handbook hel desk

8/8/2019 Handbook Hel Desk

http://slidepdf.com/reader/full/handbook-hel-desk 1/22

The IPR-Helpdesk Handbook

on



· Universidad de Alicante · Intellectual Property Law Institute of Jagiellonian University in Krakow · · European Research and Project Office GmbH ·

IPR-Helpdesk January 2007

2




Table of contents:

Introduction ....................................................................................................................................................3

Information Society and Copyright ........................................................................................................ .......4

Copyright and the Internet .................................................................................................................... .....4

Software Copyright .................................................................................................................................. ..6

Open Source Software ........................................................................................................................ .......8

Open Content ............................................................................................................................................9

Technological Protection Measures .........................................................................................................10

Electronic commerce .............................................................................................................................. .....11

Electronic signature ....................................................................................................................... ......... .11

Electronic payments ................................................................................................................................ .12

The protection of personal data in e-commerce .......................................................................................14

Liability of Internet Service Providers .........................................................................................................16

Domain Names ............................................................................................................................. ........ .......17

Unsolicited Commercial Communications (Spam) .................................................................................... .20

Introduction

The term “information society” refers to a society in which information has become the

foundation of social and cultural life. Correspondingly, in such a society, information

technology begins to play a very important role. The concept of an information society has no

clear definition. Rather, it is based on the conviction that the present society differs considerably

from its previous forms, most notably the so-called industrial society. The main difference is the

role of information and knowledge in the economy. It is not natural resources, machines or

physical labour that influence the way societies work, but knowledge, information and

creativity. Understandably, the Internet has become the symbol of the information society.

“Information society” is often used not only to describe a general sociological concept but

to somehow define activities that are perceived as closely related to the information economy.

For example, almost everything involving the Internet and information technologies may be

related to the “information society”. Usually the term “information society” is used together

with the “traditional” terms denoting constructs and activities known long before the

“information society” came into being but which take on a new meaning in this new

environment. Therefore one may hear about copyright in the information society or business

transactions in the information society.

3




On one hand, intellectual property has never been more important than in the information

society. After all, IP is based on information, and in the information society, information is the

key. On the other hand, the need for information to be accessible to anyone clashes with

intellectual property rights granting right holders control over protected information. New

digital technology, so closely associated with the information society, makes information easily

reproducible and undermines the control of IP right holders.

In this document, several legal topics that are commonly viewed as related to information

society have been chosen. The IP problems in the information society involve copyright issues

(including software protection). Technological protection measures are a means of specifically

protecting IP against the dangers associated with the information society. Spam is probably the

best known nuisance of the information society, and, needless to say, domain names came into

existence with the advent of the Internet. Since the information society has also brought about

some changes in the way we carry out transactions, it is useful to take a closer look at such

phenomena as e-signature and e-payments.

Information Society and Copyright

Copyright and the Internet

1.1 General rules concerning copyright protection on the Internet

The general rules concerning copyright protection apply to the Internet in the same way as

to other cases. This means that each work on the Internet, insofar as it is original and expressed

in a particular form, is eligible for copyright protection. To enjoy copyright protection, no

formalities (e.g. registration) are required.

1.2 What is protected by copyright on the Internet?

Copyright can protect various elements of a Web site: literary works, musical works,

photographs, pictures, and motion pictures. In particular, the following works can enjoycopyright protection on the Internet:

4

http://www.ipr-helpdesk.org/guias/imprimible/cuerpo.jsp?guia=guia2&len=en&tipo=html

http://www.ipr-helpdesk.org/guias/imprimible/cuerpo.jsp?guia=guia2&len=en&tipo=html




a. databases – under EU law, the database is protected both by copyright and by a sui

generis right. A database can be protected by copyright insofar as the choice and the

arrangement of the information constitute original creations. If the preparation of a database

required a substantial investment by the maker in terms of quantity and/or quality, the database

can be protected by a special sui generis right.

b. computer programs – under EU law, a computer program is protected by copyright, as a

literary work, as long as it is original in the sense that it is the author's own intellectual creation.

Due to the broad definition of the reproduction right with regard to computer programs, almost

every use of a computer program will require the author's authorisation in the form of a licence.

c. Web sites - a Web site may be considered an original creation protected by copyright

because of its graphical aspect, or by the choice and the arrangement of the information

available. Furthermore, a Web site may be protected as a database under a sui generis right even

if its content is not eligible for copyright protection.

