copyright infringement in cyberspace and network security : a threat to e-commerce

Copyright Infringement in Cyberspace & Network Security a Threat to e-commerce 2009

1 Authored By Dr. Tabrez Ahmad, www.site.technolexindia.com

COPYRIGHT INFRINGEMENT IN CYBERSPACE

AND NETWORK SECURITY: A THREAT TO E-COMMERCE

Dr. Tabrez Ahmad

Associate Professor of Law, KIIT Law School, KIIT University,

Bhubaneswar, India

AN OVERVIEW: Information Technology is growing faster than any other

communication vehicle in the history mankind.1 Invention of digital technology was

the most important revolution in the last century. The influence of digital technology

on information technology is phenomenal. The present millennium is witnessing a

new culture that is internet culture. It is changing our life style and way of doing

business form traditional commerce to e-commerce. Originally confined to military

establishment internet2 has due to its speed, intercreativity and flexibility,

tremendous potential to disseminated information beyond the geographical

boundaries. Today the internet is not only used for educational purposes but also for

business. The availability of radio, telephone, television and computer made it

possible to carry out most of the business activities on-line, through the information

technology and communication network. The government of India by passing IT

(Information Technology) Act 2000 and further amending it on 27th October 2009

has given fillip to cyber law. But various issues are not specifically covered by the

Act, such as copyright, payment issues, media convergence, domain name,

cybersquating and jurisdiction. While these have wide ranging ramifications for the

growth of e-commerce of India.

The continued rapid evolution of a number key technologies and convergence of

broadcasting media, communication media, home electronics, and publishing on

computers creating a lot of legal issues. Today computer has made television, fax

and telephone redundant. The threat posed by computer is well depicted in the

1 Tabrez Ahmad : Cyber law, e-commerce and m-commerce, APH Publishing Corp. New Delhi.2003. 2 The Term Internet is defined as a set of computer network –possibly dissimilar joined together by means of

gateways that handle data transfer and the conversion of messages from sending network to the protocols used

by receiving networks. See. Microsoft computer press dictionary 200. (2nd 1994)



figure below 6. Thus important attributes like data text images and voice are

combined by the computers in the form of multimedia which raise the issue of

neighboring rights.

Fig. CONVERGENCE TREND IN THE USE OF COMPUTERS

As technology creates new opportunities it also poses new challenges. Copyright is

most complicated area of cyberlaw and facing greatest challenge.

According to copyright act 1957, copyright is a negative3 monopoly right which

enables author of the work to prevent others to exercise that right which has been

conferred on him. What an author creates he is an exclusive owner of that. The

precise text to determine whether a person is entitled to copyright is to ascertain

whether “skill, judgment and experience or labour, and capital has been expended in

creating the work4.

3 Deepak Printings v/s Forward Stationary mart (1981) PTC 186 at P 189 4 Mac Milan v/s Cooper (1923) 93 LJPC 113 and 117

Broadcasting Your

Own TV, Audio

Programme

Home Electronics

Video, Television,

Audio, Oven etc

Computer

Communication:

Telephone, Fax, e-

mail, Video-

Conferencing

Publishing: Your Own

Newspaper, Reports,

Journals



Copyright law today protects works such as literary, dramatic and artistic works;

cinematography films; sound recording and computer programmes, data bases and

compilations.

Any original work would exclusively belong to the owner of the copyright and any

action with respect to the work done by any person without the owner‟s permission

or consent would amount to infringement.

NATURE OF COYRIGHT INFRINGEMENT IN INTERNET

With the mergence of the internet and increasing use of the worldwide web

possibilities of infringement of copyright have become mind boggling free and easy

access on the web together with possibilities of down loading has created new

issued in copyright infringement. Taking content from one site, modifying it or just

reproducing it on another site has been made possible by digital technology and this

has posed new challenges for the traditional interpretation of individual rights and

protection. Any person with a PC (Personal Computers) and a modem can become a

publisher. Downloading, uploading saving transforming or crating a derivative work

is just a mouse click away.

A web page is not much different than a book a magazine or a multimedia CD-Rom

and will be eligible for copyright protection, as it contains text graphics and even

audio and videos.

