The Notifiable Data Breaches Scheme applies to entities (APP Entities) that are required to protect personal information pursuant to the Australian Privacy Act 1988 (Cth) (Act). The Act provides that where an eligible data breach (EDB) occurs, APP Entities in control of that information must notify the Office of the Australian Information Commissioner (OAIC) and the individuals who are affected by the EDB. [Read more…]
Copyright, code libraries and ownership
January 23, 2020 by
In Australia, copyright automatically vests in certain types of literary works, including computer programs and artistic works, upon their creation. The general rule is that the owner of copyright in a literary or artistic work is the author of that work.[1] An exception to this rule arises if the work is made by an employee pursuant to the terms of their employment. In this case, the employer owns the copyright subsisting in the employee-generated work. However, the distinction of whether an employee has created the work pursuant to the terms of employment, is not always clear. This issue was considered in the case of Redrock Holdings Pty Ltd and Hotline Communications Ltd v Hinkley [2001] VSC 91 (Redrock). [Read more…]
Proposed standards for online safety
January 15, 2020 by
In December 2019, the Australian Government released a discussion paper on a proposed “Online Safety Act” (Proposal) for consultation. The Proposal is intended to combine and coordinate the existing framework into a single piece of legislation, and provide an update in accordance with the changes in the digital landscape. The Proposal will encourage businesses trading online to take more responsibility for material on their platforms. [Read more…]
Software litigation – how much evidence is enough?
September 24, 2019 by
Litigation involving software commonly involves allegations of copyright infringement and breaches of contractual obligations of confidence. However, without an “anton pillar” style order, it can be challenging to substantiate the extent of any alleged breach due to the technological nuances involved with properly analysing available evidence. This make it difficult for the plaintiff to decide whether or not to initiate legal proceedings against an infringing party. In circumstances where a prospective applicant does not have complete access to the source code, it may be desirable to make an application for discovery prior to the start of proceedings pursuant to Rule 7.23 of the Federal Court Rules 2011 (Cth) (Rules). [Read more…]
Has my software been copied? – the legal test
September 4, 2019 by
There is an urban myth that something can be copied and changed by 20% or so and then there is no copyright infringement. Rightly or wrongly this is simply untrue. In the case of IPC Global Pty Ltd v Pavetest Pty Ltd (No 3) [2017] FCA 82 (IPC Global), a former employee of the applicant copied source code and passed it to a developer. It was subsequently alleged that in doing so, the respondent had breached a contractual obligation of confidence and had also breached the applicant’s copyright. [Read more…]
Technology startups – top 5 legal considerations
May 27, 2019 by
The allure of generating income from a subscription base, operating a marketplace or your own e-commerce venture is strong and for good reason. The success stories of tech startups and the unicorns in this space are many, but so are the failures. If this is the path you are considering taking, these are our top 5 legal considerations. [Read more…]
Legal issues in software support agreements
May 8, 2019 by
Software developers (Developers) need to ensure that they consider how they provide support (both technical and product support) when taking their application (Software) to market. This applies regardless of the system architecture, however it is usually more important in the case of mission critical systems and those used for businesses. In the world of software as a service and robust mature systems how support is to be provided can often be overlooked until an important customer asks to review the terms of service, the SLA or the support contract (Support Agreement) with an eye to negotiating the levels of service they can expect. [Read more…]
De-encryption laws to make tech giants cooperate with law enforcement
July 20, 2018 by
Updated 4 October 2018 – see De-encryption De-encryption Bill currently before Joint Committee
According to the ABC website, in the next few weeks Cyber Security Minister Angus Taylor is poised to present new legislation which once passed will require technology companies and multinationals to assist law enforcement to access encrypted data of “suspected criminals and terrorists”. Currently, the bill is not yet before parliament but should appear on its website once officially announced.
In February, the government has indicated its plans to tackle criminal use of encryption with the Honourable Peter Dutton MP stating in an address to the National Press Club:
“Law enforcement access to encrypted communications should be on the same basis as telephone and other intercepts,
in which companies provide vital and willing assistance in response to court orders.” [Read more…]
Artificial intelligence – introductory thoughts on the legal issues
April 21, 2018 by
Whenever there is a wave of innovation, in the absence of statute, the Courts necessarily apply old world legal principles to the new technology. This was certainly the case when social media and online business became mainstream. Similarly the law in Australia that applies to bitcoin and the blockchain has left the promoters of initial coin offerings (ICO’s) struggling to understand their legal position – see our article titled: “What is an initial coin offering”. The advent of artificial intelligence (Artificial Intelligence or AI) however creates somewhat more challenging legal issues to be considered by technology lawyers whose client’s seek to develop applications with embedded AI. [Read more…]
Notifiable Data Breach Scheme commences 23 Feb 2018
February 7, 2018 by
As of 23 February 2018 a new notifiable data breach scheme (Scheme) will be enacted through legislation amending the Privacy Act 1988 (Cth) (Privacy Act) making it mandatory for certain entities to notify affected individuals about eligible data breaches.