1.3 What is allowed/not allowed on the Internet?

a. scanning or downloading a work from the Internet – the "copy/paste" function,

downloads and scanning Web site content have become common and easy for many Internet

users. However, these acts constitute reproduction, which is the author's prerogative. In other terms, these acts have to be expressly authorised by the author or the entitled beneficiaries,

unless they are permitted as “fair use”.

b. hyperlinking and framing - creation of a link to another site does not generally require

the authorisation of the copyright owner on the linked Web site. Indeed, it is considered that

the creator of a Web site gives his tacit consent to the linking. However, certain types of linking,

such as framing, may be considered illegal if they mislead the user as to the identity of the true

owner of the Web site.

c. downloading MP3 files and making them available on the Internet – in principle, the

mere reproduction from a legally obtained CD to MP3 files on a hard drive for private purposes

is covered by the exception for private copy. The publishing of MP3s on the Internet is

considered a communication to the public. It is the author's prerogative and requires consent.

d. use of works with a "copyleft " or "copyfree" notice - "copyfree" is used by the author

to give a free licence to the user under very specific conditions. The directions for use on the

Web site should be checked to determine which uses are allowed by the copyright owner. An

author might indeed wish to exclude commercial use of his work.

e. use of "shareware" and "freeware" – shareware is software distributed for the purpose

of evaluation by the end-user. After a trial period, the user is supposed to obtain a licence or

5

http://www.ipr-helpdesk.org/documentos/docsPublicacion/html_xml/8_databaseProtectionEU%5B0000000650_00%5D.html



http://www.ipr-helpdesk.org/documentos/docsPublicacion/html_xml/8_softwareCopyright%5B0000001105_00%5D.html


http://www.ipr-helpdesk.org/documentos/docsPublicacion/html_xml/8_softwareCopyright%5B0000001105_00%5D.html




stop using the software. Generally, the author grants a free licence for use but does not grant his

economic rights to the software. This licence is often granted under very specific conditions.

Freeware is entirely free.

1.4 Authorisation by the holder

The use of a work created by a third party requires the prior consent of the copyright owner

if the planned use involves the use of all or part of the rights granted to the author. In order to do

so, it is necessary to identify the holder of the copyright for the work that is to be used.

Authorisation for the use of copyrighted materials on the Internet can be obtained through:

1. transfer of copyright, which in most countries should be done in writing;

2. obtaining a licence for the use of copyrighted material.

Software Copyright

2.1 Introduction

Software copyright law is something that affects anyone who uses a computer and most

particularly businesses – it is not uncommon for a business to face civil or even criminal

proceedings for software copyright infringement. For a computer to work, it has to be

programmed. These programs are referred to as "software", to distinguish them from

"hardware" (the physical objects that make up a computer system, such as microchips,

processors, the keyboard, etc.).

Examples of software are operating systems, such as Microsoft Windows and Linux, Web

browsers, word processors, spreadsheets, software for making presentations, etc. In order to

understand the law of software copyright, it is necessary to understand two technical terms:

"source code" and "object code".

"Source code" is a computer program in the form written by a programmer (in a language

such as Perl or C).

"Object code" is a computer program converted into the form in which a computer would

run it (in "machine language", i.e. ones and zeros). To convert source code into object code, you

use a special computer program called a "compiler".

As far as copyright law is concerned, both of these forms are covered by the definition of

"computer program". Furthermore, the two forms are regarded as equivalent, in the sense that

whoever owns the copyright in the source code will automatically own the copyright in theobject code. Computer languages are not themselves pieces of software. For example, no one

6




owns a copyright in the computer language C or in the individual words that make up that

language.

2.2 What are the consequences of copyright protection?

Specifically, with a few very limited exceptions, it is unlawful for anyone other than

the owner of the rights to run, copy (there is an exception for the making of a "back-up" copy

– that is a spare copy, in case the original is erased or damaged by accident), modify or

distribute the program, except with the permission of the rights owner. Converting a

computer program from source code to object code ("compiling" the program) counts as

copying and requires permission. The same applies to converting a computer program from

object code to source code ("decompiling" the program). In practice, this is not important for

ordinary computer users, but only for programmers.

It should be noted that (as under general copyright law) no registration, copyright

notice, or other such formality is needed to establish copyright. Copyright protection is

automatic.

