(b)
(1) The owner of a mask work protected under this chapter, or the exclusive licensee of all rights under this chapter with respect to the mask work, shall, after a certificate of registration of a claim of protection in that mask work has been issued under section 908, be entitled to institute a civil action for any infringement with respect to the mask work which is committed after the commencement of protection of the mask work under section 904(a).
(2) In any case in which an application for registration of a claim of protection in a mask work and the required deposit of identifying material and fee have been received in the Copyright Office in proper form and registration of the mask work has been refused, the applicant is entitled to institute a civil action for infringement under this chapter with respect to the mask work if notice of the action, together with a copy of the complaint, is served on the Register of Copyrights, in accordance with the Federal Rules of Civil Procedure. The Register may, at his or her option, become a party to the action with respect to the issue of whether the claim of protection is eligible for registration by entering an appearance within sixty days after such service, but the failure of the Register to become a party to the action shall not deprive the court of jurisdiction to determine that issue.
(c)
(1) The Secretary of the Treasury and the United States Postal Service shall separately or jointly issue regulations for the enforcement of the rights set forth in section 905 with respect to importation. These regulations may require, as a condition for the exclusion of articles from the United States, that the person seeking exclusion take any one or more of the following actions:
(A) Obtain a court order enjoining, or an order of the International Trade Commission under section 337 of the Tariff Act of 1930 excluding, importation of the articles.
(B) Furnish proof that the mask work involved is protected under this chapter and that the importation of the articles would infringe the rights in the mask work under this chapter.
(C) Post a surety bond for any injury that may result if the detention or exclusion of the articles proves to be unjustified.
(2) Articles imported in violation of the rights set forth in section 905 are subject to seizure and forfeiture in the same manner as property imported in violation of the customs laws. Any such forfeited articles shall be destroyed as directed by the Secretary of the Treasury or the court, as the case may be, except that the articles may be returned to the country of export whenever it is shown to the satisfaction of the Secretary of the Treasury that the importer had no reasonable grounds for believing that his or her acts constituted a violation of the law.
(a) Any court having jurisdiction of a civil action arising under this chapter may grant temporary restraining orders, preliminary injunctions, and permanent injunctions on such terms as the court may deem reasonable to prevent or restrain infringement of the exclusive rights in a mask work under this chapter.
(b) Upon finding an infringer liable, to a person entitled under section 910(b)(1) to institute a civil action, for an infringement of any exclusive right under this chapter, the court shall award such person actual damages suffered by the person as a result of the infringement. The court shall also award such person the infringer’s profits that are attributable to the infringement and are not taken into account in computing the award of actual damages. In establishing the infringer’s profits, such person is required to present proof only of the infringer’s gross revenue, and the infringer is required to prove his or her deductible expenses and the elements of profit attributable to factors other than the mask work.
(c) At any time before final judgment is rendered, a person entitled to institute a civil action for infringement may elect, instead of actual damages and profits as provided by subsection (b), an award of statutory damages for all infringements involved in the action, with respect to any one mask work for which any one infringer is liable individually, or for which any two or more infringers are liable jointly and severally, in an amount not more than $250,000 as the court considers just.
(d) An action for infringement under this chapter shall be barred unless the action is commenced within three years after the claim accrues.
(e)
(1) At any time while an action for infringement of the exclusive rights in a mask work under this chapter is pending, the court may order the impounding, on such terms as it may deem reasonable, of all semiconductor chip products, and any drawings, tapes, masks, or other products by means of which such products may be reproduced, that are claimed to have been made, imported, or used in violation of those exclusive rights. Insofar as practicable, applications for orders under this paragraph shall be heard and determined in the same manner as an application for a temporary restraining order or preliminary injunction.
(2) As part of a final judgment or decree, the court may order the destruction or other disposition of any infringing semiconductor chip products, and any masks, tapes, or other articles by means of which such products may be reproduced.
(f) In any civil action arising under this chapter, the court in its discretion may allow the recovery of full costs, including reasonable attorneys’ fees, to the prevailing party.
(a) Nothing in this chapter shall affect any right or remedy held by any person under chapters 1 through 8 of this title, or under title 35.
(b) Except as provided in section 908(b) of this title, references to “this title” or “title 17” in chapters 1 through 8 of this title shall be deemed not to apply to this chapter.
(c) The provisions of this chapter shall preempt the laws of any State to the extent those laws provide any rights or remedies with respect to a mask work which are equivalent to those rights or remedies provided by this chapter, except that such preemption shall be effective only with respect to actions filed on or after January 1, 1986.
(d) The provisions of sections 1338, 1400(a), and 1498(b) and (c) of title 28 shall apply with respect to exclusive rights in mask works under this chapter.
(e) Notwithstanding subsection (c), nothing in this chapter shall detract from any rights of a mask work owner, whether under Federal law (exclusive of this chapter) or under the common law or the statutes of a State, heretofore or hereafter declared or enacted, with respect to any mask work first commercially exploited before July 1, 1983.
(a) No application for registration under section 908 may be filed, and no civil action under section 910 or other enforcement proceeding under this chapter may be instituted, until sixty days after the date of the enactment of this chapter.
(b) No monetary relief under section 911 may be granted with respect to any conduct that occurred before the date of the enactment of this chapter, except as provided in subsection (d).
(c) Subject to subsection (a), the provisions of this chapter apply to all mask works that are first commercially exploited or are registered under this chapter, or both, on or after the date of the enactment of this chapter.
(d)
(1) Subject to subsection (a), protection is available under this chapter to any mask work that was first commercially exploited on or after July 1, 1983, and before the date of the enactment of this chapter, if a claim of protection in the mask work is registered in the Copyright Office before July 1, 1985, under section 908.
(2) In the case of any mask work described in paragraph (1) that is provided protection under this chapter, infringing semiconductor chip product units manufactured before the date of the enactment of this chapter may, without liability under sections 910 and 911, be imported into or distributed in the United States, or both, until two years after the date of registration of the mask work under section 908, but only if the importer or distributor, as the case may be, first pays or offers to pay the reasonable royalty referred to in section 907(a)(2) to the mask work owner, on all such units imported or distributed, or both, after the date of the enactment of this chapter.
(3) In the event that a person imports or distributes infringing semiconductor chip product units described in paragraph (2) of this subsection without first paying or offering to pay the reasonable royalty specified in such paragraph, or if the person refuses or fails to make such payment, the mask work owner shall be entitled to the relief provided in sections 910 and 911.
(a) Notwithstanding the conditions set forth in subparagraphs (A) and (C) of section 902(a)(1) with respect to the availability of protection under this chapter to nationals, domiciliaries, and sovereign authorities of a foreign nation, the Secretary of Commerce may, upon the petition of any person, or upon the Secretary’s own motion, issue an order extending protection under this chapter to such foreign nationals, domiciliaries, and sovereign authorities if the Secretary finds—.
(1) that the foreign nation is making good faith efforts and reasonable progress towardd—
(A) entering into a treaty described in section 902(a)(1)(A); or
(B) enacting legislation that would be in compliance with subparagraph (A) or (B) of section 902(a)(2); and
(2) that the nationals, domiciliaries, and sovereign authorities of the foreign nation, and persons controlled by them, are not engaged in the misappropriation, or unauthorized distribution or commercial exploitation, of mask works; and
(3) that issuing the order would promote the purposes of this chapter and international comity with respect to the protection of mask works.
(b) While an order under subsection (a) is in effect with respect to a foreign nation, no application for registration of a claim for protection in a mask work under this chapter may be denied solely because the owner of the mask work is a national, domiciliary, or sovereign authority of that foreign nation, or solely because the mask work was first commercially exploited in that foreign nation.
(c) Any order issued by the Secretary of Commerce under subsection (a) shall be effective for such period as the Secretary designates in the order, except that no such order may be effective after the date on which the authority of the Secretary of Commerce terminates under subsection (e). The effective date of any such order shall also be designated in the order. In the case of an order issued upon the petition of a person, such effective date may be no earlier than the date on which the Secretary receives such petition.
(d)
(1) Any order issued under this section shall terminate if —
(A) the Secretary of Commerce finds that any of the conditions set forth in paragraphs (1), (2), and (3) of subsection (a) no longer exists; or
(B) mask works of nationals, domiciliaries, and sovereign authorities of that foreign nation or mask works first commercially exploited in that foreign nation become eligible for protection under subparagraph (A) or (C) of section 902(a)(1).
(2) Upon the termination or expiration of an order issued under this section, registrations of claims of protection in mask works made pursuant to that order shall remain valid for the period specified in section 904.
(e) The authority of the Secretary of Commerce under this section shall commence on the date of the enactment of this chapter, and shall terminate three years after such date of enactment.
(f)
(1) The Secretary of Commerce shall promptly notify the Register of Copyrights and the Committees on the Judiciary of the Senate and the House of Representatives of the issuance or termination of any order under this section, together with a statement of the reasons for such action. The Secretary shall also publish such notification and statement of reasons in the Federal Register.
(2) Two years after the date of the enactment of this chapter, the Secretary of Commerce, in consultation with the Register of Copyrights, shall transmit to the Committees on the Judiciary of the Senate and the House of Representatives a report on the action taken under this section and on the current status of international recognition of mask work protection. The report shall include such recommendations for modifications of the protection accorded under this chapter to mask works owned by nationalities, domiciliaries, or sovereign authorities of foreign nations as the Secretary, in consultation with the Register of Copyrights, considers would promote the purposes of this chapter and international comity with respect to mask work protection.
Note:
There is a movement to expand the three-year termination date set forth in § 914(e). See, e.g., H.R. 1951 (100th Cong. 1st Sess.), which proposes an extension through November 8, 1991.
(1) The Copyright Act 1956 shall apply in relation to a computer program (including one made before the commencement of this Act) as it applies in relation to a literary work and shall so apply whether or not copyright would subsist in that program from this Act.
(2) For the purposes of the application of the said Act of 1956 in relation to a computer program, a version of the program in which it is converted into or out of a computer language or code, or into a different computer language or code, is an adaptation of the program.
References in the Copyright Act 1956 to the reduction of any work to a material form, or to the reproduction of any work in a material form, shall include references to the storage of that work in a computer.
Where an infringing copy of a computer program consists of a disc, tape or chip or of any other device which embodies signals serving for the impartation of the program or part of it, sections 21 to 21B of the Copyright Act 1956 (offences and search warrants) shall apply in relation to that copy as they apply in relation to an infringing copy of a sound recording or cinematograph film.
(1) This Act may be cited as the Copyright (Computer Software) Amendment Act 1985.
(2) This Act shall be construed as one with the Copyright Act 1956 and Part V of that Act (extension and restriction of operation of Act) shall apply in relation to the provisions of this Act as it applies in relation to the provisions of that Act.
(3) This Act shall come into force at the end of the period of two months beginning with the day on which it is passed.
(4) Nothing in this Act shall affect—
(a ) the determination of any question as to whether anything done before the commencement of this Act was an infringement of copyright or an offence under section 21 of the said Act of 1956; or
(b ) the penalty which may be imposed for any offence under that section committed before the commencement of this Act.
(5) This Act extends to Northern Ireland.
COPYRIGHT AND TRADE SECRET PROTECTION OF SOFTWARE
CHRISTOPHER MILLARD
CLIFFORD-CHANCE
In 1709 England led the world by enacting the first copyright legislation.
1 Like so may English pioneers, our legislators have been left behind by a number of the imitators who have built on the conceptual foundations of the Queen Anne statute. In the common law world this is most notably so in the case of the United States. There, Congress has already supplemented its complete 1976 overhaul of US copyright law with a Computer Software Copyright Act in 1980 and most recently by the Semiconductor Chip Protection Act of 1984.
2The last major redraft of UK Copyright law dates to 1956. Over the last decade or so there has been mounting pressure for legislative reform to take account of radical changes in the way literary, artistic and other works are created, recorded, reproduced and communicated. Concerted lobbying by various sectors of the information and communication industries has led to the introduction of amending legislation on a piecemeal basis in each of the last four years.
3 The long awaited, and repeatedly promised, general revision of the 1956 Act at last looks fairly likely to see the light of day in the 1986–87 session of Parliament.
This most recent ‘upgrade’ to the 1956 Act received the Royal Assent on 16th July 1985 and came into force two months later. Sub-section 1(1) provides that:
“The Copyright Act 1956 shall apply in relation to a computer program (including one made before the commencement of this Act) as it applies in relation to a literary work and shall so apply whether or not copyright would subsist in that program apart from this Act.”
Thus, subject only to the prerequisites of “originality” and creation by a “qualified person” [see part 1.3 and footnote 6, below], copyright now subsists under UK law in all computer programs, whenever they were created (that is assuming that there is no program whose author has already been dead more than 50 years!).
It is interesting to note that this sub-section does not provide that a computer program
is a literary work but rather states that the 1956 Act applies to a computer program
as it applies to literary work. Thus Parliament has not declared that literary copyright cannot subsist in programs. On the contrary, there is no reason to discredit the widespread consensus which had emerged prior to the 1985 Act in both academic and judicial circles to the effect that programs, in at least some of their forms, could attract protection as literary works,
4 and possibly also as other types of protected work under the Act.
5 It may well be that most programs will end up being created both as “literary works and as “computer programs”. The implication of this overlap and the restrictions on the retroactive operation of sub-section 1(1) are discussed in part 1.3, below.
Sub-section 1(2) has dispelled doubts which had previously been voiced as to whether the conversion of a program from one form to another (e.g. compilation of machine code from source code) was “restricted” (i.e. prohibited unless authorised) by literary copyright as an “adaptation”. Sub-section 1(2) provides that:
“For the purposes of the application of the said Act of 1956 in relation to a computer program, a version of the program in which it is converted into or out of a computer language or code, or into a different computer language or code, is an adaptation of the program.”
A further crucial clarification is contained in section 2 of the 1985 Act which provides:
“References in the Copyright Act 1956 to the reduction of any work to a material form, or to the reproduction of any work in a material form, shall include references to the storage of that work in a computer.”
Thus, for example, the loading of a new program directly into RAM (random access memory) should in itself constitute “reduction … to a material form”, and the transfer of a program from one computer to another (whether local or remote) will on storage in the recipient computer again constitute “reproduction … in a material form.” As regards ROM (read only memory) copies of programs, section 3 of the 1985 Act expressly refers to an infringing copy of a program consisting of a “… chip or of any other device which embodies signals serving for the impartation of the program or part of it …” Thus, for copyright purposes, the medium in which a program or an infringing copy of a program is stored should have no bearing on the subsistence of copyright or the occurance of infringement as the case may be.
Section 3 of the 1985 Act has also extended to cases of infringement of program copyright the special criminal provisions which have since 1983 applied to commercial infringers of copyrights in cinematograph films and sound recordings [see discussion in part 3.3 below]. Section 4 contains procedural provisions together with the restriction on the retroactive effect of the Act [see part 1.3, below].
Effective protection of software under the 1956 Copyright Act (as amended) depends on five prerequisites being satisfied. First, there must a “work” (be it “literary” or a “program”) in which copyright can subsist. Secondly, the work must be sufficiently “original” to attract protection. Thirdly, the author of the work must either have been a “qualified person” at the time the work was made,
6 or the work must have been “published” in a manner recognised under the Act.
7 Fourthly, the person seeking to enforce a copyright must be able to prove either ownership or the benefit of an exclusive license. Fifthly, and finally, copyright infringement must be proved. Since September 1985 it has been possible for positive answers to be given, in principle at least, to the questions underlying each of these prerequisites. In order words, it can be demonstrated that a particular piece of software is capable of protection as a copyright work, that it is sufficiently original, that it has a qualifying author or has been published in the requisite manner, that current title can be established and that copyright has been infringed. Yet, in all of these areas, uncertainties remain.
Starting with the new category of program works, the 1985 Act does not define “computer program” and thus the scope of the term will not be known until tested in the courts. It may be that many works produced by programmers will attract both literary copyright (or possibly artistic or some other established form of copyright), and the new program copyright. The subsistence of multiple copyrights is, of course, good news, or at worst, irrelevant to the “owner” of a program. Of potentially far greater concern, however, is the possibility that a particular program, or part of a program, will be protected by literary or artistic copyright but not by the new program copyright. For although the 1985 Act provides that the Copyright Act now applies to programs in the same way as it applies to literary works, in terms of penalties for infringement, programs are of course treated quite differently. Far heavier sanctions are available against commercial infringers of software which is protected by program copyright than against such infringers of conventional literary works.
As for the second and third prerequisites (i.e. originally and status of author/place of publication), in the case of some forms of computer output (e.g. output from compilers, from expert systems, from CAD-CAM systems and from computers used by creative artists such as musicians), these criteria may give rise to considerable uncertainty and possible exclusion from the realm of copyright of works which would undoubtedly be capable of protection if they had a clearly identifiable human author.
8The burden of satisfying the fourth prerequisite for effective copyright protection, proof of ownership, has not been changed by the 1985 Act. If disputes over ownership of programs are to be avoided, there is no easy alternative to good housekeeping practices and thorough documentation evidencing authorship and transfers of title.
On the question of infringement, the Act has clarified the position regarding the status of compiled or decompiled versions of programs.
9 Not only is the unauthorised making of an adaptation of a program an infringing act,
10 but unauthorised acts in relation to authorised adaptations are also actionable by the owner of the program copyright.
