Who should own the copyright to #Githeriman’s photograph?

The Internet has been abuzz since the 8th   August 2017 when Martin Kamotho, now christened #Githeriman whose photo was taken while enjoying his githeri as he awaited to cast his vote during the Kenyan Presidential Elections was taken and posted  online.1613907_0

He has become an overnight celebrity and an Internet sensation. Individuals have resorted to creating hilarious memes while some corporates have jumped onto the bandwagon and have started to use his popularity for the purposes of advertising.2017-08-10-PHOTO-00005529

This blog is however concerned with the Intellectual property issues that have arisen because of the said photo more specifically the ownership of the photo.2017-08-09-PHOTO-00005964

Who owns the Photo?

Under Kenyan law, all that is required for a photograph to be copyright is that it be ‘original’. According to the Copyright Act Section 2(d), it does not have to possess even a modicum of artistic quality. It does not therefore have to involve any ‘creative expression’, ‘creative input’ or ‘artistic skill’, each of which serves only to produce irrelevant ‘artistic quality’. It merely needs to be taken.

That term has a single, simple, very good, indeed main, interpretation that does just that. It is ‘new’. And a photograph that has not existed before is undoubtedly new regardless of whom or what took it. It is therefore protectable by copyright.

Property, even intellectual property, has to have an owner, and that owner must according to the Copyright   Act 2001 Section 2(f ) be an  ‘author ‘. It can only be the ‘photographer’ which   under the Act has been defined as the person who is responsible for the composition of the photograph; The photographer then has the exclusive right to use and sell the image and can enforce their copyright against anyone who infringes upon their rights..

Under the law, it is the photographer who will own copyright on any photos he/she has taken, with the following exceptions:

  • If the photographer is an employee of the company the photos are taken for, or is an employee of a company instructed to take the photos, the photographer will be acting on behalf of his/her employer, and the company the photographer works for will own the copyright.
  • If there is an agreement that assigns copyright to another party.

In all other cases, the photographer will retain the copyright, if the photographer has been paid for his/her work, the payment will be for the photographer’s time and typically an allocated number of prints. The copyright to the photos will remain with the photographer, and therefore any reproduction without permission would be an infringement of copyright.

In this  case  even though the  photographer is   known , he is yet  to come out and  claim ownership of  the photograph by showing  that  he  has registered  the same as copyright. The purpose of registration is to ensure that one has proper, independently verifiable, evidence of the date and content of their work. This ensures that if another party steals your photos you have solid evidence to prove your claim.

Without registration it can be very difficult, and often impossible, to prove ownership if another person claims the photo belongs to them.  When a work is not protected by copyright law, it is considered as being in the “public domain” and any one may use the work without permission.

Time is ripe for the Criminalisation of “Revenge Porn” in Kenya

The internet has changed the landscape in which a breach of privacy, such as non-consensual pornography, may occur. When misused, technology has the ability to aggravate the harm associated with this breach of privacy. Perpetrators can be anonymous, disconnecting them from their victim and the consequences of their actions, at the same time creating a sense of helplessness for the victim.[1]

Revenge porn, also referred to as non-consensual pornography, describes sharing images or video footage, sexual in nature, without the consent of the subject. Such a situation may originate in a number of ways: through non-consensual recording such as a hidden camera,[2] through a consensual recording that is then stolen,[3] for example computer hacking or a consensual recording that is then intentionally transmitted, without the consent of the subject.[4]

Burris (2010) further expounds her definition of revenge porn to include a   description of an intimate image or video that is initially shared within the context of a private relationship but is later publicly disclosed, usually on the Internet, without the consent of the individual featured in the explicit graphic.

The non-consensual distribution of pornography converts unwilling citizens into sexual commodities subjected to public humiliation.[5] Often, the distributor adds an additional layer of harassment and humiliation by including personal information along with the private image.[6] Including identifying information ensures that internet searches of the victim’s name will produce the image, which increases the chance that the victim’s employers, friends, and family will be exposed to the humiliation.[7]

Available   remedies

Enforcement of copyright

Victims of revenge porn may have some recourse under copyright law, although only if they can establish authorship of the image or video.

