Thursday 31 May 2012

Issues in regards of Cloud Computing : Data Protection in Malaysia

In protecting privacy, data protection laws aim to regulate the practices of information management to minimise the risks to the elements of privacy. 

For the first time, Malaysia has a privacy-specific legislation, which is Personal Data Protection Act (PDPA) 2010 [Act 709]. PDPA has been passed and Gazetted for about 2 years ago. As of today, the PDPA status is “Not Yet in Force”. 

The Personal Data Protection Act 2010 aims at regulating the processing of personal data in commercial transactions. The proper implementation of the legislative scheme and its compliance by the business sector will move Malaysia a long way towards meeting the data protection requirements imposed by major trading partners around the world.
            
At present, apart from this legislation and certain sectoral secrecy obligations, information of a personal nature is protected only as confidential information through contractual obligations or the common law. Before the enactment of the PDPA, Malaysia did not have a comprehensive law that protected personal data. However there are some rules and regulations specifically governing the multimedia industry and internet banking which was provided in the General Consumer Code (GSC) and the Minimum Guidelines on the Provisions of Internet Banking Services by Licensed Banking Institutions (Minimum Guidelines). 

The Minimum Guidelines have recently been replaced by the Guidelines on the Provision of Electronic Banking (E-Banking) Services by Financial Institutions (E-Banking Guidelines). More general guidance on data management is found in the Guidelines on Data Management and Management Information System (MIS) Framework by which were all issued by Bank Negara Malaysia (The Central Bank).

Before going into details, one needs to know the highlights or the basic of the Act [Personal Data Protection 2010 (Act 709)]. The PDPA applies only to personal data processed in Malaysia. Federal and State governments are excluded from complying the Act. PDPA is not applied to any non-commercial transactions; any data processed outside Malaysia; any personal, family and household affairs; among others. The Act protects ‘Personal Data’. In order to qualify as personal data, the data must relate, either directly or indirectly to a data subject who can be identified from the data. 

The data also must be capable of being recorded and be capable of automatic or manual processing. ‘Sensitive personal data’which requires explicit data subject consent, includes medical history and political opinions. The PDPA specifies that no personal data may be transferred outside Malaysia unless the place has been specified by the Minister. Notwithstanding, such transfer may take place if, among others, the data subject has given consent or the transfer is necessary to protect the data subject's vital interests. As for the fines and sanctions, the penalties for breaching the PDPA include the imposition of fines not exceeding two hundred and fifty thousand ringgit, and/or a term of imprisonment not exceeding two years.


Sources: 

1. The Star online, “Parliament: Personal Data Protection Bill passed”, Monday April 5, 2010; see     http://thestar.com.my/news/story.asp?file=/2010/4/5nation/20100405210518&sec=nation

2. ‘Personal Data Protection in Malaysia: Law and Practices’ by Abu Bakar Munir and Siti Hajar Mohd Yasin, p 237

3. Personal Data Protection 2010 (Act 709)

4.The Malaysian Personal Data protection Act: What it means to Data users’ by Professor Abu Bakar Munir

Article of Cloud Computing in Malaysia


Cloud Computing In Malaysia

May 30, 2012
By Jonathan Cheah


30 May 2012 - Microsoft recently released the results of a study into cloud computing in APAC countries, of which Malaysia was one of the territories studied. The research showed that small and medium sized enterprises (SMEs) are gaining significant IT security benefits from using the cloud.
Companies that use cloud computing in Malaysia say that they are enjoying higher levels of security, spend less time managing their security and as a direct result, have reduced what they spend on managing security previously.
"There’s a perception that security is a barrier to cloud adoption," said Adrienne Hall, General Manager, Microsoft Trustworthy Computing, "Yet when companies embrace and invest in cloud services, they find the benefits far outweigh previous concerns."