11 However, a number of uncertainties remain in the infringement area. In particular, to what extent is the simple “use” of a program a restricted act, and in what circumstances will copyright be infringed by the rewriting of a program using little more than the first author’s concepts [see parts 3.1 and 3.2, below]?
Uncertainties as to the ownership of computer-generated programs and computer-generated output will be dealt with by other speakers at the Symposium. Disputes as to ownership of copyright can also arise, however, in many other contexts. The first owner of copyright in a work is usually the author or creator of the work.
12 This general rule is, however, subject to several important exceptions. For example, subject to contrary agreement, the first owner of a work produced by an employee during the course of his or her employment is the employer, not the employee.
13 Thus, copyright in a program written by an employee in the course of his or her normal duties under a contract of employment will vest not in the programmer but in the company or other organisation which employs him or her.
In practice, many programmers seem to carry out their contractual duties as employees in a somewhat irregular manner. Quite often part or all of a package will be written in a programmer’s own time at home. Although not necessarily the case, this may mean that the development work falls partly or wholly outside the scope of the programmer’s normal duties. Unless such situations are anticipated and clearly covered in a contract of employment, copyright ownership may be uncertain and disputed.
Potentially still more complicated is the copyright position where a software house or freelance programmer is commissioned to write programs under a contract for services (as distinct from an employee’s contract of service). On a strict application of the Copyright Act rules, copyright in such programs will be owned by the software house or freelance programmer and not by the person who commissions and pays for the work. Such scenarios are often complicated by inputs into the programming process made by employees of the company which has commissioned the work (whether at the system design, implementation or installation stage).
The operation of all these rules may produce results which are contrary to the commercial expectations of the parties and which is some cases may be manifestly unjust. Imagine a situation where an individual or a company (party A) dreams up a brilliant concept for a program and then engages a programmer or software house (party B) to implement the abstract system design. There will be no claim to copyright in the ideas which underlie the resultant program (unless those ideas have already been expressed in a material form, and even then only that particular expression of the ideas will be protected and B will be able to use the ideas without copyright restriction). Moreover, even if there was an oral agreement between the parties before B began work to the effect that party A would in all respects “own” the program, this will not be sufficient to alter the first ownership of copyright, nor necessarily even place party B under a legal obligation to assign the copyright to A. This is because, under the 1956 Copyright Act, assignments of copyright and agreements as to future ownership of copyright will only be enforceable if they are evidenced in writing.
14If B does not do the “honourable thing” and execute a deed of assignment in favour of A, will A have any remedy? In law, probably not. In equity, A may be able to persuade a court that B should be ordered to execute such an assignment, especially if A can prove that it was understood from the outset that A would in all respects “own” the program.
15 Such an understanding might be construed as an implied term of an agreement between A and B that copyright would be assigned (such a term might be implied by conduct). Although this would not give A any automatic right to a formal transfer from B, a court would probably order specific performance of the unwritten agreement. Reliance in business transactions on equitable remedies is, however, most unsatisfactory, and a far better course of action (probably for all concerned) would have been for the agreed rights and obligations of A and B, and in particular the question of prospective ownership of copyright, to have been expressly recorded in a written agreement before B began work on implementing A’s program concept.
It is common for several people, sometimes a large number, to be involved in the development of a software package. Multiple authorship and divided ownership are, however, by no means a novelty in the copyright field. Indeed the Copyright Act expressly defines a “work of joint authorship” as being “a work produced by the collaboration of two or more authors in which the contributions of each author is not separate from the contribution of the other author or authors”.
16 Thus, where the development of a program really is a joint effort, copyright will vest in the various contributors jointly (subject to the rules as to employees etc. discussed above). This must be distinguished, however, from the situation where a number of people have made separate contributions to a project which can be clearly identified as such. It may well be that in the latter case there will be a number of quite distinct copyrights in the package.
Difficulties can arise at the exploitation stage where a software package either has a number of joint owners, or is made up of a number of programs each separately owned. In either case, infringement of copyright will occur if any of the owners seeks in any way to exploit the package as a whole without the consent of all the others. Where the various owners have quite distinct copyrights and one owner refuses to co-operate with the rest, the others may choose to re-write the relevant part of the package and proceed to market the software without that owner being involved. In the case of a single work of which various people are each joint owners of the whole, this avenue will not be available. Unless the rights of the uncooperative party can somehow be severed, exploitation of the package may be completely impossible.
In practice, of course, all those involved in developing a software package are likely to have an interest in seeing that it is commercially exploited. However, the special rules relating to ownership of copyright in joint works may enable one contributor to some extent to hold the rest to ransom in negotiating the terms on which exploitation will take place. The moral, as with all issues relating to ownership of copyright, is to preempt disputes by agreeing terms in writing with all relevant parties in advance.
There are many ways in which copyright in a work can be infringed. In the case of computer program works, as with literary works, infringing acts will include the unauthorised reproduction, adaptation or .publication of the work.
17 A program need not be copied in its entirety for infringement by reproduction to occur. It will be sufficient for a “substantial” part of the work to be copied, and the test of substantial similarity is more a qualitative one than a quantitative one. As for adaptations, the 1985 Act has clarified the position regarding straightforward compilation and de-compilation of programs.
18In considering the question of infringement it must not be forgotten that copyright can only ever protect expressions of ideas and never the ideas themselves. As one Australian court has commented, “were the law otherwise, … . everybody who made a rabbit pie in accordance with the recipe of Mrs Beeton’s cookery book would infringe the literary copyright in that book”.
19In the case of software, the distinction between an idea and its expression can become highly blurred. A program can simultaneously be symbolic (i.e. a representation of instructions to be made to a computer) and functional (i.e. the means by which the computer is. actually instructed to carry out operations). It is as though by putting the relevant pages from Mrs Beeton’s cookery book into an oven you can produce a rabbit pie. If a single set of machine instructions were the only way to implement a particular idea, then idea and expression would have merged and the copyright restriction might have to be lifted.
Conversely, however, the simultaneously symbolic and functional nature of software means that the traditional tests for establishing that “copying” has occurred will not be appropriate in every case. Just because the defendant’s rabbit pie looks, smells and tastes very similar indeed to the plaintiff’s this is not in itself proof that they have both been made from exactly the same recipe. As Sir Robert Megarry put it in Thrustcode v W W Computing:
“… where, as here, the claim is to copyright in the program itself, the results produced by operating the program must not be confused with the program in which copyright is claimed. If I may take an absurdly simple example, 2 and 2 make 4. But so does 2 times 2, or 6 minus 2, or 2 per cent. of 200, or 6 squared divided by 9, or many other things. Many different processes may produce the same answer and yet remain different processes that have not been copied one from another.”
20The court went on to throw out the plaintiff’s case for lack of evidence of copying. No English court has yet tackled head on the issue of what will constitute “non-literal” infringement of copyright in software.
The “use” of a copyright work is not normally a restricted act. Thus the simple act of reading a published book is not controlled by copyright and it is only when one of the restricted acts (reproduction, adaptation etc.) takes place that infringement occurs. Yet it may be impossible to “use” a particular program without, technically at least, committing an infringing act. For example, the very process of loading or running an applications program may result in part or all of the program being copied from disk to RAM (i.e. reproduction), or may necessitate some rearrangement of the program by the computer’s operating system (possibly adaptation). Arguably, even screen displays produced during the running of a program may constitute infringing copies or adaptations of copyright material.
21However, whatever the position may be as a matter of strict law, the courts are likely to be reluctant to restrict the simple use of programs. To do so would be to give owners of program copyright a degree of protection which is normally only accorded under patent law. As a way round the difficulty, in considering the scope of any software licence, a court would probably infer a licence to do all acts necessary for simple use (if indeed such acts were not expressly authorised).
Thus a software licencee may be shielded against some types of infringement claim by implied licences to do certain otherwise restricted acts. In deciding what terms should be inferred in a particular case, a court would generally look at, among other things, accepted practice. In addition to acts necessary for simple use, a court might conclude that an end user had an implied licence to make one or more back-up copies, or perhaps to make certain adaptations necessary for installation or de-bugging.
22 A court would be rather less likely to be impressed, however, by other increasingly common practices such as the distribution of software from a central CPU to an extensive network by a person who has only paid a single end user licence fee.
Where infringement of copyright can be proved, the copyright owner is entitled to “all such relief … as is available in any corresponding proceedings in respect of other proprietory rights.”
23 In practice the principal remedies are injunctions to prevent further breaches of copyright, orders for delivery up of infringing copies, conversion damages, and accounts of profits or damages for breach of copyright. Various court orders can also be obtained at the pre-trial stage, including interlocutory injunctions and “Anton-Piller” orders. The latter can authorise a plaintiff to enter a defendant’s premises (without any prior warning) to seize evidentiary material which might otherwise disappear before trial.
24As far as criminal infringement of program copyright is concerned, section 2 of the 1985 Act provides that the sections of the 1956 Act which relate. to offences and search warrants will apply in relation to infringing copies of programs in the same way as they apply to sound recordings and cinematograph films.
25 Thus a person who knowingly sells, hires or in the course of trade possesses or exhibits an infringing copy of a computer program can now be sentenced by magistrates to a fine of up to £2,000 and/or imprisonment for up to two months.
26 Either magistrates or a crown court can try the more serious offences of knowingly making for sale or hire, importing by way of trade, or distributing on a commercial basis infringing copies of programs. A crown court can impose on a person convicted of one of this latter .category of offences a fine limited only by the offender’s ability to pay and/or imprisonment for up to two years.
27Unlike in the United States, in the UK there are no statutory provisions dealing with trade secrets. Instead, an action for breach of confidence has evolved at common law on the following basis:
“The law on this subject … depends on the broad principle of equity that he who has received information in confidence shall not take unfair advantage of it. He must not make use of it to the prejudice of him who gave it without obtaining his consent.”
28Building on this foundation, English courts have developed a fairly straightforward framework of analysis for determining the scope of protection available. In
Coco v Clark,
29 the court set out the following three requirements for a successful action for breach of confidence:
“First, the information itself … must have the ‘necessary quality of confidence about it’. Secondly, that information must have been imparted in circumstances importing an obligation of confidence. Thirdly, there must be an unauthorised use of that information to the detriment of the party communicating it.”
In theory, the application of these criteria to confidential information which relates to software presents no special problems. In practice, however, two areas merit special comment. These concern the extent to which confidential information about software can be disclosed, by distribution or otherwise, before the “necessary quality of confidence” is lost [dealt with now], and the special rights and obligations of employees [dealt with in part 4.2, below].
Information having the necessary quality on confidence has been defined, negatively, as “not … something which is public property and public knowledge.”
30 This test of confidentiality only makes obvious sense if applied objectively, and. on the whole courts have steered clear of subjective evaluations of secrecy.
31 Thus, whether distribution of software, even on a large scale, will be fatal for secrecy will depend on the size of the community which would be significantly interested in the information, and on the steps taken to pass on obligations of confidence to recipients. In
Sun Printers v Westminster Press, for example, the Court of Appeal ruled that a onetime confidential report had lost its confidentiality through coming into the hands of too many interested readers:
“… the report started life as a highly confidential document. Originally it had limited distribution, it was distributed personally and an explanation was given of its confidential nature. However, as the report was circulated on a wider and wider basis, a stage was reached at which quite a large number of people, even if they had the report originally in circumstances in which they realised it was confidential, would think that the seal of confidentiality had gone and that there was no reason why they should not show it to people Outside the company. As that situation was created by the plaintiffs, there was no breach of duty by the person handing the report on.”
32There will thus be a limit to the scale on which effective obligations of confidentiality can be passed on. In the case of mass marketed software, for example, there must be serious doubts as to efficacy of confidentiality clauses contained in “shrink-wrap” licences.
A particularly sensitive issue concerns the extent to which, say, a software house can prevent a programmer who leaves the company from subsequently using information and expertise in a competing business. The position is complicated by the overlap with copyright law and the law relating to “restraint of trade”. With regard to copyright versus trade secrets, for example, in one case a South African court ruled that a programmer who owned the copyright in a particular software package could not make a copy of it himself because to do so would entail a breach of confidence vis-a-vis his former employer.
33 In the same case, however, the court stressed that the former employee could not be restrained from using the general know-how he had acquired while working for the software house to develop similar software in the future.
In the case of
Faccenda Chicken v Fowler34 the English court of Appeal has recently clarified the principles which should be applied in striking a balance between an employer’s right to protect valuable secrets and an ex-employee’s right to carry on a trade or profession without excessive restrictions. The Court ruled that, in the absence of express contractual agreement, implied terms will determine an ex-employee’s obligations in respect of use and disclosure of information. The ex-employee’s implied obligation to keep information confidential will not be as broad as his or her obligations under the duty of good faith while employed. To determine whether a particular item of information falls within the implied term, all the circumstances of the case must be considered, including:
(a) The nature of the employment—did the employee habitually handle information which he should have known was confidential?
(b) The nature of the information itself—is the information really a trade secret or equivalent?
(c) Whether the employer impressed on the employee the confidentiality of the information—was the information treated as a valuable business secret?
(d) Whether the information can be easily isolated from other information which the employee is free to use or disclose—is the information part of a package, the rest of which is not confidential?
What then is the practical advice for an employer who wishes to protect valuable business secrets? First, decide how much of the information relating to your business is truly confidential. Second, ascertain which employees have access to that information. Third, make it very clear to those employees that they are handling confidential information and spell out what they can and cannot do with the information. Fourth, treat the information yourself as though it is confidential. Fifth, use confidentiality notices. It is interesting to note the comments of one of the judges in the Sun Printers case (albeit that these comments are obiter dicta—i.e. not binding as a legal precedent):
“In the present case, the decision would have been wholly different if the plaintiffs had taken the very simple precaution of stamping ‘confidential’ on the document and making it clear that widespread distribution of information to the workforce did not mean that the report itself ceased to be confidential. There is nothing to prevent the fullest communication between management and workforce under a seal of confidentiality. It has been done in the past and it can continue to be done in the future.”
35Thus, in the protection of trade secrets, there is no substitute at the practical level for good “housekeeping” practices.
Where a breach of confidence has been proved, a court will assess the unfair advantage which the defendant has gained in determining the appropriate level of damages or other award. A court may restrain a defendant from using information obtained in confidence “as a spring-board for activities detrimental to the person who made the confidential communications.”
36 Other factors which a court may take into account include the degree of culpability of a defendant’s behaviour, and the need to foster competition in a particular industry.
At the end of the day, as in all equitable actions, a court dealing with a case of misuse of confidential information will have a wide discretion to determine the remedy or remedies which seem appropriate in all the circumstances.
Footnotes — Appendix 4A[27]:
* This article was authored by Christopher Millard, of Clifford-Chance, Blackfriars House, London, England.
2 1976 Copyright Act, 17 U.S.C. as amended.
3 The Copyright Act 1956 (Amendment) Act 1982 [1982, c.35]; The Copyright (Amendment) Act 1983 [1983, c.42]; The Cable and Broadcasting Act 1984 [1984, c.46]; The Copyright (Computer Software) Amendment Act 1985 [1985, c.41].
4 See e.g. Tapper
Computer Law (London: Longman, 1983) pp. 18-19; Laddie, Prescott & Vitoria
The Modern Law of Copyright (London: Butterworths, 1980) p. 93;
Gates v Swift [1982] RPC 339;
Sega Enterprises v Richards [1983] FSR 73;
Systematica v London Computer Centre [1983] FSR 313;
Thrustcode v W.W. Computing [1983] FSR 502. Courts elsewhere in the Commonwealth have been similarly disposed to interpret traditional copyright statutes as granting rights in software, e.g. Supreme Court of South Africa in
Northern Office Microcomputers v Rosenstein [1982] FSR 124; Toronto Federal Court in
IBM v Ordinateurs Spirales Inc [1985] LRC (comm) 661–674. The significant exception to the trend was Australia where a restrictive ruling by the Federal Court of Appeal in
Apple Computer Inc. v Computer Edge Pty. Ltd. And Suss led to the speedy passage by the Federal Government of the Copyright Amendment Act 1984 [No. 43 of 1984].
5 E.g. a program might be protected, indirectly at least, as an artistic work under s. 3(2) of the 1956 Act.
6 For the statutory definition of “qualified person”—basically a person who is a citizen of or domiciled or resident in the UK or a country to which the Act has been extended—see 1956 Act s. 1(5). Note that the 1956 Act has been extended to a large number of countries by virtue of the Copyright (International Conventions) Order 1979 [made under Part V of the 1956 Act]. S. 4(2) of the 1985 Act confirms that that these extension provisions apply to program copyrights.
7 “Publication” basically means the issue of reproductions to the public [1956 Act, s. 49(2)(c)]. Where a program or other work has been published, first publication must either be in the UK or a country to which the 1956 Act extends, or the author must be a qualified person at the time of first publication, or, where the author has died before first publication, he must have been a qualified person immediately prior to his death [1956 Act, s. 2(2)].
8 These issues have already received some limited judicial scrutiny in interlocutory proceedings in
Express Newspapers v Liverpool Daily Post [Chancery Division, 19 February 1985, unreported]. Mr Justice Whitford concluded that a computer used to produce grids of letters for newspaper prize draws was merely a “tool” in the hands of the person who had programmed and run the computer. This position is consistent with that taken by the Committee chaired by Whitford which published proposals for reform of copyright and designs law in 1977 [see Report of the Committee to Consider the Law on Copyright and Designs, Cmnd. 6732, para 514].
9 Section 1(2), quoted in part 1.2, above.
14 1956 Act, s. 36(3); s. 37(1).