Generally, photographs and videos are protected as artistic works under the Copyright Act.[8]  In  a  situation  where the victim of the  revenge  porn  has  contributed to the  works of the  image or  video Copyright they will own the copyright of the image in question.

Infringements could also constitute a criminal offence in the event that the infringer has attempted to financially profit from the publication. Moreover, other international law issues may arise due to the non-territorial nature of the internet, meaning that a claimant’s rights are further limited depending on the jurisdiction in which the images were uploaded.

However, copyright is not a panacea. This is because copyright’s remedies are unavailable to victims who did not take the revenge porn photos or videos themselves.

Breach of Privacy 

The common law tort of breach of confidence   may offer remedies   where private images have been published without consent as this   type of civil action protects confidential information within and outside marriage.[9] In addition, those who share such images or videos could be pursued under breach of confidence since it is possible to imply an obligation of confidence on them even if they are not in a relationship of confidence with the victim.

The  issue  the  is  whether  a person  is entitled  to have  his privacy protected  by the court   since the law  protects violation of a  citizens autonomy  dignity and self esteem. Furthermore the court will consider whether the subject had a reasonable expectation that the images would remain private and confidential.

Images taken by the subject (known as “selfies”) or by the partner and shared with each other through a technological medium such as picture messaging, undoubtedly fall within the sphere of confidential or private information.[10] Tugendhat J in Contostavlos v Mendahum observed that it has long been recognised that details of a person’s sexual life are high on the list of matters that may be protected by non-disclosure orders.

One of the greatest problems facing victims of revenge porn in our    jurisdiction is the   inability of the enforcement authorities   to work fast enough to counter the spread at which this images and videos are shared across the internet. This is  because once the  initial post  has  been   uploaded on a  webpage, the same can  be shared through  social media  platforms like twitter, facebook, whatsapp initially  among  friends  therefore  generating  viral   buzz. The dynamic nature of the Internet means that as soon as infringing content is removed from one source, it “pops up” elsewhere.

Furthermore, civil actions require victims to bring claims under their own name while the revealing photos are still available and searchable online. As a result, civil actions may draw further attention to the very photos victims wished were not public in the first place. As it was shown in the   case of Roshanara Ebrahim v Ashleys Kenya Limited & 3 others [2016] eKLR, the High Court considered a petition filed by Ebrahim who was crowned Miss World Kenya 2015 and subsequently dethroned based on nude photographs of her allegedly given to the Miss World Kenya organisers by Ebrahim’s boyfriend. The court did not however award her damages as she was not able to prove breach of privacy.

Victims of non-consensual pornography are currently not adequately protected from these practices and the resulting harm. Especially as the   civil remedies take a reactive instead of a proactive approach, remedies can most often only be sought after the damage has already been done.[11]

Cyber Security and Protection Bill 2016

The proposed Bill under Section 28 provides to wit:

‘A person who transfers, publishes, or disseminates, including making a digital depiction available for distribution or downloading through a ‘telecommunications network or through any other means of transferring data to a computer, the intimate image of another person commits an offence and is liable, on conviction to a term of imprisonment not exceeding thirty years or fine not exceeding three hundred thousand shillings or both.’

The above section 28 of the Cyber Security Bill provides no intent requirement at all while prescribing publication. This provision is unduly broad, restrictive and open to subjective interpretation and abuse.  At thirty years of imprisonment this is a disproportionate punishment.

Conclusion

Due to the severe, far reaching effects non-consensual pornography has on its victims, it is important that issues surrounding it are resolved fast in order to completely prevent it from occurring. Even though there are civil actions open to the victims such as breach of confidence or copyright infringement suits. They have numerous problems, such as the fact that many of the victims do not have the financial means to pursue legal action, let alone finance the entire litigation process in the event of a loss. Criminalizing revenge porn provides stronger deterrence against future perpetrators, shields victims from the publicity of civil cases, and indicates societal condemnation.

