Tag: law

US set to abandon net neutrality rules

US Federal Communications Commission chairman Ajit Pai will propose vacating Barack Obama-era net neutrality rules, according to a person briefed on the development that will hand a victory to broadband providers such as AT&T and Comcast that oppose the regulations.

Pai’s proposal is to be presented to fellow FCC commissioners on Tuesday ahead of a vote set for 14 December at the agency, where the chairman — an appointee of President Donald Trump — leads a Republican majority. Pai will seek to vacate the rules adopted in 2015, retaining only a portion that requires broadband providers to explain details of the service they are offering, said the person briefed on the matter, who asked not to be identified because the proposal isn’t yet public.

Rules to be set aside include a ban on blocking or slowing Web traffic, and a prohibition on offering “fast lanes” that give quicker service to content providers willing to pay extra. Broadband providers have argued that competition will ensure they don’t unfairly squelch traffic.

Tina Pelkey, an FCC spokeswoman, declined to comment.

Pai’s proposal is the latest step in a years-long tug-of-war over regulations dictating how companies such as AT&T and Comcast allow access to Internet content — from Facebook’s social media site to Netflix’s streaming videos.

Supporters including Silicon Valley firms argue the rules are needed to keep network owners from favouring their own content and discouraging Web start-ups. Critics say the rules discourage investment while exposing companies to a threat of heavier regulation including pricing mandates.

The regulation survived a court challenge from broadband providers last year. Previous attempts by the FCC to pass such rules ended with courts tossing them out or sending them back to be rewritten.

By Todd Shields for Bloomberg on Tech Central

M-Net, Safact and film producers want ISPs to actively issue warnings to file sharers and copyright infringers in the country – while also blocking access to infringing sites.

The Department of Justice and Constitutional Development has been presenting its responses to submissions received on the Cybercrimes and Cybersecurity Bill, and dozens of parties across a number of industries gave their thoughts on the bill, including Cell C, MTN, Vodacom, Telkom, R2K, Liquid Telecom and Deloitte.

While the majority of comments focused on concerns surrounding cyber-security, the bill itself, and how it will affect South Africa’s internet, one of the more interesting comments focused on piracy in South Africa.

A comment submitted by the International Federation of Film Producers Associations, Safact and M-Net highlighted concerns that government was not doing enough to combat piracy.

“A balanced approach to address the massive copyright infringement on the Internet is necessary,” the parties said in a comment.

“It is proposed that measures should be introduced to enable local internet service providers to act against copyright infringements.

“It is suggested that South Africa should consider adopting technology-neutral ‘no fault’ enforcement legislation that would enable intermediaries to take action against online infringements, in line with Article 8.3 of the EU Copyright Directive (2001/29/EC), which addresses copyright infringement through site blocking.”

The parties further said that new legislation was needed to force Internet Service Providers (ISPs) to cooperate with rights-holders. They also requested that the take down process under section 77 of the ECTA be made less time consuming and less intrusive.

“Obligations should be imposed on ISPs to co-operate with rights-holders and Government to police illegal filesharing or streaming websites and to issue warnings to end-users identified as engaging in illegal file-sharing and to block infringing content,” they said.

“This should be remedied in the Bill or the ECTA should be amended in the Schedule to the Bill,” it said.

The department responded to the comment by stating that the Cybersecurity Bill does not deal with copyright infringements, and that they were better suited for the Copyright Amendment Bill which is also currently before parliament.

Source: Business Tech 

Uber on the brink

Shortly after taking over Uber in September, Dara Khosrowshahi told employees to brace for a painful six months.

US officials are looking into possible bribes, illicit software, questionable pricing schemes and theft of a competitor’s intellectual property. The very attributes that, for years, set the company on a rocket-ship trajectory – a tendency to ignore rules, to compete with a mix of ferocity and paranoia – have unleashed forces that are now dragging Uber back to down to earth.

Uber faces at least five criminal probes from the Justice Department – two more than previously reported. Bloomberg has learned that authorities are asking questions about whether Uber violated price-transparency laws, and officials are separately looking into the company’s role in the alleged theft of schematics and other documents outlining Alphabet’s autonomous-driving technology.

Uber is also defending itself against dozens of civil suits, including one brought by Alphabet that’s scheduled to go to trial in December.

“There are real political risks for playing the bad guy”

Some governments, sensing weakness, are moving toward possible bans of the ride-hailing app. London, one of Uber’s most profitable cities, took steps to outlaw the service, citing “a lack of corporate responsibility” and specifically, company software known as Greyball, which is the subject of yet another US probe.

(Uber said it didn’t use the program to target officials in London, as it had elsewhere, and will continue to operate there while it appeals a ban.) Brazil is weighing legislation that could make the service illegal – or at least treat it more like a taxi company, which is nearly as offensive in the eyes of Uber.

Interviews with more than a dozen current and former employees, including several senior executives, describe a widely held view inside the company of the law as something to be tested.

Travis Kalanick, the co-founder and former CEO, set up a legal department with that mandate early in his tenure. The approach created a spirit of rule-breaking that has now swamped the company in litigation and federal inquisition, said the people, who asked not to be identified discussing sensitive matters.

