Jul 11, 2022 | Information Technology Law, Intellectual Property
Social Media is Unavoidable. We’re confronted with social media in its various forms everyday. Politicians are endlessly tweeting and the person next to you on the bus is scrolling through Facebook. You may have even experienced the phone-focused pedestrian walking into you on the street. The thing all social media platforms have in common is that they involve posting content – text, photos and/or videos – which creates a risk of online copyright infringement.
What is Copyright?
Copyright is the right an author has over their own work. A ‘work’ may be written, such as a book or article, or it may be a piece of music, a painting, or a design such as an architectural drawing.
The expression of the work is important in determining copyright, rather than the idea. For example, if you read a book about an historic event, you could also write a book about that event. Copyright would, however, prevent you from copying sections of the original book and claiming it as your own. In the same way, you cannot use someone else’s photo of a landmark without their permission, but you may take your own photo of that landmark to use online.
Furthermore, it’s important to note that copyright does not relate to an idea. If you come up with a novel idea, someone else could still write about that idea as long as they didn’t copy your explanation of it. To have the protection of copyright, the ‘work’ must be sufficiently distinctive in its expression.
Are You Infringing Copyright on Social Media?
On a commercial level, it’s commonplace for businesses to ask to be ‘liked’ or ‘followed’ on social media. To gain and maintain a social following you need to provide valuable content to your audience. If this content is not purely your own, you might be infringing copyright.
Let’s take images as an example. Because copyright can exist in photos, posting someone else’s photos without their permission on social media is likely to infringe copyright. The owner – usually the photographer – has copyright over the photos.
Companies such as Getty Images and Shutterstock sell photos online. When you purchase an image from them, you are purchasing the right to use the image. Therefore to avoid infringing copyright online you should consider purchasing the rights to images, or taking your own photos.
The Consequences of Copyright Infringement
There are serious consequences if you are involved in copyright infringement. If you are posting on social media on behalf of your company, the ramifications can apply to both you and your employer. The owner of the content could sue you, leaving you liable for damages and legal costs. Your employer could terminate your employment, due to the reputation damage caused.
According to the 2017 Sensis Social Media Report, 79% of Australians are active on social media. If we look globally, there are 2.46 billion social media users according to Statista. Social media is so widespread that publishing content without permission may easily come to the attention of the copyright owner. Accordingly, you should keep copyright in mind if you are tempted to plagiarise a written piece or use an image or piece of music created by someone else on social media.
Get in touch for copyright or social media advice for your situation.
Jul 2, 2022 | Information Technology Law, Intellectual Property
Are you a mobile app developer or someone contracting with a developer to make mobile apps? This article aims to set out briefly some of the common copyright disputes that arise in the creation of mobile apps, what the law says, and what the process is for resolving these sorts of disputes.
Common disputes about mobile apps
Apps are becoming an incredibly important and prevalent aspect of modern life in Australia. From apps that assist with tax lodgment to payroll, to apps for finding a lawyer or the best restaurant, the amount of apps being developed has accelerated at a significant pace. Businesses in all sectors are attempting to provide goods and services differently, and mobile app developers are helping them do it.
Occasionally, issues may arise between developers and their clients as to who owns the underlying data in an app will the development is taking place. A dispute may also arise if the project is complete and the client withholds payment.
Developing an app can take months and even years. Clients might change their mind and decide to take a half finished app to another developer to complete. Clients may try to assert that the app, and the intellectual property therein is theirs, and may even withhold payment to the developer until the app – typically the source code underlying it – is given to them.
But really, who ‘owns’ an app before it is completed?
What the law says
The first place to look for answers to this question is the Copyright Act 1968.
- Under section 10, a “computer program” is included in the definition of a “literary work”.
- Under section 32, copyright of a literary work is effective if it was made in Australia by a suitably qualified author, even if it has not been published yet.
- Under section 35, the author owns the work.
- Under section 196, the ownership of copyright can be assigned (‘passed on’) to someone else, but an agreement to do so must be in writing.
Case law gives us some guidance of what happens if you don’t have a written agreement under s 196, or if the agreement is silent or vague as to the ownership of the program.
They tell us that if a business client asks for the app to be given to them, a term will be implied into the contractual agreement to allow this to happen. This is particularly the case where the business client is paying for the design and manufacture of the app, and where, objectively, there is no real expectation that the developer should retain the app/its source code for themselves or for the benefit of a competitor of the client.