 

Footnotes

[1] Claudia Smith, ‘Revenge Porn Or Consent And Privacy: An Analysis Of The Harmful Digital Communications Act 2015’ (Undergraduate LLB, Victoria University of Wellington 2015).

[2] Ibid pg 5

[3] Ibid

[4] Ibid

[5] Aubrey Burris, ‘Hell Hath No Fury Like A Woman Porned: Revenge Porn And The Need For A Federal Nonconsensual Pornography Statute’ (2014) 66 Florida Law Review.

[6] Ibid

[7] Ibid

[8] Copyright  Act  2001  Laws of Kenya

[9] Mitchell, J., ‘Censorship in cyberspace: closing the net on “revenge porn”’ Entertainment Law Review(2014) 25(8), 283-290 at 284.

[10] Contostavlos v Mendahum [2012] EWHC 850 (QB) at [25].

[11] A v B Plc [2002] EWCA Civ 337 at para. 7.

Admissibility of Electronic Evidence in Kenya

The advent of technological development and the consequent evolution of paperless transactions have permeated every sphere of life, and the legal system is no exception: in the event of disputes involving transactions conducted through electronic means, parties are bound to rely on electronic evidence of such transactions.

The Kenyan Evidence Act (Cap 80 Laws of Kenya) recognizes and endorses the use of electronic evidence in Kenya . Second, it reiterates the conditions for the admissibility of electronic evidence. In determining the admissibility of electronic evidence the Act   provides to   wit  section  78A   which provides:

78A. Admissibility of electronic and digital evidence

(1) In any legal proceedings, electronic messages and digital material shall be admissible as evidence.

(2) The court shall not deny admissibility of evidence under subsection (1) only on the ground that it is not in its original form.

(3) In estimating the weight, if any, to be attached to electronic and digital evidence, under subsection (1), regard shall be had to—

(a) the reliability of the manner in which the electronic and digital evidence was generated, stored or communicated;

(b) the reliability of the manner in which the integrity of the electronic and digital evidence was maintained;

(c) the manner in which the originator of the electronic and digital evidence was identified; and

(d) any other relevant factor.

(4) Electronic and digital evidence generated by a person in the ordinary course of business, or a copy or printout of or an extract from the electronic and digital evidence certified to be correct by a person in the service of such person, is on its mere production in any civil, criminal, administrative or disciplinary proceedings under any law, the rules of a self-regulatory organization or any other law or the common law, admissible in evidence against any person and rebuttable proof of the facts contained in such record, copy, printout or extract.

My understanding of this section is that it makes explicit that electronic messages are admissible as evidence in Kenya provided that they satisfy the other requirements for such admission. This section does not obviate the need for establishing the relevance of the proposed evidence in the same way it does not excuse the need for authentication of the proposed evidence. This section is also helpful in codifying the factors to be taken into account in assessing the weight to be given to an authenticated and admitted electronic message.

The conditions upon which such electronic evidence would be admissible are provided for under Section 106 (B) of the same Act. Section 106 (B) (1) provides as follows: –

“106B(1)  Notwithstanding anything contained in this Act, any information contained in an electronic record which is printed on a paper, stored, recorded or copied on optical or electro-magnetic media produced by a computer (herein referred to as computer output) shall be deemed to be also a documentif the conditions mentioned in this section are satisfied in relation to the information and computer in question and shall be admissible in any proceedings, without further proof or production of the original, as evidence of any contents of the original or of any fact stated therein where direct evidence would be admissible.”