Kalanick took pride in his skills as a micromanager. When he was dissatisfied with performance in one of the hundreds of cities where Uber operates, Kalanick would dive in by texting local managers to up their game, set extraordinary growth targets or attack the competition.

His interventions sometimes put the company at greater legal risk, a group of major investors claimed when they ousted him as CEO in June. Khosrowshahi has been on an apology tour on behalf of his predecessor since starting. Spokespeople for Kalanick, Uber and the Justice Department declined to comment.

Kalanick also defined Uber’s culture by hiring deputies who were, in many instances, either willing to push legal boundaries or look the other way. Chief security officer Joe Sullivan, who previously held the same title at Facebook, runs a unit where Uber devised some of the most controversial weapons in its arsenal. Uber’s own board is now looking at Sullivan’s team, with the help of an outside law firm.

Salle Yoo, the longtime legal chief who will soon leave the company, encouraged her staff to embrace Kalanick’s unique corporate temperament. “I tell my team, ‘We’re not here to solve legal problems. We’re here to solve business problems. Legal is our tool,’” Yoo said on a podcast early this year. “I am going to be supportive of innovation.”

From Uber’s inception, the app drew the ire of officials. After a couple years of constant sparring with authorities, Kalanick recognised he needed help and hired Yoo as the first general counsel in 2012. Yoo, an avid tennis player, had spent 13 years at the corporate law firm Davis Wright Tremaine and rose to become partner. One of her first tasks at Uber, according to colleagues, was to help Kalanick answer a crucial question: Should the company ignore taxi regulations?

Around that time, a pair of upstarts in San Francisco, Lyft and Sidecar, had begun allowing regular people to make money by driving strangers in their cars, but Uber was still exclusively for professionally licenced drivers, primarily behind the wheel of black cars. Kalanick railed against the model publicly, arguing that these new hometown rivals were breaking the law. But no one was shutting them down. Kalanick, a fiercely competitive entrepreneur, asked Yoo to help draft a legal framework to get on the road.

By January 2013, Kalanick’s view of the law changed. “Uber will roll out ridesharing on its existing platform in any market where the regulators have tacitly approved doing so,” Kalanick wrote in a since-deleted blog post outlining the company’s position.

Uber faced some regulatory blowback but was able to expand rapidly, armed with the CEO’s permission to operate where rules weren’t being actively enforced. Venture capitalists rewarded Uber with a $17bn valuation in 2014. Meanwhile, other ride-hailing startups at home and around the world were raising hundreds of millions apiece. Kalanick was determined to clobber them.

One way to get more drivers working for Uber was to have employees “slog.” This was corporate speak for booking a car on a competitor’s app and trying to convince the driver to switch to Uber. It became common practice all over the world, five people familiar with the process said.

Staff eventually found a more efficient way to undermine its competitors: software. A breakthrough came in 2015 from Uber’s office in Sydney. A program called Surfcam, two people familiar with the project said, scraped data published online by competitors to figure out how many drivers were on their systems in real-time and where they were.

The tool was primarily used on Grab, the main competitor in Southeast Asia. Surfcam, which hasn’t been previously reported, was named after the popular webcams in Australia and elsewhere that are pointed at beaches to help surfers monitor swells and identify the best times to ride them.

Surfcam raised alarms with at least one member of Uber’s legal team, who questioned whether it could be legally operated in Singapore because it may run afoul of Grab’s terms of service or the country’s strict computer-crime laws, a person familiar with the matter said. Its creator, who had been working out of Singapore after leaving Sydney, eventually moved to Uber’s European headquarters in Amsterdam. He’s still employed by the company.

“This is the first time as a lawyer that I’ve been asked to be innovative.”

Staff at home base in San Francisco had created a similar piece of software called Hell. It was a tongue-in-cheek reference to the Heaven program, which allows employees to see where Uber drivers are in a city at a given moment. With Hell, Uber scraped Lyft data for a view of where its rival’s drivers were.

The legal team decided the law was unclear on such tactics and approved Hell in the US, a program first reported by technology website the Information.

Now as federal authorities investigate the program, they may need to get creative in how to prosecute the company. “You look at what categories of law you can work with,” said Yochai Benkler, co-director of Harvard University’s Berkman Klein Centre for Internet and Society. “None of this fits comfortably into any explicit prohibitions.”

Uber’s lawyers had a hard time keeping track of all the programs in use around the world that, in hindsight, carried significant risks. They signed off on Greyball, a tool that could tag select customers and show them a different version of the app.

Workers used Greyball to obscure the actual locations of Uber drivers from customers who might inflict harm on them. They also aimed the software at Lyft employees to thwart any slog attempts.

The company realised it could apply the same approach with law enforcement to help Uber drivers avoid tickets. Greyball, which was first covered by the New York Times, was deployed widely in and outside the US without much legal oversight.

Katherine Tassi, a former attorney at Uber, was listed as Greyball supervisor on an internal document early this year, months after decamping for Snap in 2016. Greyball is under review by the Justice Department. In another case, Uber settled with the Federal Trade Commission in August over privacy concerns with a tool called God View.