Graphic courtesy of Microsoft Malaysia

"Malaysian SMEs must take that bold step to adopt secure and scalable technology infrastructures such as the cloud if they are to succeed in a global, interconnected economy," said SME Corp’s Chief Executive Officer, Dato’ Hafsah Hashim. "Among other benefits, the cloud takes the hassle of managing security away from the SMEs, which then gives them the freedom to focus on innovating and growing their business."
It is also interesting to note that 38% of the SMEs reported that they were able to employ more staff because of such savings, while 70% of the respondents said that they increased investment in product development and innovation.
More than half those surveyed said that using the cloud enabled them to add new products and services to their business in a manner that was quicker and more secure.
"Cloud computing services are considered as an affordable solution for SMEs to outsource their ICT maintenance. Though some Malaysian SMEs have expressed their concerns over security on cloud computing, however they do acknowledge that transparency on security practices would boost their confidence in the cloud," said CyberSecurity Malaysia Chief Executive Officer, Lt Col (R) Prof Dato' Husin Jazri. He added SMEs must have adequate knowledge on information security so that they know how to respond effectively to any cyber security incidents.
The study, commissioned by Microsoft and conducted by research company comScore, polled companies with between 100 and 250 PCs in the U.S., Singapore, Malaysia, India and Hong Kong. For the purpose of this research, cloud users were defined as companies that used a cloud service via a subscription model.


" Baru-baru ini Microsoft telah mengeluarkan hasil kajian mengenai penggunaan teknologi cloud computing di negara-negara APAC dimana Malaysia juga menjadi salah satu negara yang dikaji. Kajian menunjukkan bahawa perusahaan kecil dan sederhana (PKS) mendapat faedah keselamatan IT yang ketara dengan menggunakan teknologi cloud computing. Syarikat yang menggunakan cloud computing di Malaysia mendakwa bahawa mereka menikmati tahap keselamatan yang lebih tinggi "
♠ JC


Sources: http://www.mobile88.com

Tuesday 29 May 2012

Microsoft Leads in Cloud Computing Development in Asean

Hi readers,

As what has been posted before, when it comes to the development of cloud computing in Malaysia, Microsoft has acted as catalyst to speed up the economic growth through its software, via this cloud-computing. Nevertheless, Microsoft has never failed to impress, neither to stop innovate when it comes as a solution to business growth in Indonesia. As the world's largest software company, what they provide as cloud computing solution could help businesses, governments and consumers, and for the fact that this solution offered are equipped with guarantee of reliability and security from Software as a Service (SaaS), Platform as a Service (PaaS) to the Infrastructure as a Service (IaaS) and these made the data control for Indonesia's economy has become anyway better. Example of companies which are collaborating with Microsoft to bring forward this technology are AGIT, PT TELKOM INDONESIA and GREENVIEWS.

And for now, more than 1 billion people are using Microsoft technologies Cloud which are scattered in 36 countries around the world including ASEAN countries due to its advantages of good data security, cost-efficiency and well-progressed.

for more info: http://muarastyle.blogspot.com




Mohamad Firdaous bin Mohamed Idris A132265

Conference of Cloud Computing 2012

Hi all,
Here, I attach you guys a link on cloud-computing conference in Asia which I believe would help us to enhance our knowledge in this field. If you have extra time, do visit this link.

http://cloudcomputingasiapac.com/

Thank you.

Mohamad Firdaous bin Mohamed Idris
A132265

Monday 28 May 2012

Social Networking versus Cloud Computing

The concept of cloud computing originated from the desire to provide software solutions to users who prefer maximum accessibility for their applications; Internet access and a sufficient web-browser is all that is needed with cloud computing—no downloading or installing of hardware or software on any one computer. The user can view and interact with a Web-based interface that stores and processes all of the user’s information and communications. This storing and processing is done remotely, over the “cloud,” which is comprised of either a single computer or multiple computers, a database storage system, and a highly powered server or group of servers. The user need not see or understand this back-end infrastructure, nor does the user require any concern over the software’s maintenance—this is the responsibility of the “cloud.”

The first importance is the widespread emergence of social networking was evident with MySpace, an example of the functionality of cloud computing. MySpace was originally created with the intention of connecting musicians and other people in the Los  Angeles music industry by allowing users to sign on, create profiles, and connect and communicate with one another. Users had two faces to their MySpace page:  The home page (that only the user could see), and the user’s public profile, which had its own domain name on the Web, thereby allowing other online users to view the profile information.
MySpace’s use grew far outside of the boundaries of the music industry and in no time at all, it was common for people of Generation X and under to have a “MySpace” page. Users could connect with friends, search for old friends, and also make new friends using MySpace.  At the time, MySpace emerged as the new king of social networking tools.  A technological revolution quickly on its way, however.