Section 106B (2) provides that: –

“The conditions mentioned in sub section (1) in respect of a computer output, are the following-

  1. the computer output containing the information was produced by the computer during the period over which the computer was used to store or process the information for any activities regularly carried out over that period by a person having lawful control over the use of the computer
  2. during the said period, information of the kind contained in the electronic record or of the kind from which the information so contained is derived was regularly fed into the computer in ordinary course of the said activities;
  • throughout the material part of the said period, the computer was operating properly or, if not, then in respect of any period in which it was not operating properly was out of the operation during that part of the period, was not such as to affect the electronic record or the accuracy of its contents; and
  1. the information contained in the electronic record reproduces or is derived from such information fed into the computer in the ordinary course of the said activities.”

Section 106 (A) and (B) means that any information stored in a computer which is then printed or copied to optical media such a CD in this case, shall be treated like documentary evidence and will be admissible as evidence without production of the original. However, Section 106B also provides that such electronic evidence will only be admissible if the conditions laid out in that provision are satisfied, Section 106B (4) provides: –

“In any proceedings where it is desired to give a statement in evidence by virtue of this section, a certificate doing any of the following –

(a)    identifying the electronic record containing the Statement and describing the manner in which it was produced

(b)    giving such particulars of any device involved in the production of that electronic record as may be appropriate for the purpose of showing that the electronic record was produced by a computer;

(c)    dealing with any matters to which conditions mentioned in subsection (2) relate; and

(d)    Purporting to be signed by a person occupying a responsible position in relation to the operation of the relevant device or the management of the relevant activities (whichever is appropriate) shall be evidence of any matter stated in the certificate and for the purpose of this sub-section it shall be sufficient for a matter to be stated to the best of the knowledge of the person stating it.”

This provision is clear that, for electronic evidence to be deemed admissible it must be accompanied by a certificate in terms of Section 106 B (4).

Communications Authority of Kenya Guidelines on SIM Cards

The Communications Authority of Kenya has issued new directives with regards to sim registration stating that members of the public should not use unregistered sim cards. They also state that they should not purchase sim cards from hawkers and if the event that they purchase a sim card, they have to demand that the sim card be registered with their particulars including the ID card. Members of the general public are further asked to ensure they report their lost sim cards to the police and obtain an abstract for the same. The authority further states that failure to comply with these rules would lead to a six month jail term or a fine of Kshs. 100,000.

Here is the statement:

sim_card_reg

 

 

Tips to prevent a SIM-Swap Fraud

 

1. If you stop receiving calls or texts, and you don’t know why, check in with your mobile operator immediately
2. Never disclose your Internet banking password or personal identification number (PIN) to anyone. Even your bank will never ask for this.
3. Keep personal details – such as your phone number, date of birth or things like your first car and maiden name – off social media like Facebook. This means scammers can’t impersonate you easily.
4. Ask your bank to give you details of every financial transaction through two channels – for instance, SMS as well as email alerts.
5. Use a separate email address for your Online Banking account and financial transactions from your social media accounts.
6. Never switch off your smartphone in the event of you receiving numerous unknown calls.It could be a ploy to get you to turn off your phone and prevent you from noticing a tampered network connection.Even if you are frustrated by such events, do not switch off your smartphone.

What to do in the event you become a victim of SIM swap fraud

In  my previous  blog post I  spoke about the process of SIM swap and how it is  used to  defraud unsuspecting  individuals of moneys  from their account without their knowledge.

Today  i’ll be talking  about  what to do in the event that  you suspect that  you’ve become a victim of SIM swap. These are just stop gap  measures since there is no foolproof plan to prevent  the same

If you suspect you are the victim of a SIM swap scam, immediately call your mobile network operator for assistance. Be sure to call the right department. They may also have a form on their website for dealing with cases of fraud, which you can fill in, and they will assist you in an investigation of the matter.
Also make sure to call the appropriate department at your bank, and suspend all activity on your bank account, essentially locking it, so that nobody is even able to log in to your online banking profile.
If you are able to, you may consider accessing your online banking account, and changing your password, as well as changing your associated email address and mobile phone number, so the notifications and confirmation SMSes would arrive at a new number and email address. So even if the criminals succeed with the SIM swap operation, the number they have is no longer linked to your bank account. But I would more readily recommend that you just suspend activity on your account, especially in a panic situation or if you are unsure on how to go about doing all of that.
If money ends up getting taken out of your account, then you need to open a case with the police for theft, preferably within 48 hours of the fraudulent transfer or withdrawal of funds having taken place. During this process you may receive documentation from your bank’s claims department, which will aid in the investigation.