Uber is the world’s most valuable technology startup, but it hardly fits the conventional definition of a tech company. Thousands of employees are scattered around the world helping tailor Uber’s service for each city. The company tries to apply a Silicon Valley touch to the old-fashioned business of taxis and black cars, while inserting itself firmly into gray areas of the law, said Benkler.

“There are real political risks for playing the bad guy, and it looks like they overplayed their hand in ways that were stupid or ultimately counterproductive,” he said. “Maybe they’ll bounce back and survive it, but they’ve given competitors an opening.”

Kalanick indicated from the beginning that what he wanted to achieve with Yoo was legally ambitious. In her first performance review, Kalanick told her that she needed to be more “innovative.” She stewed over the feedback and unloaded on her husband that night over a game of tennis, she recalled in the podcast on Legal Talk Network. “I was fuming. I said to my husband, who is also a lawyer: ‘Look, I have such a myriad of legal issues that have not been dealt with. I have constant regulatory pressures, and I’m trying to grow a team at the rate of growth of this company.’”

By the end of the match, Yoo said she felt liberated. “This is the first time as a lawyer that I’ve been asked to be innovative. What I’m hearing from this is I actually don’t have to do things like any other legal department. I don’t have to go to best practices. I have to go to what is best for my company, what is best for my legal department. And I should view this as, actually, freedom to do things the way I think things should be done, rather than the way other people do it.”

Prosecutors may not agree with Yoo’s assumptions about how things should be done. Even when Yoo had differences of opinion with Kalanick, she at times failed to challenge him or his deputies, or to raise objections to the board.

After a woman in Delhi was raped by an Uber driver, the woman sued the company. Yoo was doing her best to try to manage the fallout by asking law firm Khaitan & Co to help assess a settlement. Meanwhile, Kalanick stepped in to help craft the company’s response, privately entertaining bizarre conspiracy theories that the incident had been staged by Indian rival Ola, people familiar with the interactions have said.

READ: Indian woman accuses Uber driver of sexual harassment
Eric Alexander, an Uber executive in Asia, somehow got a copy of the victim’s medical report in 2015. Kalanick and Yoo were aware but didn’t take action against him, the people said. Yoo didn’t respond to requests for comment.

The mishandling of the medical document led to a second lawsuit from the woman this year. The Justice Department is now carrying out a criminal bribery probe at Uber, which includes questions about how Alexander obtained the report, two people said. Alexander declined to comment through a spokesperson.

In 2015, Kalanick hired Sullivan, the former chief security officer at Facebook. Sullivan started his career as a federal prosecutor in computer hacking and intellectual property law. He’s been a quiet fixture of Silicon Valley for more than a decade, with stints at PayPal and EBay Inc. before joining Facebook in 2008.

It appears Sullivan was the keeper of some of Uber’s darkest secrets. He oversees a team formerly known as Competitive Intelligence. COIN, as it was referred to internally, was the caretaker of Hell and other opposition research, a sort of corporate spy agency.

A few months after joining Uber, Sullivan shut down Hell, though other data-scraping programs continued. Another Sullivan division was called the Strategic Services Group. The SSG has hired contractors to surveil competitors and conducts extensive vetting on potential hires, two people said.

Last year, Uber hired private investigators to monitor at least one employee, three people said. They watched Liu Zhen, then the head of strategy in China and the cousin of local ride-hailing startup Didi Chuxing, as the companies were negotiating a sale. Liu couldn’t be reached for comment.

Sullivan wasn’t just security chief at Uber. Unknown to the outside world, he also took the title of deputy general counsel, four people said. The designation could allow him to assert attorney-client privilege on his communications with colleagues and make his e-mails more difficult for a prosecutor to subpoena.

Sullivan’s work is largely a mystery to the company’s board. Bloomberg learned the board recently hired a law firm to question security staff and investigate activities under Sullivan’s watch, including COIN. Sullivan declined to comment. COIN now goes by a different but similarly obscure name: Marketplace Analytics.

As Uber became a global powerhouse, the balance between innovation and compliance took on more importance. An Uber attorney asked Kalanick during a company-wide meeting in late 2015 whether employees always needed to follow local ride-hailing laws, according to three people who attended the meeting. Kalanick repeated an old mantra, saying it depended on whether the law was being enforced.

A few hours later, Yoo sent Kalanick an email recommending “a stronger, clearer message of compliance,” according to two people who saw the message. The company needed to adhere to the law no matter what, because Uber would need to demonstrate a culture of legal compliance if it ever had to defend itself in a criminal investigation, she argued in the email.

Kalanick continued to encourage experimentation. In June 2016, Uber changed the way it calculated fares. It told customers it would estimate prices before booking but provided few details.

Using one tool, called Cascade, the company set fares for drivers using a longstanding formula of mileage, time and demand. Another tool called Firehouse let Uber charge passengers a fixed, upfront rate, relying partly on computer-generated assumptions of what people traveling on a particular route would be willing to pay.

Drivers began to notice a discrepancy, and Uber was slow to fully explain what was going on. In the background, employees were using Firehouse to run large-scale experiments offering discounts to some passengers but not to others.