Copyright law grants the owner exclusive right to authorize reproduction of the copy

righted works preparation of derivative works, distribution etc. However application

of this concept on the internet cannot be strictly applied to copyright. Duplication of

the information is an essential step in the transmission of information on the internet

and even plain browsing information at a computer terminal (which is equivalent to

reading a book or a magazine at book store) may result in the creation of an

unauthorized copy since a temporary copy of the work is created in the RAM of the

users computer for the purpose of access. The law on the subject evolving and the



general view is that more accessing a web page would not be an infringement as the

copy created is temporary or ephemeral. Another common issue amongst web site

owners is to create links to other sites within the design of their own web pages.

Would such linking be considered a copy right violation as these links give access to

other copy righted sites? Although strictly speaking it may be a violation of

copyright. But there is an implied doctrine of public access for linking to other web

pages. The Internet was created on the basic of being able to attach hypertext links

to any other location and it is assumed that once a page is put on the net, implied

consent is given, unless specifically prohibited by the web site owner.

COMPUTER SOFTWARE AND INTERNENT PIRACY

Software is defined as a set of instructions which when incorporated in a machine

readable form or in capable of causing a computer to perform a particular task. To

put it simply, it is a series of commands which can be understood by the machine.

There are three essential types of software which help to function the computer,

micro code it is a programme which controls the details of execution, the operating

system software which control the sources of a computer and manages routine tasks

and is a necessary requirement for a computer to function and the third is a

application software which is designed to perform a particular task.

Piracy occurs when copyrighted software is made available to users to download

without the express permission of the copyright owner. Such illegal software is

offered over online sources such as online advertisements newsgroups bulletin board

service and auction sites. Piracy hampers creativity, hinders the development of new

software and local software industry and ultimately effects e-commerce. A piracy

harms consumers and has negative impact on local and national economy.

Consumers run the risk of viruses and having corrupted and defective programs.



JUDICAL APPROACH IN DEALING WITH INFRINGEMENT OF COPYRIGHT

AND SOFTWARE PIRACY

The Indian Copyright Act is unable to protect the unauthorized distribution and use

of work over internet. Infringement over internet and piracy posing a threat to

creative works worldwide and thus the growth of the internet, the e-commerce and

the digital economy.5 Copyright owners exclusive right of distribution applies to e-

mail attached or forwarded.

In Play Boy Enter Inc v/s Frena 6 Defendant‟s subscribers downloaded unauthorized

photographs of playboy enterprises to a bulletin board system. US Court held that

the plaintiffs exclusive right of distribution was infringed by customers of defendant.

This creates an obligation on the bulletin board operators to ensure that its system is

not being used to display and download copyrighted materials by its customers.

In Feist publication v/s Rural Telephone Service Co. Inc. It was held that

there must be at least some minimal degree of creativity and what should be

protected by copyright were the fruits of intellectual labour and not just sweat of the

brow.

In India databases are protected as literary works. In US if author is creative in

selecting and arranging the data and does not merely display the data as facts will

be registered. In UK a database which lacks creative input and requires only modest

skill and labour acquire the right of unfair extraction for a period of 15 years only.

While data created by full creativity copyright protection is given i.e. life of author

plus 70 years. Compilation of data are themselves not protectable can be the subject

of protection when there is the necessary selection coordination and arrangement

and combined it with the abstraction, filtration and comparison test.

Through internet the work of authors can be displayed in different jurisdictions and

which is very difficult to detect. So the display rights can be easily violated over

6 839 F. Supp. 1552 (M D Fla 1993)



Internet. Software can be easily communicated to the public without authorisation

by downloading the software from computer and unauthorized copies made may be

retailed or rented out.

