4 Top Tips for Issuing Licences

3.5 Top Tips for Requesting Licences

3.6 Model Consent

3.7 IPR Model Licence

3.8 Template Email Permissions Form

3.9 IPR Template Permission Letter

3.10 Rights Management Template

3.11 IPR FAQs

3.12 Model Contractual Clauses for Requesting Permission from Staff

3.13 Example Consortium Agreement

3.14 Model Contractual Clauses for Requesting Permission from Students/Volunteers

3.15 Model contractual clauses for requesting permission from freelancers/subcontractors

3.16 Template Terms and Conditions of Service

Template policy statements

2.1 Draft Institutional IPR Policy Statements

2.2 IPR and Licensing Blue Print for Funding Bodies and Recipients of Funding


Related Digipedia links

Copyright

Creative_Commons

Digital content and the law

IPR_and_licensing

IPR case studies

IPR FAQs

IPR licensing blueprint

IPR policy statement for the public sector

IPR terminology toolkit

Rightsholder

Web 2.0 and IPR factsheet

Web 2.0 and legal issues factsheet


Other links

General resources

Intellectual Property Office: Overview of the legislative framework and policy issues/developments regarding Intellectual Property Rights

Office for Public Sector Information: Information about Crown Copyright material, click use licence for reusing Crown Copyright material and access to the consolidated copyright legislation.

British Library Business and IP Centre: Provision of resources, support and advice relating to the creation and exploitation of IP within a business context

Licensing schemes and open content licensing initiatives

Copyright Licensing Agency (CLA)

Design and Artists Copyright Society (DACS)

Creative Commons

Resources for health professionals

National Library for Health

Resources for schools, colleges and universities

JISC Digital Media Online Image Finding Tutorial: Interactive tool providing information about how to find images online which can be used with the least amount of restrictions

Web2Rights Project: JISC funded project providing interactive copyright and other legal issues tools, resources and charts for use by JISC funded projects

JISC Casper: Interactive tools and associated resources for dealing with copyright issues in schools and projects who are reusing content

JISC IPR and Web2.0 Animation: IPR and Web2.0 animation commissioned by JISC and built around the Web2Rights project deliverables

Becta: Information about IPR for schools

JISC IPR Consultancy: Briefing documents about IPR and monthly IPR Newsletter

JISC Open Content Licences Overview Paper: Overview paper providing guidance about the use of open content licences for JISC funded projects

JISC Model Licence Interactive: Interactive tool which provides an overview of the benefits of the JISC Model Licence

TrustDR Project: JISC funded project providing supporting documentation relating to the establishment of a digital rights management system for repositories

JISC Legal: Support for HEIs and FEIs on legal issues

OSS Watch: Support for HEIs and FEIs on open source licences

Resources for the cultural heritage sector

Collections Link: Comprehensive resources relating to IP and licensing for cultural heritage bodies

UKOLN

Retrieved from "http://beta.digipedia.org.uk/wiki/Digital_content_and_the_law"