“Lawyers don’t realize that once they let the client cross that line, they are prisoners of each other from that point on”

While Uber’s lawyers eventually looked at the pricing software, many of the early experiments were run without direct supervision. As with Greyball and other programs, attorneys failed to ensure Firehouse was used within the parameters approved in legal review. Some cities require commercial fares to be calculated based on time and distance, and federal law prohibits price discrimination. Uber was sued in New York over pricing inconsistencies in May, and the case is seeking class-action status. The Justice Department has also opened a criminal probe into questions about pricing, two people familiar with the inquiry said.

As the summer of 2016 dragged on, Yoo became more critical of Kalanick, said three former employees. Kalanick wanted to purchase a startup called Otto to accelerate the company’s ambitions in self-driving cars. In the process, Otto co-founder Anthony Levandowski told the company he had files from his former employer, Alphabet, the people said.

Yoo expressed reservations about the deal, although accounts vary on whether those were conveyed to Kalanick. He wanted to move forward anyway. Yoo and her team then determined that Uber should hire cyber-forensics firm Stroz Friedberg in an attempt to wall off any potentially misbegotten information.

Alphabet’s Waymo sued Uber this February, claiming it benefited from stolen trade secrets. Uber’s board wasn’t aware of the Stroz report’s findings or that Levandowski allegedly had Alphabet files before the acquisition, according to testimony from Bill Gurley, a venture capitalist and former board member, as part of the Waymo litigation. The judge in that case referred the matter to U.S. Attorneys. The Justice Department is now looking into Uber’s role as part of a criminal probe, two people said.

As scandal swirled, Kalanick started preaching the virtues of following the law. Uber distributed a video to employees on March 31 in which Kalanick discussed the importance of compliance. A few weeks later, Kalanick spoke about the same topic at an all-hands meeting.

Despite their quarrels and mounting legal pressure, Kalanick told employees in May that he was promoting Yoo to chief legal officer. Kalanick’s true intention was to sideline her from daily decisions overseen by a general counsel, two employees who worked closely with them said. Kalanick wrote in a staff email that he planned to bring in Yoo’s replacement to “lead day to day direction and operation of the legal and regulatory teams.” This would leave Yoo to focus on equal-pay, workforce-diversity and culture initiatives, he wrote.

Before Kalanick could find a new general counsel, he resigned under pressure from investors. Yoo told colleagues last month that she would leave, too, after helping Khosrowshahi find her replacement. He’s currently interviewing candidates. Yoo said she welcomed a break from the constant pressures of the job. “The idea of having dinner without my phone on the table or a day that stays unplugged certainly sounded appealing,” she wrote in an email to her team.

The next legal chief won’t be able to easily shed the weight of Uber’s past. “Lawyers don’t realize that once they let the client cross that line, they are prisoners of each other from that point on,” said Marianne Jennings, professor of legal and ethical studies in business at Arizona State University.

“It’s like chalk. There’s a chalk line: It’s white; it’s bright; you can see it. But once you cross over it a few times, it gets dusted up and spread around. So it’s not clear anymore, and it just keeps moving. By the time you realize what’s happening, if you say anything, you’re complicit. So the questions start coming to you: ‘How did you let this go?’”

Source: Fin24

Labour brokers: when is it legal?

South African labour legislation severely constrains the few employer rights that exist. It is therefore no surprise that employers  look for alternative means of hiring labour instead of employing workers directly.

One option is to use labour brokers in an attempt to free employers from many labour law responsibilities in return for a fee.Trade unions, who find this loophole to be a thorn in their sides, call this type of arrangement “Atypical Employment” and have instigated new legislation, effective from April 2015 that severely curtails the purposes for which labour brokers.

Even before the 2015 amendments using labour brokers to evade labour law responsibilities was difficult and labour brokers were already taking struggling to cope with the legal responsibilities that they took over.

For example, in the case of Sibiya & others vs HBL Services cc (2003 7 BALR 796) the employees were employed by a labour broker to provide work to a client. The employees refused to change to a new shift system introduced by the client. When the employees arrived for work the next day to render services under the old shift system the broker’s client locked them out and they referred an unfair dismissal dispute.

The arbitrator found that the employees had been dismissed for refusing to work under the new shift system. As the employees were entitled to refuse the change and as no proper dismissal procedures had been implemented the arbitrator ordered the broker to reinstate the employees with full back pay.

In the case of Springbok Trading (Pty) Ltd vs Zondani and Others (2004 9  BLLR 864) the company wanted to transfer a number of its own employees into the employment of a labour broker that was already providing most of the company’s labour. The company claimed that the union had agreed to the transfer.

The union denied this. Those employees who refused the transfer were retrenched and some of them declared and were successful with a dispute in the Labour Court. On appeal the Labour Appeal Court found that:

• The discussions with the union had been conducted by the very same labour broker to which the employer wanted to transfer the employees. Thus the person who consulted with the union had a lot to gain by the transfer and could not be seen to have consulted in good faith.

• The employer’s stated reason for wanting to implement the transfer was not good enough to justify the retrenchment of those employees who refused the transfer. That is, the employer’s alleged wish to avoid the burden of payroll administration did not justify the loss of employees’ jobs.