Arguments may also be made that the app developer only has a license to the app, which would mean that the proper owner is the client, not the developer.
Resolving your dispute
Both the Supreme Court of NSW and the Federal Court of Australia can hear disputes concerning intellectual property. The starting point is your agreement. Without a written agreement, the dispute resolution process can be both complex and expensive.
The best advice before starting work on a mobile app is to agree in writing who will own what when the work is done, and at various stages of the work’s development.
Seek Legal Advice
Whether you’re a business or an app developer, if you have having issues around your app and its creation, we can provide additional information and advice to you regarding your situation. If you would like to discuss your concerns with a legal professional please contact us on (02) 9963 9800 or via our contact form.
May 21, 2022 | Information Technology Law
The Office of the Australian Information Commissioner has found that Uber failed to protect the personal data of Australians following a cyber-attack in 2016. Uber had been able to prevent the attack and subsequently paid the attackers a reward in exchange for the destruction of the data. The Commissioner conducted an investigation into whether Uber’s preventative measures complied with the Privacy Act 1988 (Cth) (‘Privacy Act’).
Do Australian Privacy Laws apply to International Companies?
Uber does not have a head office in Australia and therefore has no physical presence in Australia. As such, it did not have a direct contractual relationship with Australian drivers or passengers when the data breach occurred. Uber claimed that it was not subject to the requirements under the Privacy Act. However, the Commissioner determined that as Uber carried out business in Australia, section 5B(1A) of the Privacy Act applied. This section extends the operation of the Privacy Act extra-territorially to the acts of organisations which engage in Australia, despite being registered or having their physical presence outside Australia.
How did Uber breach the Privacy Act?
In their findings, the Commissioner determined that Uber failed to comply with three Australian Privacy Principles (APPs). We have written a previous article explaining these principles in more detail. In this case, the main breaches were:
- APP 11.1, which requires an entity to ‘take such steps as are reasonable in the circumstances to protect the information from misuse, interference and loss and [to protect the information] from unauthorised access, modification or disclosure’.
- APP 11.2, which requires an entity that no longer needs personal information it holds to ‘take such steps as are reasonable in the circumstances to destroy the information or to ensure that the information is de- identified’.
- APP 1.2, which requires an entity to take reasonable steps to ‘implement practices, procedures and systems relating to the entity’s functions or activities that will ensure’ compliance with the APPs and will enable inquiries or complaints to be dealt with.
As a consequence of these breaches, the Commissioner ordered Uber to implement a comprehensive data retention and destruction policy, an information security program and an incident response program to ensure that they can comply with the APPs moving forward. However, no fines were imposed on the organisation.
This decision has made clear that global corporations will be held liable under Australian privacy laws even if customers’ personal information is retained overseas. It is also important to note that Uber has faced proceedings in other jurisdictions including the United Kingdom for similar breaches, and where monetary sanctions were imposed.
How Etheringtons Solicitors can help
The findings of the Commissioner are a timely reminder of the importance of both inter and intra-national entities who operate within Australia to ensure they are meeting their obligations when dealing with personal information. If you require assistance with understanding privacy obligations, do not hesitate to get in contact with our experienced team by calling (02) 9963 9800 or via our contact form.
Apr 2, 2022 | Employment Law, Information Technology Law
Workplace surveillance and email monitoring have become the norm in organisations across Australia. However, many employees still do not understand their obligations or their rights when it comes to the use of computer technology in the workplace. The tension between an employee’s privacy and any potential restraint of trade conditions or copyright issues continue to be a source of contention in employment law, causing confusion for both parties. This blog will provide an overview regarding the law surrounding privacy and workplace surveillance, however if you are affected by this issue it is important to seek out legal advice.
Workplace Surveillance
The Workplace Surveillance Act 2005 (NSW) provides that a policy must be in place for an employer to undertake workplace computer surveillance. Employees must be given notice of that policy. Commonly, employers include a notice of surveillance in a new employee’s contract. However, if employers are introducing computer surveillance into the workplace they must provide employees at least 14 days written notice.
Under the Act the notice must include:
- The kind of surveillance to be carried out (i.e. computer, camera or tracking surveillance)
- How the surveillance will be carried out
- When the surveillance will start
- Whether the surveillance will be continuous or intermittent; and
- Whether the surveillance will be for a specified limited period or ongoing.