In Michael v/s Internet - Group Inc.7 Court held that it is violation of copyright

owners exclusive statutory right of display by making available videotape over the

internet without authorisation and posting unauthorsied copies of electronic clipart

on web pages

If a web designer creates a website by combining some special features of various

web sites. This may amount to unauthorized adaptation of the plaintiff software and

violation of plaintiff's copyright. In digital media one can make about infinite number

of copies without loss of quality. So the transferring data from one computer to

another violate the reproduction rights of authors. Unauthorsied reproduction or

"scanning" a copy righted printed document into a digital file, and uploading,

downloading copyrighted file to a bulletin board system is copyright infringement 8

In MAl System Corp, v. Is Peak Computers Inc, it was held that the temporary

copies made into a computer RAM are copies. But in year 1995 in Religious

Technology v/a Netcom9 US District court held that temporary copying involved

in browsing is the functional equivalent of reading and does not implicate the copy

right laws. So as regards browsing one must come to the conclusion that it does not

amount to violation and can deceived to be a fair dealing

ENCRYPTION TECHNOLOGY AND NETWORK SECURITY

Through the use of sophisticated cryptography, digital signature is created. The

International Standards Organisation defines the concepts of a digital signature as

data appended to or a cryptographic transformation of a data unit that allows a

recipient of the data unit to prove the source and integrity of the data unit and

7 F. Supp. 2d C.D. Lal 1988 8 Tabrez Ahmad: Cybcrlaw e-commerce & m-commerce, APH Publishing Corp. New Delhi, 2003. 9 907 F. Supp. 1361 (N.D Cal 1995)



protect against forgery. Encryption may provide a guarantee that the message has

not been altered subsequent to its transmission but can not of itself provide

conclusive evidence that it did originate from the alleged senders. One method of

overcoming this difficulty is to invoke a third party. This notion of third party

intervention has become an important element in governmental attempts to regulate

the use of cryptography. One of the major areas identified for the use of

cryptography is in the field of e-commerce.

Complex issues of security, privacy, authentication and anonymity have been thrust

to the forefront as confidential information increasingly traverses modem networks.

Confidence, reliability and protection of this information against security threats are

a crucial prerequisite for the functioning of e-commerce. A security threat is defined

as a. crucial condition or event with the potential to cause economic hardship to data

or network resources in the form of destruction, disclosure modification of data,

software piracy, and denial of service, fraud, and abuse.

As per the amendment made by IT Act 2000 in sec 65B of the Indian Evidence Act

1872, the electronic records can be produced as documentary evidence before the

court of law. Access to computer databases and an analysis of "image copy" provide

reliable evidence.

UNAUTIORISED MODIFICATION OF DATA & COMPUTER VIRUS

Perhaps the most notorious form of conduct in the computer field consists of

dissemination of computer viruses. In many instances, the effect of a virus will be

distinguishable from that of a logic bomb. The difference between the two concepts

is that whilst a logic bomb is normally created is applied to a particular computer

system, a virus will typically transferred from one system to another. This may occur

through the transfer of disks of other storage devices.

Computer viruses can take a wide variety of forms. One of the less harmful

examples of the species is the „Cookie Monster‟. Inspired by an American television



character, this causes message „I want a cookie‟ to appear on the computer screen.

If the user types the word „cookie‟, the message disappears, otherwise it returns

with increasing frequency. In similar vein, the ping pong‟ virus causes the image of

bouncing ball to cross and record the screen. In neither instance are any data or

programs affected.

Other viruses are considerably more malign. One which is reported to have infected

computers in a Maltese Bank had the effect of corrupting data. Evidencing a

somewhat sense of humour or the part of its creator, the virus gave the user the

opportunity to play what was effectively a game of chance. If the user won, the data

would be restored otherwise it would be permanently erased.

In other cases, not even this degree of opportunity is given to the user to avoid

permanent loss of his data. One of the most notorious examples of a computer virus

was the so called „AIDS‟ virus. This was contained on a disk, which was mailed to

subscribers of a popular computing magazine. Purporting to be an information

program on the AIDS virus, the programme would corrupt and render useless the

data on any computer on which it was loaded.10

TROJAN HORSE: 11- A deceptive program that steals passwords.

TRAPDOORS12: - Gains entry through access points for system maintenance.

SPOOFING13: - Tie up network computers by sending them tons of bogus enquiries.

DATA DIDDING14 :- A fraud that input involves input manipulation.

SALAMI TECHNIQUE15- Thin slices of information are removed and send to other

accounts.

10 Business Today March 21, 2001 p.35 11 Ibid 12 Ibid 13 Ibid 14 Ibid 15 Ibid



BSA, NASSCOM, NITSC & SECURITY POLICY

BSA (Business Software Alliance) recommended to put under US 301 list to those

countries which lack rules to preserve and protect intellectual property right and who

failed to follow vigorous enforcement action against software theft.