Facebook emerged as MySpace’s major competitor and differentiated itself by offering features that allowed users to join networks—by location, university, or workplace—to make connecting with other users easier and faster. By the time Facebook emerged, marketers had already taken notice of these social networks based on cloud computing, and had seen the way communication was becoming faster and more widespread.
Businesses created Facebook profiles in an attempt to attract potential users and promote their business, positioning themselves in the minds of consumers and consumer trends.  More rapidly, however, was the explosive entrance of Twitter into this cloud computing social media market. Twitter, unlike MySpace or Facebook, attracted users of equal parts business and individual. No surprisingly, this medium has become hugely popular in broadcast media, as television and news networks have encouraged their followers to stay updated with their Twitter reports.

As communication has become so fast, easy, and widespread, the culture of communication has changed. Similarly, customers expect exchanges to be just as fast, easy, and convenient; therefore, cloud cloud computing solutions as marketing tools have not just been used in the way of social media, but have also been specifically developed to track customer data in a way that will ultimately produce sales and marketing initiatives that are tailored to specific consumer market segments. Customer relationship management (CRM) improves significantly when businesses are able to respond to specific consumer demands.   In turn, the customers appreciate that the business is responding to their specifications.
Thus it is quite clear to that that there is indirect interaction between cloud computing and social networking as both of these work hand in hand to provide information and services. Therefore, we can conclude that both of these two have their own importance in communication.

Source : 

http://www.cloudcomputingworld.org/cloud-computing-platforms/social-networking-versus-cloud-computing.html


Name : Noor Farah Binti Abdol Ghapor A132590
  
Disclaimer: This blog information is for the purpose of academic as we are learning Cyber Law. If there is any dissatisfaction of the information contain in this blog, please comment in this blog and we will retract back the information.  Thank you for your cooperation.

Thursday 24 May 2012

Identity Theft.

Greetings dear comrades.

I just wanted to share with you, this brilliant blog on Identity Theft made by our fellow friends. So if possible, just go visit their blog as there are LOTS of useful information there.

Wednesday 23 May 2012

Issues in regards of Cloud Computing : Data Protection (Part II)

Many cloud based services provide services to each other, so cloud-based products may have to share our information with third parties if they are involved in processing or transferring of our information. When using cloud-based services, one is entrusting their data to a third-party for storage and security. They may share our information with advertisers as well, as many do to help cover the costs.


Of course each cloud-based service has its own terms and conditions, that the user agrees to (often without reading). Terms and conditions between user and company cannot alone protect the privacy and security of the users’ information. Security can be breached, and infrastructure can be damaged.

Moreover, terms and conditions or service level agreements, may be unfair, as well as illegal in some countries, and can of course easily be broken. Some countries have regulations about the protection of private information but in many countries the storing of personal information by companies is not regulated.

What legislative, judicial, regulatory and policy environments are cloud-based information subject to. This question is hard to answer due to the global structure of the internet, as well as of cloud computing.

The information stored by cloud services is subject to the legal, regulatory and policy environments of the country of domicile of the cloud service, as well as the country in which the server infrastructure is based. Privacy sensitive information, in general, is a serious concern.

Cloud computing also raises significant human rights questions, answers to which may pose obstacles for some wanting to take up this new opportunity. For example, how do cloud computing companies keep information secure and protect rights to freedom of expression and freedom of association? What human rights and law enforcement policies will cloud computing services have and how can civil society groups be involved if these are not determined in local contexts?
Cloud computing present specific challenges to privacy and security. In systems of law with extended data protection as in the case for EU and Switzerland, it is permissible to enlist the support of third parties for data processing. However, the data controller is still the one who is responsible for the processing of data, even if it is performed by other third parties on his behalf.

According to Swiss data protection law, the data controller must ensure that an appointed third party (data processor) only processes data in such a way as the data controller himself would be permitted to.

Furthermore, the data controller has to make sure that the data processor meets the same requirements for data security that apply to the data collector.
Depending on the sector (utilities, retail) to which the data controller belongs, specific additional requirements may apply. For example, banks and stock traders have to conclude a written agreement with the data processor in which they oblige the data processor to observe Swiss banking confidentiality. In the contract with the data processor, the bank has to therefore agree on corresponding rights to inspection, rights of command and rights of control.

Under Swiss law, as under EU law, special rules apply when sending personal data abroad.
According to these, exporting data abroad is permissible if legislation that ensures adequate data protection in accordance with Swiss standards exists in the country in which the recipient of the data is located.