15 See Merchant Adventurers v M Grew [1973] RPC 1.
17 1956 Act, s. 2 (5) (a), (b), and (f). These are probably the most relevant of the various types of “primary” infringement. “Secondary” infringement occurs where infringing articles are, without a licence from the copyright owner, imported into the UK or dealt with here in the course of trade by a person who knows that the making of the article constituted an infringement of copyright (or would have done if the article had been made in the UK) [1956 Act, s. 5(2)].
18 1985 Act, s. 1(2), quoted in part 1.2, above.
19 Cuisenaire v Reed [1963] VR 719.
20 [1983] FSR 502 at 505.
21 Artistic copyright does not restrict the making of adaptations but a screen display might still be a reproduction in a material form.
22 It remains to be seen whether the recent ruling of the House of Lords in
British Leyland v Armstrong Patents (Times Law Report, 28 Feb. 1986) will have any bearing on the inference of implied licences in the software context. It must not be forgotten that the BL case concerned indirect infringement of artistic copyright. It is probably unwise to draw too close an analogy with other types of copyrights.
23 1956 Act, s. 17(1). For the position of exclusive licencees, see s. 19.
24 For an example of a case where such an order was granted against an alleged software pirate, see
Gates v Swift [1982] RPC 339.
25 Sections 21 to 21B of the 1956 Act as amended by the 1982 and 1983 Amendment Acts [see footnote 3, above].
28 Seager v Copydex [l967] RPC 349 at 368, per Lord Denning.
30 Saltman v Campbell (1948) 65 RPC 203 at 215, per Lord Greene.
31 A notable exception is
Schering Chemicals v Falkman [1982] QB 1, [1981] All ER 321.
33 Northern Office computers v Rosenstein [1982] FSR 124 (Supreme Court of SA).
34 Faccenda Chicken Ltd v Fowler and others Times Law Report 11 December 1985.
36 Terrapin v. Builder’s Supply Co [1967] RPC 375.
LIBRARY OF CONGRESS
COPYRIGHT OFFICE
Notice of Registration Decision: Registration
and Deposit of Computer Screen Displays
[Docket No. 87-4]
Agency:
Copyright Office, Library of Congress.
Action:
Notice of registration decision.
Summary:
This notice of a registration decision is issued to inform the public that the Copyright Office of the Library of Congress has determined that all copyrightable expression in a single work owned by the same claimant and embodied in a computer program, or first published as a unit with a computer program, including computer screen displays, is considered a single work and should be registered on a single application form. The notice also confirms the applicability to computer screen displays of
37 C.F.R. § 202.3(b)(3) concerning registration of all copyrightable expression in a unit of publication and
37 C.F.R. § 202.3(b)(6) concerning one registration per work. In order to clarify copyright claims in computer screen displays, applicants will be accorded an option of depositing visual reproductions of computer screens along with identifying material for the computer code. Where a work contains different kinds of authorship, the registration class will be determined on the basis of which authorship predominates.
37 C.F.R. § 202.3(b)(2).
Effective Date:
[Insert date of publication.]
For Further Information Contact:
Dorothy Schrader, General Counsel, Copyright Office, Library of Congress, Washington, DC 20559. Telephone (202) 287-8380.
Supplementary Information:
Registration of Computer Screen Displays: Policy Decision
1.
Background Original computer programs are works of authorship protected by copyright, whether they are in high level computer language (source code) or machine language (object code),
Williams Electronics, Inc. v. Artic International, Inc., 685 F.2d 870, 215 U.S.P.Q. 405 (3d Cir. 1982); and since 1964, the Copyright Office has registered computer programs as literary works. Section 101 of the Copyright Act of
1976, title 17 of the United States Code, defines a computer program as “a set of statements or instructions to be used directly or indirectly in a computer in order to bring about a certain result.” Copyright registration is made for original computer programs in the literary work classification upon submission of an appropriate application, fee, and deposit identifying the work. In general, the first 25 pages or the equivalent and the last 25 pages or the equivalent of computer source code should be deposited in seeking registration.
37 C.F.R. § 202.20(c)(2)(vii).
The Copyright Act also provides that “[i]n no case does copyright protection for an original work of authorship extend to any idea, procedure, process, system, method of operation, concept, principle, or discovery, regardless of the form in which it is described, explained, illustrated, or embodied in such work.”
17 U.S.C. § 102(b).
Consistent with the videogame precedents, the Copyright Office in the past has registered pictorial screen displays that meet the ordinary standard of original, creative authorship. Single registrations have been made for the videogame displays and the computer program code, as well as separate registrations, for the display and the code. Under present practices, however, the Office does not register separately textual screen displays, reasoning that there is no authorship in ideas, or the format, layout or arrangement of text on the screen, and that any literary authorship in the screen display would presumably be covered by the underlying computer program —itself a literary work. Moreover, the regulations specify one registration per work.
37 C.F.R.§ 202.3(b)(6).
Most claimants, consistent with Copyright Office regulations, have made only one registration for the computer program and have assumed that the registration covers any copyrightable authorship in the screen displays, without any need for a separate registration. The Copyright Office agrees with this interpretation of the regulations and registration practices.
Judicial decisions do not yet lend clear guidance on the copyrightability of screen displays (other than videogame displays), apart from the computer program. One court has held that protection of computer programs extends only to source and object code and not to input formats.
Synercom Technology, Inc. v. University Computing Company, 462 F. Supp. 1003 (N.D. Tex. 1978). Others have protected the structure, sequence and organization of certain business-related programs, including the text and artwork of their audiovisual displays.
Broderbund Software, Inc. v. Unison World, Inc., 648 F. Supp. 1127 (N.D. Cal. 1985);
Whelan Associates, Inc. v. Jaslow Dental Laboratory, Inc., 797 F.2d 1222 (3d Cir. 1986). Most recently, in
Digital Communications Associates, Inc. v. Soft klone Distributing Corp., 659 F. Supp. 449 (N.D. Ga 1987), the court held the copyright in a computer program does not extend to the screen displays, but held valid a separate claim in a screen based on “compilation” of the menu terms.
The Copyright Office is currently holding a large number of claims to register textual and pictorial screen displays separate from the underlying programs that generate them. The Softklone decision, if generally followed, would seem to require a separate claim to copyright in screen displays in order to enjoy copyright protection. This decision seemed to cast doubt on the scope of copyright in computer programs where no separate registration was made for the screen displays. In order to consider whether a modification of existing registration practices is necessary, the Copyright Office held a public hearing on September 9 and 10, 1987, and solicited public comments. 52 FR 28311 (1987).
2.
Summary of Comments Twelve witnesses testified in the hearings held September 9th and 10th. In addition, 35 written comments were received.
Of the witnesses giving oral testimony, three took the position that computer screens should be registered separately from the underlying computer program. Two witnesses taking this position argued that only through separate registration could users become aware of the extent of copyright claims in computer screens. The third witness believed that computer screens should be registered separately because they represent fundamentally different authorship from the underlying computer program code.
Several witnesses favored giving the applicant an option either to register the computer screens and underlying program on a single application, or alternatively, to make two registrations —one for the program and one for the screen display. Proponents of this position agreed with those favoring separate registration that the authorship in the screen displays differs from the authorship in the computer program code. Nevertheless, witnesses for this position believed applicants should be able to protect their screens on the basis of a single registration of the underlying program if that were the course they chose to follow. They stressed that, although separate registration should be allowed at the claimant’s option, it was essential that the Office’s registration practices make clear that those claimants who elect a single registration nevertheless have full copyright protection for any original computer screens.
Several witnesses took the position that only a single registration, should be permitted for a published computer program and any authorship contained in the screens. The rationale for this position was that a published computer program is “a unitary work with a multiplicity of elements which are molded into a cohesive, integrated whole.”
A fourth position endorsed by one witness would allow only a single registration to be made in most instances. However, as an exception to the general rule, a separate registration of elaborate, fanciful computer screen displays would be permitted where the audiovisual authorship is predominant over the computer code authorship and clearly identifiable as a separate work.
The comments received after the hearing (including some from those who had testified) largely tracked the themes expressed in the hearing. A few commentators urged greater restrictions on the application of the copyright law to protect computer programs. One commentator argued that the copyright law should not be applied to computer programs at all, and that protection should be limited to what is available under the patent law. Another commentator urged limiting protection to authorship revealed in the material deposited in the Copyright Office.
In summary, the public comments, both oral and written, fall into three main categories: mandatory separate registration of screens and program code; mandatory single registration of screens and program code; and single or separate registration at the option of the claimant.
3. Overview of Policies Adopted by the Copyright Office
The Copyright Office carefully considered all the testimony and written comments submitted with respect to computer screens. The Office has decided generally to require that all copyrightable expression embodied in a computer program, including computer screen displays, and owned by the same claimant, be registered on a single application form. This policy applies to unpublished computer programs as well as to published programs. The Office finds that in the interest of a clear, consistent public record, our registration practices should discourage piecemeal registration of parts of works. Ordinarily, where computer program authorship is part of the work, literary authorship will predominate, and one registration should be made on application Form TX. Where, however, audiovisual authorship predominates, the registration should be made on Form PA.
Under existing Copyright Office regulations, only one registration can be made for the same version of a particular work owned by a given claimant.
37 C.F.R. § 202.3(b)(6). In such cases, all copyrightable elements embodied in the work are covered by the single registration. Moreover, the Office generally prefers a single registration for a work that contains discrete authorship components, but is published together as a unit.
37 C.F.R. § 202.3(b)(3). Finally, where a work contains authorship elements that fall into two or more classes, the application should be filed in the authorship class that predominates.
37 C.F.R. § 202.3(b)(2). This principle applies even if the work has two or more authors who have created either a unitary, a collective, or a joint work.
In considering the issue of computer screen displays, the Copyright Office concludes there is no sound basis for departing from the principles of these regulations in the case of computer programs and related screens.
In order to reflect better for the public record the copyright claims in computer screens, applicants will in the future be permitted to deposit visual reproductions of the computer screen displays along with reproductions of any accompanying sounds and the identifying material for the computer program code. The Office will examine the visual or audiovisual deposit and make a determination whether the deposit reveals copyrightable authorship.
4.
One Registration Per Work The long-standing principle of one registration per work has significant advantages for copyright claimants, the public, and the Copyright Office and provides a uniformity not available if multiple registrations were optional.
Copyright claimants are able to register all copyrightable elements contained in their work with a single application and fee.
The public is benefited through the maintenance of a clear, accurate, easily understandable public record. Permitting multiple registrations of parts of works would increase confusion amount those attempting to use the records of the Copyright Office. Subdividing claims might also result in multiple infringement actions and multiple claims for statutory damages, based on separate registration.
The Copyright Office benefits by having a simplified administrative process.
Proponents of separate registration, either on a mandatory or optional basis, contend that the nature of authorship embodied in the computer program code is substantially different from the authorship typically embodied in computer screens. All witnesses agreed that the same screen displays can be generated by substantially different computer program code.
Even accepting that the nature of authorship in screens may be different from computer program code authorship, this does not alter the fact that the computer program code and screen displays are integrally related and ordinarily form a single work. Indeed, those commentators who favor either single or separate registration at the claimant’s option must concede that the program code and screens are conceptually a single work.
In creating copyright subject matter, it is common to merge several different types of authorship to form a single work. Motion pictures are a clear example of a work in which the different creative talents of many contributors (writers, directors, editors, camera persons, etc.) are combined to create a single work. Under the regulations of the Copyright Office, where such a work is owned by a single owner, only one registration is generally possible.
Several commentators favored more restrictive registration practices. They contended that the registration should specify the boundaries of the copyright claim in order to provide greater guidance to users.
While the Copyright Office is sympathetic to users who may have difficulty in determining the scope of copyright in computer software, the registration practices of the Copyright Office cannot precisely determine the scope of protection in any work. The Office seeks to create a public record of the copyright claim that generally gives a clear, accurate picture of the authorship and narrows the issues that might otherwise be contested in time-consuming, expensive litigation. We attempt to keep out of the public record any frivolous, unsound, or otherwise unjustified claims. In this way, we assist the public and the courts. Ultimately, of course the courts determine the precise scope of protection.
5.
Predominant Authorship Standard As new technologies emerge, new means of expression are submitted to the Copyright Office for copyright registration. The registration decisions that are initially reached by the Office are often a matter of first impression. Such was the case when arcade videogames were first submitted to the Office for registration. The Office decided to permit an audiovisual registration of the displays, sometimes separate from the underlying computer program, and sometimes with the program as a single registration.
The Copyright Office has now decided to treat videogame displays the same as other works that include authorship in a computer program and screen displays. A single registration will be made for the audiovisual authorship and any related computer program code owned by the same claimant. Separate registrations will not be made. If audiovisual authorship predominates, the single registration should be made in Class PA.
The courts have not fully examined the implications of protection for screen displays except in the videogame context where standardization of user interface screens is not a significant public policy issue. The practices adopted today by the Office should facilitate judicial consideration of the relationship between computer program code authorship and screen displays.
6.
“Nature of Authorship” Description The “nature of authorship” for a computer program should be described at space 2 of the application form. An applicant may give a general description such as “entire work” or “computer program.” This description would cover any copyrightable authorship contained in the computer program code and screen displays, regardless of whether identifying material for the screens is deposited. An applicant may include a reference to the authorship in screen displays, e.g. “computer program code and screen displays.” Such a designation would require a deposit of visual reproductions showing sufficient copyrightable authorship to support a claim to copyright in the screen display.
Applicants should not refer to elements such as “menu screens;” “structure, sequence, and organization;” layout or format; and the like.
The Compendium of Copyright Office Practices II, as issued in 1984, sets forth that registration will not be made for the “algorithm” of a computer program or for “formatting,” “functions,” “logic,” or “system design.” Compendium II, section 325.02(c).
The Office has a well-established practice of refusing to register claims to copyright in mere format of text or images; this practice is based on the statutory prohibition against copyright in ideas, systems, concepts, or discoveries.
17 U.S.C. § 102(b). See also
Morrissey v. Proctor & Gamble Co., 379 F.2d 675, 154 U.S.P.Q. 193 (1st Cir. 1967) and Atari Games Corp. v. Oman (unpub. op., Civ. No. 88-0021, D.D.C. May 25, 1988). Of course, if the screen display images consist of original, creative pictorial expression, then copyright may be claimed in that expression. The courts will determine the scope of copyright protection in appropriate cases.
7.
Deposit of Visual Reproductions of Computer Screen Display The deposit requirement for registration of a computer program remains unchanged. When the authorship is described in general terms this deposit is sufficient to cover the entire claim, including any copyrightable authorship in the screen displays. Deposit of identifying material related to the screens is possible but not ordinarily required.
However, when specific reference to a screen display is included in the application, the deposit must include visual or audiovisual reproductions of the screen displays. Visual reproductions shall consist of printouts, photographs, drawings or a 1/2 inch VHS videotape of the screens.
8.
Implementation The Copyright Office is not presently proposing any changes in the regulations. The basic policies of one registration per work, a single registration for different authorship combined in a single unit of publication, and a single registration based on predominant authorship, are already reflected in the regulations. The optional deposit of visual or audiovisual reproductions of computer screen displays as a supplement to the deposit of other identifying material has not yet been incorporated into the deposit regulations because the deposit regulations reflect minimum requirements. The regulations will be modified at a later time. This Notice of a Policy Decision will inform the public of the registration and deposit requirements relating to computer screen displays.
The Copyright Office will also modify Compendium II of Copyright Office Practices. The examination and registration of machine-readable works present many unique issues. The Copyright [Office] believes it is preferable to treat these in detail in a work such as the Compendium rather than in regulations that are intended to have general applicability.
9.
Impact of This Policy Decision on Earlier Registrations The policies announced in this computer screen displays decision constitute in essence a confirmation of the general registration policies first adopted in the 1978 registration regulations. Before opening this public proceeding, the Office held the general view that a single registration was sufficient to protect the copyright in a computer program, including related screen displays, without a specific claim to screen display authorship on the application and without deposit of identifying material disclosing the screen display. Since this decision confirms the validity of a single registration policy, the Office assumes that this decision makes clear to the public and the courts our view that multiple claims are unnecessary, and indeed not appropriate, to assert copyright in the screen displays.
Therefore, those past registrants who made a single registration for computer program code and screen displays should be reassured that the registrations are valid. The Office will not make a new basic or supplemental registration order to allow a specific claim in the screen displays nor will the Office now accept the deposit of identifying material for the screens because all of the copyrightable authorship has already been registered.
In those cases where separate registrations were made for computer program code and the screen displays, the registrations are also valid if, in each case, the registration is based on original, creative authorship. In future, in accordance with this policy decision, the Office intends that a single registration should be made for a work consisting of a computer program and accompanying screen display that are owned by a single claimant. The registration class (literary, visual arts, or audiovisual, for example) will be determined on the basis of which authorship predominates.
Dated: June 3, 1988
| | ________________ |
| | Ralph Oman |
| | Register of Copyrights |
| Approved by: | |
| | ________________ |
| | William J. Welsh |
| | Acting Librarian of Congress |
[Billing Code: 1410-07]
[Docket RM 85-4B]
Registration of Claims to Copyright Registration and Deposit of Databases
AGENCY:
Copyright Office, Library of Congress.
ACTION:
Final Regulations.
