Commentary - Many dangers lurking in cyberspace Part II: The legal risks
Cedric Stephens, Columnist
"The virtual world knows no national boundaries." This complicates many of the dangers that lurk in cyberspace which are founded in the laws of different countries.
Cleveland Allen, associate attorney at the New Kingston law firm Patterson Mair Hamilton, highlighted the following legal points in a memorandum dated September 16, 2009.
He was discussing some of the risks associated with blogging and social network sites from a Jamaican perspective:
"The period of limitation for bringing an action for defamation for online publications is ongoing. Online publications are archived. Each time a visitor clicks on the link to the publication may be regarded as a re-publication, thereby restarting the period of limitation.
Users of blog sites and social networking sites can be held accountable for the things they say and do online. There is really no shield of anonymity. A well-organised and determined claimant armed with a court order can pierce the apparent anonymity that many persons believe the Internet provides. Owners of social networking sites such as Facebook can be compelled to reveal user identities as well as the nature and details of a user's online activities.
Website owners can be compelled to release the identities of anonymous online bloggers who post defamatory material. Local Internet service providers (ISPs), as well as Facebook and Google (gmail), were compelled to release user identities and activities in two recent court cases.
Liability of ISPs for defamatory comments. ISPs are not liable for information transmitted on pages on their network, provided they take reasonable care about publication. Where it can be shown that an ISP or media company was aware of the publication, the ISP may be liable, unless it can show that it took reasonable care in relation to the publication of the defamatory material and had no knowledge or reason to believe that it was defamatory.
Updated legislation needed. Unlike other common law jurisdictions, such as the UK, Jamaica does not currently have defamation laws that recognise the various media by which statements can be published. This would include online media such as blog sites and social networking sites (Facebook, MySpace, etc). The 2008 Joint Select Committee Report, commissioned by Prime Minister Bruce Golding, recommended that our defamation laws need to be amended to include "various media by which statements could be published which would include wired and wireless means as well as new media ..."
Until the committee's report on the laws of defamation in Jamaica are implemented, the judiciary is left to rely on our existing, aged defamation laws, the basic tenets of the law of defamation and to apply the principles established in persuasive (but not binding) judgments of courts in other jurisdictions.
"Jamaica is yet to enact data protection legislation in order to protect the individual's right to determine the use of personal information and to ensure that information is lawfully and fairly obtained, processed, protected or disclosed. The result, in relation to social networking sites such as Facebook, is that there is little or no protection for the data that is submitted by Jamaican citizens, or in relation to information that may be collected, stored or otherwise processed in Jamaica by ISPs, media companies, or the owners of social networking sites."
The attorney argued that the risks associated with blogging include: legal actions for defamation and breach of intellectual property rights; and loss of employment.
Persons who blog from computers at work and who divulge sensitive information, or otherwise expose their employer to legal action or unwanted publicity, could lose their jobs as a result.
Invasion of privacy/breach of privacy and defamation and breach of intellectual property rights are some of the risks associated with social networking sites.
Most of the property and liability policies that local insurers sell do not cover many of the technology risks that businesses and individuals face.
This is because traditional policies are triggered by loss or damage to tangible property or by bodily injury. For example, while 'calling credit' is a creature of the virtual world, it is not money (in the world of bricks and mortar).
Non-physical risks involving loss of intellectual property, copyright infringement, legal liability arising from acts of libel or defamation, loss of data or data corruption, computer crime and business interruption losses arising from computer malfunction or breakdown are, at worst, excluded from traditional contracts or, at best, in the words of a global reinsurer, are 'grey areas'.
Some foreign insurers offer special kinds of 'tech contracts' that provide coverage against the cyber risks that traditional policies exclude. As in the physical world, insurance does not provide a complete solution in the virtual world either. Contingency planning and improved security - risk management - should be coupled with insurance and form part of a broad strategy to mitigate against the many risks that inhabit cyberspace.
According to US President Barack Obama, "cyberspace is real. And so are the risks that come with it. It's the great irony of our information age - the very technologies that empower us to create and to build also empower those who would disrupt and destroy. And this paradox - seen and unseen - is something that we experience every day."
Cedric E. Stephens provides counsel and advice about risks and insurance. He also writes a weekly column, Insurance Help-Line, for The Sunday Gleaner. Email: email@example.com