Nevertheless, if no adequate data protection legislation exists in the recipient country, the transmission of data from Switzerland is only permissible in special circumstances. In connection with the processing of personal data for business purposes, mention must be made of the following cases, in particular: conclusion of a contract with the data recipient in which they are obliged to observe adequate data protection; consent by the person(s) concerned; and transmission of data that concerns the contracting party in connection with the conclusion or implementation of a contract.

EU national laws require that data security is safeguarded when processing personal data. Confidentiality, availability and integrity of data must be ensured by means of appropriate organisational and technical measures. These also include the protection of systems and data from the risks of unauthorised, arbitrary loss, technical faults, forgery, theft and unlawful use, as well as from unauthorised modification, copying, access or other unauthorised processing. The data collector remains legally responsible for the observance of data security, even if he assigns data processing to a third party.

Sources:
3. Cloud Hooks: Security and Privacy Issues in Cloud Computing  by Wayne A. Jansen, NIST 
    (Proceedings of the 44th Hawaii International Conference on System Sciences - 2011).
4. Aspen Publishers: The Computer and Internet Lawyer ( Cloud computing: Claims).
5. Cloud Computing Legal Issues by Patrick Van Eecke.
6. Legal Issues Associated With Cloud Computing by Laurin H. Mills.

Tuesday 22 May 2012

Cloud Computing: Recent Cases (US)

1. Craiglist, Inc. v Naturemarket, Inc. 694 F. Supp. 2d 1039

Overview

In a recently decided case, Craigslist, Inc. v. Naturemarket, Inc. ,  Craigslist won a $1.3 million judgment against a seller of software that enabled automatic posting of listings to Craigslist and scraped email addresses from the Craigslist Web site on a variety of causes of action. 

Read the full case here (under U.S. Cases);

Craiglist, Inc v Naturemarket, Inc. ( 694 F. Supp. 2d 1039 )


2. Party City Corp. v Superior Court of San Diego County, 86 Cal. Rptr. 3d 721

Overview

In Party City Corp. v. Superior Court of San Diego County ,  the California Court of Appeal held that zip codes are not protected personal identification information, rejecting a class action suit that relied on California’s Song-Beverly Credit Card Act of 1971. The court, referring to the terms of the Health Information Technology for Economic and Clinical Health (HITECH) Act, found that five-digit zip codes are group, not individual, identifiers because thousands of people have the same zip code. Courts have split on the question of what is necessary to have standing to pursue claims in database security breach cases. Many courts have held that a mere risk of future identity theft is not enough to confer standing. Others have found that standing to pursue claims did exist in such cases. 

Read the full case here (under U.S. Cases);



3. Re Hannaford Bros. Co. Customer Data Breach Sec. Litig. 613 F. Supp. 2d 108

Overview

In Re Hannaford Bros. Co. Customer Data Breach Sec. Litig. , the court dismissed all but one of the class action lawsuits filed by victims of a data breach. The court allowed claims from consumers who had suffered a direct loss to the consumers’ account and dismissed claims by consumers who had the fraudulent charges reversed or had no fraudulent charges.

Read the full case here (under U.S. Cases);

Cloud Computing: Recent Case (US)

Arista Records, LLC v Usenet.com, Inc.  633 F. Supp. 2d 124


Overview

In Arista Records, LLC v. Usenet.com, Inc.  the District Court for the Southern District of New York
granted summary judgment to plaintiff record companies 8 on claims for; 

(1) direct copyright infringement of the exclusive right of distribution under 17 U.S.C. S106(3);
(2) inducement of infringement; 
(3) contributory infringement; and 
(4) vicarious infringement,

by Usenet.com, Inc. (UCI). UCI created an online bulletin board system on which subscribers posted files and downloaded files posted by others for storage on their personal computers. While technically different in format conversions, UCI’s service created an experience like peer-to-peer file-sharing networks, including Napster. UCI offered access to its service based on monthly fees and agreement to UCI’s terms of use (TOU). One TOU prohibited the unauthorized upload of copyrighted content.The record companies objected to UCI’s activities as the unauthorized distribution of copyrighted works. 


Read the full case here (under U.S. Cases); 

ARISTA RECORDS, LLC v USENET.COM, INC. ( 633 F. Supp. 2d 124) 


: Posted by Nur Azweena binti Azhar (A133244) :

Monday 21 May 2012

Cloud Computing in Malaysia

This is one article that I found while browsing through the news on cloud computing.

Mukhriz: Malaysian businesses must capitalise on cloud computing

Written by :
RONALD BYRNE and JO TIMBUONG

 Copyright © 1995-2012 Star Publications (M) Bhd

Sunday 20 May 2012

MDeC and Microsoft are collaborating to push SMEs in higher level.

