TUTORIAL TWO

‘AINAA HUSNA AZHAN HAWARI 288557

1. Discuss the case of Onestop Software Solutions (M) Sdn Bhd v Masteritec Sdn
Bhd & Ors [2009] 8 MLJ 528.

In the case of Onestop Software Solutions (M) Sdn Bhd v. Masteritec Sdn Bhd
and Ors 9, the plaintiffs attempted to get an interlocutory restraining order prohibiting
the defendants from violating the plaintiffs' exclusive interest in their software. The
QnE software was an accounting tool that was built primarily for use by individuals
with minimal to no prior knowledge in accounting. The plaintiffs claimed that a
number of aspects of the QnE software are protected by intellectual property laws.

These aspects include the computer program's literary elements, which are the
source code, as well as the program's non-literal elements, which are the OnE
software's structure, modularity, architecture, and design features, as well as the
program's user interface. As an auditor for the plaintiff, the defendant had access to the
plaintiff's financial records, invoices, sales records, client records, and other sensitive
information, including technical data, source codes, and trade secrets. In addition, the
defendant was able to view the client's records. After then, it was found out that the
defendants had clearly plagiarised the QnE Software, and the defendants are unable to
explain the familiar part that exists between the plaintiffs' OnE software and their
Masteritec programme. This was uncovered after the initial discovery. Therefore, the
court came to the conclusion that the defendants violated the plaintiffs' exclusive right
to use the OnE software, and it issued an interlocutory injunction in favour of the
plaintiffs.
2. What is AI technology?

Artificial intelligence (AI) is a subfield of computer science that encompasses

a variety of subfields, such as machine learning, natural language processing, speech
processing, robotics, and machine vision. Using programming rules and, in some
cases, training data sets, the tools of artificial intelligence automate the
decision-making process. For instance, AI tools are able to calculate credit score
measurements from a variety of different data sets, as well as recognise and locate
objects from image data. The term "intellectual property" refers to assets that are not
physically present, such as artistic works, inventions, brands, and new technologies as
well as source code. The legal safeguards (for AI) have not yet caught up with the
rapid pace of technological advancement due to this fact, it is particularly important to
begin and maintain management of one's IP portfolio.

In general, the operation of AI systems involves the consumption of vast

quantities of labelled training data, the examination of said data in search of
correlations and patterns, and the utilisation of said patterns in order to make
predictions about future states. In this way, a chatbot can learn to produce lifelike
exchanges with people by being fed examples of text chats, and an image recognition
tool can learn to identify and describe objects in images by reviewing millions of
examples.
3. Discuss copyright in AI technology.

Copyright is an essential intellectual property asset for AI because it prevents

unauthorised copies of the technology product (both the code and the data) from being
used. Large data sets used in AI systems are eligible for copyright protection because
they are considered compilations of data based on Section 8 of the Copyright Act.
Additionally, AI systems have the potential to create new copyright-protected works,
such as new musical compositions or works of art. However, as stated in Section 3 of
the CA, the author of an invention must be a person. This is one of the issues
regarding copyright in AI as the author’s are artificial intelligence which are software
and computer generated.

According to s.8 of the Copyright Act, AI systems involve large data sets
which can be protected by copyright as compilations of data. AI systems can also
generate new works protectable by copyright, such as creating new artwork or music.
However, s.3 of the Copyright Act states that ‘author’ must be ‘person’. It’s hard for
AI to get copyright for an invention since AI is not considered a person. Thus, the AI's
creation is not protected and can be used by anyone.

To elaborate further, it was held in Telstra Corporation Limited v Phone

Directories Company Pty Ltd [2010] FCAFC 149. Because the compilation that results
from Telstra's mostly automated method of creating a compilation from a database is
not a literary work that originated from the intellectual effort of an individual, the
Copyright Act does not protect the compilation that results from this method. This is
due to the fact that the compilation is not a literary work. The Full Federal Court's
decision to dismiss Telstra's appeal confirms that it is highly unlikely for the output
from databases to be protected by copyright in the absence of some intellectual effort
or the exercise of skill and judgement. Both in front of the trial judge and on appeal,
the lack of human involvement in the production of the compilation was fatal to the
claim that it was an original literary work. This meant that the directories were not
protected by copyright in either setting.
4. Discuss the development of privacy law in Malaysia.

The majority of nations' legal systems recognise the right to privacy as a

fundamental human right that must be protected because it is an underlying value that
must be preserved. The provision that "No person shall be deprived of his life or
personal liberty except in accordance with the law" can be found in Article 5(1) of the
Federal Constitution. According to the decision made by the Federal Court in the case
of Sivarasa Rasiah v. Badan Peguam Malaysia & Anor [2010] 3 CLJ 507 at 519
(Gopal Sri Ram FCJ (as he was), the federal court came to the conclusion that the right
to personal liberty includes the right to privacy. Our constitution recognises the right to
privacy under Article 5 in accordance with this decision.

