24 December 2021

Health Data Sharing

Share, but respectfully and with conditions. That's one conclusion from 'Patients’ and public views and attitudes towards the sharing of health data for research: a narrative review of the empirical evidence' by Shona Kalkman, Johannes van Delden, Amitava Banerjee, BenoĆ®t Tyl, Menno Mostert and Ghislaine van Thiel in (2021) 48(1) Journal of Medical Ethics, abstracted as 

Introduction International sharing of health data opens the door to the study of the so-called ‘Big Data’, which holds great promise for improving patient-centred care. Failure of recent data sharing initiatives indicates an urgent need to invest in societal trust in researchers and institutions. Key to an informed understanding of such a ‘social license’ is identifying the views patients and the public may hold with regard to data sharing for health research.  We performed a narrative review of the empirical evidence addressing patients’ and public views and attitudes towards the use of health data for research purposes. The literature databases PubMed (MEDLINE), Embase, Scopus and Google Scholar were searched in April 2019 to identify relevant publications. Patients’ and public attitudes were extracted from selected references and thematically categorised. Twenty-seven papers were included for review, including both qualitative and quantitative studies and systematic reviews. Results suggest widespread—though conditional—support among patients and the public for data sharing for health research. Despite the fact that participants recognise actual or potential benefits of data research, they expressed concerns about breaches of confidentiality and potential abuses of the data. Studies showed agreement on the following conditions: value, privacy, risk minimisation, data security, transparency, control, information, trust, responsibility and accountability. Our results indicate that a social license for data-intensive health research cannot simply be presumed. To strengthen the social license, identified conditions ought to be operationalised in a governance framework that incorporates the diverse patient and public values, needs and interests.

 The authors argue 

Large-scale, international data sharing opens the door to the study of so-called ‘Big Data’, which holds great promise for improving patient-centred care. Big Data health research is envisioned to take precision medicine to the next level through increased understanding of disease aetiology and phenotypes, treatment effects, disease management and healthcare expenditure.  However, lack of public trust is proven to be detrimental to the goals of data sharing. The case of care.data in the UK offers a blatant example of a data sharing initiative gone awry. Criticism predominantly focused on limited public awareness and lack of clarity on the goals of the programme and ways to opt out. Citizens are becoming increasingly aware and critical of data privacy issues, and this warrants renewed investments to maintain public trust in data-intensive health research. Here, we use the term data-intensive health research to refer to a practice of grand-scale capture, (re)use and/or linkage of a wide variety of health-related data on individuals. 

Within the European Union (EU), the recently adopted General Data Protection Regulation (GDPR) (EU 2016/679) addresses some of the concerns the public may have with respect to privacy and data protection. One of the primary goals of the GDPR is to give individuals control over their personal data, most notably through consent. Other lawful grounds for the processing of personal data are listed, but it is unclear how these would exactly apply to scientific research. Legal norms remain open to interpretation and thus offer limited guidance to researchers. In Recital 33, the GDPR actually mentions that additional ethical standards are necessary for the processing of personal data for scientific research. This indicates a recognised need for entities undertaking activities likely to incite public unease to go beyond compliance with legal requirements. Complementary ethical governance then becomes a prerequisite for securing public trust in data-intensive health research. 

A concept that could be of use in developing ethical governance is that of a ‘social license to operate’. The social license captures the notion of a mandate granted by society to certain occupational groups to determine for themselves what constitutes proper conduct, under the condition that such conduct is in line with society’s expectations. The term ‘social license’ was first used in the 1950s by American sociologist Everett Hughes to address relations between professional occupations and society. The concept has been used since to frame, for example, corporate social responsibility in the mining industry, governance of medical research in general and of data-intensive health research more specifically. As such, adequate ethical governance then becomes a precondition for obtaining a social license for data sharing activities. 

Key to an informed understanding of the social license is identifying the expectations society may hold with regard to sharing of and access to health data. Here, relevant societal actors are the subjects of Big Data health research, constituting both patients and the general public. Identification of patients’ and public views and attitudes allows for a better understanding of the elements of a socially sanctioned governance framework. We know of the existence of research papers that have captured these views using quantitative or qualitative methods or a combination of both. So far, systematic reviews of the literature have limited their scope to citizens of specific countries, qualitative studies only or the sharing of genomic data. Therefore, we performed an up-to-date narrative review of both quantitative and qualitative studies to explore predominant patient and public views and attitudes towards data sharing for health research.

