Rouse Lawyers

- The Law Firm For Business Owners and Entrepreneurs -

Call us: (07) 3648 9900

The Internet, Social Media and the Law: Demanding to Delete your Online Footprint

A New Right for Individuals to Control their Online Information
On 14 May 2014, the Grand Camber of the European Court of Justice (Court) delivered a judgment that could widely affect how search engines (such as Google) process, record, store and present information relating to individuals.  The judgment addressed and confirmed the right of an individual to request that information relating to that individual be removed from search engines.
The Judgment
In Google Inc v Agencia  Espanola de Proteccion de Datos, the Court held that search engines are involved in processing personal data; and that operators of search engines are data controllers for the purposes of the Data Protection Directive(DPD).

The Court held that search engines have a duty to ensure that published search results are compatible with the rights of individuals.   The Court recognised that there is also a public interest and right to access information that needs to be protected, but on balance, the Court found that the rights of individuals, about whom data is collected, override the public interest (with a few recognised exceptions such as public figures).

The Court went on to find that the DPD includes a right for individuals to be forgotten - which extends to include a right for individuals to demand that search engines remove information that an individual does not want to be published about them.  Interestingly, the Court held that the right existed irrespective of the individual’s ability to show any prejudice.  The Court found support for its position in Articles 7 and 8 of the European Union Charter of Fundamental Rights.1
The Effects of the Judgment
While the judgment does not directly apply to Australia or jurisdictions outside the European Union, it does represent a significant step in allowing individuals greater control over information that is published about them on the Internet.

The ...

Continue Reading

Major Changes to the Privacy Act Come Into Force

The Privacy Amendment (Enhancing Privacy Protection) Bill 2012 was passed by the Australian parliament on 29 November 2012 (Bill).  The Bill effected major changes to the Privacy Act (1988) Cth (Act), and updates the "National Privacy Principles" to the "Australian Privacy Principles" (APPs).  The changes took effect on 12 March 2014.  This article will set out a (non-exhaustive list) of the things affected entities need to do to comply with the changes to the Act.
Entities Affected by the Changes
The Act applies to APP entities, which include governmental entities and "organisations".  The term "organisation" does not include entities captured by the definition of "small business".

Under the Act, an entity is a "small business" unless it turns over more than $3,000,000 per year, and does not:

    • provide a health service;
    • disclose personal information about an individual to a third party for "benefit, service or advantage"; or
    • provide a "benefit, service or advantage" to collect personal information about an individual from a third party.

 

In other words, if an entity turns over more than $3,000,000 per year or engages in any of the activities in the bullet points above, it is captured by the Act.
Privacy Compliance Program
Under the changes, entities need to implement a "Privacy Compliance Program", the aim of which is to ensure that the entity complies with the APPs, and has a structured procedure in place to handle complaints about the entity's compliance with the APPs.  The Privacy Compliance Program must be set out in a written document with specific types of information included.
Privacy Policy Changes
All references to "National Privacy Principles" should be changed to "Australian Privacy Principles".

Entities also need to add to their Privacy Policies:

Intellectual Property Protection in China – Still a Misnomer?

This article was first published in the Australian Intellectual Property Law Bulletin (2013) 26(5).
Take-away Tips

  • Protect all registrable intellectual property before selling or manufacturing in China.
  • Consider China early – China has a system of first to file for trade marks and patents, so be the first to file.
  • Once your intellectual property is registered, register it with Customs.
  • Get local advice on dealing with infringement.
  • There are still challenges to protection and enforcement of intellectual property in China but things are getting better.

Introduction
It goes without saying that China is a country that has been experiencing rapid change and economic growth. With a reported total population of 1,354.04 million,1 mainland China is the most populous country in the world. It has the world’s second largest economy with a gross domestic product (GDP) of US$7.318 trillion2 in 2011. Its share in world GDP is projected to increase from 8% to 15% between 2010 and 2030.3

Its population size and growing economy make it an attractive target market for business. However, it is a notoriously difficult country in which to do business, not least of all due to its track record in the protection of intellectual property rights (IPR). Businesses have had to weigh up the potential benefits of entering one of the largest markets in the world with the risks in relation to their intellectual property.

Subsequently, with concerns about the ability to enforce IPR in China, many foreign companies have chosen not to protect their IPR there or to avoid China altogether. But, is this still the best approach to take?

This article looks at the current state of play in relation to protection and enforcement of IPR in China.4
Intellectual ...

Continue Reading

Social Networking, Superstars & Substituted Service

In 2008, in what is believed to be a world-first decision, an Australian Supreme Court allowed a lender to serve a default judgement on borrowers via Facebook, after conventional means of contacting the borrowers had failed.

Given the overwhelming popularity of social networking sites such as Facebook and Twitter, there have been a number of more recent cases where courts have ordered that service can take place using a social networking site.

One such case concerned an application by Mothership Music Pty Ltd for substituted service on Facebook, which was granted and then held to be ineffective on appeal was Flo Rida v Mothership Music Pty Ltd [2013] NSWCA 268.
Service & Substituted Service
When commencing proceedings, the court usually requires that the originating process (for example, a Claim and Statement of Claim) be personally served on the other parties.