In a recent survey by the computer society of India reveals that almost one out of

every two InfoTech companies in India has had its network broken into by hackers.

And there out of every four companies acknowledge that there was some financial

loss involve in such an attack, which attract two companies claiming that they lost

$500 000 per instruction 16

Robert Hollyman, chief executive of the Washington based BSA has estimated that

the loss to the software developers on account of software piracy may be upto $1

billion a year. Through monitoring BSA has detected as many as 95,000 websites

which offer pirated software called “Warez” by hackers.

In India, the National Association of software and Service Companies (NASSCOM)

has proposed the setting up of a National Cybercrop Committee to provide helping

hand to government and private agencies to combat against cyber hacking.

Hacking is an endless game. Whenever a new security device is announced, hackers

take intellectual pleasure by cracking it. Six major security technologies that are

connected to global net are: Firewalls, Anti-virus software, security scanner, internet

protocol security (IPSE), Public key infrastructure (PKI). Among all these security

technologies PKI is the principal tool to establish a trusted path for electronic

transactions. PKI protects against assaults like disclosure of sensitive information,

data alteration etc. The most protective technique is the use of “public key” and

“private key”. With the help of these security on the Net, hoping to generate

confidence in customers. So that the internet becomes a secure medium.17

16 Ibid 17 Civil Services Chronicle April 2000 p. 67



The ministry of information and technology has setup a National information

technology security centre (NITSC) as a part of a multi-pronged approach to control

crime.

Top sources in the IT ministry revealed that the move was initiated following

intruder attacks in many high profile organization web sites in India. For instance the

web defacement of Bhabha Atomic Research Centre, the theft of telephone numbers

related information from the system of the chief manager, department of Telecom in

Hyderabad by a hacker of Australian origin and the more recently, the web page

defacement of the department of electronics by a Pakistani hacker.

The primary objective of this centre is to create awareness among the Indian IT

community for IT security and related threats. It is also providing all relevant

information and practical advice to help corporate sector to eliminate or mitigate

security threats and make their systems secure.

Functioning under the R&D wing of CMC Ltd, the centre disseminates information

software tools and issue virus alerts through a web site. Provides newsletters,

advisories and booklets. It also offers consultancy services through security audits

and training course. One such training course for managers and technical staff is

started recently. As e-commerce takes off and transactions go online all care has to

be taken. Slipping of Microsoft's Bill Gates credit card information into the hands of

cyber criminals reveals that cyber security is a greatest challenge before us. Day by

day budget of cyber security is going high. As per the recent survey most of the

companies dealing with e-commerce are wasting more than 15% of their budget on

network security.



CONCLUSION

With the arrival of digital technology, multimedia and internet copyright infringement

and software piracy become very easy. Due to weak network security and hacking

the problems becomes more grim and posing threat to e-commerce. US market is

growing @ 20% annually. India is growing with CAGR of 59% over the last ten

years. Mc Kinsey estimates that by 2010 the global market will expand to S200

billion and India is slated to be a major player in cyber space.

E-commerce focuses its elements on telephone computer and websites as a basis of

deciding competitiveness of a country. India performs badly on these fronts. To be a

superpower in the present century it must take lead in all relevant areas.

Indian Government has taken a remarkable step ahead in right direction by

enforcing the Information Technology Amendment Act 2008, on 27th October 2009,

but which does not mention a single word about copyright. While the copy right is

one of the most complicated areas of cyber law, .Jurisdiction, cybersquatting ,

trademark, patent, domain name, media convergence, taxation, payment issues are

also not covered by the said Amendment Act. While these are essential for the

growth of e-commerce.

Moreover internet, e-commerce and copyright related cases are only being instituted

in the western countries, to be more precise USA. But it seems that the Indian

courts might see and influx of internet related cases in the near future. Therefore we

should prepare our legal institutions for the production of information superhighway

gateway. India has to go a long way to realise the true potential of information

technology for conducting e-commerce. A lot depend upon the policy of the

government to built necessary infrastructure, but it can surely be said that e-

commerce is the way of a better future.