SUMMARY:
The Copyright Office of the Library of Congress issues this notice to inform the public that it is adopting final regulations permitting group registration of an automated database and its updates or other revisions, and implementing deposit requirements in connection with their registration, under Section 408 of the Copyright Act of 1976. The section authorizes the Register of Copyrights to prescribe rules for administrative classification and deposit requirements for copyright registration. Pursuant thereto, this regulation specifies conditions under which a single automated database, together with its updates and other revisions may be registered on a single application with a single deposit and fee even though the database and its revised versions have been published at different times.
EFFECTIVE DATE:
March 31, 1989.
FOR FURTHER INFORMATION CONTACT:
Dorothy Schrader, General Counsel, U.S. Copyright Office, Library of Congress, Washington, DC 20559, (202) 707-8380.
SUPPLEMENTARY INFORMATION:
1. Background
Under the Copyright Act of
1976, Title 17, U.S. Code, copyright may ordinarily subsist in an automated database either as an original compilation or as some other original work of authorship. Automated databases provide special problems for copyright deposit and examination, however, because many of them are constantly changing or the updates or other revisions may consist of small increments of information. To the extent that the basic database and the revisions are copyrightable, questions arise as to how best to register the claims.
Current regulations allow the claimant to determine how frequently to register updates and other revisions of databases, but they do not allow grouping of separately published revised versions on a single registration. Special relief provisions already provide some flexibility in deposit requirements and those provisions continue to be available to automated database registrants.
37 CFR 202.20(d); see H.R. Rep. No. 94-1476, 94th Cong., 2d Sess. 151 (1976). Specific regulations for machine-readable databases are provided in
37 CFR 202.20(c)(2)(vii)(B).
The Copyright Act of 1976 encourages registration by conferring benefits on the claimant. Registration is a prerequisite to suit,
17 U.S.C. 411(a);
1 if the registration is made before publication or within five years of first publication, the certificate of registration is prima facie evidence of the facts it states and of the validity of the copyright,
17 U.S.C. 410(c), and by registering the work within three months of publication, the copyright owner reserves the right to claim statutory damages and discretionary counsel fees.
17 U.S.C. 412.
Pursuant to
17 U.S.C. 103, “copyright in a compilation or derivative work extends only to the material contributed by the author of such work, as distinguished from the preexisting material employed in the work, and does not imply any exclusive right in the preexisting material.” The Copyright Act requires special information in connection with registration of such works.
Section 408 of the Copyright Act requires deposit of material in connection with applications for copyright registration of unpublished and published works. Subsection 408 (c)(1) authorizes the Register of Copyrights to specify classes into which works may be placed for purposes of deposit and registration. One of the alternatives is “a single registration for a group of related works.”
When the Copyright Office issued initial deposit regulations under the 1976 general revision of the copyright law, several comments requested provisions for group registration of revisions and updates of automated databases. 43 FR 763 (Jan. 4, 1978). At that time the Office invited further comments and suggestions as to the type of related works that could be covered by group registration and the deposit and registration requirements applicable in those cases. In 43 FR 965 (January 5, 1978), however, the Office “reserved for implementation in a separate proceeding the possibility of providing for “a single registration for a group of related works’ under paragraph (c)(1) of section 408.” The allowance for group registration, except for certain published contributions to periodicals,
17 U.S.C. 408(c)(2), is discretionary with the Copyright Office, and the Office heretofore has elected not to exercise this discretionary authority.
On February 14, 1985, (50 FR 6208), the Copyright Office requested public comment on proposed amendments to the regulations governing deposit. In response to this general request, the Association of American Publishers (AAP) and the Information Industry Association (IIA) commented specifically on the deposit and registration of databases. AAP suggested that the Copyright Office develop regulations to meet the problems of deposit for dynamic databases subject to regular revision, expansion, or other change. AAP proposed regulations that would permit a single “group” registration for varying versions (enhancements, updates, and other modifications) of a database, and related databases, published within a twelve month period or any lesser period within twelve months, on the basis of a single deposit and application. AAP also proposed that the Copyright Office accept for deposit reasonable portions of output, rather than “raw data’ or the like, and that generally, deposit requirements for successive or single group registrations of revised databases should be diminished.
IIA also urged the addition of a new regulation that would permit group
[54 Fed. Reg. 13178]
registration of databases, under certain conditions. The group registration would require that works have the same copyright claimant, the same general title, and similar general content, including subject and organization. IIA proposed that if the works are published, each must bear a separate copyright notice as first published and have the same copyright owner, and the work or works must be first published within three months before registration. This organization suggested that since a deposit for databases would not show the full extent of the registration or the entirety of the work, the Copyright Office should accept relevant evidence for the examination of authorship. Such evidence might be documentary evidence of the continuing process of creation, hard copy extracts (for example, the first and last 25 pages), and the same direct online access as is offered the customer. Finally, IIA advocated the use of special relief that would allow the Register of Copyrights to “permit the deposit of identifying material which does not comply with § 202.21 of the regulations.”
On June 10, 1985 (50 FR 24240), the Copyright Office published a Notice of Inquiry inviting public comment on the feasibility of a single group registration for databases, deposit based on reasonable portions of output, and deposit based on description of content and its relation to prior deposits. Additionally, the Office invited public comment specifically on the recommendations made by IIA and AAP.
In response to comments received regarding that notice, the Office, on October 5, 1987 (52 FR 37167), proposed regulations providing for single group registration for automated databases with deposit based on reasonable portions of output. The Office received fourteen comments in response to its proposed rulemaking. After careful consideration, we have decided to implement in final form the provision for group registration, § 202.3(b)(4), and to amend for purposes of clarification the deposit provisions in connection with group registration at § 202.20(c)(2)(vii).
All of the commentators supported the decision to provide for group registration of automated databases, including their revised versions, however, most commentators disagreed with two specific requirements in the Office’s proposed procedures for making such registrations. The IIA submitted the most detailed comments, which, for the most part, incorporated the recommendations made by other commentators, six of whom expressly endorsed the IIA’s position. In issuing this regulation, we reconfirm and incorporate the rationale stated in the proposed regulation regarding the experimental nature of regulations to implement the discretionary authority for group registration. Additionally, we discuss below the comments received in response to the proposed rule.
2. Identification of New Material Under
17 U.S.C. 408(c)(1), the Register of Copyrights is authorized “to specify by regulation the administrative classes into which works are to be placed for purposes of deposit and registration. * * * The regulations may require or permit * * * a single registration for a group of related works.” Thus, the Copyright Office proposed group registration of automated databases as a special and discretionary provision. These deposit regulations provide that the applicant identify the original authorship in which copyright is being claimed in a revised database by marking the deposit. Specifically, the identifying portions must be “marked to disclose the copyrightable revision added on at least one representative publication * * * or * * * creation date” and be accompanied by a descriptive statement that identifies the location within the database where the copyrightable changes may be found.
IIA and nine other commentators objected to this requirement. Three other proprietors, and one database user, however, supported adoption of the regulations without challenging the marking feature.
Most commentators who opposed the requirement of marking the deposit and identifying the location of changes did so on the grounds that the requirements are too burdensome and that automated databases are not distinguishable from other databases. Therefore, they should not be subject to different registration requirements from other works. They point out that registration regulations for other derivative works do not require marking or locating the changes. Additionally, some commentators state that publishers would be required to devote substantial staff resources to the preparation of a deposit.
Electronic Data Systems Corporation (EDS), the sole comment[ator] representing a database user, considered the Office’s effort in assuring that identifying portions adequately disclose the copyrightable content of the changes a critical factor in the proposed regulations. “This is a key provision both in your comments and in your proposed regulations. What changes really were made to justify the updated copyright and [are] those noted with enough speci ficity that it would be easy for the Copyright Office to distinguish between databases submitted at different times?” This comment indicates that the biggest problem for the user is determining what data is covered by copyright and what is not.
Recognition of the special nature of automated databases moved the Copyright Office in its 1978 regulations to establish a more liberal form of deposit for such works; i.e., databases were exempted from the complete copy requirement and allowed to deposit the equivalent of 50 pages. Group registration represents another liberalization in special recognition of registration and deposit problems unique to automated databases. In limiting this proposal exclusively to online automated databases, both published and unpublished, the Office considered their unique nature—the size of databases, their periodic revision, and the dissemination of the work in machine-readable format.
The effect of these regulations is to significantly liberalize the registration requirements for a large group of published works, heretofore registrable only with a separate deposit, application and fee for each separately published version. Under the proposed regulations, the applicant may submit one deposit where previously as many as ninety deposits, with as many accompanying applications and fees, might have been required to register the same copyrightable content.
In explaining the proposed regulation, we found that sufficient factors such as size, complexity and technological characteristics exist to distinguish the automated database from other groups of related works and that these factors justify group registration for automated databases under a certain set of facts, at least on an experimental basis. In general, one salient technological characteristic is the rapidly changing content of databases.
In light of these factors, it is unrealistic to expect the Copyright Office to treat databases exactly the same as other derivative works, although the Office sees more equivalency in the procedures than some commentators. The requirements that have been criticized were designed to alleviate some of the burdens of examining a group of works based on a single application and deposit. They are also responsive to the unique nature of automated databases: frequent updates; incremental changes, which are sometimes minor; the absence of a hard-copy record of the changes in general; and the tendency to commingle
[54 Fed. Reg. 13179]
copyrightable and uncopyrightable matter. Moreover, the Office must consider not only its own administrative burdens, but also its obligation to identify the work being claimed and to establish an adequate public record for the benefit of the courts and in the general public interest. Given the strong presumption of copyright validity that attaches to registered works, it is incorrect to argue that defects in the registration record harm only the proprietor-plaintiff.
As a second major point in support of its objection to marking and locating the revised material, IIA contends that such individual marking would not necessarily reveal copyrightable material. In addition to the overall general support for the IIA position expressed by other commentators, the AAP and Dunn and Bradstreet also expressly objected to the marking requirement for this reason.
The proposed registration calls for the disclosure of revisions that would be registrable under the standards applicable to all other periodically revised works—that is, revisions that as a whole constitute an original work of authorship and entitle the work to registration.
Examination of the work to determine whether it constitutes copyrightable subject matter is the principal responsibility of the Copyright Office in making registration of claims to copyright.
17 U.S.C. 410(a). Most of the other material allegations to support a registration (e.g., the name and citizenship of the author, the name of the claimant, the place of publication, etc.) cannot be verified by the Copyright Office, and yet are accorded a legal presumption of validity. The requirement of marking the deposit to identify some copyrightable changes in one representative update should facilitate the processing of applications for group registration of automated databases. The alternative would be for the Office to correspond in many cases to obtain a more complete description of the copyrightable changes, if we adopted the IIA proposal. We reject this alternative as administratively burdensome.
Some misunderstanding may exist as to the nature of the marking requirement. We do not require that every copyrightable change be marked and identified for the representative date selected by the applicant. We require instead that sufficient copyrightable changes be marked and identified to enable the Copyright Office to carry out its statutory responsibility of determining that the revised version is indeed an original work of authorship. The applicant can select the particular revised version that evinces sufficient authorship, including the most recent version, since the last registration of the database. If in fact the nature of the changes in the three month interval does not satisfy the original work of authorship standard for copyright protection, then no new registration is necessary or warranted. If the work has not been changed to constitute a new original work of authorship, copyright for the preceding (or original) version should protect against any copying of the database.
Accordingly, group registration will be made for periodically updated or otherwise revised databases only upon a showing that changes give rise to another original work of authorship. Where the Office determines that only a few minor revisions have been made in the representative deposit, registration will be subject to question, and absent more justification, will be denied. The Office will not make registration based solely on a claim of structure, sequence, and organization. These terms are ambiguous, and may refer to uncopyrightable ideas, systems, or processes. Therefore, claims described as so-called “SSO” are unacceptable. Claims in “selection and arrangement” are of course acceptable since these terms appear in the statutory definition of “compilation.”
The requirement for marking revisions from one representative publication or creation date is related also to the Office’s view that each separately published version is potentially a separate and independent work of authorship. As such, whether a derivative work is copyrightable depends on the content of each version as compared to earlier versions of the work. Contrary to the IIA’s argument, comparison with earlier versions is relevant when copyright is claimed as a derivative work.
17 U.S.C. 103(b). The same policy is reflected in the regulation providing that there should be only one basic registration per work.
37 CFR 202.3(6). See also H.R. Rep. No. 94-1476, 94th Cong., 2d Sess. 155 (1976). If Congress granted a new copyright upon every republication of a work, copyright could be extended in perpetuity in basic conflict with the limited times provision of the Constitution’s clause. Thus, at best, no purpose is served by reregistering material already covered by an earlier registration. At worst, extending the copyright without new authorship exceeds the statutory and constitutional grant.
For these reasons then the Office considers reasonable a requirement that the claimant delineate with some particularity a claim in revised automated databases seeking group registration. The Office, of course, will accept deposit of a copy disclosing only the actual additions or modifications made on a representative day (for example the data input), in lieu of a marked print-out showing the changes. We have revised § 202.20(c)(2)(vii)(B)(5) to clarify that a deposit showing only the new matter is acceptable.
3. Description of the Origins of Data Two commentators objected to the requirement that a description of the origins of data be included in the statement to accompany identifying portions. We have already addressed the charges of disparate treatment of databases, noting the general equivalency of the requirements but also justifying departures from equivalency on the ground of the special nature of automated databases. Some of the departures favor proprietors, and some do not. Congress intended that the application contain information about preexisting works and that information is required for other works.
17 U.S.C. 409(9). On this point, the House Report states that this requirement that, “in the case of a “compilation or derivative work’ the application include an identification of any preexisting work or works that it is based on or incorporates * * *” is intended to elicit a clear statement of the copyright status of material included in a compilation. H.R. Rep. at 156. The origin of data requirement is merely a request for information about preexisting works in order to make a more meaningful group registration record.
4. Reasonable Portions of Output Earlier in this proceeding, the AAP proposed that the Office prescribe deposits for dynamic databases based on reasonable portions of output rather than raw data. The Office has proceeded on the assumption that either output or raw data is acceptable as a deposit, and the regulation clarifies this matter.
5. Representative Day The proposed deposit requirements specify that identifying portions shall be from a revised version as it existed on one representative publication or creation date. As stated earlier, the intent is to obtain identifying portions of copyrightable content from one self-contained work rather than several works. The IIA asked us to clarify that the Office intends no implication that only one work can come into being on a given day. We agree that it is
[54 Fed. Reg. 13180]
theoretically possible for more than one new version to be created on one day. The Office decided, however, to restrict the requirement for identifying portions merely to one day, for administrative purposes. As a practical matter, we also think that one day’s updates are particularly relevant in the case of published databases. It would not be meaningful to attempt separate identification of changes made during a period of time less than one day.
The regulations do not negate the possibility of special relief, under appropriate circumstances.
37 C.F.R. 202.20(d). Also, individual registration of revised versions continues to be available as an option. Some comments assert that for constantly changing databases it would be virtually impossible to identify all of one edition’s changes and appropriately mark a deposit copy. This concern is misplaced. As discussed under Item 2 above, it is not necessary to identify all changes. The requirement is to identify sufficient changes to establish that the work submitted for registration is an original work of authorship. Additionally, it is possible to submit 50 pages or a set of 50 data records of entirely new material accompanied by a descriptive statement that gives information to that effect.
6. Three-Month Period The AAP urges a single, group registration for all revisions to a database covering a twelve month period. Although it originally suggested a three-month period, IIA now supports the AAP proposal. Except for one other comment, which noted that even if we established a one year period as the outer limit, most registrations would likely occur within three months, no other comments expressed a desire for a broader window of registration than three months.
At this time, the Office adopts the three month period for group registration of a database and its updates. Prompt registration has been an important objective since the beginning of copyright in the United States. There is even more reason to adhere to a three month provision where not all of any one work will be deposited and the archival record for the work must necessarily be less than complete. Registration on a yearly basis exacerbates the problems presented by this kind of deposit and would create the potential for registering more than 300 works on one application, with a modicum of identifying deposit material.
We have concluded that a three month registration interval, accompanied by a suitable deposit, creates a better archival record and would be more useful and reliable as a source of information on the content of the works being registered. While registration fees are not a primary consideration, database registrants will enjoy substantial savings even for quarterly filings. Above all, the Office is concerned about the administrative difficulties of examining an application that covers multiple works. Group registration of databases must be viewed as experimental and must be re-evaluated after an appropriate period. Finally, we clarify in the final regulation that the three-month span must fall within a single calendar year. Since most databases are works made for hire, the date of publication affects the term. The Office concludes that a single registration should not be made for related works whose terms of copyright differ.
7. Online Access in Lieu of Deposit Several commentators have suggested that the Office accept online access in lieu of deposit. We have not at this time adopted this suggestion because administrative procedures have not been developed to monitor revisions and then capture some physical representation of the work for archival purposes. While the Office does not rule out such a deposit solution for the future, more information is needed than is currently available. Moreover, the Office assumes that copyright proprietors would expect some assurances that the online access would be strictly limited to examining purposes. Assurances of that kind, if possible, would require careful consultation with other departments of the Library to establish the necessary controls.
8. Notice of Copyright The Berne Implementation Act of 1988 eliminates the mandatory nature of the notice of copyright for works first published on or after March 1, 1989. We have accordingly modified the references to notice of copyright in the final regulation. Mandatory notice is retained in section § 202.3(b)(4)(i)(E) for works published before March 1, 1989. The identifying descriptive statement must disclose the notice, “if the work bears a notice.” Where notice of copyright is used, group registration is possible only if the notices identify the same claimant for each update.