Copyright protects only the computer program itself and not the ideas behind the program.

That is to say, it is perfectly permissible to analyse a computer program written by someone

else, and write another that does the same thing.

2.3 Who owns the rights?

Generally speaking, the programmer who writes the program owns the rights. If there is

more than one programmer, the Directive provides for co-ownership.

There is one major exception: if the programmer creates the program in the course of

employment, the employer owns the economic rights unless there is a contrary agreement

between the programmer and the employer. The programmer will nonetheless retain the so-

called "moral rights". The economic rights are freely assignable.

An important case to consider is one where a programmer modifies a program written by

another programmer. Such modification requires the permission of the rights owner. When a

modification is made, it is not a simple issue to determine who owns the rights to the program as

modified. To be on the safe side, it is best to assume that both the author of the original program

(or his/her employer) and the author of the modification (or his/her employer) own separate

copyrights to the modified program so permission needs to be sought from both.

2.4 Exceptions to software copyright

7




There are certain exceptions to software copyright. The Directive states that if you have

acquired a computer program lawfully (i.e. with the rights owner's permission), then:

• you are entitled to use it for its intended purpose

• you are allowed to correct errors in the program

• you are allowed to make a back-up copy of the program - that is to say, a spare copy, in

case the original is erased or damaged by accident

• you are entitled to study and test the program in order to discover how it works.

2.5 Patent protection of software

Contrary to U.S. patent law, under the European Patent Convention (EPC) and national

legislation of most European national patent regulations, computer programs are listed among

subject matter categories that are not regarded as patentable. Thus “software patents” cannot be

granted.

Despite the fact that computer programs “as such” are not patentable, if the subject matter

claimed specifies computers, computer networks or other conventional programmable apparatus, or

a program therefore, for carrying out at least some steps of a scheme or having one or more features

that are realised wholly or partly by means of computer program, it is to be examined as a

"computer-implemented invention".To eliminate differences in the protection of computer-implemented inventions offered by the

administrative practices and the case law of the EU Member States, the Directive on computer-

implemented inventions was proposed in early 2002. However, the proposal was rejected by the

European Parliament in mid-2005.

Open Source Software

The proprietary concept of software copyright protection is not commonly accepted. It is

argued that in this prevailing model software cannot be accessed and developed. The reaction to

this concern is the open source movement. Interestingly, this movement consciously uses the

instruments of copyright.

8

http://www.european-patent-office.org/legal/epc/e/ma1.html#CVN






Open source means that the source code is put into the public domain on the condition that

any improvements and modifications will also be put into the public domain. Thus the source

code becomes accessible to any programmer and may be modified and redistributed free of

charge. In order to ensure that developments will also be accessible, the typical copyright

instrument of a licence contract is employed.

The most popular licence (GNU – General Public Licencing) allows the licensee to access

the source code, to reproduce the program in an unchanged form, to make changes to the program,

to reproduce the program in its altered form and to redistribute (market, disseminate) copies of the

program, in its original and altered shape.

It is forbidden to collect licence fees for program use. Remuneration can be made for: 1) copy

production, 2) the price of the data-carrier on which the software was recorded. But the GPL also

imposes certain obligations. The key obligation is to make open source software available to other

persons under the same conditions under which the program was obtained (that is under GPL

conditions). This concerns redistribution of the program both with and without changes.

The next important obligation is to ensure that the person who receives the program will have

access to the source code. The person should also be provided with the GPL text so as to become

familiar with the rights and obligations. This obligation also includes inserting a clear note

concerning both exclusion from liability for program faults and lack of guarantee.There are some examples of very successful open source software such as the Linux operating

system or the Apache World Wide Web server.

Open Content

Similar to Open Source is the idea of so-called Open Content. It develops from the ideology

negating the proprietary character of cultural goods protected by copyright in the Information

Society. The main aim of this ideology is to give a more public character to a range of contentavailable online.

Similar to Open Source, different Open Content projects operate using non-exclusive

licences anchored in the copyright law system. The main difference between the projects is the

subject-matter of the licence protection. Open Content licences do not protect software but

protect other creative works (including articles, pictures, audio and video files, etc.) or

engineering work (i.e. open machine design). The most popular open content licence developer

is the international non-profit organisation called Creative Commons (CC). Licenses provided

by this organisation grant certain baseline rights, such as the right to distribute the copyrighted

work on file sharing networks. Other rights can be granted differently according to the type of

9




licence chosen. For now, there are several versions of CC contracts available. The most popular

are:

• Attribution: Permit others to copy, distribute, display, and perform the work and

derivative works based upon it only if they give you credit.