The Privacy Act 1988
The Privacy Act 1988 (Cth) regulates the handling of personal information by government agencies and organisations. The Australian Privacy Principles (APP) are enshrined in this Act. Principle 12 states that if an APP entity (which includes Government agencies and private organisations) holds personal information about an individual, the entity must, on request, give the individual access to the information. It is worth noting that the Act itself does not distinctively cover surveillance in the workplace. The employee records exemption under this Act provides an exemption to adherence to the APP for employers in certain circumstances. This means that employers are allowed to collect and store employee’s personal information if it is directly related to the employee-employer relationship, or if it forms part of an employee record.
However, employers should not assume that all the information they hold that relates to an individual employee would constitute an employee record. For example, the Office of the Australian Information Commissioner (OAIC) have given the example of financial correspondence received into an employee’s work email account. Whilst an employee’s bank details may fall within the meaning of ‘employee record’, the specific emails and their contents that an employee receives from their financial institution that is sent to their work email account, may not necessarily be part of an ‘employee record’ as it may not relate to the employment of the employee. Whether or not the content of emails sent or received by an employee forms part of their ‘employee record’ will always depend on the circumstances and you should seek advice regarding your particular case.
How do I know if my employer can view emails sent from my company email address?
If an employer has given notice that workplace emails are or can be placed under surveillance, then it is quite likely that your employer can view emails sent from your company email address. Most organisations have privacy and workplace surveillance policies that stipulate when and why your emails might be viewed by an employer.
If you are disputing your right to access to your personal emails on your work email accounts, the OAIC may have the jurisdiction to hear your complaint if you are arguing that the emails fall out of the employee record exemption prescribed in the Privacy Act. However, as mentioned previously, this is determined on a case by case basis and the law surrounding this area remains somewhat ambiguous. If you are unsure, it is best to seek legal advice.
The team at Etheringtons Solicitors are skilled in employment law and are ready and willing to assist you with your enquiry. If you would like further information, please do not hesitate to contact one of our experienced solicitors on 9963 9800 or via our contact form. For more articles, please see our blog here.
Mar 17, 2022 | Information Technology Law
The internet remains one of the most indispensable marketing tools for businesses, and a domain name is a piece of valuable intellectual property. However, domains are susceptible to being altered with malicious intent. Domain hijacking is one of the most relevant examples for this in our digital world. This article will help you understand what domain hijacking is and will take you through the different steps that should be taken to help you to protect yourself from the crime.
What is a ‘domain name’?
A domain name refers to a website address purchased from a Domain Registrar or from a hosting provider which provides the purchaser access to settings that control the domain usually for a fee. It allows businesses to uniquely distinguish their website source from other website sources. For example, ‘etheringtons.com.au’ is the domain name of Etheringtons Solicitors and allows our clients and broader community to easily identify our website and our services.
Domain names in Australia can be registered through the .au Domain Administration Registry. Before you can register the domain name that will appear on your website, you must ensure that:
- Your domain name is available (meaning it is unique and not currently owned by another person or business); and
- You have a valid Australian Company Number (ACN) or valid Australian Business Number (ABN).
What is domain hijacking?
Domain hijacking, also known as domain theft, is the act of changing the registration of a domain name without the permission of its rightful owner. This unauthorised type of cyber-attack causes web-addresses of organisations to be stolen without that organisation’s consent, predominantly through identity theft measures or phishing emails.
This allows the hijacker to alter account information and redirect online traffic to their own websites, which often are linked with the sale of counterfeit goods or black market operations. Therefore, losing access to your domain can be extremely detrimental to a business, especially those that run predominately e-commerce operations, as a domain name forms an important aspect of intangible property.
Recovering a hijacked domain name
If you are concerned that your domain name has been illegally hijacked, there are a number of actions you can take. These include:
- Confirming if the domain name was hijacked: if your domain name does not open to your website, it is easy to assume that somebody has hijacked the domain name. However, there are a number of reasons why a website may not appear, such as the domain owner failing to renew the domain name before expiry, or technical issues with the website hosting.
- Check your computer for malware, viruses and update security credentials.
- Getting in touch with your domain registrar: For example, the .au Domain Administration Registry can be contacted online through a general inquiry form.
- Checking the WHOIS records on the domain to determine who owns the domain name and if ownership has changed.
- Seeking legal advice and contacting a dispute resolution provider: Solicitors can launch a complaint on your behalf with the AU Dispute Resolution Policy (AUDRP) or Uniform Dispute Resolution Policy. These are specialised bodies which are tailored to handle domain disputes and complaints in a cheaper and more efficient way than litigation.
What steps can you take to protect yourself and your business?