9. Special Instructions in Lieu of New Form In the proposed regulations, the Copyright Office indicated that Form TX would be used to register the first version of a database submitted for registration and an adjunct form would be used to register subsequent updates or revisions.
The final regulations provide instead that Form TX will be used to register both the initial version and subsequent updates of automated databases. Instead of a new adjunct form, the Office, on an experimental basis, has prepared special instructions for completing the Form TX when applying for group registration of an automated database and its updates. The Special Instructions for Group Registration of Automated Databases may be obtained upon request on the same basis as any Copyright Office form or publication.
After acquiring experience with respect to group registration of automated databases, the Office may prepare a new adjunct form.
10. Clarification of Miscellaneous Points IIA and several other commentators suggested certain other clarifying amendments. Among the technical amendments adopted, the following should be especially noted:
a. Instead of using the term “updates” alone, the language has been expanded to avoid any implication that only the revisions made in response to developments occurring after creation of the previously registered work are subject to group registration.
b. We have clarified that deposit of output is appropriate. Identifying portions sufficient to satisfy the deposit requirements may be submitted in the form of output, rather than input, or raw data. It is the acceptance of output as deposit material that clearly necessitates the applicant’s distinguishing between material that has been added in the version being registered and output that was stored in machine-readable form in earlier versions of the work.
c. We have substituted “general” for “collective” title in § 202.3(b)(4)(i)(B) to avoid any implication that the database must conform to the definition of “collective work” under
17 U.S.C. 101.
d. We confirm that group registration is available for both published and unpublished databases.
e. We have renumbered subsections to clarify that the applicant need not submit a descriptive statement for a single file database that is not a derivative work.
In this first exercise of our administrative discretion to register a group of related works under section 408(c)(1) of the Copyright Act, we will evaluate administrative experience and the experience of applicants filing under this new rule. We will also continue to
[54 Fed. Reg. 13181]
monitor emerging decisional law with respect to automated databases, and will reconsider the proper scope of, and conditions for group registration of databases, as appropriate. Further refinements may be indicated.
* * *
With respect to the Regulatory Flexibility Act, the Copyright Office takes the position that this Act does not apply to the Copyright Office rulemaking. The Copyright Office is a department of the Library of Congress and is part of the legislative branch. Neither the Library of Congress nor the Copyright Office is an “agency” within the meaning of the Administrative Procedure Act of June 11, 1946, as amended (Title 5, Chapter 5 of the U.S. Code, Subchapter II and Chapter 7). The Regulatory Flexibility Act consequently does not apply to the Copyright Office since the Act affects only those entities of the Federal Government that are agencies as defined in the Administrative Procedure Act.
2 Alternatively, if it is later determined by a court of competent jurisdiction that the Copyright Office is an “agency” subject to the Regulatory Flexibility Act, the Register of Copyrights has determined and hereby certifies that this regulation will have no significant impact on small businesses.
List of Subjects in 37 CFR Part 202
Registration of Claims to Copyright, Claims to copyright, Copyright registration.
Final Regulations
In consideration of the foregoing, Part 202 of 37 CFR, Chapter II is amended as follows:
1. The authority citation for Part 202 continues to read as follows:
2. Section 202.3(b)(3)(B)(ii) is revised by striking the phrase “paragraphs (b)(3) and (b)(5)” in the first sentence and inserting in lieu there of “paragraphs (b)(3) through (b)(5).”
3. Section 202.3(b)(4) is added to read as follows:
§ 202.3 [Amended] * * *
(4)
Group registration of related works: Automated databases. (i) Pursuant to the authority granted by
section 408(c)(1) of Title 17 of the United States Code, the Register of Copyrights has determined that, on the basis of a single application, deposit, and filing fee, a single registration may be made for automated databases and their updates or other derivative versions that are original works of authorship, if, where a database (or updates or other revisions thereof), if unpublished, is (or are) fixed, or if published is (or are) published only in the form of machine-readable copies, all of the following conditions are met:
(A) All of the updates or other revisions are owned by the same copyright claimant;
(B) All of the updates or other revisions have the same general title;
(C) All of the updates or other revisions are similar in their general content, including their subject;
(D) All of the updates or other revisions are similar in their organization;
(E) Each of the updates or other revisions as a whole, if published before March 1, 1989, bears a statutory copyright notice as first published and the name of the owner of copyright in each work (or an abbreviation by which the name can be recognized, or a generally known alternative designation of the owner) was the same in each notice;
(F) Each of the updates or other revisions if published was first published, or if unpublished was first created, within a three-month period in a single calendar year; and
(G) The deposit accompanying the application complies with § 202.20(c)(2)(vii)(B).
(ii) A single registration may be made on one application for both a database published on a single date, or if unpublished, created on a single date, and also for its copyrightable revisions, including updates covering a three-month period in a single calendar year. An application for group registration of automated databases under section 408(c)(1) of Title 17 and this subsection shall consist of:
(A) A Form TX, completed in accordance with the basic instructions on the form and the Special Instructions for Group Registration of an Automated Database and its Updates or Revisions;
(B) A filing fee of $10; and
(C) The deposit required by 202.20(c)(2)(vii)(B).
* * *
4. Section 202.20(c)(2)(vii)(B) is revised to read as follows:
§ 202.20 [Amended] * * *
(c) Nature of required deposit.
(1) * * *
(2) * * *
(vii) * * *
(B) For published and unpublished automated databases, compilations, statistical compendia, and the like, so fixed or published, one copy of identifying portions of the work, reproduced in a form visually perceptible without the aid of a machine or device, either on paper or in microform. For these purposes:
(1 ) “Identifying portions” shall generally mean either the first and last 25 or equivalent units of the work if reproduced on paper or in microform.
(2 ) “Data file” and “file” mean a group of data records pertaining to a common subject matter regardless of their size or the number of data items in them.
(3 ) In the case of individual registration of a revised version of the works identified in this paragraph (c)(2)(vii)(B), the identifying portions deposited shall contain 50 representative pages or data records which have been added or modified.
(4 ) If the work is an automated database comprising multiple separate or distinct data files, “identifying portions” shall instead consist of 50 complete data records from each data file or the entire data file, whichever is less, and the descriptive statement required by paragraph (c)(2)(vii)(B)(5).
(
5 ) In the case of group registration for revised or updated versions of a database, the claimant shall deposit identifying portions that contain 50 representative pages or equivalent units, or representative data records which have been marked to disclose (or do in fact disclose solely) the new material added on one representative publication date if published, or on one representative creation date, if unpublished, and shall also deposit a brief typed or printed descriptive statement containing the notice of copyright information required under “(
6 )” or “(
7 )” immediately below, if the work bears a notice, and;
(i ) The title of the database;
(ii ) A subtitle, date of creation or publication, or other information, to distinguish any separate or distinct data files for cataloging purposes;
(
iii ) The name and address of the copyright claimant;
[54 Fed. Reg. 13182]
(iv ) For each separate file, its name and content, including its subject, the origin(s) of the data, and the approximate number of data records it contains; and
(v ) In the case of revised or updated versions of an automated database, information as to the nature and frequency of changes in the database and some identification of the location within the database or the separate data files of the revisions.
(6 ) For a copyright notice embodied in machine-readable form, the statement shall describe exactly the visually perceptible content of the notice which appears in or with the database, and the manner and frequency with which it is displayed (e.g., at user’s terminal only at sign-on, or continuously on terminal display, or on printouts, etc.).
(
7 ) If a visually perceptible copyright notice is placed on any copies of the work (or on magnetic tape reels or containers therefor), a sample of such notice must also accompany the statement.
* * * * *
| Ralph Oman, | Register of Copyrights. |
| | Approved by: |
| | James H. Billington, |
| | Acting Librarian of Congress. |
Footnotes — Appendix 4A[32]:
1 Registration will no longer be a prerequisite to suit for Berne Convention works whose country of origin is not the United States, effective March 1, 1989. Pub. L. 100-568, 102 Stat. 2853 (October 31, 1988).
2 The Copyright Office was not subject to the Administrative Procedure Act before 1978, and it is not subject to it only in areas specified by section 701(d) of the Copyright Act (i.e., “all actions taken by the Register of Copyrights under this title [17],” except with respect to the making of copies of copyright deposits). [
17 U.S.C. 706(b)]. The Copyright Act does not make the Office an “agency” as de fined in the Administrative Procedure Act. For example, personnel actions taken by the Office are not subject to APA-FOIA requirements.
This article may be cited as the Alabama Computer Crime Act.
When used in this chapter, the following terms shall have the following meanings, respectively, unless a different meaning clearly appears from the context:
(1) Data. A representation of information, knowledge, facts, concepts, or instructions which are being prepared or have been prepared in a formalized manner, and is intended to be processed, is being processed, or has been processed in a computer system or computer network, and should be classified as intellectual property, and may be in any form, including computer printouts, magnetic storage media, punched cards, or stored internally in the memory of the computer.
(2) Intellectual Property. Data, including computer program,
(3) Computer Program. An ordered set of data representing coded instructions or statements that, when executed by a computer, cause the computer to process data.
(4) Computer. An electronic magnetic, optical or other high speed data processing device or system which performs logical, arithmetic, and memory functions by manipulations of electronic magnetic or optical impulses, and includes all input, output, processing, storage, computer software, or communication facilities which are connected or related to the computer in a computer system or computer network.
(5) Computer Software. A set of computer programs, procedures, and associated documentation concerned with the operation of a computer, computer system or computer network.
(6) Computer System. A set of related, connected or unconnected, computer equipment, devices, or computer software.
(7) Computer Network. A set of related, remotely connected devices and communication facilities, including more than one computer system, with capability to transmit data among them through communication facilities.
(8) Computer System Services. The utilization of a computer, computer system, or computer network to assist an individual or entity with the performance of a particular lawful function which that individual or entity has been given the right, duty, and power, together with the responsibility, to perform.
(9) Property. Anything of value as defined by law, and includes financial instruments, information, including electronically produced data and computer software and computer programs in either machine or human readable form, and any other tangible or intangible items of value.
(10) Financial Instrument. Includes any check, draft, warrant, money order, note, certificate of deposit, letter of credit, bill of exchange, credit or debit card, transaction authorization mechanism, marketable security, or any computer system representation thereof.
(11) Access. To instruct, communicate with, store data in, or retrieve data from a computer, computer system or computer network.
(a) Whoever willfully, knowingly, and without authorization or without reasonable grounds to believe that he has such authorization, attempts or achieves access, communication, examination, or modification of data, computer programs, or supporting documentation residing or existing internal or external to a computer, computer system, or computer network commits an offense against intellectual property.
(b) Whoever willfully, knowingly, and without authorization or without reasonable grounds to believe that he has such authorization, destroys data, computer programs, or supporting documentation residing or existing internal or external to a computer, computer system, or computer network commits an offense against intellectual property.
(c) Whoever willfully, knowingly, and without authorization or without reasonable grounds to believe that he has such authorization, discloses, uses, or takes data, computer programs, or supporting documentation residing or existing internal or external to a computer, computer system, or computer network commits an offense against intellectual property.
(d)
(1) Except as otherwise provided in this subsection, an offense against intellectual property in a Class A misdemeanor, punishable as provided by law.
(2) If the offense is committed for the purpose of devising or executing any scheme or artifice to defraud or to obtain any property, then the offender is guilty of a Class C felony, punishable as provided by law.
(3) If the damage to such intellectual property is $2,500.00 or greater, or if there is an interruption or impairment of governmental operation or public communication, transportation, or supply of water, gas, or other public or utility service, then the offender is guilty of a Class B felony, punishable as provided by law.
(4) Whoever willfully, knowingly, and without authorization alters or removes data causing physical injury to any person who is not involved in said act shall be guilty of a Class A felony, punishable as provided by law.
(a)
(1) Whoever willfully, knowingly, and without authorization or without reasonable grounds to believe that he has such authorization, modifies equipment or supplies that are used or intended to be used in a computer, computer system, or computer network commits an offense against computer equipment or supplies.
(2)
a. Except as provided in this subsection, an offense against computer equipment or supplies as provided in subdivision (a)(1) is a Class A misdemeanor, punishable as provided by law.
b. If the offense is committed for the purpose of devising or executing any scheme or artifice to defraud or to obtain any property, then the offender is guilty of a Class C felony, punishable as provided by law.
(b)
(1) Whoever willfully, knowingly, and without authorization or without reasonable grounds to believe that he has such authorization, destroys, uses, takes, injures, or damages equipment or supplies used or intended to be used in a computer, computer system, or computer network, or whoever willfully, knowingly, and without authorization or without reasonable grounds to believe that he has such authorization, destroys, injures, takes or damages any computer, computer system, or computer network commits an offense against computer equipment and supplies.
(2)
a. Except as provided in this subsection, an offense against computer equipment or supplies as provided in subdivision (b)(1) is a Class A misdemeanor, punishable as provided by law.
b. If the damage to such computer equipment or supplies or to the computer, computer system, or computer network is $2,500.00 or greater, or if there is an interruption or impairment of governmental operation or public communication, transportation, or supply of water, gas, or other public utility service, then the offender is guilty of a Class B felony, punishable as provided by law.
(a) A person commits the offense of criminal use of a computer if, having no right to do so or any reasonable ground to believe the person has such a right, the person knowingly accesses or causes to be accessed a computer, computer system, computer program, computer network, or any part of a computer system or network, and as a result of that access
(1) obtains information concerning a person; or
(2) introduces false information into a computer, computer system, or computer network with the intent to damage or enhance the data record of a person.
(b) Criminal use of a computer is a class C felony.
E. For the purposes of § 13–2316:
1. “Access” means to approach, instruct, communicate with, store data in, retrieve data from or otherwise make use of any resources of a computer, computer system or computer network.
2. “Computer” means an electronic device which performs logic, arithmetic or memory functions by the manipulations of electronic or magnetic impulses and includes all input, output, processing, storage, software or communication facilities which are connected or related to such a device in a system or network.
3. “Computer network” means the interconnection of communication lines with a computer through remote terminals or a complex consisting of two or more interconnected computers.
4. “Computer program” means a series of instructions or statements, in a form acceptable to a computer, which permits the functioning of a computer system in a manner designed to provide appropriate products from such computer system.
5. “Computer software” means a set of computer programs, procedures and associated documentation concerned with the operation of a computer system.
6. “Computer system” means a set of related, connected or unconnected computer equipment, devices and software.
7. “Financial instrument” means any check, draft, money order, certificate of deposit, letter of credit, bill of exchange, credit card, marketable security or any other written instrument, as defined by § 13–2001, paragraph 7, which is transferable for value.
8. “Property” means financial instruments, information, including electronically produced data, computer software and programs in either machine or human readable form, and anything of value, tangible or intangible.
9. “Services” includes computer time, data processing and storage functions.
A. A person commits computer fraud in the first degree by accessing, altering, damaging or destroying without authorization any computer, computer system, computer network, or any part of such computer, system or network, with the intent to devise or execute any scheme or artifice to defraud or deceive, or control property or services by means of false or fraudulent pretenses, representations or promises.
B. A person commits computer fraud in the second degree by intentionally and without authorization accessing, altering, damaging or destroying any computer, computer system or computer network or any computer software, program or data contained in such computer, computer system or computer network.
C. Computer fraud in the first degree is a class 3 felony. Computer fraud in the second degree is a class 6 felony.
It is found and determined that computer-related crime poses a major problem for business and government; that losses for each incident of computer-related crime are potentially astronomical; that the opportunities for computer-related crime in business and government through the introduction of fraudulent records into a computer system, the unauthorized use of computers, the alteration or destruction of computerized information or files, and the stealing of financial instruments, data, and other assets are great; that computer-related crime has a direct effect on state commerce; and that, while various forms of computer crime might possibly be the subject of criminal charges based on other provisions of law, it is appropriate and desirable that a statute be enacted which deals directly with computer crime.
As used in this chapter, unless the context otherwise requires:
(1) “Access” means to instruct, communicate with, store data in, or retrieve data from a computer, computer system, or computer network;
(2) “Computer” means an electronic device that performs logical, arithmetic, and memory functions by manipulating electronic or magnetic impulses and includes all input, output, processing, storage, computer software, and communication facilities that are connected or related to that device in a system or a network;
(3) “Computer network” means the interconnection of communications lines with a computer through remote terminals or a complex consisting of two (2) or more interconnected computers;
(4) “Computer program” means a set of instructions, statements, or related data that, in actual or modified form, is capable of causing a computer or a computer system to perform specified functions;
(5) “Computer software” means one (1) or more computer programs, existing in any form, or any associated operational procedures, manuals, or other documentation;
(6) “Computer system” means a set of related, connected, or unconnected computers, other devices, and software;
(7) “Data” means any representation of information, knowledge, facts, concepts, or instructions which are being prepared or have been prepared and are intended to be processed or stored, are being processed or stored, or have been processed or stored in a computer, computer network, or computer system;
(8) “Financial instrument” includes, but is not limited to, any check, draft, warrant, money order, note, certificate of deposit, letter of credit, bill of exchange, credit or debit card, transaction authorization mechanism, marketable security, or any computer system representation thereof;
(9) “Property” includes, but is not limited to, financial instruments, data, computer programs, documents associated with computers and computer programs, or copies thereof, whether tangible or intangible, including both human and computer readable data, and data while in transit;
(10) “Services” includes, but is not limited to, the use of a computer, a computer system, a computer network, computer software, a computer program, or data.