• Non-commercial: Permit others to copy, distribute, display, and perform the work and

derivative works based upon it only for non-commercial purposes.

• No Derivative Works: Permit others to copy, distribute, display and perform only

verbatim copies of the work, not derivative works based upon it.

• Share Alike: Permit others to distribute derivative works only under a licence identical

to the licence that governs your work.

Although Creative Commons contracts are probably the most popular on the Internet, they

are not the only ones available. Other useful licences include: Design Science Licence, Free

Creations Licence, GNU Free Documentation Licence, Open Content Licence, Open Directory

Project Licence, Open Gaming Licence, and Open Publication Licence.

Technological Protection Measures

5.1 What are Technological Protection Measures (TPMs)

In European law, technological protection measures are defined as any technology, device

or component that, in the normal course of its operation, is designed to prevent or restrict acts,

with respect to works or other subject matter, that are not authorised by the right holder of any

copyright-related right or the sui generis database right. However, the law only protects a

qualified category of TPMs – the effective TPMs.

According to Directive 2001/29 EC (the so-called Directive on Copyright in Information

Society) TPMs are effective where the use of a protected work or other subject-matter iscontrolled by the right holders through application of an access control or protection process,

such as encryption, scrambling or other transformation of the work or other subject-matter or a

copy control mechanism that achieves the protection objective. ‘Effective’ should not be

misunderstood as meaning ‘impossible to defeat’. In other words, a TPM should, in the normal

course of operation, be able to thwart any unauthorised use so that some extra activity would

have to be undertaken for this purpose (circumvention). As a result, mere notice (e.g. ‘copying

is not allowed’) will not suffice and neither will technology that aims solely to identify

unauthorised actions (e.g. watermarks).

10

http://www.ipr-helpdesk.org/controlador/resources/showDocument?idFicha=0000000810&formato=pdf&nomFichero=Dir.29.EN&idFichero=03&len=en

http://www.ipr-helpdesk.org/controlador/resources/showDocument?idFicha=0000000810&formato=pdf&nomFichero=Dir.29.EN&idFichero=03&len=en




5.2 What is forbidden?

There are two categories of prohibited actions. The first is circumvention of effective

TPMs. Circumvention may be defined as any action as a result of which it is possible to use the

copyrighted work despite the deployment of effective TPMs. Circumvention is contrary to the

law only when the perpetrator has knowledge or has at least reasonable grounds to know that he

or she is engaging in circumvention. Unintentional or accidental circumvention do not generally

fall into the scope of prohibited actions.

The second category is directed against the manufacture, import, distribution, sale, rental,

advertisement for sale or rental, or possession for commercial purposes of devices, products or

components or the provision of services the purpose of which is to circumvent effective

TPMs.

Effective TPMs may not be circumvented in order to take advantage of copyright

exceptions. The law may impose an obligation on the right holder to enable the use of works

covered by certain copyright exceptions but users have no right to hack and are not allowed to

circumvent the TPMs themselves.

Electronic commerce

Electronic signature

1.1 Why are electronic signatures useful?

Information technology can greatly simplify the conclusion of legal transactions.

Concluding a transaction in electronic form eliminates the need for the parties to be present in

the same place and can be done on the Internet. However, legal regulations require that certain

transactions be concluded in writing. Since the legal systems of most countries share the same

understanding of the requirement of a "written form", i.e. the document must be handwritten,

simple forms of electronic communications cannot take the place of the traditional signature.

The electronic signature has been designed to solve this problem.

1.2 What is an e-signature?

Directive 1999/93/EC defines the e-signature as “data in electronic form which are

attached to or logically associated with other electronic data and which serve as a method of

authentication.” The Directive introduces a qualified version of an e-signature: the so-called

11

http://europa.eu.int/eur-lex/pri/en/oj/dat/2000/l_013/l_01320000119en00120020.pdf

http://europa.eu.int/eur-lex/pri/en/oj/dat/2000/l_013/l_01320000119en00120020.pdf




advanced electronic signature, which, under additional conditions, serves as an equivalent to

the traditional signature. It must meet the following requirements:

a. it must be uniquely linked to the signatory;

b. it must be capable of identifying the signatory;

c. it must be created using means that the signatory can maintain under his sole control;

and

d. it must be linked to the data to which it relates in such a manner that any subsequent

change to the data is detectable.