In discussing Conditions for sharing the authors comment 

Widespread willingness to share data for health research very rarely led to participants’ unconditional support. Studies showed agreement on the following conditions for responsible data sharing: value, privacy, minimising risks, data security, transparency, control, information, trust, responsibility and accountability. 

Value 

One systematic review found that participants found it important that the research as a result of data sharing should be in the public’s interest and should reflect participants’ values.  The NICE Citizens Council advocated for appropriate systems and good working practices to ensure a consistent approach to research planning, data capture and analysis. 

Privacy, risks and data security 

The need to protect individuals’ privacy was considered paramount and participants often viewed deidentification of personal data as a top privacy measure. One survey among US patients with cancer found that only 20% (n=228) of participants found linkage of individuals with their deidentified data acceptable for return of individual health results and to support further research. Secured access to databases was considered an important measure to ensure data security in data sharing activities. A systematic review of participants’ attitudes towards data sharing showed that people established risk minimisation as another condition for data sharing. Findings by Mazor et al suggest that patients only support studies that offer value and minimise security risks. 

Transparency and control 

Conditions regarding transparency were information about how data will be shared and with whom, the type of research that is to be performed, by whom the research will be performed, information on data sharing and monitoring policies and database governance, conditions framing access to data and data access agreements, and any partnerships with the pharmaceutical industry. More generally, participants expressed the desire to be involved in the data sharing process, to be notified when their data are (re)used and to be informed of the results of studies using their data. Spencer et al identified use of an electronic interface as a highly valued means to enable greater control over consent choices. When asked about the use of personal data for health research by the NHS, UK citizens were typically willing to accept models of consent other than the ones they would prefer. Acceptance of consent models with lower levels of individual control was found to be dependent on a number of factors, including adequate transparency, control over detrimental use and commercialisation, and the ability to object, particularly to any processing considered to be inappropriate or particularly sensitive. 

Information and trust 

One systematic review identified trust in the ability of the original institution to carry out the oversight tasks as a major condition for responsible data sharing. Appropriate education and information about data sharing was thought to include public campaigns to inform stakeholders about Big Data and information communicated at open days of research institutions (such as NICE) to ensure people understand what their data are being used for and to reassure them that personal data will not be passed on or sold to other organisations. The informed consent process for study participation was believed to include information about the fact that individuals’ data could potentially be shared, the objectives of data sharing and (biobank) research, the study’s data sharing plans, governance structure, logistics and accountability. 

Responsibility and accountability 

Participants often placed the responsibility for data sharing practices on the shoulders of researchers. Secondary use of data collected earlier for scientific research was viewed to require a data access committee that involves a researcher from the original research project, a clinician, patient representative and a participant in the original study.  Researchers of the original study were required to monitor data used by other researchers. In terms of accountability, patient and public groups in Italy (n=280) placed high value on sanctions for misuse of data. Information on penalties or other consequences of a breach of protection or misuse was considered important by many. Discussion In this study, we narratively reviewed 27 papers on patients’ and public views on and attitudes towards the use of health data for scientific research. Studies reported a widespread—though conditional—support for the linkage and sharing of data for health research. The only outlier seems to be the finding that just over half (n=25) of the NICE Citizens Council answered ‘no’ to the question whether they had any concerns if NICE used anonymised data to fill in the gaps if NICE was not getting enough evidence in ‘the usual ways’. However, we hasten to point out that the question about willingness to share is different from the question whether people have concerns or not. In addition, after a 2-day discussion meeting Council members were perhaps more sensitised to the potential concerns regarding data sharing. Therefore, we suggest that the way and context within which questions are phrased may influence the answers people give. 

Overall, people expressed similar motivations to share their data, perceived similar benefits (despite some variation between patients and citizens), yet at the same time displayed a range of concerns, predominantly relating to confidentiality and data security, awareness about access and control, and potential harms resulting from these risks. Both patient and public participants conveyed that certain factors would increase or reduce their willingness to have their data shared. For example, the presence of privacy-protecting measures (eg, data deidentification and the use of secured databases) seemed to increase willingness to share, as well as transparency and information about data sharing processes and responsibilities. The identified views and attitudes appeared to come together in the conditions stipulated by participants: value, privacy and confidentiality, minimising risks, data security, transparency, control, information, trust, responsibility and accountability. 