(a) Any person commits computer fraud who intentionally accesses or causes to be accessed any computer, computer system, computer network, or any part thereof for the purpose of:
(1) Devising or executing any scheme or artifice to defraud or extort; or
(2) Obtaining money, property, or services with false or fraudulent intent, representations, or promises.
(b) Computer fraud is a Class D felony.
(a) Any person commits computer trespass who intentionally and without authorization accesses, alters, deletes, damages, destroys, or disrupts any computer, computer system, computer network, computer program, or data.
(b) Computer trespass is a Class C misdemeanor if it is a first violation which does not cause any loss or damage;
(c) Computer trespass is a Class B misdemeanor if:
(1) It is a second or subsequent violation which does not cause any loss or damage; or
(2) It is a violation which causes loss or damage of less than five hundred dollars ($500).
(d) Computer trespass is a Class A misdemeanor if it is a violation which causes loss or damage of five hundred dollars ($500) or more, but less than twenty-five hundred dollars ($2,500).
(e) Computer trespass is a Class D felony if it is a violation which causes loss or damage of two thousand five hundred dollars ($2,500) or more.
For the purpose of venue under this chapter, any violation of this chapter shall be considered to have been committed in any county:
(1) In which any act was performed in furtherance of any course of conduct which violated this chapter;
(2) In which any violator had control or possession of any proceeds of the violation or of any books, records, documents, property, financial instrument, computer software, computer program, data, or other material or objects which were used in furtherance of the violation;
(3) From which, to which, or through which any access to a computer or computer network was made whether by wires, electromagnetic waves, microwaves, or any other means of communication;
(4) In which any computer, computer system, or computer network is an object or an instrument of the violation is located at the time of the alleged violation.
(a) Any person whose property or person is injured by reason of a violation of any provision of this chapter may sue therefor and recover for any damages sustained and the costs of suit. Without limiting the generality of the term, “damages” shall include loss of profits.
(b) At the request of any party to an action brought pursuant to this section, the court, in its discretion, may conduct all legal proceedings in such a way as to protect the secrecy and security of the computer, computer system, computer network, computer program, computer software, and data involved in order to prevent possible reoccurrence of the same or a similar act by another person and to protect any trade secrets of any party.
(c) No civil action under this section may be brought except within three (3) years from the date the alleged violation of this chapter is discovered or should have been discovered by the exercise of reasonable diligence.
If requested to do so by a prosecuting attorney, the Attorney General may assist the prosecuting attorney in the investigation or prosecution of an offense under this chapter or any other offense involving the use of a computer.
(a) It is the intent of the Legislature in enacting this section to expand the degree of protection afforded to individuals, businesses, and governmental agencies from tampering, interference, damage, and unauthorized access to lawfully created computer data and computer systems. The Legislature finds and declares that the proliferation of computer technology has resulted in a concomitant proliferation of computer crime and other forms of unauthorized access to computers, computer systems, and computer data.
The Legislature further finds and declares that protection of the integrity of all types and forms of lawfully created computers, computer systems, and computer data is vital to the protection of the privacy of individuals as well as to the well-being of financial institutions, business concerns, governmental agencies, and others within this state that lawfully utilize those computers, computer systems, and data.
(b) For the purposes of this section, the following terms have the following meanings:
(1) “Access” means to gain entry to, instruct, or communicate with the logical, arithmetical, or memory function resources of a computer, computer system, or computer network.
(2) “Computer network” means any system which provides communications between one or more computer systems and input/output devices including, but not limited to, display terminals and printer, connected by telecommunication facilities.
(3) “Computer program or software” means a set of instructions or statements, and related data, that when executed in actual or modified form, cause a computer, computer system, or computer network to perform specified functions.
(4) “Computer services” includes, but is not limited to, computer time, data processing, or storage functions, or other uses of a computer, computer system, or computer network.
(5) “Computer system” means a device or collection of devices, including support devices and excluding calculators which are not programmable and capable of being used in conjunction with external files, one or more of which contain computer programs, electronic instructions, input data, and output data, that performs functions including, but not limited to, logic, arithmetic, data storage and retrieval, communication, and control.
(6) “Data” means a representation of information, knowledge, facts, concepts, computer software, computer programs or instructions. Data may be in any form, in storage media, or as stored in the memory of the computer or in transit or presented on a display device.
(7) “Supporting documentation” includes, but is not limited to, all information, in any form, pertaining to the design, construction, classification, implementation, use, or modification of a computer, computer system, computer network, computer program, or computer software, which information is not generally available to the public and is necessary for the operation of a computer, computer system, computer network, computer program, or computer software.
(8) “Injury” means any alteration, deletion, damage, or destruction of a computer system, computer network, computer program, or data caused by the access.
(9) “Victim expenditure” means any expenditure reasonably and necessary incurred by the owner or lessee to verify that a computer system, computer network, computer program, or data was or was not altered, deleted, damaged, or destroyed by the access.
(10) “Computer contaminant” means any set of computer instructions that are designed to modify, damage, destroy, record or transmit information within a computer, computer system, or computer network without the intent or permission of the owner of the information. They include, but are not limited to, a group of computer instructions commonly called viruses or worms, which are self-replicating or self-propagating and are designed to contaminate other computer programs or computer data, consume computer resources, modify, destroy, record, or transmit data, or in some other fashion usurp the normal operation of the computer, computer system, or computer network.
(c) Except as provided in subdivision (i), any person who commits any of the following acts is guilty of a public offense:
(1) Knowingly accesses and without permission alters, damages, deletes, destroys, or otherwise uses any data, computer, computer system, or computer network in order to either (A) devise or execute any scheme or artifice to defraud, deceive, or extort, or (B) wrongfully control or obtain money, property, or data.
(2) Knowingly accesses and without permission takes, copies, or makes use of any data from a computer, computer system, or computer network, or takes or copies any supporting documentation, whether existing or residing internal or external to a computer, computer system, or computer network.
(3) Knowingly and without permission uses or causes to be used computer services.
(4) Knowingly accesses and without permission adds, alters, damages, deletes, or destroys any data, computer software, or computer programs which reside or exist internal or external to a computer, computer system, or computer network.
(5) Knowingly and without permission disrupts or causes the disruption of computer services or denies or causes the denial of computer services to an authorized user of a computer, computer system, or computer network.
(6) Knowingly and without permission provides or assists in providing a means of accessing a computer, computer system, or computer network in violation of this section.
(7) Knowingly and without permission accesses or causes to be accessed any computer, computer system, or computer network.
(8) Knowingly introduces any computer contaminant into any computer, computer system, or computer network.
(d)
(1) Any person who violates any of the provisions of paragraph (1), (2), (4), or (5) of subdivision (c) is punishable by a fine not exceeding ten thousand dollars ($10,000), or by imprisonment in the state prison for 16 months, or two or three years, or by both that fine and imprisonment, or by a fine not exceeding five thousand dollars ($5,000), or by imprisonment in the county jail not exceeding one year, or by both that fine and imprisonment.
(2) Any person who violates paragraph (3) of subdivision (c) is punishable as follows:
(A) For the first violation which does not result in injury, and where the value of the computer services used does not exceed four hundred dollars ($400), by a fine not exceeding five thousand dollars ($5,000), or by imprisonment in the county jail not exceeding one year, or by both that fine and imprisonment.
(B) For any violation which results in a victim expenditure in an amount greater than five thousand dollars ($5,000) or in an injury, or if the value of the computer services used exceeds four hundred dollars ($400), or for any second or subsequent violation, by a fine not exceeding ten thousand dollars ($10,000), or by imprisonment in the state prison for 16 months, or two or three years, or by both that fine and imprisonment, or by a fine not exceeding five thousand dollars ($5,000), or by imprisonment in the county jail not exceeding one year, or by both that fine and imprisonment.
(3) Any person who violates paragraph (6) or (7) of subdivision (c) is punishable as follows:
(A) For a first violation which does not result in injury, an infraction punishable by a fine not exceeding two hundred fifty dollars ($250).
(B) For any violation which results in a victim expenditure in an amount not greater than five thousand dollars ($5,000), or for a second or subsequent violation, by a fine not exceeding five thousand dollars ($5,000), or by imprisonment in the county jail not exceeding one year, or by both that fine and imprisonment.
(C) For any violation which results in a victim expenditure in an amount not greater than five thousand dollars ($5,000), by a fine not exceeding ten thousand dollars ($10,000), or by imprisonment in the state prison for 16 months, or two or three years, or by both that fine and imprisonment, or by a fine not exceeding five thousand dollars ($5,000), or by imprisonment in the county jail not exceeding one year, or by both that fine and imprisonment.
(e)
(1) In addition to any other civil remedy available, the owner or lessee of the computer, computer system, computer network, computer program, or data may bring a civil action against any person convicted under this section for compensatory damages, including any expenditure reasonably and necessarily incurred by the owner or lessee to verify that a computer system, computer network, computer program, or data was or was not altered, damaged, or deleted by the access. For the purposes of actions authorized by this subdivision, the conduct of an unemancipated minor shall be imputed to the parent or legal guardian having control or custody of the minor, pursuant to the provisions of Section 1714.1 of the Civil Code.
(2) In any action brought pursuant to this subdivision the court may award reasonable attorney’s fees to a prevailing party.
(3) A community college, state university, or academic institution accredited in this state is required to include computer-related crimes as a specific violation of college or university student conduct policies and regulations that may subject a student to disciplinary sanctions up to and including dismissal from the academic institution. This paragraph shall not apply to the University of California unless the Board of Regents adopts a resolution to that effect.
(f) This section shall not be construed to preclude the applicability of any other provision of the criminal law of this state which applies or may apply to any transaction, nor shall it make illegal any employee labor relations activities that are within the scope and protection of state or federal labor laws.
(g) Any computer, computer system, computer network, or any software or data, owned by the defendant, which is used during the commission of any public offense described in subdivision (c) or any computer, owned by the defendant, which is used as a repository for the storage of software or data illegally obtained in violation of subdivision (c) shall be subject to forfeiture pursuant to Section 502.01.
(h)
(1) Subdivision (c) does not apply to any person who accesses his or her employer’s computer system, computer network, computer program, or data when acting within the scope of his or her lawful employment.
(2) Paragraph (3) of subdivision (c) does not apply to any employee who accesses or uses his or her employer’s computer system, computer network, computer program, or data when acting outside the scope of his or her lawful employment, so long as the employee’s activities do not cause an injury, as defined in paragraph (8) of subdivision (b), to the employer or another, or so long as the value of computer services, as defined in paragraph (4) of subdivision (b), which are used do not exceed one hundred dollars ($100).
(i) No activity exempted from prosecution under paragraph (2) of subdivision (i) which incidentally violates paragraph (2), (4), or (7) of subdivision (c) shall be prosecuted under those paragraphs.
(j) For purposes of bringing a civil or a criminal action under this section, a person who causes, by any means, the access of a computer, computer system, or computer network in one jurisdiction from another jurisdiction is deemed to have personally accessed the computer, computer system, or computer network in each jurisdiction.
(k) In determining the terms and conditions applicable to a person convicted of a violation of this section the court shall consider the following:
(1) Prohibitions on access to and use of computers;
(2) Except as otherwise required by law, the court shall consider alternate sentencing, including community service, if the defendant shows remorse and recognition of the wrongdoing, and an inclination not to repeat the offense.
As used in this article, unless the context otherwise requires:
(1) “Authorization” means the express consent of a person which may include an employee’s job description to use said person’s computer, computer network, computer program, computer software, computer system, property, or services as those terms are defined in this section.
(2) “Computer” means an electronic device which performs logical, arithmetic, or memory functions by the manipulations of electronic or magnetic impulses, and includes all input, output, processing, storage, software, or communication facilities which are connected or related to such a device in a system or network.
(3) “Computer network” means the interconnection of communication lines (including microwave or other means of electronic communication) with a computer through remote terminals, or a complex consisting of two or more interconnected computers.
(4) “Computer program” means a series of instructions or statements, in a form acceptable to a computer, which permits the functioning of a computer system in a manner designed to provide appropriate products from such computer system.
(5) “Computer software” means computer programs, procedures, and associated documentation concerned with the operation of a computer system.
(6) “Computer system” means a set of related, connected or unconnected, computer equipment, devices, and software.
(7) “Financial instrument” means any check, draft, money order, certificate of deposit, letter of credit, bill of exchange, credit card, debit card, or marketable security.
(8) “Property” includes, but is not limited to, financial instruments, information, including electronically produced data, and computer software and programs in either machine or human readable form, and any other tangible or intangible item of value.
(9) “Services” includes, but is not limited to, computer time, data processing, and storage functions.
(10) To “use” means to instruct, communicate with, store data in, retrieve data from, or otherwise make use of any resources of a computer, computer system, or computer network.
(1) Any person who knowingly uses any computer, computer system, computer network, or any part thereof for the purpose of devising or executing any scheme or artifice to defraud; obtaining money, property, or services by means of false or fraudulent pretenses, representations, or promises; using the property or services of another without authorization; or committing theft commits computer crime.
(2) Any person who knowingly and without authorization uses, alters, damages, or destroys any computer, computer system, or computer network described in section 18–5.5–101 or any computer software, program, documentation, or data contained in such computer, computer system, or computer network commits computer crime.
(3) If the loss, damage, or thing of value taken in violation of this section is less than fifty dollars, computer crime is a class 3 misdemeanor; if fifty dollars or more but less than three hundred dollars, computer crime is a class 2 misdemeanor; if three hundred dollars or more but less than ten thousand dollars, computer crime is a class 5 felony; if ten thousand dollars or more, computer crime is a class 3 felony.
For the purposes of this part and section 52–570b:
(1) “Access” means to instruct, communicate with, store data in or retrieve data from a computer, computer system or computer network.
(2) “Computer” means a programmable, electronic device capable of accepting and processing data.
(3) “Computer network” means (A) a set of related devices connected to a computer by communications facilities, or (B) a complex of two or more computers, including related devices, connected by communications facilities.
(4) “Computer program” means a set of instructions, statements or related data that, in actual or modified form, is capable of causing a computer or computer system to perform specified functions.
(5) “Computer services” includes, but is not limited to, computer access, data processing and data storage.
(6) “Computer software” means one or more computer programs existing in any form, or any associated operational procedures, manuals or other documentation.
(7) “Computer system” means a computer, its software, related equipment, communications facilities, if any, and includes computer networks.
(8) “Data” means information of any kind in any form, including computer software.
(9) “Person” means a natural person, corporation, trust, partnership, incorporated or unincorporated association and any other legal or governmental entity, including any state or municipal entity or public official.
(10) “Private personal data” means data concerning a natural person which a reasonable person would want to keep private and which is protectable under law.
(11) “Property” means anything of value, including data.
(a) Defined. A person commits computer crime when he violates any of the provisions of this section.
(b) Unauthorized access to a computer system.
(1) A person is guilty of the computer crime of unauthorized access to a computer system when, knowing that he is not authorized to do so, he accesses or causes to be accessed any computer system without authorization.
(2) It shall be an affirmative defense to a prosecution for unauthorized access to a computer system that: (A) the person reasonably believed that the owner of the computer system, or a person empowered to license access thereto, had authorized him to access; (B) the person reasonably believed that the owner of the computer system, or a person empowered to license access thereto, would have authorized him to access without payment of any consideration; or (C) the person reasonably could not have known that his access was unauthorized.
(c) Theft of computer services. A person is guilty of the computer crime of theft of computer services when he accesses or causes to be accessed or otherwise uses or causes to be used a computer system with the intent to obtain unauthorized computer services.
(d) Interruption of computer services. A person is guilty of the computer crime of interruption of computer services when he, without authorization, intentionally or recklessly disrupts or degrades or causes the disruption or degradation of computer services or denies or causes the denial of computer services to an authorized user of a computer system.
(e) Misuse of computer system information. A person is guilty of the computer crime of misuse of computer system information when: (1) As a result of his accessing or causing to be accessed a computer system, he intentionally makes or causes to be made an unauthorized display, use, disclosure or copy, in any form, of data residing in, communicated by or produced by a computer system; or (2) he intentionally or recklessly and without authorization (A) alters, deletes, tampers with, damages, destroys or takes data intended for use by a computer system, whether residing within or external to a computer system, or (B) intercepts or adds data to data residing within a computer system; or (3) he knowingly receives or retains data obtained in violation of subdivision (1) or (2) of this subsection; or (4) he uses or discloses any data he knows or believes was obtained in violation of subdivision (1) or (2) of this subsection.
(f) Destruction of computer equipment. A person is guilty of the computer crime of destruction of computer equipment when he, without authorization, intentionally or recklessly tampers with, takes, transfers, conceals, alters, damages or destroys any equipment used in a computer system or intentionally or recklessly causes any of the foregoing to occur.
(a) A person is guilty of computer crime in the first degree when he commits computer crime as defined in section 53a–251 and the damage to or the value of the property or computer services exceeds ten thousand dollars.
(b) Computer crime in the first degree is a class B felony.
(a) A person is guilty of computer crime in the second degree when he commits computer crime as defined in section 53a–251 and the damage to or the value of the property or computer services exceeds five thousand dollars.
(b) Computer crime in the second degree is a class C felony.
(a) A person is guilty of computer crime in the third degree when he commits computer crime as defined in section 53a–251 and (1) the damage to or value of the property or computer services exceeds one thousand dollars or (2) he recklessly engages in conduct which creates a risk of serious physical injury to another person.
