November 2000

Real World
Web-wide World
Wired World
Wireless World
Hard World
Soft World

Real World

  • [Focus] Employers, Employees and Electronic Communication

    [disclaimer: the following article expresses the personal views of the author only and should not be thought of as legal advice]

    The Regulation of Investigatory Powers (RIP) Act 2000 came into effect on the 28th of July, 2000. Under this Act it became a criminal offence to intercept communications on another person's private telecommunications network (for instance a company's intranet). It also became a civil offence for the owner of the network (or someone acting on their behalf) to intercept such communications except with the consent of all parties to the communication.

    Under the regulations as laid out in the RIP Act, it is impractical for an employer to monitor many of their employees' communications. If the employer wants to check an employee's incoming emails, for instance, it is extremely difficult for him or her to get the consent of the external sender of these emails. In the early drafts of the RIP Act employers were to be given rather more powers than these, but following objections in Parliament the proposed powers were watered down.

    The RIP Act allows, however, for the creation of further regulations via 'statutory instruments' (subordinate legislation passed under the authority of a full Act). So on 24th October, following a consultation period, the 'Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000' came into effect. These regulations shift the balance of power back to the employer.

    Under the new regulations, the employer does not need to get consent from both parties to a communication. In fact, no consent is required at all. Rather, before intercepting an employee's communications the employee must just have been informed of the possibility of interception. The regulations also outline some further restrictions to do with the employer's reason for making an interception, but these are not very strict.

    And this would be the end of the matter, except that the interception of communications cuts across the area of interest of the Data Protection Commissioner. Where monitoring of employees is 'real-time', as when someone listens in to a phone call, then data protection principles do not apply. But monitoring typically involves storing information, or accessing stored information, in which case data protection principles come into play.

    What makes this interesting is that data protection principles tend to be weighted in favour of individual privacy, something that comes out in the Commissioner's recent draft guidelines "The Use of Personal Data in Employer / Employee Relations". The following extract from the draft guidelines make the Commissioner's stance clear:

    "Only consider the monitoring of content if neither a record of traffic nor a record of both traffic and the subject of e-mails achieves the business purpose. In assessing whether monitoring of content is justified take account of the privacy of those sending e-mails as well as the privacy and autonomy of those receiving them. Wherever possible restrict the monitoring of e-mails sent to specific employees to messages the employee has received and chosen to retain rather than delete. Do not open e-mails that are clearly personal"

    It should be noted, however, that these guidelines are at present merely drafts, and a consultation process is being undertaken. It may be that their final form will be more in line with the new RIP regulations. Regulation of Investigatory Practices Act 2000:

    http://www.legislation.hmso.gov.uk/acts/acts2000/00023--a.htm#1

    Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000

    http://www.legislation.hmso.gov.uk/si/si2000/20002699.htm

    Employment COP (draft)

    http://wood.ccta.gov.uk/dpr/dpdoc.nsf [note - this link is no longer supported]

Web-Wide World

  • With web scams becoming increasingly high profile, the US Federal Trade Commission (FTC) has put up a web site featuring descriptions of the 'top ten dot cons'. So avoid the frauds by reading: www.ftc.gov/dotcons.

Wired World

  • Last week we highlighted Napster, the 'peer-to-peer' music file transfer system that is typically used for the illegal transfer of copyrighted songs. We noted that the court case brought again Napster by representatives of the music industry was leaning in favour of Napster.

    Bertelsmann, one of the plaintiffs in the trial, obviously thinks so too, because this week it announced that it is to enter into a 'strategic alliance' with Napster, on the basis that Napster will start charging subscription fees. The details of this alliance are spelled out on the Bertelsmann website:

    "Under the terms of the agreement, once Napster successfully implements its new membership-based service, Bertelsmann's music division, BMG, will withdraw its lawsuit against Napster and make its music catalogue available."

    Under the new deal, Napster will pay some royalties to artists from its subscription fees, but the model to be used is not yet decided. Napster is being non-commital: according to its website:

    "Bertelsmann will help us reach an acceptable solution with the labels and publishers that will allow us to compensate artists, resolve the legal dispute and grow our service to meet the needs of our expanding user base in a manner that is consistent with Napster's values.".

Wireless World

  • Mp3.com, the online resource for mp3 music files, has just unveiled software that will enable users to download these files directly onto wireless devices. Clearly this will not be of any use to mobile phone users at the moment, given the memory limitations and current download rates of WAP phones. But looking to the future, it is easy to see phones and walkmans merging into single devices. Indeed, music may yet prove to be one of the 'killer apps' of the mobile Internet.

Hard World

  • Dallas Semiconductor has just unveiled what it describes as a 'wearable' computer. However, we're not in the realm of programmable anoraks just yet. It turns out that the computer is wearable just because it is very small - it is designed to fit on key fobs, watches, rings etc.

    The iButton's purpose is to act as a smart card, opening doors, authenticating the user, carrying encryption keys, etc. The very small print can be found at: http://www.dalsemi.com/news/pr/product/2000/usbfob.html [note - this link is no longer supported]

Soft World

  • With its court trial pending, there are reports that Microsoft is continuing down the road of integrating its products. According to 'The Register' (www.theregister.co.uk) - an online news service for IT sceptics - Internet Explorer 6 is going to be bundled with Whistler, the update to Windows 2000. Furthermore, IE6 is to incorporate Windows Media Player and the MSN Instant Messenger, and Microsoft is planning to bolt a virus checker onto its email client Outlook Express.

Link Building Information