In our Introduction, we mentioned that identifying patients’ and public views and attitudes allows for a better understanding of the elements of a socially sanctioned governance framework. In other words, what work should our governance framework be doing in order to obtain a social license? This review urges researchers and institutions to address people’s diverse concerns and to make an effort to meet the conditions identified. Without these conditions, institutions lack trustworthiness, which is vital for the proceedings of medicine and biomedical science. As such, a social license is not a ‘nice to have’ but a ‘need to have’. Our results also confirm that patients and the public indeed care about more than legal compliance alone, and wish to be engaged through information, transparency and control. This work supports the findings of a recent systematic review into ethical principles of data sharing as specified in various international ethical guidelines and literature.  What this body of research implies is considerable diversity of values and beliefs both between and within countries.   

The goal of this narrative review was to identify the most internationally dominant, aggregated patient and public views about the broad topic of data sharing for health research. We deliberately opted for the methodology of a narrative review rather than a systematic review. Most narrative reviews deal with a broad range of issues to a given topic rather than addressing a particular topic in depth.  This means narrative reviews may be most useful for obtaining a broad perspective on a topic, and that they often are less useful in generating quantitative answers to specific clinical questions. However, because narrative reviews do not require specification of the search and selection strategy and the way of critically appraising literature can be variable, the connection between evidence generated by narrative reviews and (clinical) recommendations is less rigorous and risk of bias exists. This is something to take into account in this study. A risk of bias assessment was not possible due to the heterogeneity of the findings. We acknowledge that our methodological choices may have affected the discriminative power or granularity of our findings. For example, there is a difference between sharing of routinely collected health data versus secondary use of health data collected for research purposes. And we can only make loose assumptions about potential differences between patient and public views. 

In addition, we should mention that this work is centred around studies conducted in Western countries as the whole Big Data space and literature is dominated by Western countries, higher socioeconomic status and Caucasians. However, most of the disease burden globally and within countries is most probably not represented in the ‘Big Data’ and so we have to stress the lack of generalisability to large parts of the world. 

Nevertheless, we believe our findings point towards essential elements of a governance framework for data sharing for health research purposes. If we are to conclude that the identified conditions ought to act as the pillars of a governance framework, the next step is to identify how these conditions could be practically operationalised. For example, if people value information, transparency and control, what type of consent is most likely to valorise these conditions? And what policy for returning research results would be desirable? Once we know what to value, we can start thinking about the ways to acknowledge that value. A new challenge arising here, however, is what to do when people hold different or even conflicting values or preferences. Discrete choice experiments could help to test people’s preferences regarding specific topics, such as preferred modes of informed consent. Apart from empirical work, conceptual analysis is needed to clarify how public trust, trustworthiness of institutions and accountability are interconnected.

22 December 2021

Fake COVID Certs

Another instance of fake vax certificates in Mr David Brownbill v O&M Pty Ltd [2021] FWC 6635, with the Fair Work Commission noting that on 8 December Brownbill made an application to the Commission under section 526 of the Fair Work Act 2009 (Cth) alleging he had been unlawfully stood down from employment with O&M Pty Ltd. 

The hearing was via Microsoft teams. O&M raised the question of Brownbill’s COVID-19 vaccination status, arguing that Brownbill was a casual employee, Brownbill had not been stood down and that as result of a Direction of the state's Acting Chief Health Officerit could not place its employees on a certain client site unless they had proof of vaccination or a first vaccination dose or had a booking to receive a first vaccination dose. O&M asserted that Brownbill had not supplied the requisite proof; accordingly it was unable to use his services from 14 October 2021. 

[3] During the conference, it was asserted by Mr Brownbill that he had supplied proof of having been vaccinated to the Company on 22 November 2021. The Company held some concerns about the vaccination certificate produced by Mr Brownbill. I requested a copy of the email Mr Brownbill had sent to the Company on 22 November 2021. It was provided. 

[4] The email dated 22 November 2021 contained within it the following hyperlink: [omitted here] 

[5] Having clicked on the hyperlink, it appeared to me that the means by which the vaccination certificate had been procured by Mr Brownbill may have been fraudulent and that the certificate he produced may be a fraud. 

[6] I expressed this view to the parties. 

[7] If the vaccination certificate is a fraud and has been fraudulently obtained via an illegitimate hyperlink on the internet, this would be a matter of extremely serious public policy concern. I invite the relevant public authorities to investigate further. 

[8] During a further exchange with Mr Brownbill about a separation certificate he says he was sent to him by the Company, he terminated his involvement in the conference by stating: “[expletive], I’m not wasting any more time with you corrupt idiots.” 