In circumstances where personal service cannot be achieved, orders may be sought from the court allowing the originating process to be served in another way – this is called substituted service.

A court will only grant an order for substituted service where it is satisfied that:

  1.  there exists a practical impossibility of actual service; and
  2.  the method of substituted service proposed is one that is reasonably likely to bring the person’s attention to the originating process.

Flo Rida v Mothership Music Pty Ltd [2013] NSWCA 268
Flo Rida, an American rap music artist, was contracted to perform as the headline act at the “Fat as Butter” music festival held in Newcastle, NSW in October 2011. Flo Rida failed to appear, despite receiving a $55,000 advance for the performance.

The promoter of the festival, Mothership Music Pty Ltd (“Mothership Music”), commenced court proceedings against Flo Rida for breach of contract, claiming the advance paid to Flo Rida, ...

Continue Reading

The Current State of Software Patents in Australia

Throughout this article, references to "para" refer to paragraph numbers in the judgements that we have linked to.

Software is patentable under Australian law.  Australian courts have struggled to draw a clear line between patentable software and unpatentable software, however.  So far in 2013, two major judgments have helped clarify the law.  This article will briefly outline salient points from both.
Software Patents and the "Manner of Manufacture" Test
In IBM v Commissioner of Patents (1991) (1991) 33 FCR 218 (IBM), the Federal Court found that software was patentable.  The invention ruled upon was software that produced an image of a curve.  The invention was found to be patentable since it was a new application of a particular mathematical method using a computer.

A central principle informing court opinions on software patents is the requirement for a computer implemented invention to qualify as a "manner of manufacture" under section 18(1) of the Patents Act 1990 (Cth).

Australian courts have held that, for software to cross the "manner of manufacture" threshold, a patent applicant must demonstrate that there is a change in a component of or information in a computer.  What exactly “change” means in this principle is unclear.  The following inventions have been held to be patentable:

  • a method for writing information to a card with a computer; and
  • a system for representing Chinese characters on a computer.

The Decision against a Software Patent
In Research Affiliates LLC v Commissioner of Patents [2013] FCA 71 (Research Affiliates), a software system that constructed and weighted an index of assets for fund managers was found to be unpatentable.

The court found that the index did not satisfy the "manner of ...

Continue Reading

Major Changes to the National Privacy Principles

On 12 March 2014, the new Australian Privacy Principles (APPs) will come into force and replace the National Privacy Principles (NPPs).  The Office of the Australian Information Commissioner recently released a document that summarises the most significant differences between the old NPPs and the new APPs. This post will describe some of the biggest changes highlighted by that document.
APP 2 – ANONYMITY AND PSEUDONYMITY
The APPs set out an entirely new requirement that organisations must provide individuals with the option of dealing under a pseudonym.  The only exceptions to this rule are if:

  • the organisation is required or authorised by law to deal only with people who have identified themselves; or
  • it is impracticable for the organisation to deal with someone using a pseudonym.

APP5 - NOTIFICATION OF THE COLLECTION OF PERSONAL INFORMATION
The NPPs required organisations to inform individuals when they were collecting personal information, however, more information is now required during the notification.  If an organisation is likely to disclose personal information to overseas recipients, APP 5 requires organisations to notify individuals about the countries in which the recipients are likely to be located.
APP8 - CROSS BORDER DISCLOSURES OF PERSONAL INFORMATION
Under APP 8, an organisation must not disclose personal information to an overseas recipient unless that organisation has taken reasonable steps to ensure that the recipient does not breach the APPs (with the exception of APP 1).  In certain circumstances outlined by the principles, the ...

Continue Reading

Information Commissioner’s Guidelines for Mobile App Developers

On 4 April 2013, the Office of the Australian Information Commissioner (OAIC) released the consultation draft of guidelines entitled “Mobile Privacy: A Better Practice Guide for Mobile App Developers” (Draft Guidelines).
WHY THE DRAFT GUIDELINES MATTER
The Draft Guidelines set out the OIAC’s (draft) view on best practices for app developers in relation to privacy law. When the Draft Guidelines are finalised, they will be an important insight into the standards that the OAIC will bring to handling privacy complaints about mobile apps.
WHAT'S COVERED?
The Draft Guidelines cover familiar ground about scope, that is: personal information is any information that identifies a person or could be used to identify a person. This includes obvious categories of information like names and addresses, but reaches as far as information like IP addresses, unique identifiers and dates of birth from which someone’s identity can be reasonably ascertained.
PRIVACY IMPACT ASSESSMENT
In the Draft Guidelines, the OAIC advocates an approach where privacy issues are considered at the very earliest stages of development. The OAIC suggests that app developers author a “privacy impact assessment , which is a description of how personal inforrmation is used by an app, and how its use affects the privacy of individuals.
COLLECT ONLY WHAT YOU NEED
The Privacy Act 1988 (Cth) prevents organisations from collecting personal information that is not necessary for their activities. Consistent with this principle, the Draft Guidelines encourage app developers to be across why each category of personal information is necessary for the functionality of their app. The OAIC highlights user location data and unique device identifiers as personal information that should only be collected if there’s a good ...