                        Multimedia Development Corporation and Microsoft are now joining MSC Malaysia's Cloud-on Program to speed up the SMEs in their business when it comes to made-in Malaysia products. The partnership has succeed to make an investment of up to RM1.1 million. The SMEs are seem to prepare and get ready to be boosted up in this field via cloud computing, and this aid will inject those companies to develop their businesses. A research by Forrester Consulting has come up with a finding that approximately of 64 percent of companies in Malaysia are using or at least planning to use cloud-computing as an initiative to have a greater business prospective efficiently. The main objective of Cloud-on Program is to enable the Malaysia cloud ecosystem by supporting local software economy with skills, mindset and technologies to take another step in world-standard-of-software-programs. The Azure Power Program will be a key industry partner in the MSC Malaysia's cloud program

Mohamad Firdaous bin Mohamed Idris (A132265)

Sunday 13 May 2012

Development of cloud computing in Malaysia.

Cloud-computing is a solution to expansion of SMEs in Malaysia.
              
               Studies has shown that economic growth in Asia Pacific has been contributed by the performance and positioning of small and medium enterprises (SME) companies that represents over 95% of businesses in most APEC economies as well as providing half of all employment. In Malaysia itself, SMEs have prepared about 56% employment and contributing to 31% of GDP and 19% of exports. In the Tenth Malaysia Plan (2011-2015), SMEs have been put as spotlight to encounter the economic downturns and to strike back to upcoming years.
               
                 However, there is a need to equip the untapped potential SMEs from letting these companies ‘handicapped’ from contributing to economic growth and this can only be done by changing the business environment through Information of Communications and Technologies to act as a tool for transitioning new face of business development. Past years have shown that ICT could be very effective to progressive business growth but can be costly at the same time. Be grateful to cloud computing as it could turn out as turning point to ICT problem to be established in Malaysia.
                
                   Serious problems faced by majority of SMEs are undercapitalized, underserved and underdeveloped when it comes to technology tools and human expertise to run the businesses and unfortunately most of these companies are lack or absence in IT departments to drive this cloud computing as a powerful mechanism to generate their businesses. But recently, steps by steps are taken to approach this way as a solution and applications in cloud would aid to ensure the business continuity and to prevent massive data loss in any forms of obstacles. Utility in cloud computing has been used as a boon for SMEs and also for cost-control as it allows them to work with services on a smaller scale first. Microsoft has sponsored Springboard Survey to carry out its research in Asian region and surprisingly, cloud computing has been adopted not only due to cost-saving, but as well as to guard unauthorized accessed data and to support unpredictable workloads. So, it’s truly explained that cloud computing is a medium of solution to back up the SMEs to generate business growth in Malaysia.

for more info: www.myforesight.my
written by : Mohamad Firdaous bin Mohamed Idris A132265

Saturday 12 May 2012

Fellow Computerangers

Greetings. 


Please do us a favor and check this out RAHIMCONGERS .


Besides of their cool header yet a rather dull layout (so I've been told), they do provide a very informative information in regards of Software & Malware. 





Thursday 10 May 2012

Issues in regards of Cloud Computing: Jurisdictional



Cloud computing is considered by many to be a lower cost, efficient, easily accessible solution to data storage and retrieval. Storing your data in the “cloud” offers the promise of access irrespective of the location from which you are accessing it. Such universal accessibility is understandably appealing to both businesses and consumers equally.

In other words, cloud computing act  as a means of ensuring that your information is available to you anywhere you have internet access. The fundamental premise upon which cloud computing is based is that it does not matter where data is stored but what matters is that the data can be accessed anywhere. From a legal perspective, however, the distributed nature of cloud computing creates jurisdictional uncertainty, because with information being stored and available “anywhere”, who has jurisdiction over it? Whose laws apply?

Hence we will continue to discuss how jurisdictional aspects becomes an issue in cloud computing. First of all, data that might be secure in one country may not be secure in another. In many cases, users of cloud services don't know where their information is stored. Currently in the process of trying to synchronize the data laws of its member states, the EU favors very strict protection of privacy, while in America laws such as the US Patriot Act invest government and other agencies with virtually limitless powers to access informations.