Brownbill left the conference.  

[9] From this, I have taken Mr Brownbill to have discontinued his application pursuant to Rule 10(2)(c) of the Fair Work Commission Rules 2013. The Commission’s file will now be closed.

The 'gimme a fake vax cert' site states "Welcome to the Medicare vaccine pass generator. Please input the data needed to make the pass here", with users needing to input their name and date of birth and fake vaccination details, alongside guidance (“Make sure your dose dates add up. Remember, 12 weeks between AZ and 5 (give or take 1) between Pfizer") about how to make the fake certificate appear more authentic.

'COVID-19 Vaccination Certificates in the Darkweb: A Preprint' by Dimitrios Georgoulias, Jens Myrup Pedersen, Morten Falch and Emmanouil Vasilomanolakis comments 

COVID-19 vaccines have been rolled out in many countries and with them a number of vaccination certificates. For instance, the EU is utilizing a digital certificate in the form of a QR-code that is digitally signed and can be easily validated throughout all EU countries. In this paper, we investigate the current state of the COVID-19 vaccination certificate market in the darkweb with a focus on the EU Digital Green Certificate (DGC). We investigate 17 marketplaces and 10 vendor shops, that include vaccination certificates in their listings. Our results suggest that a multitude of sellers in both types of platforms are advertising selling capabilities. According to their claims, it is possible to buy fake vaccination certificates issued in most countries worldwide. We demonstrate some examples of such sellers, including how they advertise their capabilities, and the methods they claim to be using to provide their services. We highlight two particular cases of vendor shops, with one of them showing an elevated degree of professionalism, showcasing forged valid certificates, the validity of which we verify using two different national mobile COVID-19 applications. 

The darkweb has been actively serving as a platform where cybercriminals can carry out their operations, since the founding of the Farmer’s Market (2010) (18) and Silk Road (2011) (4). Both of these marketplaces, operated via Tor hidden services, which is still the most popular anonymization network to this day. While these marketplaces started off with a heavy focus on drugs, though the years such platforms have evolved, providing a large variety of products and services (e.g. firearms, botnet services, malware, stolen bank credentials). The COVID-19 pandemic has had a great impact on millions of people around the globe, affecting many different aspects of their lives. In order to reverse the worldwide disruption that the virus has caused, vaccines were developed, aiming towards protecting the population and halting the spread of the virus. 

Trading platforms on the darkweb were very quick to take advantage of the pandemic situation. Vendors started offering vaccines on several marketplaces, or on their own independent vendor shops (2). After the vaccine development, the next step was monitoring the vaccination status of the population, which was achieved through the issuance of vaccination certificates, in physical or digital form. In several countries, not being vaccinated is bound to cause implications in people’s social and work life, often excluding them from some activities, and making daily tasks harder to carry out. For example, the non-vaccinated population needs COVID tests frequently, might be denied indoor access to restaurants, or have challenges while traveling. Since vaccinations can play such an important role in certain countries, a new market has emerged on the darkweb. Marketplaces and vendor shops are currently offering both physical and digital certificates, from a variety of countries, or fake PCR test results as an alternative, with non-vaccinated people as the target client group. Individuals that do not wish to be vaccinated, but want the convenience of owning a vaccination certificate, can visit the darkweb and purchase one on a number of different platforms. 

In this paper, we focus on the COVID-19 vaccination certificate darkweb market, with an emphasis on the EU Digital Green Certificate (DGC). We investigate 17 marketplaces and 10 vendor shops that list physical or digital proofs of vaccination as available products, with the purpose of documenting the different aspects that compose this specific type of illegal trading. This includes elements such as countries of origin, countries that the certificate is valid in, shipping, means of communication with the vendors, as well as how these items find their way to the sellers. We then demonstrate examples of such sellers and emphasize on two interesting cases in which the vendors provide valid EU digital certificates as proof of their service’s legitimacy. Notably, one of the shops presents a very high degree of professionalism. We confirm the validity of these certificates, and examine their details. 

The remainder of this paper is structured as follows. In Section 2, we give an overview of the methods used to carry out our research for the purposes of this paper. Section 3 provides background information on the issuance and the verification of vaccination certificates, and discusses the related work. In Section 4, we dive into the mapping of the certificate market of the darkweb. Section 5 is dedicated to investigating the legitimacy of the listings we found. Lastly, Section 6 concludes this paper.

