Wednesday, April 4, 2018

Organizational Context

Hi all ….

apart from gossips , did you learn anything ? Smile with tongue out 

I am sure you did.

Okay here is the presentation . But literally it is the same as the lesson in text book . some additional slides exist .

https://drive.google.com/open?id=14f4XsHjNqDIw3MZirQx1I6DDAx0H8PzB

Tuesday, April 3, 2018

Prevention vs Detection

Hello all, did you come up with 10 guidelines for the school database ? (homework guys homework Smile with tongue out )

Prevention of Computer  Misuse

  1. Students can be given separate user accounts and passwords, so that each student is accountable on the nature of computer use within the school.
  2. staff should be given necessary training and education on  how confidential the grading's information are . (FERPA awareness) and they could be trained to use PCs
  3. system could be configured so that it only accepts strong passwords. (validations of inputs)
  4. password updates could be made mandatory ( at least once a month to change passwords) and notified to users when the dates for password updates are closing
  5. the server areas  could be secured by a security guards (physical security)
  6. computer labs could be CCTV enabled to monitor any suspicious activity
  7. install a reputed / corporate level firewall or a virus guard to prevent any malicious elements arriving to a system
  8. set proper file access permissions - edit and read privileges based on the  information  required for each person
  9. block abusive , harmful , suspicious  , content , limit email attachments
  10. User access levels such as student ;level,  teacher level etc…


Detection of Computer Misuse

  1. enable firewalls to immediately notify any harmful entry of information to the internal network
  2. A good virus guard to run time to time automatically to detect any hidden issue and immediately take action such as notify , sound alert , block content ,  quarantine etc
  3. good maintenance and frequent monitoring of system logs , database logs , server logs to identify any malicious activity
  4. Appointed security guards , and CCTV monitoring guard rooms to keep looking at possibilities of threats
  5. if someone attempts to guess a password , user login information more than 3 times , to automatically lock the account , and seek admin support for recovery .
  6. configure automatic session expiry in case of a computer left unused but logged in
  7. force the system users to enter, valid and strong password only ( realtime validate mechanisms of the strength of the password) 
  8. force the systems users to randomly complete security questions , change passwords , prvent them entering the old passwords will detect possible unauthorized access
  9. link  email addresses , mobile accounts to systems login information(2FA) so that an illegal entry is notified immediately to the legitimate user via email or mobile.
  10. ??? එහෙනම් අන්තිම එක තනියම ලියමු නේ ? Open-mouthed smile 

ADA 508 and ADA Compliance

Hello folks … ADA is where we began today  (I mean on .. will you have a look pls ?

ADA 508 & ADA COMPLIANCE

The US Rehabilitation Act of 1973 was amended in 1986 and again in 1998 to include all information technology, including computer hardware, software and documentation. These amendments also created enforcement measures to mandate compliance for websites, documents, and applications developed with US Federal funding or for US government agencies.

These amendments are known as Section 508 and they dictate specific accommodations for various types of content. The “Section 508 refresh” or Section 255 Standards Refresh updates the requirements. A final rule with more details about the standards is expected in the fall of 2012 and codified into law in 2013.

WHO NEEDS TO FOLLOW THESE REQUIREMENTS?

U.S. government websites and applications and those developed using US Federal funds must comply with Section 508. Many state agencies and corporations have adopted the standards.

ADA Compliance

The Department of Justice (DOJ) published the Americans with Disabilities Act (ADA) Standards for Accessible Design in September 2010. These standards state that all electronic and information technology must be accessible to people with disabilities.

The ADA differs from Section 508 regulations, which are an amendment to the Rehabilitation Act of 1973 and apply to all information technology, including computer hardware, software and documentation.

WHO NEEDS TO FOLLOW THESE REQUIREMENTS?

The ADA standards apply to commercial and public entities that have “places of public accommodation” which includes the internet. The DOJ is currently determining the specific regulations but that does not mean website discrimination will be tolerated

Who does the law affect?

· Americans with disabilities and their friends, families, and caregivers

· Private employers with 15 or more employees

· Businesses operating for the benefit of the public

· All state and local government agencies

HOW DOES A COMPANY COMPLY WITH THE ADA?