• It was unlikely that the trade union would have agreed to the retrenchment of its members.• Consultations on the retrenchments were neither completed nor properly conducted.

• The retrenchments were unfair.The employer’s appeal was therefore dismissed with costs.The 2015 amendments shift most of the responsibility from the labour broker back to the original employers who have therefore lost a key means of relief from the heavy constraints of labour legislation.

All employers and the smaller ones in particular, need to learn, with the help of reputable labour law experts, how to continue to run profitable businesses despite the ever increasingly restrictive labour legislation.

To book for our 10 November Johannesburg seminar on achieving a productive and legally compliant workplace, please contact Ronni via ronni@labourlawadvice.co.za or 084 521 7492.

By Ivan Israelstam, chief executive of Labour Law Management Consulting

Loophole used to spy on more than 70 000 phones in SA

Law enforcement agencies are spying on at least 70 000 phone numbers each year, exploiting a loophole in South Africa’s surveillance policies that allow them to access phone records through a less rigorous process.

Civil rights organisation Right2Know Campaign (R2K) surveyed statistics from MTN, Vodacom, Cell C and Telkom, which revealed that government accesses sensitive communications information from tens of thousands of people every year using a loophole that bypasses South Africa’s primary surveillance law, the Regulation of Interception of Communications and Provision of Communication-Related Information Act (RICA).

Jane Duncan, founder of the Media Policy and Democracy Project, said statistics show South Africans’ privacy is routinely being violated. Yet there is very little sense of how this is bringing down crime.

“Privacy is not sufficiently protected in processes followed,” she said.

RICA requires law enforcement and intelligence agencies to obtain permission from a special judge, appointed by the president, to intercept a person’s communications.

“RICA sets high standards, with a specialised judge appointed that reviews applications,” said Duncan.

But instead of using RICA, the government is turning to Section 205 of the Criminal Procedures Act which gives officials access to phone users’ metadata in phone records. This reveals who they have communicated with, when, and where.

The Criminal Procedures Act is not nearly as protected as RICA and definitely creates a loophole, Duncan explained.

Data from the four mobile phone companies shows that law enforcement received call records for a minimum of 70 960 phone numbers every year, from 2015 to 2017.

In contrast, the most recent statistics from the RICA judge’s office show that in 2014/2015, the judge issued 760 warrants for interception. At a minimum, in the same year magistrates issued 25 808 warrants in terms of Section 205 of the Criminal Procedures Act.

These statistics confirm for the first time that the vast majority of ‘authorised’ surveillance operations are happening outside the RICA judge’s oversight.

Policymakers have wrongly assumed that information about a communication – such as the identity of the person communicated with, when, and the location – is less sensitive than its content, R2K said.

In order to apply for this warrant, applicants need to provide strong reasons because RICA is cognisant that such interceptions could threaten peoples’ right to privacy, it said.

Obtaining a warrant through Section 205 of the Criminal Procedures Act is far less rigorous, and R2K said as a result a loophole developed where Section 205 allows law enforcement officials to bypass the RICA judge.

According to this law, any magistrate can issue a warrant that forces telecoms companies to give over a customer’s call records and metadata.

Policymakers are wrong to assume that the metadata is less sensitive or private than the contents of the communication: metadata can reveal as much as, if not more, about a person’s contacts, interests and habits than what they say over the phone or in a text message, R2K stated.

Duncan said that despite RICA’s protection, case studies such as cops who spied on two Sunday Times journalists showed that abuses even happened there.

According to evidence before the court, South African Police Force intelligence officials received a warrant to monitor these phone numbers by lying to the RICA judge – they told the judge these were the phone numbers of suspected criminals who were under investigation. Under RICA, it is an offence to supply false information to the RICA judge.

“How much easier is it to abuse the Criminal Procedures Act, with even fewer checks and balances?” Duncan asked.

R2K said that when a person’s communications information is handed over using the Criminal Procedures Act, they are never notified, even if the investigation is dropped or if they are found to be innocent.

By Yolandi Groenewald for Fin24

Big Tech can no longer be allowed to police itself

In the early days of the commercial Internet, back in the mid 1990s, one of the things that technology platform companies lobbied hard for was the notion that they were like the town square – passive conduits for the actions of others, facilitating a variety of activities and thoughts, but not responsible for any of them.

The idea was that the garage entrepreneurs starting message boards and chat rooms, or the nascent search engines, simply did not have the legal or economic bandwidth to monitor or be liable for the actions of users, and that to require them to do so would stymie the development of the internet itself.

How times have changed. Not only can the largest Internet companies like Facebook and Google monitor nearly everything we do, they are also policing the net with increasing vigour. Witness the variety of actions taken by Facebook, Google, GoDaddy and PayPal, in the wake of racially charged violence in Charlottesville, to block or ban rightwing hate groups from their platforms.

You can argue that this is laudable, or not, depending on your relative concern about hate speech versus free speech. But there’s a key business issue that has been missed in all the hoopla. It is one that was summarised well by Matthew Prince, the chief executive of Cloudflare, a web-infrastructure company that dropped the rightwing Daily Stormer website as a client, under massive public pressure and against the firm’s own stated policies. “I woke up in a bad mood and decided someone shouldn’t be allowed on the internet,” said Mr Prince following the decision. “No one should have that power.”