The advanced electronic signature has been designed to fulfil the same functions as the

traditional handwritten signature in the electronic environment. However, the resemblance is

limited to the functional level. Technically, the process is very different. Advanced e-signatures

use a simple asymmetric encryption system. Signing a document means encrypting it in the

following procedure: the user is provided with a public key. There is also a directory of public

keys, which is accessible to the general public.

In addition, the user is provided with a private key. Private keys are unique to each user and

known only to him/her. The process of signing consists of attaching the private key to the

message and encrypting it with the public key. After the message has been sent to the addressee,

it may be opened using the public key.

1.3 What are the legal effects of using electronic signatures?

The legal effects differ depending on which form of electronic signature has been used.

The simple electronic signature does not replace the handwritten signature and therefore cannot

be used for contracts that must be concluded in written form. Advanced electronic signatures,

which are based on a qualified certificate and which are created by a secure signature creation,

device satisfy the legal requirements of a signature in relation to data in electronic form in the

same manner as a handwritten signature satisfies those requirements in relation to paper-based

data.

Electronic payments

2.1 What are electronic payments?

Contracts may be concluded and executed by electronic means. Once a contract has been

concluded on the Internet, it is usually preferable for the consumer to make a payment byelectronic means (i.e. through a telecommunications or electronic network), since "traditional"

payments can reduce many of the benefits of electronic transactions. The most popular way of

12




making electronic payments is by credit card. Another method that has been gaining in

popularity recently is so-called electronic money.

2.2 Characteristics of electronic payments

Electronic payments (where "payment" is understood as the transfer of monetary value) on

the Internet are executed by the purchaser, either a consumer or a business, without the

intervention of another natural person. The payment is always made from a distance, without the

physical presence of the parties to the transaction in the same place and naturally does not

include cash. In the case of credit card payments, the user has access to his/her bank account and

orders the transfer of a specific amount of money to the other party to the transaction.

E-money payments, on the other hand, are not linked to the bank account of the user, and

the value is stored on the very instrument itself. The most common instruments are bank cards

with a special chip on which the electronic value may be stored. There also exists e-money

based on software, for example the so-called electronic coins stored on the hard drive of a

computer.

2.3 Security of on-line payments

The formally non-binding Recommendation 97/489/EC of July 1997 has had a significantimpact on the legislation of the Members States. The Recommendation provides a set of rules

governing the obligations and liabilities of the parties (the issuer and the consumer) in case of

unauthorised use of an electronic payment instrument due to theft, loss or falsification of the

system.

The Recommendation specifies that the contract between the issuer and the cardholder

should contain the obligation not to disclose personal identification numbers (PIN) or other

codes to anyone except the legitimate holder. Should the cardholder violate this obligation, he

will be liable for any payments executed by unauthorised persons. The cardholder should also be

obliged to notify the issuer of the loss or theft of the card or error in the payment instrument.

Once the notification has been made, the issuer is under an obligation to take the necessary steps

to stop any further fraudulent use of the payment instrument (e.g. block the stolen credit card).

The issuer is not entitled to charge the cardholder for any payments made after the notification.

2.4 Effect of payment

Each payment involves a transfer of value. However, card payments achieve this in a

different way from payments in cash. Cash payments transfer the value immediately to the

payee, and once the money has been handed to the seller, the transaction is completed. Payments

13




involving debit or credit cards function in a different way. The payee does not receive "real"

value but only a receivable for the issuer or other entity (e.g. a bank or an entity operating a

credit card system such as Visa or MasterCard). The "real" payment may therefore take place

some time after the initial transaction. Consequently, it cannot be said that by paying with a

credit card the consumer has already fulfilled his obligation to the seller or service provider. In

most countries, the law says the contractual obligation of the paying party is duly executed the

moment the payee receives the money transfer from the card issuer (or other entity).