There are a few precautionary steps that you can take to prevent your domain name from being susceptible to hijacking or other illegal activity. These include:
- Registering the domain name for an extended period and setting renewal reminders;
- Increasing the security by locking the domain name so it cannot be transferred without a password. For example, the AusRegistry or database for domains ending in .com.au, has a security measure called .auLOCKDOWN which allows owners to lock their domain name records and prevent unauthorised changes; and
- Always using multi factor authentication to protect your accounts.
How Etheringtons Solicitors can help
A solicitor at Etheringtons Solicitors can provide clarification of the relevant law in relation to your individual circumstances. If you need further advice or assistance with domain hijacking or other business law matters, please contact one of our experienced solicitors on (02) 9963 9800 or via our contact form.
Feb 4, 2022 | Information Technology Law
The digital landscape of cryptocurrency has drastically evolved with the emergence of NFTs. In 2021, businessman Sina Estavi purchased Twitter founder Jack Dorsey’s first-ever tweet for over $2.8m. Despite this recent surge in crypto-asset investment, however, the Australian Government has not yet directly addressed the regulation of NFT ownership. In this article, we aim to explore what it means to own an NFT and also identify how Australian law currently regulates this new form of currency.
What is a NFT?
“NFTs”, or “Non-fungible tokens” are units of data that are validated and stored in a blockchain; a cryptographic digital ledger. NFTs are capable of digitally representing any tangible or intangible asset ranging from digital artwork and domain names, to event tickets and real estate.
Unlike other cryptocurrencies such as Bitcoin, NFTs are entirely unique and cannot be replaced or replicated. The unique identity of NFTs ensures that the authenticity of digital assets can be verified. This assists in tracking the ownership of assets and reducing the probability of fraud.
Ownership of a NFT
When buying NFTs, owners are assigned a private key which is stored within a digital wallet and used to verify their proof-of-ownership. This private key is used by NFT owners to prove that their token is an authentic copy of the original asset.
NFT creators are issued a public key that is permanently recorded in the token’s metadata and made transparent in the NFT blockchain. This key serves as a certificate of authenticity that proves a NFT was created by a particular individual. On some platforms, creators may earn royalties when their NFTs are sold.
Ownership rights may only be transferred when written in a contract between parties. The scope of rights entitled to an owner is contingent upon the terms and conditions contained within the written agreement.
Why can’t I just copy and paste?
NFT ownership is seemingly unnecessary when a digital asset can be copied, downloaded or streamed for free. Whilst anyone may digitally access and screenshot NFTs, it does not mean that they are entitled to the rights of the original digital artefact.
The more frequently Jack Dorsey’s first-ever tweet is shared online, for example, the more market value the digital asset accrues. If a person were to capture a screenshot of Jack Dorsey’s tweet, they will not be granted any ownership rights because the screenshot does not have a unique key. Without this key, the screenshot cannot be recorded on the blockchain and claimed as an authenticated copy of the original tweet.
Is there legislation regulating the buying and selling of NFTs?
According to the Final Report released by the Senate in October 2021, ‘digital assets are generally not prescriptively regulated in Australia’.
In spite of this gap in governmental regulation, digital assets fall under the definition of a “financial product” within s763 of the Corporations Act 2001 (Cth). This means that many NFTs and crypto-assets exist within the scope of the Australian Securities & Investment Commission’s (ASIC) regulatory framework. ASIC stipulates that individuals or companies which purchase or sell digital assets must hold an Australian Financial Services Licence or, dependant on the circumstance, an Australian Market Licence.
What to look out for when buying or selling NFTs
It is important to consider the following when investing in NFTs:
- Counterfeits and scammers are apparent on online trading platforms. To avoid misleading or deceptive conduct, verify the true identities of NFT owners.
- The terms and conditions of blockchain platforms may impose restrictions on the rights of sellers and buyers. These terms will determine the buyer’s scope of ownership rights and may impinge on upon the rights of the copyright owner.
- You may be obligated to pay tax on capital gains. Be aware of the tax implications of buying or selling digital assets by visiting the Australian Taxation Office website.
To learn more about how Australian law applies to NFTs and other crypto-assets, please visit the ASIC website.
How Etheringtons Solicitors can help
A solicitor at Etheringtons Solicitors can provide clarification of the relevant law and its relation to your individual circumstances. If you need further advice or assistance with intellectual property ownership, please contact one of our experienced solicitors on (02) 9963 9800 or via our contact form.