21 December 2021

Copyright Reform

Just in time for Christmas (amid a tsunami of other consultations) the government has released a discussion paper on the Exposure Draft Copyright Amendment (Access Reform) Bill 2021 and on the Review of Technological Protection Measures Exceptions. Submissions are due 11 February. 

The discussion paper indicates that the Exposure Draft of the Copyright Amendment (Access Reform) Bill 

 aims to simplify and update provisions of the Copyright Act 1968 (the Act) to better support the needs of Australians accessing content in the digital environment. The Bill builds on the Copyright Amendment (Disability Access and Other Measures) Act 2017 and the Copyright Amendment (Service Providers) Act 2018 by providing reasonable and practical measures that reflect contemporary use of copyright material in the public interest, while maintaining appropriate protections and incentives for content creators. The Government has released the Bill, and this discussion paper, so that interested individuals and organisations can have their say on these proposed reforms. The Government is also conducting a review of the technological protection measure (TPM) exceptions in section 40 of the Copyright Regulations 2017

It states that the Australian copyright framework

has been subject to extensive review over recent years. These reviews have assessed how copyright is adapting to the modern challenges of evolving technology, changing consumer usage patterns and broader global trends. They have consistently highlighted the need for a more flexible and adaptive framework to facilitate access to, and dissemination of, creative content in the digital environment. Copyright law is essential in incentivising creators and their industries to produce Australian content and receive payment for their creativity. At the same time, allowing reasonable access to that creative content is critical to enhance learning and Australian culture, and driving new creativity and innovation. The Act seeks to balance the rights of copyright owners to manage and protect their content with the public interest to access that content. It is also important that the Act gives creators, copyright owners and users certainty about the scope of rights and the permissible use of copyright material. A key issue is how to introduce more flexibility in the Act to allow clear and reasonable access to content in the public interest in an increasingly digital world, while maintaining appropriate safeguards to protect copyright owners’ commercial interests.

The Productivity Commission’s 2016 Intellectual Property Arrangements inquiry and Australian Law Reform Commission’s 2013 Copyright and the Digital Economy inquiry recommended adopting a broad ‘fair use’ copyright exception to replace Australia’s narrower, purpose-based ‘fair dealing’ exceptions and some other specific exceptions. 

A ‘fair use’ system (such as in the United States) is a principles-based system that allows the use of copyright material if it is ‘fair’. By contrast, a ‘fair dealing’ exception regime allows the use of copyright material for certain purposes specified in the legislation. Proponents of fair use argue that it is a more flexible legal tool, capable of accommodating new and valuable fair uses of copyright material without waiting for legislative change. The PC inquiry overlapped with copyright reforms that were already being developed by the Government. These reforms resulted in the Copyright Amendment (Disability Access and Other Measures) Act 2017 that improved the workability of the Act for the disability, library and archives, and education sectors and included:

• technology neutral exceptions that facilitate access to copyright material for people with a disability, on par with the general community • updated preservation provisions for libraries and archives and other key cultural institutions • new standard terms of copyright protection for works, sound recordings and films, including unpublished material, and • streamlined education statutory licence.

The Government response to the PC inquiry flagged that further consultation was necessary for certain recommendations given the complexity of the issues and different approaches available to address them. The Government’s subsequent Copyright modernisation consultations held in 2018 sought views on flexible copyright exceptions such as fair use and extended fair dealing exceptions; access to ‘orphan works’ (where the copyright owner cannot be found); and ‘contracting out’ of exceptions. ... 

The Copyright modernisation consultations highlighted that there is no clear case to move to a broad, principles based ‘fair use’ system. Stakeholders’ views remained polarised, and the evidence base for broader reform was not clear. A change to fair use would represent a significant departure from Australia’s current copyright system of fair dealing and specific exceptions. It would risk introducing ambiguity or uncertainty, which may be difficult and costly to resolve, and in some cases lead to litigation or people simply abandoning use of creative content. While there is no uniform international approach, the large majority of countries rely on copyright frameworks that include exceptions similar to Australia, rather than fair use. 

The Government has chosen, at this time, to undertake more specific, targeted reforms to the existing exceptions framework. This framework recognises that certain reasonable uses of copyright material in the public interest should be permitted without the consent of, or payment of money to, the copyright owner. ... incremental reform to this existing exceptions framework would avoid significant disruption to copyright owners’ commercial markets that sweeping reforms may cause. 