The protection of personal data in e-commerce

3.1 What information can be considered personal data?

The definition of personal data is very broad. It can be any information relating to an

identified or identifiable natural person. A person can be identified by any reference that directly

or indirectly reveals his identity. Thus, personal data may be considered any information

regarding the data subject, such as the name, e-mail address, opinion, a sound or an image, or

circumstances relating to this person, whether they relate to his private or professional or public

life. For instance, an IP address or cookies may be considered personal data if they can be linked

to an identified person.

3.2 The processing of personal data

The processing of personal data in e-commerce must comply with the rules established in

Directive 95/46/EC, which states that the concept of processing concerns any operation

performed on personal data, whether by automatic means or not, including collection, recording,

organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by

transmission, dissemination or otherwise making available, alignment or combination, blocking,

erasure or destruction.

The person liable for the processing is called the "controller".

He is responsible for the choices determining the purpose for which the processing of personal

data is used (to conclude a transaction or to deliver goods to clients) and the means used for

processing.

3.3 The principles of the protection

To be legal, any processing (also in the electronic environment) of personal data must

respect some main principles, including: personal data should be obtained by lawful and fair

means and, where appropriate, with the consent of the data subject; the controller must keep the

personal data accurate and where necessary, keep them up to date; data should not be kept for a

14

http://europa.eu.int/smartapi/cgi/sga_doc?smartapi!celexapi!prod!CELEXnumdoc&numdoc=31995L0046&model=guichett&lg=en






Liability of Internet Service Providers

1 . Why has the regulation of ISPs’ liability been introduced?

Not all of the information transmitted through the Internet complies with national legal

systems. The dissemination of some information is unlawful, such as images related to child

pornography or works protected by copyright (for instance, the on-line publication of music or

video works without authorisation).

The legal responsibility is borne by the person who has made the on-line publication.

Nonetheless, there is the question of the intermediaries on the communication networks. Those

intermediary players transmit information, host information and provide access to a

communication network (ISPs – Internet Service Providers).

Therefore, EU authorities have enacted Directive 2000/31 on e-commerce. The Directive is

not limited to copyright infringement but is established in a horizontal manner so it applies to all

kinds of illegal material (including copyright, unlawful commercial practices, breach of privacy,

criminal liability, etc.). Needless to say, ISPs are generally liable to civil charges established

under specific law. The following provisions are only exceptions, so-called “islands of non-

liability”

2 . Who is an ISP?

The term ISP is applied to the “information society service providers” providing any

service normally made for remuneration, at a distance, by electronic means and at the individual

request of a recipient of services. Moreover, the service provider must be an “intermediary” and,

therefore, the information must be provided by the recipients of services and must be transmitted

or stored at their request.

3 . Activities covered and conditions for the liability limitation

This Directive creates a system that prevents online intermediaries under some conditions

from being held liable for specific activities.

1) Mere conduct

The mere conduct (conduit) activity is defined as “a service provided that consists of the

transmission in a communication network of information provided by a recipient of the service,

or the provision of access to a communication network.” It refers, for instance, to functions of an Internet access provider or network operators.

16

http://europa.eu.int/smartapi/cgi/sga_doc?smartapi!celexapi!prod!CELEXnumdoc&lg=en&numdoc=32000L0031&model=guichett

http://europa.eu.int/smartapi/cgi/sga_doc?smartapi!celexapi!prod!CELEXnumdoc&lg=en&numdoc=32000L0031&model=guichett




An intermediary who is engaging in mere conduct activity will not be liable for the

damages caused by the information transmitted, on the condition that it does not:

a) initiate the transmission;

b) select the receiver of the transmission;

c) select or modify the information contained in the transmission.

The provider cannot play an active role in the transmission of information. Its role has to be

limited to the technical process of operating and giving access to a communication network.

2) Caching

The caching activity consists of “the automatic, intermediate and temporary storage of that

information, performed for the sole purpose of making more efficient the information's onward

transmission to other recipients of the service upon their request.”

Internet access providers and the owners of search engines often carry out such activities.

Any intermediary provider that carries out a caching activity will not be held liable as long

as he does not modify the information, complies with conditions on access to the information,

complies with rules regarding the updating of the information, and acts expeditiously to remove

or to disable access to the information in several cases.

In other words, the intermediary provider must stay neutral concerning the content of theinformation.

3) Hosting activity

The hosting activity is defined as an information society service that consists of the

“storage of information provided by a recipient of the service and at his request.” For instance,

it concerns the activities of the Internet access providers who provide space on a server in order

to store websites of their clients and therefore make them accessible on the Internet.