Continue Reading

Important Information About Internet Domain Names

TERMS YOU NEED TO KNOW
The "Internet Corporation for Assigned Names and Numbers" (ICANN) is the not for profit organisation (based in the United States) that is responsible for regulating domain names.

"Top Level Domains" (TLDs) are the letters to the right of the full stop in a domain name.  This includes generic TLDs (gTLDs) such as “com”, “org”, and “net” and country code TLDs such as “au”, “nz” and “uk”.  There are currently twenty-two gTLDs.

"Second Level Domains" (SLD) refer to anything left of the TLD.  As an example, in the domain name “techlawyer.com”, “techlawyer” is the SLD.

“Registrar” is an organisation accredited by ICANN to register a SLD under a gTLD (Registrar).
THE NEW DOMAINS
Since 2005, ICAAN has been planning a process to release hundreds of additional gTLDs.  Approximately 1,200 new gTLDs are expected to be introduced through the approvals process.

In April 2013, ICAAN began to release approval notifications.  In the first batch of approvals, amongst others, ".casino", ".bank", ".charity", ".melbourne" and ".food" have been approved.  No date has been annouced for the ability to purchase SLDs from Registrars in association with the gTLDs, but certain commentators have suggested it will be around August 2013.
POTENTIAL ISSUES FOR TRADEMARK HOLDERS
Businesses should keep track of gTLDs that are relevant to their industry so that they can register SLDs that are advantageous for their brands.   You can see a list of potential new gTLDs here.  As an example, at Rouse Lawyers, we might aim to register “rouse.lawyers” and “rouselawyers.law”.  There will inevitably be more than one business with legitimate rights to an SLD in respect of their brand - in that case, the first party to apply will win the ...

Continue Reading

When is a Facebook Post Misleading or Deceptive Conduct?

A recent decision by the Federal Court highlights the caution that businesses should exercise before making pronouncements on social media.

In Seafolly Pty Ltd v Madden, a legal battle ensued between two swimwear labels.  Madden (the designer of Whites Sands swimwear), noticed similarities between her swimwear designs, which Seafolly had had access to, and those released by Seafolly later that season.

Ms Madden posted messages on Facebook that stated both implicitly and explicitly that Seafolly had copied her collection, and then emailed the Facebook page to a number of media organisations. Some of these organisations published articles such as, “White Sands swimwear Calls Seafolly Plagiarists”.

The court ruled that Madden’s posts on Facebook were misleading or deceptive conduct.  Of Madden’s conduct, Justice Tracey wrote:
Before posting her views she failed to take a number of steps which would have elicited facts inconsistent with the notion that any copying of her garments had occurred.  She could, for example, have made enquiries of retailers to establish when the Seafolly garments were placed on the market.  She could have attended a retail outlet and examined some, at least, of the Seafolly garments.
Facebook posts can be problematic because, while they feel personal, they are really a public media release of sorts.  Businesses should regard social media as a formal communications channel, even if the format of the communications is informal.
TAKEAWAY:

  • Facebook posts on a personal page about a corporate competitor may still be considered comments made ‘in trade or commerce’ under the Competition and Consumer Act 2010.
  • Comments made in a public forum like Facebook can have the same legal effect as a statement made in a press release.
  • The defence of a ‘mere expression of opinion’ to an allegation of misleading or deceptive conduct cannot be relied upon where the opinion was not ‘honestly held’, ...

    Continue Reading

Ensuring that Terms of Use are Binding

The terms and conditions of use (Terms) for your website put limits on your legal liability.  The way that users of your site agree to your terms may make a difference to how binding those Terms are.

The Notice Principle

Courts in Australia have not yet ruled directly on what methods of agreement ensure that Terms are binding.  That said, courts have indicated that there are methods of agreement that are less risky than others.

In order to make your terms and conditions binding, you need to ensure the user or customer has been given reasonable “notice” of terms and a reasonable opportunity to refuse them.  

You must reasonably believe that the attention of the user will be drawn to the terms by your choices of layout and presentation.

Methods

Ways to put a user on notice (from least to most effective) include:

  • a link at the bottom of the web-page labelled ‘legal notices’;
  • pop-up screens that set out the terms at strategic junctures, like just after account registration; and
  • “clickwrap agreements”.

Clickwrap provisions are a system for agreement that prevents a user from carrying out an action on the website until they have agreed to the terms and conditions of use.  

The terms and conditions of use generally pop up in a new window with a button to signal acceptance of these terms. If the user does not agree to the terms and conditions, the website is designed so that the visitor cannot proceed any further.

The Clickwrap Approach

The clickwrap agreement is the best approach, particularly in the online transactions setting.  It is far less plausible for one of your users to claim to have missed the terms, which could lead a court to rule the agreement invalid.  

Taking extra measures like forcing a user to scroll through all the terms to click “I agree” will further mitigate your risks. ...

Continue Reading