In Malaysia, around the year 2009, MIMOS ( Malaysian Institute Of Microelectronic Systems) took the first step toward public  sector cloud computing by joining the open source cloud computing test bed called Open Cirrus, created by HP, Intel, and Yahoo. This was aimed at learning from the global adoption of the delivery model and establishing a platform for the same in the country. Additionally, MYEG and the National Archives database use certain elements of the private cloud platform. However, there is significant room for the expansion of cloud services in the country. Not only that, the Malaysian Government has identified cloud computing as a major focus area and had kept cloud computing as the foremost strategic technology for 2010 under the MSC Malaysia program. The Malaysian Information System Officer Association expects cloud computing to lead to increased transparency and reduced ICT expenditure by up to 50 percent, while improving efficiencies.


The territorial borders for determining jurisdiction of courts in Malaysia can be seen from order 11 of the Rules of High Court 1980 and section 23 of the Court of Judicature Act 1964.Unfortunately, because cloud computing means ensuring your information is everywhere and anywhere, jurisdictional uncertainty issue will definitely arise.

However, the lack of clarity over jurisdiction issues due to free flow of data across state and national borders, complicate the decision to move into the cloud, especially for the public sector.  In order to overcome these issues, governments in the region need to put in place plans to improve local internet infrastructure, promote entry of local participants in the market and bring in standardization. 
Unlike the United States and European Union (EU) which are largely homogenous regions from a jurisdiction standpoint, Asia Pacific is an extremely heterogeneous region. In the absence of international cloud computing legal and governance frameworks, cross-border data interchange will be nearly impossible in the government sector. Data centers hosting the cloud infrastructure have to be largely local and preferably closer to the Federal agencies. 

As a whole, we can say that although the internet is global, but laws and regulations governing ICT Companies are often national. Human rights risks also may vary according to which country personal information is stored in, and how a company’s network is structured. Hence, it is important for policy makers to strike the right regulatory balance in ensuring flexibility, regulatory compliance and jurisdiction issues. The right balance between these three components will allow cloud computing to perform in an efficient manner. 

Disclaimer: This blog information is for the purpose of academic as we are learning Cyber Law. If there is any dissatisfaction of the information contain in this blog, please comment in this blog and we will retract back the information.  Thank you for your cooperation.

Tuesday 8 May 2012

Issues in regards of Cloud Computing : Data Protection

The earliest post has already explain what cloud computing is all about. Briefly on the definition itself and the essentials characteristic of cloud computing, among other things.

The very term, ‘cloud computing’ derives from the cloud symbol, usually to represent the internet and the complex infrastructure behind it. Now as one knows, such infrastructure, or more fittingly, such service is bound to have many issues in question.

One of it, dare I say, which is among the important issues, would be data protection.
Obviously, data protection issue relates to the distributed nature of the data within the cloud computer service. Keep in mind, that the ‘cloud’ can be external, public cloud such as Facebook or Hotmail, or an internal, private cloud within one organisation.

Before we continue, it need to be noted that privacy and security issue around cloud computing can be addressed as an awareness and education issue.

So, when hen we talk about data protection in cloud computing, we need to understand that there are no borders within the cloud. The very concept of cloud computing is globalised and that makes it difficult for us to search for the borders. The cloud service providers can be located anywhere on the globe, save for some providers such as Amazon. Amazon offers their customers the option of choosing between certain availability zones. By choosing the option, the data will remain only at the selected zones.

Cloud computing raises a few interesting issues in regards to data protection. Amongst them includes the fact that most of data protection law is based on the premise that it is always clear where the data is located, who is responsible for the data processing as well as by whom the data is processed. However, this is not the case with cloud computing as the service is in conflict with the said premise.

The easiest example in this matter is that a person uses an e-mail service based on cloud computing, then his or her data can be stored anywhere in the world. Hence, with cloud computing, it is almost not possible to say where the data is at a certain moment and by whom and how it is being processed. This situation will cause doubt whether tjose responsible for data processing are in a position to effectively assume their responsibility at all, in line with each country’s data-protection regulations.

Similarly, if the data circulates freely around the globe, then we can no longer be clear of which data protection authorities at which location, are responsible for ensuring the accordance of the principles of data protection. 

(To be continued)

Monday 7 May 2012

Issues in regards of Cloud Computing : Intellectual Property



What is Intellectual Property?