Shift in the digital landscape 

In recent years, the digital landscape has changed significantly with the rise of multinational digital platforms, driven by user-generated content. The Australian Competition and Consumer Commission’s 2019 Digital Platforms Inquiry final report reinforced copyright owners’ concerns that broad flexible exceptions could potentially result in content being exploited by digital platforms for commercial gain. At the same time, the access issues identified by the Government’s Copyright modernisation consultations, the PC inquiry and the ALRC inquiry remained. This COVID-19 pandemic has further highlighted these access issues, with the need for an urgent transition to widespread online and remote learning, and many public institutions having to move their services online. ... 

The reforms in the Bill target those sectors that serve important public interests, including the cultural, education, research and government sectors. It will make sure that they can provide their services effectively and efficiently in an increasingly digital environment and, in doing so, enhance access to the wider community. Recognising too the importance of copyright law in incentivising creators and their industries to produce Australian content and receive payment for their creativity, these reforms have been designed in a way to minimise the commercial impacts on copyright owners. For the most part, the reforms relate to non commercial use of copyright material or use that has a limited impact on the commercial market for the material. 

Open up access to ‘orphaned’ material 

Orphan works (copyright material where the copyright owner cannot be found), can be of great cultural, social or educational value but are generally underused. Many copyright owners cannot be identified or contacted to permit the use of material, even after time consuming and costly searches. This is a significant issue for Australia’s cultural institutions, as they hold huge amounts of orphaned material in their collections. There is a reluctance to use or allow others to access orphan works as there remains a risk the copyright owner could emerge and claim compensation for use of the material, or object to its use altogether. This could result in any new material that uses the orphan work being destroyed, withdrawn or modified at significant expense. 

Reduce time, costs and uncertainty of quotation for academics and researchers 

Seeking clearances of quotes of copyright material in publications and presentations, particularly when multiple copyright owners are involved, can represent a significant and disproportionate time and cost burden for academics, universities, libraries and archives and researchers. This can sometimes result in academics and researchers abandoning the use of material or risking using unlicensed material in their works. 

More certainty and efficiencies for cultural, education and government sectors 

The current copyright exceptions available to cultural and educational institutions, and the government statutory licensing scheme, originated in a paper-based era. Many provisions are outdated, narrow and overly prescriptive. This creates uncertainty and exposes our public sectors to a higher risk of legal liability, and imposes significant administrative burden. Many of the reforms aim to provide reasonable and practical measures to allow the use of copyright material fit for a contemporary digital-based society, and improve efficiencies.

The paper features the following questions - 

Q 1.1: Orphan works: Application to Copyright Tribunal to fix reasonable terms 

Part 11, Division 3 of the Copyright Regulations 2017 sets out the matters to be included in particular kinds of applications and references to the Copyright Tribunal. What matters do you consider should be included in an application to the Tribunal to fix reasonable terms for ongoing use of a former orphan work? 

Q 2.1: Quotation: Unpublished material 

Should the proposed new quotation fair dealing exception in section 113FA extend to the quotation of unpublished material or categories of unpublished material? 

Q 3.1: Libraries and archives: Online access - ‘Reasonable steps’ 

For the purposes of new paragraph 113KC(1)(b), what measures do you consider should be undertaken by a library or an archives to seek to limit wider access to copyright material when made available online? 

Q 3.2: Libraries and archives: Illustrations 

Does proposed new section 113KK, which replaces and simplifies current section 53 but is not intended to make any substantive changes to that section, adequately cover all of the matters set out in current section 53 or are there some potential gaps in coverage? 

Q 4.1: Education: Online access – ‘Reasonable steps’ 

For the purposes of new paragraph 113MA(2)(d), what measures do you consider should be undertaken by an educational institution to seek to limit access to copyright material, when made available online in the course of a lesson, to persons taking part in giving or receiving of the lesson, and ensure it is used only for the purposes of the lesson? 

Q 5.1: Government: Use of incoming material Does proposed new section 183G contain effective safeguards to avoid unwarranted harm to copyright owners’ commercial markets? If not, what other safeguards would assist?

The consultation paper refers to 'Additional minor measures' - 

Sch 6: Registrar of the Copyright Tribunal 

The Bill will simplify the process for appointing the Registrar of the Copyright Tribunal. These amendments will align the Act with current practices for the appointment of other Australian court registrars by giving the power to the Chief Executive Officer and Principal Registrar of the Federal Court to appoint, or terminate the appointment of, the Registrar of the Copyright Tribunal. 