(b) Computer crime in the third degree is a class D felony.
(a) A person is guilty of computer crime in the fourth degree when he commits computer crime as defined in section 53a–251 and the damage to or the value of the property or computer services exceeds five hundred dollars.
(b) Computer crime in the fourth degree is a class A misdemeanor.
(a) A person is guilty of computer crime in the fifth degree when he commits computer crime as defined in section 53a–251 and the damage to or value of the property or computer services, if any, is five hundred dollars or less.
(b) Computer crime in the fifth degree is a class B misdemeanor.
If a person has gained money, property or services or other consideration through the commission of any offense under section 53a–251, upon conviction thereof the court, in lieu of imposing a fine, may sentence the defendant to pay an amount, fixed by the court, not to exceed double the amount of the defendant’s gain from the commission of such offense. In such case the court shall make a finding as to the amount of the defendant’s gain from the offense and, if the record does not contain sufficient evidence to support such a finding, the court may conduct a hearing upon the issue. For the purpose of this section, “gain” means the amount of money or the value of property or computer services or other consideration derived.
Amounts included in violations of section 53a–251 committed pursuant to one scheme or course of conduct, whether from the same person or several persons, may be aggregated in determining the degree of the crime.
(a) For the purposes of this part and section 52–570b, the value of property or computer services shall be: (1) The market value of the property or computer services at the time of the violation; or (2) if the property or computer services are unrecoverable, damaged or destroyed as a result of a violation of section 53a–251, the cost of reproducing or replacing the property or computer services at the time of the violation.
(b) When the value of the property or computer services or damage thereto cannot be satisfactorily ascertained, the value shall be deemed to be two hundred fifty dollars.
(c) Notwithstanding the provisions of this section, the value of private personal data shall be deemed to be one thousand five hundred dollars.
(a) In any prosecution for a violation of section 53a–251 the offense shall be deemed to have been committed in the town in which the act occurred or in which the computer system or part thereof involved in the violation was located.
(b) In any prosecution for a violation of section 53a–251 based upon more than one act in violation thereof, the offense shall be deemed to have been committed in any of the towns in which any of the acts occurred or in which a computer system or part thereof involved in a violation was located.
(a) If any act performed in furtherance of the offenses set out in section 53a–251 occurs in this state or if any computer system or part thereof accessed in violation of section 53a–251 is located in this state, the offense shall be deemed to have occurred in this state.
As used in this subpart:
(1) “Access” means to instruct, communicate with, store data in or retrieve data from a computer, computer system or computer network.
(2) “Computer” means a programmable, electronic device capable of accepting and processing data.
(3) “Computer network” means:
(a) A set of related devices connected to a computer by communications facilities;
(b) A complex of 2 or more computers, including related devices, connected by communications facilities; or
(c) The communications transmission facilities and devices used to interconnect computational equipment, along with control mechanisms associated thereto.
(4) “Computer program” means a set of instructions, statements or related data that, in actual or modified form, is capable of causing a computer or computer system to perform specified functions.
(5) “Computer services” includes, but is not limited to, computer access, data processing and data storage.
(6) “Computer software” means 1 or more computer programs, existing in any form, or any associated operational procedures, manuals or other documentation.
(7) “Computer system” means a computer, its software, related equipment and communications facilities, if any, and includes computer networks.
(8) “Data” means information of any kind in any form, including computer software.
(9) “Person” means a natural person, corporation, trust, partnership, incorporated or unincorporated association and any other legal or governmental entity, including any state or municipal entity or public official.
(10) “Private personal data” means data concerning a natural person which a reasonable person would want to keep private and which is protectable under law.
(11) “Property” means anything of value, including data.
A person is guilty of the computer crime of unauthorized access to a computer system when, knowing that he is not authorized to do so, he accesses or causes to be accessed any computer system without authorization.
A person is guilty of the computer crime of theft of computer services when he accesses or causes to be accessed or otherwise uses or causes to be used a computer system with the intent to obtain unauthorized computer services, computer software or data.
A person is guilty of the computer crime of interruption of computer services when that person, without authorization, intentionally or recklessly disrupts or degrades or causes the disruption or degradation of computer services or denies or causes the denial of computer services to an authorized user of a computer system.
A person is guilty of the computer crime of misuse of computer system information when:
(1) As a result of his accessing or causing to be accessed a computer system, he intentionally makes or causes to be made an unauthorized display, use, disclosure, or copy, in any form, of data residing in, communicated by or produced by a computer system;
(2) That person intentionally or recklessly and without authorization:
(a) Alters, deletes, tampers with, damages, destroys or takes data intended for use by a computer system, whether residing within or external to a computer system; or
(b) Interrupts or adds data to data residing within a computer system;
(3) That person knowingly receives or retains data obtained in violation of subdivision (1) or (2) of this section; or
(4) That person uses or discloses any data which that person knows or believes was obtained in violation of subdivision (1) or (2) of this section.
A person is guilty of the computer crime of destruction of computer equipment when that person, without authorization, intentionally or recklessly tampers with, takes, transfers, conceals, alters, damages or destroys any equipment used in a computer system or intentionally or recklessly causes any of the foregoing to occur.
(a) A person committing any of the crimes described in §§ 932–936 of this title is guilty in the first degree when the damage to or the value of the property or computer services affected exceeds $10,000.
Computer crime in the first degree is a class D felony.
(b) A person committing any of the crimes described in §§ 932–936 of this title is guilty in the second degree when the damage to or the value of the property or computer services affected exceeds $5,000.
Computer crime in the second degree is a class E felony.
(c) A person committing any of the crimes described in §§ 932–936 of this title is guilty in the third degree when:
(1) The damage to or the value of the property or computer services affected exceeds $1,000; or
(2) That person engages in conduct which creates a risk of serious physical injury to another person.
Computer crime in the third degree is a class F felony.
(d) A person committing any of the crimes described in §§ 932–936 of this title is guilty in the fourth degree when the damage to or the value of the property or computer services affected exceeds $500.
Computer crime in the fourth degree is a class G felony.
(e) A person committing any of the crimes described in §§ 932–936 of this title is guilty in the fifth degree when the damage to or the value of the property or computer services, if any, is $500 or less.
Computer crime in the fifth degree is a class A misdemeanor.
(f) Any person gaining money, property, services or other consideration through the commission of any offense under this subpart, upon conviction, in lieu of having a fine imposed, may be sentenced by the court to pay an amount, fixed by the court, not to exceed double the amount of the defendant’s gain from the commission of such offense. In such case, the court shall make a finding as to the amount of the defendant’s gain from the offense, and, if the record does not contain sufficient evidence to support such a finding, the court may conduct a hearing upon the issue. For the purpose of this section, “gain” means the amount of money or the value of property or computer services or other consideration derived.
(g) Amounts included in violations of this subpart committed pursuant to 1 scheme or course of conduct, whether from the same person or several persons, may be aggregated in determining the degree of the crime.
(h) For the purposes of this subpart, the value of property or computer services shall be:
(1) The market value of the property or computer services at the time of the violation; or
(2) If the property or computer services are unrecoverable, damaged or destroyed as a result of a violation of this subpart, the cost of reproducing or replacing the property or computer services at the time of the violation.
When the value of the property or computer services or damage thereto cannot be satisfactorily ascertained, the value shall be deemed to be $250.
(i) Notwithstanding this section, the value of private personal data shall be deemed to be $500.
(a) In any prosecution for any violation of §§ 932–936 of this title, the offense shall be deemed to have been committed in the place at which the act occurred or in which the computer system or part thereof involved in the violation was located.
(b) In any prosecution for any violation of §§ 932–936 of this title based upon more than 1 act in violation thereof, the offense shall be deemed to have been committed in any of the places at which any of the acts occurred or in which a computer system or part thereof involved in a violation was located.
(c) If any act performed in furtherance of the offenses set out in §§ 932–936 of this title occurs in this State or if any computer system or part thereof accessed in violation of §§ 932–936 of this title is located in this State, the offense shall be deemed to have occurred in this State.
(a) Any aggrieved person who has reason to believe that any other person has been engaged, is engaged or is about to engage in an alleged violation of any provision of §§ 932–936 of this title may bring an action against such person and may apply to the Court of Chancery for: (i) An order temporarily or permanently restraining and enjoining the commencement or continuance of such act or acts; (ii) an order directing restitution; or (iii) an order directing the appointment of a receiver. Subject to making due provisions for the rights of innocent persons, a receiver shall have the power to sue for, collect, receive and take into his possession any property which belongs to the person who is alleged to have violated any provision of this subpart and which may have been derived by, been used in or aided in any manner such alleged violation. Such property shall include goods and chattels, rights and credits, moneys and effects, books, records, documents, papers, choses in action, bills, notes and property of every description including all computer system equipment and data, and including property with which such property has been commingled if it cannot be identified in kind because of such commingling. The receiver shall also have the power to sell, convey and assign all of the foregoing and hold and dispose of the proceeds thereof under the direction of the Court. Any person who has suffered damages as a result of an alleged violation of any provision of §§ 932–936 of this title, and submits proof to the satisfaction of the Court that he has in fact been damaged, may participate with general creditors in the distribution of the assets to the extent he has sustained out-of-pocket losses. The Court shall have jurisdiction of all questions arising in such proceedings and may make such orders and judgments therein as may be required.
(b) The Court may award the relief applied for or such other relief as it may deem appropriate in equity.
(c) Independent of or in conjunction with an action under subsection (a) of this section, any person who suffers any injury to person, business or property may bring an action for damages against a person who is alleged to have violated any provision of §§ 932–936 of this title. The aggrieved person shall recover actual damages and damages for unjust enrichment not taken into account in computing damages for actual loss and treble damages where there has been a showing of wilful and malicious conduct.
(d) Proof of pecuniary loss is not required to establish actual damages in connection with an alleged violation of § 935 of this title arising from misuse of private personal data.
(e) In any civil action brought under this section, the court shall award to any aggrieved person who prevails reasonable costs and reasonable attorney’s fees.
(f) The filing of a criminal action against a person is not a prerequisite to the bringing of a civil action under this section against such person.
(g) No civil action under this section may be brought but within 3 years from the date the alleged violation of §§ 932–936 of this title is discovered or should have been discovered by the exercise of reasonable diligence.
The provisions of this act shall be known and may be cited as the “Florida Computer Crimes Act.”
The Legislature finds and declares that:
(1) Computer-related crime is a growing problem in government as well as in the private sector.
(2) Computer-related crime occurs at great cost to the public since losses for each incident of computer crime tend to be far greater than the losses associated with each incident of other white collar crime.
(3) The opportunities for computer-related crimes in financial institutions, government programs, government records, and other business enterprises through the introduction of fraudulent records into a computer system, the unauthorized use of computer facilities, the alteration or destruction of computerized information or files, and the stealing of financial instruments, data, and other assets are great.
(4) While various forms of computer crime might possibly be the subject of criminal charges based on other provisions of law, it is appropriate and desirable that a supplemental and additional statute be provided which proscribes various forms of computer abuse.
As used in this chapter, unless the context clearly indicates otherwise:
(1) “Intellectual property” means data, including programs.
(2) “Computer program” means an ordered set of data representing coded instructions or statements that when executed by a computer cause the computer to process data.
(3) “Computer” means an internally programmed, automatic device that performs data processing.
(4) “Computer software” means a set of computer programs, procedures, and associated documentation concerned with the operation of a computer system.
(5) “Computer system” means a set of related, connected or unconnected, computer equipment, devices, or computer software.
(6) “Computer network” means a set of related, remotely connected devices and communication facilities including more than one computer system with capability to transmit data among them through communication facilities.
(7) “Computer system services” means providing a computer system or computer network to perform useful work.
(8) “Property” means anything of value as defined in § 812.011 and includes, but is not limited to, financial instruments, information, including electronically produced data and computer software and programs in either machine-readable or human-readable form, and any other tangible or intangible item of value.
(9) “Financial instrument” means any check, draft, money order, certificate of deposit, letter of credit, bill of exchange, credit card, or marketable security.
(10) “Access” means to approach, instruct, communicate with, store data in, retrieve data from, or otherwise make use of any resources of a computer, computer system, or computer network.
(1) Whoever willfully, knowingly, and without authorization modifies data, programs, or supporting documentation residing or existing internal or external to a computer, computer system, or computer network commits an offense against intellectual property.
(2) Whoever willfully, knowingly, and without authorization destroys data, programs, or supporting documentation residing or existing internal or external to a computer, computer system, or computer network commits an offense against intellectual property.
(3) Whoever willfully, knowingly, and without authorization discloses or takes data, programs, or supporting documentation which is a trade secret as defined in § 812.081 or is confidential as provided by law residing or existing internal or external to a computer, computer system, or computer network commits an offense against intellectual property.
(4)
(a) Except as otherwise provided in this subsection, an offense against intellectual property is a felony of the third degree, punishable as provided in § 775.082, § 775.083, or § 775.084.
(b) If the offense is committed for the purpose of devising or executing any scheme or artifice to defraud or to obtain any property, then the offender is guilty of a felony of the second degree, punishable as provided in § 775.082, § 775.083, or § 775.084.
(1)
(a) Whoever willfully, knowingly, and without authorization modifies equipment or supplies used or intended to be used in a computer, computer system, or computer network commits an offense against computer equipment or supplies.
(b)
1. Except as provided in this paragraph, an offense against computer equipment or supplies as provided in paragraph (a) is a misdemeanor of the first degree, punishable as provided in § 775.082, § 775.083, or § 775.084.
2. If the offense is committed for the purpose of devising or executing any scheme or artifice to defraud or to obtain any property, then the offender is guilty of a felony of the third degree, punishable as provided in § 775.082, § 775.083, or § 775.084.
(2)
(a) Whoever willfully, knowingly, and without authorization destroys, takes, injures, or damages equipment or supplies used or intended to be used in a computer, computer system, or computer network; or whoever willfully, knowingly, and without authorization destroys, injures, or damages any computer, computer system, or computer network commits an offense against computer equipment or supplies.
(b)
1. Except as provided in this paragraph, an offense against computer equipment or supplies as provided in paragraph (a) is a misdemeanor of the first degree, punishable as provided in § 775.082, § 775.083, or § 775.084.
2. If the damage to such computer equipment or supplies or to the computer, computer system, or computer network is greater than $200 but less than $1,000, then the offender is guilty of a felony of the third degree, punishable as provided in § 775.082, § 775.083, or § 775.084.
3. If the damage to such computer equipment or supplies or to the computer, computer system, or computer network is $1,000 or greater, or if there is an interruption or impairment of governmental operation or public communication, transportation, or supply of water, gas, or other public service, then the offender is guilty of a felony of the second degree, punishable as provided in § 775.082, § 775.083, or § 775.084.
(1) Whoever willfully, knowingly, and without authorization accesses or causes to be accessed any computer, computer system, or computer network; or whoever willfully, knowingly, and without authorization denies or causes the denial of computer system services to an authorized user of such computer system services, which, in whole or part, is owned by, under contract to, or operated for, on behalf of, or in conjunction with another commits an offense against computer users.
(2)
(a) Except as provided in this subsection, an offense against computer users is a felony of the third degree, punishable as provided in § 775.082, § 775.083, or § 775.084.
(b) If the offense is committed for the purposes of devising or executing any scheme or artifice to defraud or to obtain any property, then the offender is guilty of a felony of the second degree, punishable as provided in § 775.082, § 775.083, or § 775.084.
The provisions of this chapter shall be not construed to preclude the applicability of any other provision of the criminal law of this state which presently applies or may in the future apply to any transaction which violates this chapter, unless such provision is inconsistent with the terms of this chapter.
This article may be cited as the “Georgia Computer Systems Protection Act.” (Code 1981, § 16-9-90, enacted by Ga. L. 1991, p. 1045, § 1.)
The General Assembly finds that:
(1) Computer related crime is a growing problem in the government and in the private sector;
(2) Such crime occurs at great cost to the public, since losses for each incident of computer crime tend to be far greater than the losses associated with each incident of other white collar crime;
(3) The opportunities for computer related crimes in state programs, and in other entities which operate within the state, through the introduction of fraudulent records into a computer system, unauthorized use of computer facilities, alteration or destruction of computerized information files, and stealing of financial instruments, data, or other assets are great;
(4) Computer related crime operations have a direct effect on state commerce;
(5) Liability for computer crimes should be imposed on all persons, as that term is defined in this title; and
(6) The prosecution of persons engaged in computer related crime is difficult under previously existing Georgia criminal statutes. (Code 1981, § 16-9-91, enacted by Ga. L. 1991, p. 1045, § 1.)
As used in this article, the term:
(1) “Computer” means an electronic, magnetic, optical, electrochemical, or other high-speed data processing device or system performing computer operations with or on data and includes any data storage facility or communications facility directly related to or operating in conjunction with such device; but such term does not include an automated typewriter or typesetter, portable hand-held calculator, household appliance, or other similar device that is not used to communicate with or to manipulate any other computer.
(2) “Computer network” means a set of related, remotely connected computers and any communications facilities with the function and purpose of transmitting data among them through the communications facilities.
(3) “Computer operation” means computing, classifying, transmitting, receiving, retrieving, originating, switching, storing, displaying, manifesting, measuring, detecting, recording, reproducing, handling, or utilizing any form of data for business, scientific, control, or other purposes.