You might get your money back, and you might not. The banks claim that recourse depends on the circumstances of each case. In fact, some flat out refuse to reimburse a client, often claiming that it was the client’s fault – that they did something in order to help facilitate the theft. If you are fighting an uphill battle, it may be a good idea to get legal advise on the matter.

BE WARY OF THIS FORM OF MOBILE BANKING FRAUD

SWAPWe live in a digital world where more members than ever before are banking online or on their mobile phones. However, online and mobile banking is never 100 per cent safe. There are many fraudsters out there who’ve made it their business to fool you into sharing your financial information by using sophisticated tools that look real to most users.

In all cases, signing up for online banking alerts is a good idea. Alerts are an online banking feature that automatically sends you an email and/or a text message to your mobile phone to alert you of certain changes to your account made through online banking
This morning I had a client who narrated to me his ordeal.
Sims(not his real name) was sitting in his home a fortnight ago when his iPhone, suddenly stopped working. Within 75 minutes the fraudsters who had hijacked his phone had, through his online banking, emptied his bank account of KSH.500,000 .
When Sims rang the Mobile Operator, it soon emerged that someone posing as him had managed to persuade the mobile network to activate a new sim card – in effect giving the fraudsters control of his mobile number. The crooks were then able to reset all his mobile banking passwords, using his phone as identity, and the passwords being sent to the phone.
It appears that fraudsters have identified a significant vulnerability in the way banks are using their customers’ mobiles to identify them – and exploiting it to the max.
“One minute I’m wondering why my phone won’t work, and less than two hours later my bank account has been emptied and I have lost Ksh.500,000/= says a still shocked Sims.
“They appear to have used the phone to tell my mobile service provider that I had forgotten all my online bank settings. When my settings were reset, the bank sent notification to my phone – which of course, went to the fraudsters.
Before a SIM can be cancelled and reissued, the mobile phone network will ask a number of security questions, which only the phone owner should know the answer to. This suggests that fraudsters have already gathered a considerable amount of information on their victim. The mobile phone companies say these details may have been hoovered up from social media accounts such as Facebook, or possibly bought on the “dark web”. But they also admit that they and the banks need to do more to fight this new menace.
But Sims is just the latest victim of a financial scam that is sweeping Kenya: SIM-swap fraud.
WHAT IS SIM SWAP FRAUD ?
SIM Swap fraud is a type of Spear Phishing (targeted) attack. It is more complex than SIM-Swap-FraudPhishing (duping) and is particularly insidious. The bad news is that a fraudster has decided to target an individual and has sufficient knowledge of the individual’s personal details to be able to carry out these attacks. Also, because the attack is typically cross channel, individuals will not intuitively deduce that they are under attack – how many people would immediately suspect that their bank account was under attack if they suddenly stopped receiving calls on their mobile, for example?
The good news is that there is a technological solution to the problem. It is already possible to tell if a mobile number has been ported, then prevent transactions being authorised using that particular phone unless other indicators suggest the swap was in fact legitimate.
If the banks move quickly they can cut off yet another of the fraudster’s routes into our money and at the same time improve their own customer service. SIMple!

What do you know about Bitcoins?

 

The Central Bank of Kenya has issued a warning to persons trading in bitcoin and other virtual currencies that the cryptocurrencies are insecure and could be used to fund criminal activity.