Sch 7: Streamline the process for making technological protection measure (TPM) exceptions 

The Bill will streamline the process for making regulations to create or amend exceptions to liability for circumventing a TPM that controls access to copyright material. The amendment removes the requirement that a ‘submission’ must be made before the Minister can recommend changes to the regulations. Allowing regulations to be made in relation to access control TPM exceptions, where changes are consequential to amendments to the Act or otherwise identified in a review or proceeding, without first obtaining a specific stakeholder submission seeking this, will improve Australia’s ability to maintain a copyright framework that is fit for the digital environment. More information about TPM exceptions, and the current review of the exceptions listed in the Copyright Regulations 2017, can be found at Part B. 

Schedule 8: Archives The Bill will update the definition of ‘archives’ to capture current Commonwealth and State archives offices in the Act. 

Schedule 9: Referrals to the Copyright Tribunal 

The Bill will improve the consistency of language in the Act when referring to applications and references to the Copyright Tribunal. 

Schedule 10: Notifiable instruments 

The Bill will update the mode of notification required by the Act, changing outdated references to ‘Gazette’ publication to ‘notifiable instrument’.  

The paper also covers  the Review of Technological Protection Measures (TPM) exceptions, commenting

The Australia-United States Free Trade Agreement (AUSFTA) requires a review of exceptions to the TPM provisions made under the Copyright Act 1968 (the Act) every four years. The last TPM exceptions review occurred in August 2017. Consultation on this Bill provides an opportunity to consider whether existing TPM exceptions should remain and whether any new TPM exceptions should be added to section 40 the Copyright Regulations 2017 (Copyright Regulations). This includes any consequential amendments because of measures proposed in the Bill. All new TPM exceptions, including those that are consequential to the amendments proposed in the Bill, are subject to the criteria for review as set out in subsection 249(4) of the Act (and discussed further below). 

Current TPM scheme 

Technological protection measures (TPMs) are technical locks that copyright owners, and exclusive licensees, use to stop their material being accessed or copied. For example, passwords, encryption software and access codes. TPMs can be grouped into two broad categories: • Access control TPMs that prevent a person from being able to read, listen to or watch material. • Copy control TPMs that allow a person to read, listen or watch material but prevent a person from making a copy of the material. Australia’s TPM scheme allows for both civil actions and criminal actions in response to unlicensed circumvention of TPMs (see Part V of the Act: Division 2, Subdivision A, and Division 5, Subdivision E). 

Specific exclusions 

The scheme specifically excludes protection for TPMs that: 

• control geographic market segmentation: o For example, consumers can bypass region coding measures to play overseas purchased DVDs or computer programs on Australian devices. 

• restrict use of after-market goods or services, including restricting the supply of spare parts or repair or maintenance services by third parties: o For example, a computer printer manufacturer cannot use the TPM scheme to stop generic cartridges being used in its printers. o TPMs used by the providers of computer systems to restrict services being provided by competing computer system maintenance providers are also not protected. 

Exceptions to override access control TPMs 

The Act provides for a number of exceptions to civil and criminal liability for circumventing an access control TPM. This includes:

• specific exceptions in subsections 116AN(2)–(8) and 132APC(2)–(8) of the Act. These exceptions are not subject to this review, and 

• additional exceptions for acts which are prescribed by the regulations (see subsections 116AN(9)(c) and 132APC(9)(c)).

These provisions implement Article 17.4.7(e)(viii) of AUSFTA. The current additional exceptions are set out in section 40 of the Copyright Regulations, and are the subject of this review. 

This review covers both existing exceptions to access control TPMs as set out in section 40 of the Copyright Regulations, as well as possible new TPM exceptions to add to the Regulations. Currently, section 249 of the Act allows the making of new regulations in relation to TPM exceptions, and regulations varying or revoking existing regulations, on the recommendation of the Minister. Subsection 249(4) of the Act allows an additional act to be prescribed by the regulations when a submission for is received which provides credible evidence of certain criteria, and the Minister makes a decision to grant an exception. Under subsection 249(8) of the Act existing additional prescribed acts can be revoked or varied through a similar process.

The paper accordingly invites submissions on: 

• the appropriateness of the current TPM exceptions listed in section 40 of the Copyright Regulations, 

• potential consequential amendments to section 40 of the Regulations due to the Bill. 