Powerful tech companies do. Yet they also continue to benefit, in the US at least, from laws that treat them as “special” and allow them to get around all sorts of legal issues that companies in every other kind of business have to grapple with. This amounts to billions of dollars in corporate subsidies to the world’s most powerful industry.

The golden goose is a little-known bit of Federal Trade Commission legislation. Section 230 of the Communications and Decency Act (CDA) was crafted in 1996 to allow tech firms exemption from liability for nearly all kinds of illegal content or actions perpetrated by their users (there are a few small carveouts for things like copyright violations and rare federal criminal prosecutions). In recent years, the tech industry has thrown a tremendous amount of money and effort into ensuring that it maintains section 230 as a “get out of jail free” card.

But this law is being challenged by powerful politicians. On August 1, a bipartisan group of senators, led by Democrat Claire McCaskill and Republican Rob Portman, introduced legislation that would create a carve-out in section 230 for tech firms that knowingly facilitate sex trafficking. The impetus for this was the horror of backpage.com, a firm that actively created a platform for online sex trafficking for its own profit.

It is a piece of legislation that everyone, it seems, can get behind – except the largest tech companies and their industry lobbying groups . They are concerned that it would open a Pandora’s box of legal issues for them. These groups had the rough copy of the bill for months before its introduction, yet refused to offer edits during its crafting. Keith Smith, a spokesperson in Mr Portman’s office, says: “We did our due diligence, met with the tech community on a bipartisan basis for months and yet they offered no constructive feedback.”

The firms say that is because any amendment to 230 is a no-go; they suggested alternatives like tougher criminal laws. Noah Theran, a spokesperson for the Internet Association, a trade group that represents companies such as Google and Facebook, says: “The entire internet industry wants to end human trafficking. But, there are ways to do this without amending a law foundational to legitimate internet services.”

Still, Big Tech realises the cognitive dissonance involved in censoring online activity while continuing to portray itself as the town square. See, for example, the recent Electronic Frontier Foundation statement fretting about the slippery slope of censorship. The industry simply does not have the ability, or the right, to self-police any longer. In a world where Big Tech has the power not only to fan the flames of hate speech and fake news, but also remove it when and where it likes, it is clear that the internet is a fundamentally different place than it was in 1996 – one that needs fundamentally different rules.

The conversation about what those rules should look like is heating up. Olivier Sylvain, an associate professor of law at Fordham University, notes that as the business model and power of technology change and grow, so too should the law.

“The concept of immunity in 230 as originally conceived is no longer relevant in a world in which the largest tech firms are engineering an environment in which they can extract all kinds of information about users for their own profit,” says Prof Sylvain. He recently proposed that the CDA be recrafted to “shield providers from liability for third-party user online conduct only to the extent such providers operate as true passive conduits”.

Regulators and politicians, take note: Big Tech should no longer have its cake and eat it too.

By Rana Foroohar for the Irish Times 

To opt in or opt out: a guide

Introduction

Previous legislation and regulations prior to the arrival of the Protection of Personal Information Act (POPIA) in 2013 required organisations undertaking electronic direct marketing in South Africa to provide the opportunity for recipients to unsubscribe from further communications (commonly referred to as opt-out). According to the Internet Service Provers Association (ISPA), an authoritative industry source, “this was true under section 45 of the Electronic Communications and Transactions Act (ECTA, #25 of 2002), but this will be repealed by section 69 of the POPIA once it is in force [expected to start with a transition period that comes into effect late in 2017 or early 2018].” Section 11 of the Consumer Protection Act (CPA, #68 of 2008) follows in the footsteps of the ECTA by providing that you may refuse to accept, request the discontinuation of (opt-out) or pre-emptively block direct marketing communications, and that any opt-out or pre-emptive block must be respected by marketers, have their receipt confirmed in writing and that the exercise of these right must be performed free of charge.

POPI Act definitions

POPIA defines direct marketing as approaching a data subject (which could be an individual or organisation) either in person or by mail or electronic communications, for the purpose of promoting or offering to supply goods or services to the data subject, or asking them to make a donation. Electronic communication covers a wide variety of methods, including text, voice, sound, image over an electronic network. So this covers use of all the popular methods used today and probably some we are not yet familiar with.

Records of consent and withdrawal of consent for electronic direct marketing

Section 11 of POPIA makes it clear that the Responsible Party (the body doing the direct marketing) must keep adequate records to prove informed consent has been voluntarily given. Records should also be maintained where consent has been denied or is later withdrawn. Consent may be obtained via verbal or written means. The interpretation of voluntary consent in other countries suggests poor practice is to pre-tick or pre-select opt-in choices. Rather the data subject should be presented with an open option to provide consent (e.g. an empty, not pre-ticked, box).

“Section 69 of the POPIA [Direct marketing by means of unsolicited electronic communications] places significant limitations on the circumstances in which a party may engage in direct marketing by means of unsolicited communications by requiring individuals to have either consented to the use of their personal information (opt-in) or for there to be an existing relationship between the parties. An existing relationship between the parties is itself subject to additional limitations and does not result in a freedom to make repeated advances” says ISPA (for more on ISPA visit www.ispa.org.za ).

