Electronic Communication Legislation
24
ABCD Electronic Communication Legislation Mark Heyink 6 th November 2002
-
Upload
jaime-sandoval -
Category
Documents
-
view
33 -
download
0
description
Electronic Communication Legislation. Mark Heyink 6 th November 2002. The Uncertainty In Our Law. Three important factors affecting jurisprudence: Accelerating speed of change challenges our ability to create law by ‘traditional’ methods - PowerPoint PPT Presentation
Transcript of Electronic Communication Legislation
ABCD
Electronic Communication
Legislation
Mark Heyink6th November 2002
Mark Heyink
Mark Heyink
The Uncertainty In Our Law
Three important factors affecting jurisprudence: – Accelerating speed of change challenges our ability to
create law by ‘traditional’ methods – Novel concepts and legal personalities challenge precedent
and the physical paradigm in which they were created– Globalisation challenges our concept of sovereignty and
requires collaboration in law making
These uncertainties will prevail beyond our lifetimes
Uncertainty equals risk
We have to manage this risk!
Mark Heyink
Risk Management
A different approach to the legal challenges of the knowledge age
Pro Active, inter-disciplinary management of the legal risks and not the consequences of the risks
One of the risks is the uncertainty in the law
Awareness is the most important tool against any risk
Mark Heyink
IT Governance
King II for the first time places the responsibility of IT governance at board level
Compliance with new laws critical
King II also specifically recognises that there will be deficiencies in our law that will require ‘self-governance’
Access to information not purely an IT issue but there will be a high and increasing dependency on IT
“In today’s economy and, and with the reliance on IT for competitive advantage, we simply cannot afford to apply to our IT anything less than the level of commitment we apply to overall governance”- IT Governance Institute
Mark Heyink
Electronic Communications and Transactions Act
Sect 11 the most significant section in the Act:
– “Information is not without legal force and effect merely on the grounds that it is wholly or partly in the form of a data message”
Data message:– data generated, sent received or stored by
electronic means and includes– Voice …where used in an automated
transaction– A stored record
Mark Heyink
“Writing, Original and Retention”
The Uncitral Model Law is followed
All allow for information to be in the form of a data message as long as it can be displayed or produced and the integrity of the data message is maintained
How is the integrity of data messages maintained?
Digital signatures serve the same purpose in identifying, author, verification, acknowledgement and assent as handwritten signatures do. But they do more. They also provide assurance as to the source and integrity of the communication which handwritten signatures do not
“A digital signature ….is to this extent superior to a handwritten signature”- Thomas J Smedinghoff
Mark HeyinkSignature
Electronic signature: -– data attached to , incorporated in or logically associated with other data, which is
intended by the user to serve as a signature
Advanced electronic signature: - (digital signature)
– An electronic signature which results from a process… accredited under sect 38 or recognised under sect 40
Sect 13(2): -– Subject to subsection (1) an electronic signature is not without legal force and
effect
Sect 13(1): -– Where the signature of a person is required by law …, that requirement in relation
to a data message is met only if an advanced electronic signature is used
Mark Heyink
Signature Amendments
13(1) “Where a signature is required by law and such law does not specify the type of signature…”
“Where an electronic signature is not required… an expression of intent is not without legal effect merely on the grounds that
(a) it is in the form of a data message…”’
Mark Heyink
Difficulties
One of the few areas where the Uncitral Model Law is deviated from
The deviation is based on a misunderstanding of the electronic signatures
The unfortunate result will be the undermining of the stated objects of the Act
There is no accreditation authority at present and no indication has been given as to when it will come into operation or how it is to operate
Mark Heyink
Admissibility and Evidential Weight
Computer Evidence Act repealed !!!!!!
