Lex-Informatica, chaired and organised by Sizwe Snail of Couzyn Hertzog & Horak, ran from the 21st to the 24th July 2009. The speakers, topics and discussions were out of the top-drawer, so congratulations to Couzyns and Sizwe. The message I got at the end of the conference was that electronic evidence is crucial in today's world and that the technology law in South Africa is becoming ever more complex. Although there are a few contradictions in the current law, there are steps in place to eradicate these in the near future.
Mr Barend Burgers ( Barend Burgers Attorneys ), Dr Akalemwa Ngenda ( Brunel Univeristy UK & Admitted Solicitor in Zambia , England & Wales ), Mr Sizwe Snail ( Conference Chair - Couzyn Hertzog & Horak ) and Adv Joseph Chukwuemeka Arindze ( Admitted Solicitor in Nigeria and Partner of Lake Val Attorneys, Nigeria)
Glenn Dardick from Longwood University in the USA - Digital Forensics Assurance
Glenn spoke about managing the risks relating to digital forensics, specifically about protecting evidence and analysis by ensuring confidentiality, integrity, authenticity, availability and non-repudiation. When Glenn asked the audience who had used Digital forensic evidence and witnesses in court, 6% of the audience said "yes". It seems we are some way behind the USA.
Tana Pistorius from Unisa - Website Compliance in terms of ECT
Websites need to make the Terms & Conditions and other notices noticeable enough for the general public to be aware of the conditions. The web site owner needs to ensure the secure method of payment and needs to ensure the most recently available versions of the systems are used. When the consumer consents to the Terms and Conditions, it may be a good idea to allow enough time to lapse before allowing the consumer to click the "I Agree" button - a difficult one to enforce. Also spoke about the amount of time allowed for the "cooling off" period.
Francis Cronje from KPMG - Data Protection
First scared everyone to death with examples of data breach. How RICA will increase the need for protection of data, with the new volumes of information. What lessons have been taught by the problems in the past, and how policies need to be adopted at the Exco level. The most important aspect that Francis mentioned was that buy-in from staff is the most important part - "Stick a big red sticker on a PC if the person leaves their desk while their PC is still logged into the network, saying "How can you protect data privacy if you are not at your desk while your PC is logged into the network?""
Akalemwa Ngenda of Brunel Law School London - The Emerging Cyberlaw Regime in Zambia
An overview of his paper which talks about the new Information and Communication Technologies Bill, which proposes to repeal the Telecommunications Act, however it seems to be a little strict on the interpretations and usage of ICT terms.
Reinhardt Buys from Deliotte & Touche - The 2009 Global Technology, Media & Telecommunications Survey
Key findings here were that investment in security is spiralling down with the economy, social networking adds to the internal threats, outsourcing outpaces security, going public about privacy, regulatory issues and moving to the forefront and virtual and physical security worlds collide. What stood out for me in Reinhardt's presentation was that the most important step in privacy & security was to put a policy document in place, as that was the most important backbone of any security system.
Jacqueline Fick from Pricewaterhouse Coopers - Prevention is better than Prosecution
Jacky spoke about putting security measures in place before the cyber criminals get to your data since it is far more cost effective. Also, it allows you to be prepared if a cyber crime is committed and allows for a speedy recovery. Also covered was the implementing of an in depth defence strategy, which covered aspects like expanding organisational boundaries, the mobile workforce, decentralisation of services and the increased value of information. Steps to rectify this were analysis, determine the risks, implementation and maintenance monitoring and review. A way to help everyone in cyber crime prevention is to share your security breach findings, which in turn will help others to prevent similar attacks.
Vicki Luoma from Minnesota State University - Is there a White-Hat Exception to Computer Fraud and Abuse Act
Using the 3 MIT students who hacked the Massachusetts Bay Transit Authority ticket system, Vicki debated with the audience whether there should be exceptions to the law if the hackers did no harm, other than highlight the security loop hole in the system? Should the company be contacted first, to mention that they are trying to hack their systems, to mention just one idea.
Elad Kinmstler from Lexsynergy - .COM vs TM, who will win?
Elad spoke about how difficult it is to control who gets what in the .COM space. He also spoke about CyberSquatters and TypoSquatters - people holding a domain name without using it for the business, just to sell it onto the business later, and TypoSquatters who rely on people spelling a domain name incorrectly so that they can get commission from forwarding the visitors through. Dispute resolution on these matters was also touched on.
Lobo des Neves of International Law Enforcement Institute - Electronic Communications and the Drug Trafficking
Lobo entertained the audience with facts, figures and what to watch out for in the cyber and drug crime areas. Lobo also filled in for another slot where he spoke on the fight against cyber crime by the FBI.
Pria Chetty founder of Chetty Law - Managing Legal Risks attached to Social Media
In the social media space, Pria touched on the usage of social media in South Africa. What are the risks associated with intellectual property when being used on social forums? A review of a defamation case, and wrapped it up talking about how one should manage the usage of social media in the work place - like outlining the terms of usage in a policy document.
Brendan Hughes from Infology - The discovery and presentation of Electronic Evidence during Civil Litigation
Bringing media to the courtroom gives you the competitive advantage. Brendon gave a live demo of a graphics tool that reconstructs accidents in a 3D format, and illustrated how much easier it is to make a point when one can see the actual scenario from different vision angles. Brendon also touched on preparation of documents, and using tools like document assembly tools, so that you don't end up with metadata that could be used against you later.
Ntozintle Jobodwana from Unisa - Proposed regulatory model for the SADC region
Ntozintle presented his paper which concluded that the SADC regions should appoint a Independent Regulatory Agency, and have regional agencies which then monitor and control the telecommunication sector.
Carmen Cupido from Bowman Gilfillan - SA ICT Regulatory Framework - burden, barrier or enabler?
Carmen spoke about the allocations of the new communications licenses, how the Wimax is allocated, how much capacity is left, and how that will most probably be allocated. The new RICA, and what the penalties are for non-conformance. Also touched on discounts that will apply to institutions like schools.
Omphemetse Sibanda from University of SA Pretoria - Towards sustainable departmental interconnectivity and e-delivery for the South African department of Internal Affairs
Presented his paper on the interconnectivity of departments, and the improvement of service through technology in the DIA, and development of new internal system in local languages.
Dejo Olowu from Walter Sisulu University - Typosquatting and Domain Name Dispute Resolution: A Vindication of the Bundle of Rights Theory?
Using the principles of the Bundle of rights, Dejo stated that registered owners of Trade Marks should be the rightful owners of the domain name, and typosquatters should relinquish all rights to such opportunistic domain names.
Sizwe Snail from Couzyn Hertzog & Horak - Sexual exploitation in the online world - a South African perspective
Online Sexual Exploitation (OSE) especially involving children is something we all want to curb. Sizwe the co-author of the paper with Adedamola Owolade, do research to evaluate to what extent South Africa is exposed to such OSE, in comparison to similar countries. Brazil was always very active in OSE, but since the introduction of a new law with stronger punishments it has seen a vast improvement. South Africa has strict laws preventing OSE, but these need to be seen in other African countries. Not a nice topic, but one that deserves a lot of attention.