Intellectual property is property which is deemed to be the “creation of the mind”. It is an intangible creation of through intellectual process. Looking from the angle of law, intellectual property is property which is intangible creation which resulted from intellectual and creative process of human mind and the end result of the thinking being reduced to material form which is assigned certain rights of property. There are eight type of work being protected under Malaysia Copyright Act 1987 that is literary work, artistic work, musical work, film, sound recording, broadcasting, performer rights, and derivative work. An example of literary work would be books, musical work will be music sheet, film such as The Avenger, sound recording such as CD’s Album, derivative work such as translation of an original language of a book to malay language (eg. Harry Potter).

Ever since the beginning of Internet Era, infringement of intellectual property had been done in massive production throughout the Internet. Before the idea of Cloud Computing is made popular, P2P(peer to peer) sharing had been utilised and landmark case of P2P is Napster which is a  music-focused online services. It was originally founded as a pioneering peer to peer file sharing Internet service that emphasized sharing audio files, typically music, encoded in MP3 format. The original company ran into legal difficulties over copyright infringement, ceased operations and was eventually acquired by Roxio. For literary work, books are being scan page by page and being upload into the internet and can be download free of charge. Worst still, seven out of eight work that is protected under Copyright Act basically infringe the exclusive right of owner to reproduce the work.


Issues of Intellectual Property regarding Cloud computing

Sovereignty on the internet: location and use of data

In most cloud-based services, data(specifically intellectual data) will potentially be stored on hardware located in a country outside Malaysia. Storage of data outside of Malaysia will make the data susceptible to legal process instituted in the country in which it is stored and subject to the laws of that country. It will, for example, be susceptible to interception warrants issued in that country or, in the United States, come within the bounds of the Patriot Act, which gives the United States government broad powers to access data stored anywhere within the United States or passing across telecommunications infrastructure located in the United States.

What if the hardware of cloud-based services is located a communist country such as North Korea or country that had political turmoil or any instability? It would be unfair to the cloud-user especially to those that paid premium to the cloud-based services as other country government can gain access to the data.

Infringement of Intellectual Property by User in Cloud Computing

With cloud-based services such as an example, Microsoft hotmail Skydrive, the perpetrator able to store the infringe works such as songs, ebooks, documents, or photos.  Normally, the perpetrator will download the infringe works and save it in his hardware but through the improvement of internet bandwidth, cloud-based service able to accommodate a large storage for storing files (music,ebooks, etc), and the user able to upload their files over the cloud-based service with two benefits mainly time saving and cost cutting (cut the cost of buying pendrive or print out paper or laptop[can see files in any computer provided there is Internet] and etc). Another situation is that if a person own a CD album or any things that is protected under copyright 1987, the person only own a single licence of the data or things and he transferred the data and make multiple copies of data in the cloud, there could be issue whether he has the “right to store an additional copies” in the cloud.



Conclusion

Base on the issue above, we can see that sovereignity plays an important role especially to those people that would want to keep their intellectual property as data in the cloud. Issue such as “additional copies data” in the cloud is also yet to be solve. As to the matter of intellectual property infringement over the internet, legal mechanism must keep in pace over the technology to prevent the downfall of intellectual creation.


References


Journal



Internet Law Bulletin (newsletter)/2011/Volume 14 No 2 -- May 2011/Hidden in the cloud -- the dangers of keeping your data where you can't see it

Privacy Law Bulletin (newsletter)/2010/Volume 7 No 3 -- November 2010/Legal issues in the cloud

2008 Mich. St. L. Rev. 1 WHAT IFS AND OTHER ALTERNATIVE INTELLECTUAL PROPERTY AND CYBERLAW STORY: WHAT IFS AND OTHER ALTERNATIVE INTELLECTUAL PROPERTY AND CYBERLAW STORIES: FOREWORD

36 J. Legis. 395 RAIN OR SHINE: FAIR AND OTHER NON-INFRINGING USES IN THE CONTEXT OF CLOUD COMPUTING

10 J. on Telecomm. & High Tech. L. 53 CLOUD COMPUTING: CLOUD CONTROL: COPYRIGHT, GLOBAL MEMES AND PRIVACY


Website


http://www.techrepublic.com/blog/webmaster/intellectual-property-copyright-and-the-cloud-more-details-on-the-law-for-web-masters-and-developers/480




Name: Benjamin  Goo Koon Wern A132312

Disclaimer: This blog information is for the purpose of academic as we are learning Cyber Law. If there is any dissatisfaction of the information contain in this blog, please comment in this blog and we will retract back the information.  Thank you for your cooperation.