In a public notice  the CBK stated that Bitcoin and other virtual currencies are not recognized as legal tender in Kenya, and as such, it would not protect users in the event the platforms that exchanges or holds the virtual currency fails. 

Bitcoin first appeared in January 2009, the creation of a computer programmer using the pseudonym Satoshi Nakamoto. His invention is

Central Bank Bit Coin Notice an open-source (its controlling computer code is open to public view), peer-to-peer (transactions do not require a third-party intermediary such as PayPal or Visa) digital currency (being electronic with no physical manifestation).

 

The Bitcoin system is private, with no traditional financial institutions involved in transactions. Unlike earlier digital currencies that had some central controlling person or entity, the Bitcoin network is completely decentralized, with all parts of transactions performed by the users of the system. With a Bitcoin transaction, there is no third-party intermediary. The buyer and seller interact directly (peer to peer), but their identities are encrypted and no personal information is transferred from one to the other.

However, unlike a fully anonymous transaction, there is a transaction record. A full transaction record of every Bitcoin and every Bitcoin user’s encrypted identity is maintained on the public ledger. For this reason, Bitcoin transactions are thought to be pseudonymous, not anonymous. Although the scale of Bitcoin use has increased substantially, it still remains small in comparison to traditional electronic payments systems, such as credit cards, and the use of dollars as a circulating currency.

 

How Does the Bitcoin System Work?

Bitcoin is sometimes referred to as a cryptocurrency because it relies on the principles of cryptography (communication that is secure from view of third parties) to validate transactions and govern the production of the currency itself. Each Bitcoin and each user is encrypted with a unique identity, and each transaction is recorded on a decentralized public ledger (also called a distributed ledger or a blockchain) that is visible to all computers on the network but does not reveal any personal information about the involved parties. Cryptographic techniques enable special users on the bitcoin network, known as miners, to gather together blocks of new transactions and compete to verify that the transactions are valid—that the buyer has the amount of Bitcoin being spent and has transferred that amount to the seller’s account. For providing this service, miners that successfully verify a block of transactions are rewarded by the network’s controlling computer algorithm with 25 newly created Bitcoins. This decentralized management of the public ledger is the distinguishing technological attribute of Bitcoin (and other decentralized cryptocurrencies) because it solves the so-called double spending problem (i.e., spending money you do not own by use of forgery or counterfeiting) and the attendant need for a trusted third party (such as a bank or credit card company) to verify the integrity of electronic transactions between a buyer and a seller. Public ledger technology could have implications not just for the traditional payments system but possibly also for a wide spectrum of transactions (e.g., stocks, bonds, and other financial assets) in which records are stored digitally.

It is important to note that, even though Bitcoin is not legal tender in Kenya, there is no official “ban” on virtual currencies in the country either. Warnings like these are meant to warn the everyday consumer about the possible pitfalls associated with digital currency, and how they should be aware of these risks.

*** more posts to follow**

Consumer Responsibilities

 

Anwar-FazalIn the 1980s, CI’s then president, led the call to also introduce a set of consumer responsibilities to compliment consumer rights.

These remain crucial principles for many consumer rights organisations today:

Critical awareness – consumers must be awakened to be more questioning about the provision of the quality of goods and services.
Involvement or action – consumers must assert themselves and act to ensure that they get a fair deal.
Social responsibility – consumers must act with social responsibility, with concern and sensitivity to the impact of their actions on other citizens, in particular, in relation to disadvantaged groups in the community and in relation to the economic and social realties prevailing.
Ecological responsibility – there must be a heightened sensitivity to the impact of consumer decisions on the physical environment, which must be developed to a harmonious way, promoting conservation as the most critical factor in improving the real quality of life for the present and the future.
Solidarity – the best and most effective action is through cooperative efforts through the formation of consumer/citizen groups who together can have the strength and influence to ensure that adequate attention is given to the consumer interest.

source: http://www.consumersinternational.org/who-we-are/consumer-rights/