To enjoy the liability limitation, the provider of hosting activities must:

a) must not have actual knowledge of illegal activity or information and,

b) upon obtaining such knowledge or awareness, act expeditiously to remove or to disable

access to the information.

Therefore, the intermediary providing hosting will be held liable if it is proven that he had

knowledge of the existence of unlawful information (for instance by third party notification

denouncing the existence of such information) but did not remove it or disable access to it.

Domain Names

17




1. Definition and structure of domain name system

From a technical point of view, a domain name is a user-friendly, alphanumeric equivalent

of an IP address that identifies each computer connected to the Internet. For an Internet user, it is

a tool to locate a particular Web site. In the legal sense, a domain name is a sign having definite

economic value determined by its distinctiveness and the actual exclusiveness of its use.

A domain name is a combination of top (first), second and sometimes third-level domains,

separated by dots. The "top-level domain name" ("TLD") is the part of a domain name

beginning with the last dot (e.g. in "ipr-helpdesk.org", ".org" is the TLD and "ipr-helpdesk" is

the second-level domain name). There are two main types of top-level domain names:

•

country code top-level domains ("ccTLDs"), which use two-letter codes to representcountries, for example, .es for Spain, .eu for the European Union.

• generic top-level domains ("gTLDs") come under the authority of the Internet

Corporation for Assignment Names and Numbers (ICANN). At present, there are fourteen

gTLDs: .com, .edu, .gov, .int, .mil, .net, .org, .aero, .biz, .coop, .name, .info, .museum,

and .pro.

2. Registration rules

Domain names are registered on a "first-come, first-served" basis under which only one

particular domain name level can be registered at a particular level of domain names.

Registration is possible directly through the Registry that manages a specific top-level domain

name, or indirectly through an appointed registrar.

Once the registration fee is paid, the domain name should be operational within a short

time. Registration terms, including cost and the duration of the registration, may vary

significantly from one domain name registration system to another.

3. The "right" to a domain name

The registration of a domain name creates only contractual rights and obligations deriving

from the contract with a registry (registrar) and does not provide a domain name holder with any

absolute right to a domain name "as such". A domain name can, however, acquire protection

through registration at a patent office as a trade mark or its use in the course of trade as a

distinctive sign (business identifier).

4. Domain name transfer

The registries of top-level domains generally establish procedures governing transfers;

however, for some top-level domains, the rules do not authorise or limit transfer. A domain

18

http://www.iana.org/cctld/cctld-whois.htm

http://www.icann.org/

http://www.iana.org/cctld/cctld-whois.htm

http://www.icann.org/




name may be transferred to a third party by: 1) submission by the holder of a written and signed

document to the registry authorising another entity to apply for a modification of the entry in the

register regarding a specific domain name or confirming a transfer of rights and obligations

from a registration agreement, 2) other procedures of "changing" the domain name holder.

Transfer of a domain name may be made in relation to the "sale" of a domain name, may be

required by a court, or can be the result of arbitration.

5. Registration of a domain name as a trade mark

A domain name as a word sign capable of being represented graphically may be registered

as trade mark provided that it can distinguish the goods of one undertaking from those of other

undertakings. The right to the trade mark cannot be granted to domain names, which are devoid

of sufficient distinctive character. Domain names have to be registered as trade marks in classes

of goods (services) actually offered in connection with the domain name.

6. Conflicts between domain names and other distinctive signs

In practice, conflicts may arise between a domain name holder and the holder of a trade

mark or other protected business identifier that corresponds to the domain name. A third party

right can be infringed through the registration and/or use of a conflicting domain name under conditions determined by national trade mark law and/or unfair competition law or dispute

resolution procedures.

7. "Cybersquatting"

"Cybersquatting" is the registration in bad faith of a domain name identical or similar to

somebody's trade mark in order to "sell" it to the trade mark holder or to prevent him from

registering his trade mark as a domain name. In order to effectively combat abusive domain

name registration, special regulations have been introduced, for example the US

Anticybersquatting Consumer Protection Act of 1999 or ICANN's Uniform Dispute Resolution

Policy (UDRP).

