Information Law

Charles Oppenheim BSc, PhD, DSc, DipInfSc, CertEd, FCLIP, HonFCLIP, FRSA, AUMIST, FRPSL is Senior Consultant at Naomi Korn Associates and a Visiting Professor at Robert Gordon University and is an independent consultant. He has been involved in research, talks and publications on the library and information professions, national information policy, the information industry, Intellectual Property Rights and related legal issues, data protection, bibliometrics, the evaluation of research quality, and scholarly publishing trends. Adrienne Muir MA, MSc, PhD, PG Dip IT and Telecomms Law, FHEA, MCLIP is Senior Consultant at Naomi Korn Associates. Previously she was Professor of Information Management at Robert Gordon University where she focused on legal and ethical issues relating to digital libraries. Adrienne served as copyright and liaison officer on the eLib ACORN electronic reserve project and was a member of an international study on the impact of copyright law on digital presentation. She has taught legal and ethical issues to students in business studies; computer science; graphic communication; media, information and library studies. Naomi Korn BA (Hons), MA is the Managing Director of Naomi Korn Associates, the UK’s leading copyright, data protection and legal compliance management consultancy. She developed the ‘Compliance Methodology’ and as Chair of LACA (Libraries and Archives Copyright Alliance) successfully lobbied for changes to UK copyright law. She is a visiting lecturer at University College London, City University and Kingston University and provides training for library and information professionals. Naomi is a CREATe Industry Fellow and a rights specialist on the National Lottery Heritage Fund Advisors Network.

Contents

List of acronyms
List of case studies
List of figures and tables
Introduction

1 Copyright and related rights
Introduction
What does copyright protect?
Restricted acts
Exceptions to copyright
The new text and data mining exception
Moral rights
Database rights
Performers’ rights
Some problems arising from copyright
Orphan works
Managing copyright

2 Data protection
Introduction
Some details about the UK’s data protection law
Some definitions in UK data protection law
The rights of data subjects
Exemptions under the law
Transfer of data out of the EEA 0
A reminder of the changes introduced by the GDPR
Top tips
Further reading

3 Freedom of information
Introduction
Some details of the UK law
Exemptions to FoI
The Information Commissioner’s Office (ICO)
The overlap between FoI and data protection
Top tips
Further reading
4 Governance, audits and risk assessment
Introduction
Information governance frameworks
Roles in information governance
Governance committees or boards
Senior Responsible Officer
Compliance officers
Audits
Forward planning
Top tips
5 Policies
Introduction
What should the policy contain?
How does one ensure the policies work?
Information policy examples
Checklist for an information law policy
6 Procedures: copyright and related rights
Introduction
Intellectual property rights
Library, information and knowledge services and intellectual property rights
Orphan works
Rights management means risk management
Acceptable use policies and procedures
Notice and take-down procedures
Performances in libraries
Top tips

7 Procedures: using and negotiating licences for access to information resources
Introduction
The electronic information industry
The licences you will encounter
What’s in a typical licence?
Top tips when negotiating licences presented to you by third parties
Further reading

8 Procedures: data protection and freedom of information
Introduction
Practical implementation of the law for library, information and knowledge workers
Data protection officers (DPOs)
Documenting processing activities
Data breaches
Data protection impact assessments
Responding to requests and complaints
Freedom of information
Publication schemes
Recognising and responding to FoI requests
Codes of practice
Top tips

9 Tools and templates
Introduction
Copyright and licensing agreements
Copyright compliance and risk management
Copyright, licensing and library management systems
Digital asset management systems
Privacy By design
Data protection compliance assessment
Information audits and documentation
Privacy notices
Privacy impact assessments
Reporting personal data breaches
Freedom of information publication schemes
Dealing with freedom of information requests
Top tips

10 Awareness and engagement
Introduction
Benefits of engaging with information law issues
Training
Role of games
Train the trainer
Training needs analysis
Developing a long-lasting and integrated approach to information law awareness and engagement
Top tips

11 Some speculations about the future

Appendix 1 Carrying out an information asset audit
Appendix 2 Sample IP policy
Appendix 3 Sample data protection policy
Appendix 4 Possible contractual terms for online access to database service
Appendix 5 Data protection privacy notice template

Bibliography
Index