The right to privacy basically means the right to be left alone and to live the
private aspects of one's life without being subjected to unwarranted or undesired
publicity or public disclosure. This is because the right to privacy was established in
the United States Constitution. A person has the right to keep information or
themselves private, and can choose how much of themselves to show to others as a
result of exercising this right.

However, in Malaysia, it has been decided in cases like Ultra Dimension Sdn.
Bhd. v. Kook Wei Kuan [2004] 5 CLJ 285 that invasion or violation of privacy is not
a recognised tort or a cause of action in Malaysia. If the tort of invasion of privacy or
misuse of private information is recognised in Malaysia, it may be used as a remedy
against those who have violated the Malaysian Personal Data Protection Act 2010,
which was enacted in 2010.

One of the legislation that governs privacy in Malaysia is Personal Data

Protection Act 2010. The PDPA prevents unauthorised use of individuals' personal
data. Any information that is collected or processed in connection with a commercial
transaction by any equipment operating automatically such as an ATM or a computer,
and that is capable of identifying a person, is considered to be personal data. Personal
data includes sensitive personal data, the aforementioned definition will encompass
details such as names, addresses, email addresses, telephone numbers, and
identification card or passport numbers, in addition to information regarding banking
information.

The PDPA makes it illegal for data users to collect and process the personal
data of a data subject without first obtaining the data subject's consent. The Act also
makes it illegal for data users to disclose or make their data available to any third party
without first obtaining the consent of the individuals whose data is being shared. It is a
requirement that data users inform data subjects on the purpose of their data collection,
the category of third party who may have access to the data, and the options that data
subjects have regarding the manner in which the data is to be used. The Act also
imposes a duty on data users to put adequate security and indemnity measures into
place for the purpose of preventing the theft, misuse, unauthorised access, accidental
disclosure, alteration, or destruction of data that is under their care. Specifically, this
duty is imposed on data users in the form of a duty to indemnify the data owner in the
event that the The Act also gives individuals the right to access, modify, and update
the personal information that has been collected about them.
5. Discuss the followings:

Data Integrity Principle

The entire accuracy, completeness, and consistency of data is what's referred to

as its integrity. Data integrity also refers to the safety of data in terms of regulatory
compliance as well as security. It is kept in working order by a plethora of procedures,
regulations, and guidelines that were put into place throughout the design phase. No
matter how long it is kept in the database or how frequently it is accessed, the
information will always be complete, accurate, and dependable if the data's integrity is
protected. This is true regardless of how often it is accessed. Section 11 of PDPA
provides that a data user shall take reasonable steps to ensure that the personal data is
accurate, complete, not misleading and kept up-to date by having regard to the
purpose, including any directly related purpose, for which the personal data was
collected and further processed

There are two types of data integrity, physical and logical. Physical integrity is
the protection of the wholeness and accuracy of that data as it’s stored and retrieved.
When natural disasters strike, power goes out, or hackers disrupt database functions,
physical integrity is compromised. Human error, storage erosion, and a host of other
issues can also make it impossible for data processing managers, system programmers,
applications programmers, and internal auditors to obtain accurate data.

Then, logical integrity. Logical integrity protects data from human error and
hackers as well, but in a much different way than physical integrity does. There are
four types of integrity under. Entity integrity relies on the creation of primary keys.
Then, referential integrity which refers to the series of processes that make sure data is
stored and used uniformly. Domain integrity is the collection of processes that ensure
the accuracy of each piece of data in a domain and last but not least user-defined
integrity involves the rules and constraints created by the user to fit their particular
needs.
Access Principle

As stated in Section 12 of the PDPA, the individual who is the subject of the
data has the right to view his or her own data and to modify any personal data that is
inaccurate, incomplete, misleading, or out of date. This right also extends to the
individual who is providing the data. However, the Personal Data Protection Act
(PDPA) does contain a list of reasons why a data user could decide not to cooperate
with a data subject's request to access their data or a request to correct faulty data.
These grounds can be found in the act. Nevertheless, whoever violates these Principles
is guilty of an offence, and if found guilty, they shall be subject to a fine that does not
exceed three hundred thousand ringgit or to imprisonment for a term that does not
exceed two years, or both, depending on the severity of the violation. These penalties
are dependent on the severity of the violation.
Case: Suresh K Velauthan v. Petronas ICT Sdn Bhd [2018] 2 LNS 0455