8. Alternative domain name dispute resolution policies (ADR)

ADR policies are designed to allow complaints of "cybersquatting" or other conflicts over

domain names to be arbitrated by an appointed arbitration service provider without the need to

go to national courts. The most popular one is the Uniform Domain Name Dispute Resolution

Policy (UDRP), which applies to an abusive registration of all generic top-level domains

except .edu, .gov, .int and .mil, as well as some country code top-level domains (e.g. .tv).

19

http://www.icann.org/udrp/udrp.htm







Disputes concerning the .eu domain name are resolved under special Alternative Dispute

Resolution policy. ADR for .eu is provided by the Czech Arbitration Court (appointed by

EURid – an organisation managing .eu) in the 20 official languages of the EU.

Unsolicited Commercial Communications (Spam)

1 . What is spam?

The commonly accepted idea is that spam is not wanted by the recipient and is sent on a

massive scale. The following could be considered spam:

• unwanted commercial correspondence (spam proper). This indicates running a business

enterprise directly or indirectly aimed at buying services and products;

• unwanted non-commercial emails

Spam and unsolicited commercial communication

The word "spam" does not appear in legal texts. Instead the phrase "unsolicited

commercial communications or email" (UCE) is used and, what is more important, not every e-

mail commonly called spam will correspond to this legal term. The primary difference is that

UCE denotes commercial electronic messages, meaning advertisements.

As a general rule, it could be said that legal regulations apply only to commercial emails

(however, some legal systems use the term "direct marketing" which could be interpreted in a

broader sense).

2 . How unsolicited communication is regulated

The regulation of spam is usually based on one of two systems for restricting the practice,

called the opt-in and opt-out systems.

The Opt-Out System:

Under the opt-out system, the recipient can reject any further correspondence of the type.

The first unwanted message will always be accepted and will remain so until the recipient

switches to the other option. In the case of the opt-out system, special instructions (e.g. special

links) should be included, allowing the recipient not to permit such correspondence in the

future. It is possible to create registers in which a user’s general objection is recorded, called

"do-not-e-mail" lists, Robinson’s lists, or simply opt-out registries.

The Opt-In System:

Under the opt-in regime, the delivery of electronic mail is dependent on prior acceptance by the addressees. In this case, each message, even the first one, is banned if sent without the

recipient’s prior permission. Consequently, if the recipient’s decision is not known, there is no

20

http://www.adreu.eurid.eu/adr/adr_rules/index.php



http://www.arbcourt.cz/








permission to send anything. Permission should be granted unambiguously, and the sender may

obtain it by any method.

3. Is spam allowed?

EU Law

According to Directive2002/58/EC on e-privacy, the use of electronic mail for the

purposes of direct marketing is allowed only with respect to subscribers who have given their

prior consent. This means the sender is obliged to obtain the consent of the user before sending.

However, if a user obtains an e-mail address from clients in the context of the sale of

products or services, the data can be used again for the purpose of direct marketing, as long as

the product or service sold is similar (but the recipient retains the right to object). In other

words, this exception only works in terms of the opt-out system.

In any case, concealing or disguising the identity of the sender is not allowed. Such acts

and also the lack of a reply-to address, to which a demand for the communication to cease can

be directed, are defined as unlawful. This protection is granted to natural persons. However,

Member States are allowed to introduce specific means of protection for legal persons.

The system introduced in the European Union by the e-privacy Directive is called "soft

opt-in" because it does not concern messages addressed to natural persons and allows the mailto be sent to persons who have previously been in commercial contact. Currently, the opt-in

system is in effect in all Member States. A fee usually has to be paid as a penalty for the illegal

distribution of unsolicited correspondence, with the exact amount to be paid set differently but

usually approximating several thousand euros.

United States regulation

Since most emails classified as spam come from the U.S. it is worthwhile to outline the

relevant U.S. legal regulations. The relevant CAN-SPAM Act of 2003 is a regulation based on

the opt-out system and forbids:

• sending multiple commercial electronic mail messages,

• deceiving or misleading recipients as to the origin of such messages,

• falsifying header information.

Behaviour contrary to the CAN-SPAM Act is punishable by a fine or up to a year in

prison, and in some cases, up to five years in prison. More restrictive measures are taken to deal

with e-mails containing pornographic material.

21



For more information visit www.ipr-helpdesk.org

Section: Documents/Information Society

http://www.ipr-helpdesk.org/

http://www.ipr-helpdesk.org/