Submissions should: 

1. Identify whether you are seeking a new exception, or to vary or revoke an existing exception. 

2. If seeking the variation or revocation of an existing exception, identify the existing exception. 

3. If a new exception is sought, clearly outline the exception and the circumstances in which it would apply. 

4. Address how the exception does or does not fit the criteria of subsections 249(4) and/or (8) of the Act.

Submissions should provide examples to support whether or not (as relevant): 

• the use of the TPM has had an adverse impact on the non-infringing use by the person or body the subject of the exception, or is likely to have such an impact, or 
 
• the TPM exception would impair the adequacy of legal protection or the effectiveness of legal remedies against the circumvention of the TPM.

19 December 2021

Elections and Social Media

The First Interim Report of the Senate Select Committee on Foreign Interference Through Social Media, which quotes my submission, features the following recommendations: 

R 1  The committee recommends that the Australian Government clearly delegate lead accountability for cyber-enabled foreign interference to a single entity in government. 

R 2  The committee recommends that the Australian Government take a proactive approach to protecting groups that are common targets of foreign interference but are not classified as government institutions. 

R 3  The committee recommends that the Australian Government establish appropriate, transparent, and non-political institutional mechanisms for publicly communicating cyber-enabled foreign interference in our elections and review the processes and protocols for classified briefings for the Opposition during caretaker with respect to cyber-enabled foreign interference. 

R 4  The committee recommends that the Australian Communications and Media Authority's report into the functioning of the Australian Code of Practice on Disinformation and Misinformation be publicly released as a matter of priority. 

R 5  The committee recommends that the Australian Government publicly release the Electoral Integrity Assurance Taskforce's terms of reference. 

R 6  The committee recommends that the Australian Government establish clear requirements and pathways for social media platforms to report suspected foreign interference, including disinformation and coordinated inauthentic behaviour, and other offensive and harmful content, and formalise agency remits, powers and resourcing arrangements accordingly. 

R 7  The committee recommends that the Election Integrity Assurance Taskforce undertake an audit to assess capability relevant to detecting disinformation prior to the coming election and, further, that the Australian Government consider providing information about relevant capabilities and resourcing to this committee as appropriate to assist in our deliberations.

WHO

'The Intellectual Property Turn in Global Health: From a Property to a Human Rights View of Health' by Laura G. Pedraza-FariƱa in (2021) 36 Osiris comments 

 International intellectual property (IP) law for pharmaceuticals has fundamentally shifted in the twenty-first century from a property-centric to a human rights view. Scholars tend to explain this transformation in the context of both the power struggle between developing and developed countries, and the influence of a social movement that criticized IP rights as hindering access to essential medicines. Yet, these explanations leave out the central role of two international organizations, the World Trade Organization (WTO) and the World Health Organization (WHO), and particularly their permanent staffs, whose boundary disputes have shaped international IP law at the intersection of trade and global health. Bringing into conversation historical and legal literatures on global health and IP, this article traces how a human rights perspective on IP emerged as a strategy to reconcile the WHO staff’s sociomedical views of health with an increasingly dominant set of global IP rules. It shows how the WHO staff used the language of economics—an analytical frame favored by the WTO—to advance a then unorthodox economic understanding of IP as a type of governmental regulation. This allowed the WHO to argue that states should enjoy regulatory autonomy to curtail IP rights in order to meet broader state objectives, such as human rights protection. Paradoxically, despite their divergent views on the nature of IP, both WTO and WHO engagement with it heralded the emergence of a new technocratic view of global health that focuses on patentable medicines and technologies, and that has ultimately turned away from the WHO’s sociomedical roots.

'Patenting Personalized Medicine: Molecules, Information, and the Body' by Mario Biagioli and Alain Pottage in the same issue comments 

The histories of patent law and medical practice in the United States have intersected in various ways over the past 150 years, beginning with the professional campaign against “patent medicines” in the late nineteenth century, and culminating, for now, in attempts to patent the diagnostic procedures discussed in this article. The patenting of diagnostic procedures provokes a set of fundamental questions about the episteme of patent law. These questions are not new. They emerged at the very origins of patent jurisprudence, centered on the question of what distinguished an invention from a law of nature, and this question of patentability has persistently reemerged over the past century in the contexts of plant breeding, biotechnology, and now diagnostic medicine. So far, the question has been addressed in terms that imagine the invention as a machine, understood in the figurative sense of a transformative organization of forces and elements. But diagnostic procedures, because they address the body informationally, as a system based on the recursive patterning of signals rather than a linear transformation of inputs into outputs, stretch the figure of the machine to the point at which it ceases to be effective. How then should one define and delimit invention?