(4) “Computer program” means one or more statements or instructions composed and structured in a form acceptable to a computer that, when executed by a computer in actual or modified form, cause the computer to perform one or more computer operations. The term “computer program” shall include all associated procedures and documentation, whether or not such procedures and documentation are in human readable form.
(5) “Data” includes any representation of information, intelligence, or data in any fixed medium, including documentation, computer printouts, magnetic storage media, punched cards, storage in a computer, or transmission by a computer network.
(6) “Financial instruments” includes any check, draft, money order, note, certificate of deposit, letter of credit, bill of exchange, credit or debit card, transaction-authorizing mechanism, or marketable security, or any computer representation thereof.
(7) “Property” includes computers, computer networks, computer programs, data, financial instruments, and services.
(8) “Services” includes computer time or services or data processing services.
(9) “Use” includes causing or attempting to cause:
(A) A computer or computer network to perform or to stop performing computer operations;
(B) The obstruction, interruption, malfunction, or denial of the use of a computer, computer network, computer program, or data; or
(C) A person to put false information into a computer.
(10) “Victim expenditure” means any expenditure reasonably and necessarily incurred by the owner to verify that a computer, computer network, computer program, or data was or was not altered, deleted, damaged, or destroyed by unauthorized use.
(11) “Without authority” includes the use of a computer or computer network in a manner that exceeds any right or permission granted by the owner of the computer or computer network. (Code 1981, § 16-9-8-92, enacted by Ga. L. 1991, p. 1045, § 1.)
(a)
Computer Theft. ; Any person who uses a computer or computer network with knowledge that such use is without authority and with the intention of:
(1) Taking or appropriating any property of another, whether or not with the intention of depriving the owner of possession;
(2) Obtaining property by any deceitful means or artful practice; or
(3) Converting property to such person’s use in violation of an agreement or other known legal obligation to make a specified application or disposition of such property shall be guilty of the crime of computer theft.
(b)
Computer Trespass. ; Any person who uses a computer or computer network with knowledge that such use is without authority and with the intention of:
(1) Deleting or in any way removing, either temporarily or permanently, any computer program or data form a computer or computer network;
(2) Obstructing, interrupting, or in any way interfering with the use of a computer program or data; or
(3) Altering, damaging, or in any way causing the malfunction of a computer, computer network, or computer program, regardless of how long the alteration, damage, or malfunction persists shall be guilty of the crime of computer trespass.
(c) Computer Invasion of Privacy. ; Any person who uses a computer or computer network with the intention of examining any employment, medical, salary, credit, or any other financial or personal data relating to any other person with knowledge that such examination is without authority shall be guilty of the crime of computer invasion of privacy.
(d) Computer Forgery. ; Any person who creates, alters, or deletes any data contained in any computer or computer network, who, if such person had created, altered, or deleted a tangible document or instrument would have committed forgery under Article 1 of this chapter, shall be guilty of the crime of computer forgery. The absence of a tangible writing directly created or altered by the offender shall not be a defense to the crime of computer forgery if a creation, alteration, or deletion of data was involved in lieu of a tangible document or instrument.
(e) Computer Password Disclosure. ; Any person who discloses a number, code, password, or other means of access to a computer network knowing that such disclosure is without authority and which results in damages (including the fair market value of any services used and victim expenditure) to the owner of the computer or computer network in excess of $500.00 shall be guilty of the crime of computer password disclosure.
(f) Article not Exclusive. ; The provisions of this article shall not be construed to preclude the applicability of any other law which presently applies or may in the future apply to any transaction or course of conduct which violates this article.
(g)
Civil Relief; Damages. ; (1) Any person whose property or person is injured by reason of a violation of any provision of this article may sue therefor and recover for any damages sustained and the costs of suit. Without limiting the generality of the term, “damages” shall include loss of profits and victim expenditure.
(2) At the request of any party to an action brought pursuant to this Code section, the court shall by reasonable means conduct all legal proceedings in such a way as to protect the secrecy and security of any computer, computer network, data, or computer program involved in order to prevent possible recurrence of the same or a similar act by another person and to protect any trade secrets of any party.
(3) The provisions of this article shall not be construed to limit any person’s right to pursue any additional civil remedy otherwise allowed by law.
(4) A civil action under this Code section must be brought within four years after the violation is discovered or by exercise of reasonable diligence should have been discovered. For purposes of this article, a continuing violation of any one subsection of this Code section by any person constitutes a single violation by such person.
(h)
Criminal Penalties. ; (1) Any person convicted of the crime of computer theft, computer trespass, computer invasion of privacy, or computer forgery shall be fined not more than $50,000.00 or imprisoned not more than 15 years, or both.
(2) Any person convicted of computer password disclosure shall be fined not more than $5,000.00 or incarcerated for a period not to exceed one year, or both. (Code 1981, § 16-9-93, enacted by Ga. L. 1991, p. 1045, § 1.)
(a) It shall be unlawful for any person, any organization, or any representative of any organization knowingly to transmit any data through a computer network or over the transmission facilities or through the network facilities of a local telephone network for the purpose of setting up, maintaining, operating, or exchanging data with an electronic mailbox, home page, or other electronic information storage bank or point of access to electronic information if such data uses any individual name, trade name, registered trademark, logo, legal or official seal, or copyrighted symbol to falsely identify the person, organization or representative transmitting such data or which would falsely state or imply that such person, organization or representative has permission or is legally authorized to use such trade name, registered trademark, logo, legal or official seal or copyrighted symbol for such purpose when such permission or authorization has not yet been obtained; provided, however, that no telecommunications company or Internet access provider shall violate this Code section solely as a result of carrying or transmitting such data for its customers.
(b) Any person violating subsection (a) of this Code section shall be guilty of a misdemeanor.
(c) Nothing in this Code section shall be construed to limit an aggrieved party’s right to pursue a civil action for equitable or monetary relief, or both, for actions which violate this Code section.
For the purpose of venue under this article, any violation of this article shall be considered to have been committed:
(1) In the county of the principal place of business in this state of the owner of a computer, computer network, or any part thereof; and,
(2) In any county in which any person alleged to have violated any provision of this article had control or possession of any proceeds of the violation or of any books, records, documents, or property which were used in furtherance of the violation; and,
(3) In any country in which any act was performed in furtherance of any transaction which violated this article; and,
(4) In any county from which, to which, or through which, any use of a computer or computer network was made, whether by wires, electro-magnetic waves, microwaves, or any other means of communication. (Code 1981, § 16-9-94, enacted by Ga. L. 1991, p. 1045, § 1.)
In this part, unless a different meaning plainly is required:
“Access” means to make use of any resources of a computer, computer system, or computer network.
“Computer” means an electronic device which performs logical, arithmetic, and memory functions by the manipulation of electronic or magnetic impulses and includes all input, output, processing, storage, software, or communication facilities which are connected or related to such a device in a computer system or computer network.
“Computer network” means the interconnection of communication lines with a computer through remote terminals or a complex consisting of two or more computers and includes interconnected remote terminals.
“Computer program” means a series of instructions or statements, in a form acceptable to a computer, which permits the functioning of a computer system in a manner designed to provide appropriate products from a computer system.
“Computer software” means a set of computer programs, procedures, or associated documentation concerned with the operation and function of a computer system.
“Computer system” means a set of related or interconnected computer equipment, devices, and software.
“Data” means a representation of information, knowledge, facts, concepts, or instructions, which are being prepared or have been prepared, in a formalized manner, and are intended for use in a computer system or computer network.
“Financial instrument” includes, but is not limited to, any draft, warrant, money order, note, certificate of deposit, letter of credit, bill of exchange, credit or debit card, transaction authorization mechanism, marketable security, or any other computer system representation.
“Property” includes, but is not limited to, financial instruments, data, computer software, computer programs, documents associated with computer systems and computer programs, or copies, whether tangible or intangible, and data while in transit.
“Service” includes, but is not limited to, the use of the computer system, computer network, computer programs, computer software, or data prepared for computer use, data contained within a computer system, or data contained within a computer network.
(1) a person commits the offense of computer fraud in the first degree if:
(a) He accesses or causes to be accessed any computer, computer system, computer network, or any of its parts with the intent to devise or execute any scheme or artifice to defraud;
(b) He accesses or causes to be accessed any computer, computer system, computer network, or any of its parts with the intent to obtain money, property, or services by means of embezzlement or false or fraudulent representations where the value of the money, property, or services exceeds $2,500; or
(c) He accesses or causes to be accessed any computer, computer system, computer network, or any of its parts with the intent to obtain unauthorized information concerning the credit information of another person or who introduces or causes to be introduced false information into that system or network with the intent to wrongfully damage or wrongfully enhance the credit rating of any person where the value of the damage or enhancement exceeds $2,500.
(2) Computer fraud in the first degree is a class C felony. In lieu of the statutory fine which may be imposed, any person who violates this section may be fined a sum of not more than two times the amount of the fraud.
(1) A person commits the offense of computer fraud in the second degree if:
(a) He accesses or causes to be accessed any computer, computer system, computer network, or any of its parts with the intent to obtain money, property, or services by means of embezzlement or false or fraudulent representations, money, property, or services where the value of the money, property, or services exceeds $100 but is not more than $2,500; or
(b) He accesses or causes to be accessed any computer, computer system, computer network, or any of its parts with the intent to obtain unauthorized information concerning the credit information of another person or who introduces or causes to be introduced false information into that system or network with the intent to wrongfully damage or wrongfully enhance the credit rating of any person where the value of the damage or enhancement exceeds $100 but is not more than $2,500.
(2) Computer fraud in the second degree is a misdemeanor.
(1) A person commits the offense of computer fraud in the third degree if:
(a) He accesses or causes to be accessed any computer, computer system, computer network, or any of its parts with the intent to obtain money, property, or services by means of embezzlement or false or fraudulent representations where the value of the money, property, or services is not more than $100; or
(b) He accesses or causes to be accessed any computer, computer system, computer network, or any of its parts with the intent to obtain unauthorized information concerning the credit information of another person or who introduces or causes to be introduced false information into that system or network with the intent to wrongfully damage or wrongfully enhance the credit rating of any person where the value of the damage or enhancement is not more than $100.
(2) Computer fraud in the third degree is a petty misdemeanor.
(1) A person commits the offense of unauthorized computer use in the first degree if he intentionally and without authorization accesses, alters, damages, or destroys any computer, computer system, computer network, computer program, or computer software, or any data stored therein, with a value exceeding $10,000.
(2) Unauthorized computer use in the first degree is a class C felony.
(1) A person commits the offense of unauthorized computer use in the second degree if he intentionally and without authorization accesses, alters, damages, or destroys any computer, computer system, computer network, computer program, or computer software, or any data stored therein, with a value exceeding $2,500 but not more than $10,000.
(2) Unauthorized computer use in the second degree is a misdemeanor.
(1) A person commits the offense of unauthorized computer use in the third degree if he intentionally and without authorization accesses, alters, damages, or destroys any computer, computer system, computer network, computer program, or computer software, or any data stored therein, with a value of not more than $2,500.
(2) Unauthorized computer use in the third degree is a petty misdemeanor.
(1) To “access” means to instruct, communicate with, store data in, retrieve data from or otherwise make use of any resources of a computer, computer system, or computer network.
(2) “Computer” means, but is not limited to, an electronic device which performs logical, arithmetic, or memory functions by the manipulations of electronic or magnetic impulses, and includes all input, output, processing, storage, software, or communication facilities which are connected or related to such a device in a system or network.
(3) “Computer network” means, but is not limited to, the interconnection of communication lines (including microwave or other means of electronic communication) with a computer through remote terminals, or a complex consisting of two (2) or more interconnected computers.
(4) “Computer program” means, but is not limited to, a series of instructions or statements, in a form acceptable to a computer, which permits the functioning of a computer system in a manner designed to provide appropriate products from such computer system.
(5) “Computer software” means, but is not limited to, computer programs, procedures, and associated documentation concerned with the operation of a computer system.
(6) “Computer system” means, but is not limited to, a set of related, connected or unconnected, computer equipment, devices, and software.
(7) “Property” includes, but is not limited to, financial instruments, information, including electronically produced data, and computer software and programs in either machine or human readable form, and any other tangible or intangible item of value.
(8) “Services” include, but are not limited to, computer time, data processing, and storage functions.
(1) Any person who knowingly accesses, attempts to access or uses, or attempts to use any computer, computer system, computer network, or any part thereof for the purpose of: devising or executing any scheme or artifice to defraud; obtaining money, property, or services by means of false or fraudulent pretenses, representations, or promises; or committing theft; commits computer crime.
(2) Any person who knowingly and without authorization alters, damages, or destroys any computer, computer system, or computer network described in
section 18–2201, Idaho Code, or any computer software, program, documentation, or data contained in such computer, computer system, or computer network commits computer crime.
(3) Any person who knowingly and without authorization uses, accesses, or attempts to access any computer, computer system, or computer network described in
section 18–2201, Idaho Code, or any computer software, program, documentation or data contained in such computer, computer system, or computer network, commits computer crime.
(4) A violation of the provisions of subsection (1) or (2) of this section shall be a felony. A violation of the provisions of subsection (3) of this section shall be a misdemeanor.
It shall be unlawful for any person to introduce fraudulent records or data into the computer system of a bank or to use the computer related facilities of a bank without the proper authorization, or to alter or destroy information or files in a bank’s computer system or to obtain without proper authorization, by electronic or other means, money, financial instruments, property, services or valuable data stored in a bank’s computer system. Any person violating the provisions of this section shall be guilty of a felony.
As used in this Article, unless the context otherwise indicates:
(a) “Computer” means a device that accepts, processes, stores, retrieves or outputs data, and includes but is not limited to auxiliary storage and telecommunications devices connected to computers.
(b) “Computer program” or “program” means a series of coded instructions or statements in a form acceptable to a computer which causes the computer to process data and supply the results of the data processing.
(c) “Data” means a representation of information, knowledge, facts, concepts or instructions, including program documentation, which is prepared in a formalized manner and is stored or processed in or transmitted by a computer. Data shall be considered property and may be in any form including but not limited to printouts, magnetic or optical storage media, punch cards or data stored internally in the memory of the computer.
(d) In addition to its meaning defined in Section 15–1 of this Code, “property” means: (1) electronic impulses; (2) electronically produced data; (3) confidential, copyrighted or proprietary information; (4) private identification codes or numbers which permit access to a computer by authorized computer users or generate billings to consumers for purchase of goods and services, including but not limited to credit card transactions and telecommunications services or permit electronic fund transfers; (5) software or programs in either machine or human readable form; or (6) any other tangible or intangible item relating to a computer or any part thereof.
(e) “Access” means to use, instruct, communicate with, store data in, retrieve or intercept data from, or otherwise utilize any services of a computer.
(f) “Services” includes but is not limited to computer time, data manipulation or storage functions.
(g) “Vital services or operations” means those services or operations required to provide, operate, maintain, and repair network cabling, transmission, distribution, or computer facilities necessary to ensure or protect the public health, safety, or welfare. Public health, safety, or welfare include, but are not limited to, services provided by medical personnel or institutions, fire departments, emergency services agencies, national defense contractors, armed forces or militia personnel, private and public utility companies, or law enforcement agencies.
(a) A person commits the offense of computer tampering when he knowingly and without the authorization of a computer’s owner, as defined in Section 15–2 of this Code, or in excess of the authority granted to him:
(1) Accesses or causes to be accessed a computer or any part thereof, or a program or data;
(2) Accesses or causes to be accessed a computer or any part thereof, or a program or data, and obtains data or services; or
(3) Accesses or causes to be accessed a computer or any part thereof, or a program or data, and damages or destroys the computer or alters, deletes or removes a computer program or data.
(b) Sentence.
(1) A person who commits the offense of computer tampering as set forth in subsection (a)(1) of this Section shall be guilty of a Class B misdemeanor.
(2) A person who commits the offense of computer tampering as set forth in subsection (a)(2) of this Section shall be guilty of a Class A misdemeanor and a Class 4 felony for the second or subsequent offense.
(3) A person who commits the offense of computer tampering as set forth in subsection (a)(3) or subsection (2)(4) of this Section shall be guilty of a Class 4 felony and a Class 3 felony for the second or subsequent offense.
(c) Whoever suffers loss by reason of a violation of subsection (2)(4) of this section may, in a civil action against the violator, obtain appropriate relief. In a civil action under this Section, the court may award to the prevailing party reasonable attorneys’ fees and other litigation expenses.
(4) Inserts or attempts to insert a “program” into a computer or computer program knowing or having reason to believe that such “program” contains information or commands that will or may damage or destroy that computer, or any other computer subsequently accessing or being accessed by that computer, or that will or may alter, delete or remove a computer program or data from that computer, or any other computer program or data in a computer subsequently accessing or being accessed by that computer, or that will or may cause loss to the users of that computer or the users of a computer which accesses or which is accessed by such “program.”
(a) A person commits aggravated computer tampering when he commits the offense of computer tampering as set forth in subsection (a)(3) of Section 16D–3 and he knowingly:
(1) causes disruption of or interference with vital services or operations of State or local government or a public utility; or
(2) creates a strong probability of death or great bodily harm to one or more individuals.
(b) Sentence.
(1) A person who commits the offense of aggravated computer tampering as set forth in subsection (a)(1) of this Section shall be guilty of a Class 3 felony.
(2) A person who commits the offense of aggravated computer tampering as set forth in subsection (a)(2) of this Section shall be guilty of a Class 2 felony.