The ADA encourages self-regulation of accessibility standards and the Department of Justice is currently developing regulations to provide specific guidance to the entities covered by the ADA. Organizations are encouraged to use the WCAG 2.0 level AA guidelines as a guide on how to become accessible until the DOJ defines the regulations

Sarbanes Oxley Act–SOX 2002

The Sarbanes–Oxley Act of 2002

Sarbanes-Oxley Act A bill whose goal was to renew investors’ trust in corporate executives

and their firms’ financial reports; the act led to significant reforms in the content and preparation of disclosure documents by public companies

In the legal system Sarbanes–Oxley Act of 2002, established requirements for internal controls to govern the creation and documentation of accurate and complete financial statements. (compliance usually refers to behavior in accordance with legislation )

Further , this act demonstrates that an outsourcing firm has effective internal controls in accordance with the Sarbanes-Oxley Act of 2002.eg:

  • · Set clear, firm business specifications for the work to be done
  • · Establish reliable satellite or broadband communications between your site and the outsourcer’s location.
  • · Require vendors to have project managers at the client site to overcome cultural barriers and facilitate communication with offshore programmers.
  • · Require a network manager at the vendor site to coordinate the logistics of using several communications providers around the world.

The Sarbanes–Oxley Act of 2002 was passed in response to public outrage over several major accounting scandals, including those at Enron*, WorldCom, Tyco, Adelphia, Global Crossing, and Qwest—plus numerous restatements of financial reports by other companies, which clearly demonstrated a lack of oversight within corporate America. The goal of the bill was to renew investors’ trust in corporate executives and their firms’ financial  reports. The act led to significant reforms in the content and preparation of disclosure documents by public companies. However, the Lehman Brothers accounting fiasco and resulting collapse as well as other similar examples raise questions about the effectiveness of Sarbanes–Oxley in preventing accounting scandals.

Section 404 of the act states that annual reports must contain a statement signed by the CEO and CFO attesting that the information contained in all of the firm’s SEC filings is accurate. The company must also submit to an audit to prove that it has controls in place to ensure accurate information. The penalties for false attestation can include up to 20 years in prison and significant monetary fines for senior executives. Section 406 of the act also requires public companies to disclose whether they have a code of ethics and to disclose any waiver of the code for certain members of senior management..

*The Enron scandal, publicized in October 2001, eventually led to the bankruptcy of the Enron Corporation, an American energy company based in Houston, Texas. In addition to being the largest bankruptcy reorganization in American history at that time, Enron was cited as the biggest audit failure. Enron was formed in 1985 , when Jeffrey Skilling was hired, he developed a staff of executives that were able to hide billions of dollars in debt from failed deals and projects.This was done by the use of accounting loopholes, special purpose entities, and poor financial reporting. As a consequence of the scandal, new regulations and legislation were enacted to expand the accuracy of financial reporting for public companies.One piece of legislation, the Sarbanes–Oxley Act, increased penalties for destroying, altering, or fabricating records in federal investigations or for attempting to defraud shareholders.

Wednesday, March 14, 2018

Patents


Why Patents?
Patents protect inventions and ensure the inventors the benefits resulting from the inventions thereby providing incentives for creativity, encouraging further inventions and promoting investment. This will spur the economic and technological development.

Patent documents describe newly invented technologies and are available for anyone to refer to. They contain vital information for researchers, inventors and enterprises etc. who want to keep up with new developments, carry out R&D activities and use new technologies.

What is a Patent?
The State grants the inventor, by means of a patent, the right to exclude others from making, using and selling the qualified invention for a period of 20 years from the date of application for patent. The owner of the patent can use, sell or license the patented technology and derive financial benefits.

What is an invention?
An Invention is a practical solution to a problem in technology. An invention may relate to a product or a process.

What can be patented?
an invention is patentable if it

(a) is new ( not known in the body of existing knowledge)

(b) industrially applicable ( functional and operative) and

(c) involves an inventive step ( the development or improvement is not obvious to a person of average skill in the particular field. )

** A patent may be granted to an improvement of a valid patented invention but if you use it sometimes you may infringe the rights of the owner of the first patent. Solve this problem by negotiation with the owner.

How a patent is granted?
Make an application to the Intellectual Property Office using the prescribed form P1( see the regulations). You have to submit a document with the application form describing your invention clearly and completely and the claims. Pay the prescribed fee. ( refer to the regulations for fees). You must submit a search report prepared by an international searching authority or alternatively request the IP Office to forward your invention to a local examiner for search and report.
The IP Office will examine your application as to the formal requirements. If formal requirements are fulfilled and the international type search report is available the patent will be granted. The invention will be published before grant if an international type search report is not available.

Renewal
A patent is valid for 20 years from the date of application. The patent must be renewed annually from the expiration of the second year from the date of grant paying a fee ( refer to the regulations).