In the case Suresh K Velauthan v. Petronas ICT Sdn Bhd, it was decided that
the list of candidates who were interviewed, as well as the list of people who applied
and were later shortlisted, are both considered to be confidential information. Aside
from his role as Head of Projects for another PETRONAS subsidiary, the claimant also
oversaw the Oil & Gas Solutions & Services division while employed by the business.
A new chief executive officer (named Redza Goh) was brought in after a few years,
and under his leadership, the corporation underwent a major restructuring. Both the
claimant and other general managers were offered mutual separation packages to quit
the company voluntarily. After some negotiation, the claimant accepted the severance
package. The claimant has shown up in court, alleging that he was fired without good
cause or justification and that he was coerced into accepting the MSP. However, the
corporation maintains that the claimant accepted the MSP voluntarily and was
terminated for no reason. He had sufficient time and opportunity to consider his
options before accepting the MSP, the evidence showed; he did not object to the
company's decision to offer him the MSP, and he did not put his concerns to the MSP
in writing, either. In other words, he might have chosen to say no. When taken as a
whole, his behaviour did not match his claims of being subjected to pressure from the
firm. It had led us to believe that he would be amenable to considering his exit from
the company. Claimant failed to provide credible evidence supporting his allegation
that he was "forced" to accept the MSP.

Therefore, his claim that he was forced to accept the MSP was never put to the
test. A previously granted consent can be revoked in accordance with section 38 of the
PDPA. In addition, the personal data of a data subject can only be processed if the
processing is being done for a lawful purpose that is directly related to an activity of a
data user, the processing is necessary for or directly related to that purpose, and the
personal data is adequate and not excessive in relation to that purpose.
6. Discuss privacy and security issues with drones in Malaysia.

Drones are unmanned aircraft systems (UAS). UAS is an aircraft and its
associated elements which are operated with no pilot on board. Drones are subject to
the Civil Aviation Act 1969, which is administered by the Department of Civil
Aviation Malaysia (DCA). All drones operating in Malaysia must comply with the
safety and operational standards as those for manned aircraft. Flying drones without
following the proper regulations will definitely cause privacy and security
issues in Malaysia. There are some places in Malaysia where drones cannot be used as
it might cause the leak of confidential information such as at Putrajaya and airport.
Flying a drone without following the proper regulation will cause discomfort to some
people as they feel their private space is being invaded and they will not have the
freedom even in their own house as the drones cause trespass to land and will cause
nuisance to the residents.

7. Discuss the legal issue of freedom of panorama (drone issue).

Freedom of panorama is the legal right in some countries to publish

pictures of artworks, sculptures, paintings, buildings or monuments that are in public
spaces, even when they are still under copyright. In some countries, they have
restriction under copyright law about the freedom of panorama; it related to the
jurisdictions that permits taking photographs and video footage and creating other
images of art works such as buildings or sculptures which are permanently located in
public place without infringing on any copyright that subsist in such works and
the publishing of such images. Any media technologies including drones will
have to abide by this law. In the case of, Rivera v. Foley, 2015 WL 1296258 (D.Conn.
2015). The plaintiff, an employee of a television station, heard about a serious car
crash on a police scanner. The plaintiff operated his drone about 150 feet above the
demarcated crime/police investigation scene. Although the plaintiff remained outside
the investigation boundaries, police told the plaintiff to leave the area and remove his
drone which purportedly compromised the crime scene’s integrity. The plaintiff filed a
civil rights lawsuit against the police. The judge determined that “plaintiff’s operation
of an unusual and likely unidentified device into a cordoned-off area at the scene of a
major motor vehicle accident and ongoing police investigation provides arguable
reasonable suspicion that plaintiff was interfering with police activity.
8. Discuss the intellectual property issue in AR and VR.

AR allows users to see the real world as it truly exists, but with digital graphics
superimposed on the reality so that they seem to exist as part of the world. One
example of this is the mobile game "Pokemon Go." AR users can see the real world by
using special glasses or a smartphone. Meanwhile, virtual reality (VR) completely
replaces the real world. Virtual reality (VR) immerses users in a computer-generated
setting and gives them the freedom to move about and interact with it as if it were the
real world. Although games, such as PlayStation VR, are the most common
application of VR, the technology is also being used for immersive news reporting and
social experiments.

The liability for infringing copyrights and trademarks is at the heart of

intellectual property concerns in augmented and virtual reality. For instance, some VR
and AR users or developers may create an avatar that mimics a piece of intellectual
property that is legally protected, such as a character or a location, without the consent
of the property's owner. This also applies to certain businesses that benefit from the
use of copyrighted images in augmented reality and virtual reality without the
permission of the original owner. Take, for instance: In the court case known as White
v. Samsung Electronic America, the plaintiff, Vanna White, filed a lawsuit against the
defendant, Samsung Electronic America, alleging that the defendant infringed upon
her intellectual property rights by commercially using a robot that looks like her
during the Wheel of Fortune game show. The court decided that it was a violation of
Vanna White's publicity rights and stated that viewers would be misled into thinking
that the robot was Vanna White based on the physical characteristics, clothing, and
postures of the robot if they saw the scene as a whole, even if it did not involve her.