“…the rules of evidence must not be applied so as to deny the admissibility of a data message in evidence –
– a) on the mere grounds that it is constituted by a data message; or– b) if it is the best evidence that the person adducing it could reasonably be
expected to obtain on the grounds that it is not in its original form”
In assessing evidential weight regard must be given to: -
– Reliability in generation, storage or communication– Reliability of integrity of data message was maintained – Reliability of manner of identification of originator– Any other relevant factor
Mark Heyink
Communication of Data Messages
Deals with– variation by agreement between parties– formation and validity of agreements– time and place of communications,
dispatch and receipt – attribution of data messages to the
originator
Mark Heyink
Cryptography
D.G. of the Dept of Communications to establish and maintain a register
Name , address, description of service or product
Information required to locate the products or services
Mark Heyink
Authenication Service Providers
D.G of DoC to establish Accreditation Authority
Accreditation stated to be voluntary but de facto compulsory due to sect 13(2)
Places obligations on Authentication Service Providers to register and can revoke registration
Must comply with sect 38:– Uniquely linked to the user– Capable of identifying the user– Means of creation under sole control of the user– Linked to data message in that subsequent changes can
be detected– Based on face to face identification
Mark Heyink
Protection of Critical Databases
The Minister may identify databases as being critical and then prescribe
– minimum standards in respect of their management
– Access to and control of databases– Infrastructural and procedural rules for securing
integrity and authenticity of data– Manner of storage and archiving– Disaster recovery plans
D G may audit by “cyber-inspectors” or independent audit
Non Compliance : Critical database administrator guilty of an offence
Mark Heyink
No International Equivalent
USA –Critical Infrastructure is sought to be protected by an Executive Order
– President Clinton in seeking public private sector co-operation -“We cannot mandate our goals through Government regulation. Each sector must decide for itself what practices … are necessary to protect its key systems”
Post 11 September– 16th October 2001 Pres. Bush - ” The implementation of this policy shall include
voluntary public–private partnership …”
Australia National Information infrastructure– “…government places great importance on working with the private
sector …”
New Zealand– Calls for the establishment of an ongoing co-operation programme between the
owners of critical infrastructure and the government
Mark Heyink
Financial Intelligence Centre Act
Anti Money Laundering Legislation
Attorneys are an accountable institution
So are many of our clients
Will we be able to manage the records icw FICA?
What about our conveyancing software, can we give the banks the information that they will need on their clients?
Mark Heyink
So What!
King II
The ECT Act will affect us all in many ways
Financial Intelligence Centre Act
PROATIA
Interception and Monitoring Bill
Privacy and Data Protection
Mark Heyink
The Client
Expects nothing less than absolute confidentiality
We represent attorney and client privilege as a distinguishing factor
Do we always ensure safety in communication?
How do we manage internal email?
Are our databases secure?
Are we able to ensure the most up to date information and advice at a competitive price?
Mark Heyink
The Lawyer
Reliable information is our life-blood
Why are so many lawyers petrified of the most fantastic knowledge tools ever devised?
Can we understand the new digital age and advise clients without being part of it?
Is a fresh approach necessary?
Mark Heyink
The Firm
King II report: - the governance of IT is the responsibility of the directors/leaders of the firm
Do we accept this responsibility or are we too busy to do so?
To what degree are we looking for the opportunities that the knowledge revolution holds for us? Are we the barriers to change?
Do we understand the information risks of the new age? Do we use them as an excuse?
Mark Heyink
The Organised Profession Is the most important economic and social
development of the new millennium being ignored by our leaders?
Education and awareness, is enough being done?
Does the profession encourage and assist practitioners in the use of technology?
Does it interact with vendors?
Does it interact with government on legislative reform?
Does it interact with the relevant ministries on administration of justice issues?
The “law society as a certification authority and a regulator?
Mark Heyink
Information Security
The dependency that most entities will have on their information and technology will demand a high premium on managing the risks that may impact upon it
Given the deficiencies in the law and demands made by the law it is important that information security is implemented
IS will provide one of the most reliable methods of managing the risk and maximising the opportunities