What is not patented: 

(i) discoveries, scientific theories and mathematical methods;

(ii) plants, animals micro organisms other than transgenic micro organisms and an essentially biological process for the production of plants and animals other than non biological and micro-biological processes;

(iii) schemes, rules or methods for doing business, performing purely mental acts or playing games

(iv) methods for treatment of human or animal body by surgery or therapy and diagnostic methods practiced on human or animal body

(v) inventions which are necessary to protect public order, morality including human animal or plant life, health, or to avoid serious prejudice to environment.

Trademarks–A descriptive Note

What is a mark?
A mark- trademark or service mark- is a visible sign that is capable of distinguishing the goods or services of different enterprises.

A trademark –goods

service mark -  services. .

What constitutes a mark?
A mark may consists of a word, a symbol, a device, letters, numerals, a name, surname or geographical name, a combination or arrangement of colors and shapes of goods or containers etc. The visible sign must always be capable of distinguishing the goods or services of different enterprises (it must be distinctive)

Functions of a mark
It has several functions such as: (a) distinguishes the goods or services of its owner from those of others (b) indicates the source of the goods or services (c) individualizes the goods or services of the owner (d) enables the owner to reach the customers (e) helps the consumers to make the choice in the market etc.

Registered and unregistered marks

A registered mark is a mark registered under the law and with National Intellectual Property office. You can use a mark even without registration. Unregistered marks can be protected under the unfair competition law or common law action for passing off.

Why registered?
It is highly recommended that you register your mark. The registration of the make gives its owner exclusive right to use it, assign it and license it. You can enforce these rights easily and effectively through court- civil or criminal or both. You can  retrain others from using your mark or a mark deceptively resembling your mark. You are even entitled to claim damages.

Registrable marks
The marks which are not inadmissible under sections 103 and 104 of the Intellectual Property Act No: 36 of 2003 can be registered. A mark is inadmissible if it is, for example, descriptive of the goods or services concerned, if it is not capable of distinguishing your goods or services from those of others and if it is deceptively similar to the other registered or well known marks.

Flowchart of the Registration Procedure

Click here to view detailed Flowchart of the Trademark Registration Procedure.

How to register?
Make the application using the Form M1. The processing of the application involves a number of work steps. The mark is examined to see whether it complies with formal requirements and whether it is not inadmissible under sections 103 and 104 of the Act. If the IP Office refuses it you can make submissions against the decision and ask for a hearing within one month from the refusal. If it is still refused you can challenge the decision in Court ( The Commercial High Court).

The mark is first accepted for the publication in the Gazette. A period of 3 months is given to the public for opposition after the publication. If there is any opposition the IP Office will send you a copy of it. You are required to forward your observations of the grounds of opposition. The IP Office will conduct an inquiry into the opposition with the participation of you and the opponent . After on the inquiry, your mark may be accepted or refused. If it is refused you can challenge the decision in Court. If it is accepted the registration will be effected upon the payment of the registration fee.( please refer to Part V of the Act and regulations made under that Act.)

Who can register?
Any person or body of persons corporate and unincorporated ( individual (s), company, partnership, association etc).

Fees

Please refer to the fee schedule.

Period of validity and renewal
The registration is valid for a period of 10 years from the date of application and is renewable on the payment of the fee for further periods of 10 years. For the fee please refer to the fee schedule.

Protection abroad
Marks registered in Sri Lanka are valid only in Sri Lanka. If you do business in other countries it is advisable for you to register the mark in those countries. You have to make applications in each country where you seek the protection under the respective national law. ( Sri Lanka is not a member of the Madrid System under which you may make one international application for all the member countries.) However, you can claim priority under the Paris Convention for the protection of Industrial Property in its member countries. ( within 6 months from the date of application in Sri Lanka).

Trade names
A trade name is the name under which you do your bossiness- your name, partnership name etc. Your trade name can be protected under the IP Act. However, it can be registered as a mark only. Thus, it is advisable to register your trade name as a mark.

Agents
There are registered agents who can undertake to attend to your application or the registered mark on your behalf and any other application such as patent and industrial designs ( refer to the list of Agents).

Source : http://www.nipo.gov.lk/marks.htm

Issues we discussed in Class …

HI all,

can teaching to a group of students with copyrighted material an offense ?

NO ,

according to IP law ,

“Notwithstanding the provisions of subsection (1) of section 9, the fair use of a work, including such use by reproduction in copies or by any other means specified by that section, for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship or research, shall not be an infringement of copyright.”


What about the right to seize or act against misuse , after the death of copyright holder ?

“…….. subsequent to the death of the author, the physical person or legal entity upon whom or which the moral rights have devolved shall have the right to waive the said rights. ….”

Hope this sorts out the doubt .. Smile 

Check page 11 of IP law in previous post .