Monday, 29 November 2010

Theft of digital objects in Japan

Japanese police have arrested two people suspected of stealing virtual goods from players of online game Lineage II. The pair tricked victims via a booby-trapped program that claimed to help people play the game. Instead of boosting a character's abilities the program stole account names and passwords. About 100 people are thought to have fallen victim, netting the pair about 1m yen (£7,630).The money was made by selling off the virtual items, such as swords, shields and armour, that players were using on their characters. Yu Nishimura and Kaori Tanaka are believed to have met via Lineage II. The scam revolved around a website supposedly giving away an add-on program that boosted a character's fighting prowess. The pair have been accused under Japanese laws governing unauthorised access to computers. If found guilty they could face fines up to 500,000 yen (£3,800) or a maximum of a year in jail. NC Japan, which operates Lineage II in the country, is also believed to be considering suing the pair for compensation. It claims to have spent more than 100m yen to secure the game against malicious hackers or those using add-ons and other tools to boost in-game abilities.

Thursday, 25 November 2010

E-Commerce directive: ensure freedom of expression and due process of law

EDRi has responded to the public consultation of the European Commission on Electronic Commerce Directive (2000/31/EC). This consultation, closed on 5 November 2010, aimed at assessing the implementation of the Directive in Member States, and at identifying limitations with the current text.
EDRi focuses its answer on the liability regime of the technical intermediaries set by Articles 12 to 15 of the Directive. This scheme applies to intermediaries providing access to the Internet as well as content distribution and hosting. From the users' perspective, this regime has a major impact on the level of freedom of expression, freedom of information, right to privacy and personal data protection on the Internet, as well as on the due process of law. From the technical intermediaries' perspective, it must ensure the needed legal certainty to run their activities.
EDRi's response stresses that the lack of clarity and precision of this regime does not currently allow adequate protection of human rights and the rule of law, nor does it ensure legal certainty for intermediaries. In support of this assertion, EDRi provides examples of concrete situations having occurred in different countries following the transposition of the Directive into national laws.
In order for the EU to respect its current obligations with regard to its own Charter of Fundamental Rights and its upcoming obligations under the European Convention on Human Rights, EDRi underlines the need to revise the current intermediaries liability regime as follows:
- Where an intermediary is not hosting the content (acting as a mere conduit, an access provider or a search engine), it should have no liability for this content, nor should it have any obligations with regards to the
removal or filtering of this content;
- Where an intermediary acts as a hosting provider, its liability with respect to the content hosted should be restricted to its lack of compliance with a court order to take down this content;
- Intermediaries should have no obligation to monitor content;
- Services and activities currently not addressed by the Directive (search engines, web2.0 services, hypertext links) should also benefit from the same limited liability regime.

E-money Directive and implementation proposals

See the 2009 Directive, the UK proposed implementation and some suggestions for improvement.

Monday, 15 November 2010

Euro-Commissioner on cookies and new Art.5(3) of 2002/58/EC

See her speech here - on the issue of how cookies can be made compatible with European privacy law via co-regulation:

But it will need to be one clearly based on the applicable EU legislation. Such a solution can go a long way towards facilitating compliance and avoiding divergence among the Member States. To get to such a solution, the self-regulatory framework would – in my view - have to include at least the following four elements.
  1. weffective transparency. This means that users should be provided with clear notice about any targeting activity that is taking place.
  2. consent, i.e. an appropriate form of affirmation on the part of the user that he or she accepts to be subject to targeting.
  3. user-friendly solution, possibly based on browser (or another application) settings. Obviously we want to avoid solutions which would have a negative impact on the user experience. On that basis it would be prudent to avoid options such as recurring pop-up windows. On the other hand, it will not be sufficient to bury the necessary information deep in a website’s privacy policies. We need to find a middle way. On a related note, I would expect from you a clear condemnation of illegal practices which are unfortunately still taking place, such as ‘re-spawning’ of standard HTTP cookies against the explicit wishes of users.
  4. effective enforcement. It is essential that any self-regulation system includes clear and simple complaint handling, reliable third-party compliance auditing and effective sanctioning mechanisms. If there is no way to detect breaches and enforce sanctions against those who break the rules, then self-regulation will not only be a fiction, it will be a failure. Besides, a system of reliable third party compliance auditing should be in place.

Thursday, 4 November 2010

Exercise for Friday 12th 12-2pm

You will now have formed your groups of 4 students - and assigned an article to each. You must have realized that's NOT all you had to do.
You MUST post 500-word summaries of the articles to this blog - via my email. So send me the draft once complete. That way we can all share the knowledge.

Monday, 1 November 2010

E-Commerce takes off - news item from March 1996....

Compuserve offers new web hosting service for e-commerce providers - explains that EDI will be overtaken in 1997. This is when Sacher researched his report, and OECD countries began to reconsider their legal frameworks.