A request for consent may only be submitted to the data subject once (section 69(2)(a)(ii). However it is not clear whether this “one time opportunity” applies where the data subject moves to a new or different organisation and therefore could be deemed to have a different set of marketing needs. If this is interpreted as one-time-ever then a unique identifier would be required to ensure compliance. It is not sufficient to ask for general consent for marketing. Section 13 requires that “personal information must be collected for a specific, explicitly defined and lawful purpose”.

Section 11(3)(b) of POPIA makes it clear that a data subject may object to any form of direct marketing, not necessarily electronic; section 11(4) clearly states once the data subject (which may be an organisation or juristic entity to use the legal term) has objected, the Responsible Party may no longer process the personal information, by implication for direct marketing, whilst by implication processing may continue for other specific purposes.

Records of consent and withdrawal of consent for non-electronic direct marketing

The rules for opt-out seem to be common and clearly stipulated, whether for electronic or traditional mail. When it comes to consent traditional mail does not merit a specific mention under opt-in. By default permission (consent) should be obtained at the first contact, which may be a first mailer. It is tricky to see how the refusal of consent can be achieved at no cost to the data subject. There also appears to be no limit to the number of mailers that can be sent before consent is denied as the “only once” clause only applies to electronic communication. In summary, some careful wording of your invitation to give consent or withdraw consent would appear to allow an unlimited number of postal mailers to be sent so long as no objection is received.
Role of the Direct Marketing Association South Africa (DMASA)

For any organisation that is engaged in direct marketing activities in South Africa it is recommended that consideration is given to adhering to the DMASA Code of Ethics and Standards of Practice. The DMASA is also known to be developing a Code of Conduct under the POPIA. The DMASA also manages the National Opt Out Database. Registering on this database will mean that individuals will not be contacted by members of the DMASA.

Summary

We are in the early days of understanding the full implications of the impact of the POPIA on direct marketing activities by whatever means. Organisations that take action now to review their policies and procedures will give themselves a competitive advantage by being better prepared to anticipate how to better address the rights of their key stakeholders, such as future and current customers, and demonstrate both legal compliance and good governance, all of which will lead to enhancement of their reputation in the marketplace.

* This article does not constitute legal advice but is based on a practical interpretation of the requirements of the POPI Act.

By Dr Peter Tobin

SA banks once again in trouble

Several local and international banks have been slapped with administrative fines by the South African Reserve Bank, for weak anti-money laundering and combating of financing terrorism controls.

The banks include Investec, Absa, Standard Chartered, as well as Habib Overseas Bank.

Overall, banks were fined a total of R46.5-million.

Absa was fined R10-million for weaknesses related to their transaction monitoring. Investec received the largest fine of R20-million. This was due to their failure to implement adequate processes to screen the related parties of customers.

Meanwhile, Habib bank was fined R1-million for “inadequate controls and working methods pertaining to the reporting of suspicious and unusual transactions”, the Reserve Bank said in its banking supervision report released on Friday.

The decision to pose the penalties was not as a result of evidence that any of the banks had facilitated illegal activity the SARB said, but rather because of the weakness of their control measures.

These banks have been issued with a directive to take remedial action.

Habib Overseas Bank was the target of a fraught acquisition bid by a company with links to Gupta family associate Salim Essa.

In March, Vardospan went to court to try and force the Reserve Bank, the registrar of banks and the finance minister to clear its purchase of Habib.

Vardospan accused the regulators and treasury of dragging their feet in authorising the purchase.

The Mail & Guardian has previously reported how Vardospan concluded a share purchase deal to become the majority shareholder in Habib Bank in August last year.

The deal came shortly after the country’s four major banks closed the accounts of the Gupta family and their related companies.

Vardospan is owned by CINQ Holdings and Pearl Capital Holdings. Vardospan director Hamza Farooqui owns 100% of the shares in Pearl Capital, which has a 33.33% stake in Vardospan. Essa owns 100% of CINQ, which holds the other 66.67% in Vardospan.

The court struck down Vardospan’s attempts to force the authorities hand. Incidentally, the court’s decision came hours after President Jacob Zuma axed former finance minister Pravin Gordhan in a major Cabinet reshuffle late on March 30.

The decision on the application now rests with new finance minister Malusi Gigaba.

By Lynley Donnelly for www.mg.co.za

Ignore Labour Law at your peril

Employers constantly complain that labour law does not allow them to fire employees for breaking the rules. However, employers need to understand that:

• Labour law definitely does allow employers to dismiss employees.

• The CCMA has frequently upheld the dismissal of employees fired for misconduct. We have been directly involved in a great many cases where employees have been fired and, after appealing to the CCMA, have remained fired.

• It is not the firing of employees that the law has a problem with. Instead, it is unfair dismissals that result in the employer being forced to reinstate the employee and/or being forced to pay the employee exorbitant amounts of money in compensation.

• In order to be free to fire employees who deserve dismissal employers need to understand and accept the difference between fair and unfair dismissal. This is because, if the employer has an employee who is causing mayhem or is costing the employer money or is otherwise undesirable, the employer cannot afford for the employee to be reinstated. The reason for this is that it is exceptionally difficult later to dismiss or discipline an employee who has been reinstated by the CCMA or other tribunal.

So while the law does allow dismissals it also requires the employer to be able to prove that the dismissal was both procedurally and substantively fair.

“Procedurally fair” relates to whether the employee was given a fair hearing.

Whether a dismissal is “substantively fair” relates to the fairness of the dismissal decision itself rather than to the disciplinary procedures. Specifically the employer would have to show that:

• The employee really did break the rule

• The rule was a fair one

• The penalty of dismissal was a fitting one in the light of the severity of the offence. AND

• The employee knew or should have known the rule.

Properly trained CCMA arbitrators consider all the above factors together with the circumstances of each individual case in deciding if a dismissal was fair and whether the employee should stay dismissed or should be reinstated.

In the case of Mundell vs Caledon Casino, Hotel and Spa (Sunday Times 15 May 2005) the employee was dismissed for two reasons. Viz:

• She distributed a R15000 tip amongst her colleagues
• She allowed a colleague to take home five cans of cool drink

It was reported that:

• The rule requiring employees to hand in tips to management to go into a monthly kitty had not been given to Mundell
• Mundell had no way of knowing that she was not allowed to distribute the tip money herself
• The tip had been given by the client at an open gathering
• A number of managers were involved in sharing out the tip
• The cool drinks had been intended by the client for consumption by the staff
• Giving the cool drinks to the employee was not serious enough to merit dismissal
• The employer’s failure to prove that the employee knew of this rule rendered the dismissal unfair
• The employer was required to pay the employee six months remuneration in compensation.

The outcome of this case proves that the inability of employers to make dismissals stick is not primarily because of the law but rather because of the lack of labour law expertise of many employers.

By  lvan lsraelstam, Chief Executive of Labour Law Management Consulting

The Deputy Minister of Justice and Constitutional Development, John Jeffery, said the country’s new Cybercrimes and Cybersecurity Bill will be tabled in Parliament soon.

The Bill has already been approved by Cabinet.

“The Bill aims to put in place a coherent and integrated cybersecurity statutory framework to address various shortcomings which exist in dealing with cybercrime and cybersecurity in the country,” stated the SA Government website.

The purpose of the Cybercrimes and Cybersecurity Bill is to:

  • Create offences and prescribe penalties;
  • Further regulate jurisdiction;
  • Further regulate the powers to investigate, search and gain access to or seize items;
  • Further regulate aspects of international cooperation in respect of the investigation of cybercrime;
  • Provide for the establishment of a 24/7 point of contact;
  • Provide for the establishment of various structures to deal with cybersecurity;
  • Regulate the identification and declaration of National Critical Information Infrastructures and provides for measures to protect National Critical Information Infrastructures;
  • Further regulate aspects relating to evidence;
  • Impose obligations on electronic communications service providers regarding aspects which may impact on cybersecurity;
  • Provide that the President may enter into agreements with foreign States to promote cybersecurity; and
  • Repeal and amend certain laws.

How it will affect you

Michalsons law firm has published an overview of the Cybercrimes and Cybersecurity Bill, explaining why we need it and who will be affected by it. The bill is aimed at keeping South Africans safe from cybercrime and consolidates the country’s cybercrime laws into one place.

People who will be affected by the new bill include “everyone who uses a computer or the Internet”, along with:

  • People involved with IT or POPI compliance;
  • Electronic Communications Service Providers;
  • Providers of software or hardware tools that could be used to commit offences;
  • Financial services providers;
  • Owners of copyrights and pirates;
  • Information Security experts; and
  • Anyone who owns an Information Infrastructure that Government could declare as critical.

What the bill deals with
The bill creates around 50 new offences, which are related to data, messages, computers, and networks, said Michalsons.

These offences include:

  • Using personal information or financial information to commit an offence;
  • Hacking;
  • Unlawful interception of data;
  • Computer-related forgery and uttering; and
  • Extortion or terrorist activity.

The penalties for these offences range from 1-10 years in prison or up to a R10-million fine.

The bill also aims to protect critical infrastructure of a strategic nature from interference and disruption.

This infrastructure includes that which aids in keeping the country’s security, defence, and law enforcement operational; and provides essential services.

Powers to investigate

“The Cybercrimes and Cybersecurity Bill gives the South African Police and the State Security Agency extensive powers to investigate, search, access, and seize just about anything – like a computer, database, or network,” said Michalsons.

As part of the requirements of the bill, the Minister of Police must establish a National Cybercrime Centre and a Cyber Response Committee, of which the chairperson will be the Director-General: State Security.

The Minister of Defence must also establish and operate a Cyber Command, while the Minister of Telecommunications and Postal Services must establish a Cyber Security Hub.

Source: www.mybroadband.co.za

  • 1
  • 2

Follow us on social media: 

               

View our magazine archives: 

                       


My Office News Ⓒ 2017 - Designed by A Collective


SUBSCRIBE TO OUR NEWSLETTER
Top