Yugoslav Legal, Ethical and Social Dilemmas of Information Technology

Mirjana Drakulic
e-mail: mirjanad@fon.bg.ac.yu
Ratimir Drakulic
e-mail: drakula@fon.bg.ac.yu

Abstract: Development and application of information technology have brought remarkable shifts in all walks of human life and work. At first, its use was like an adventure only the most daring was engaging in. After that, wider and wider acceptance and joining the trends in technology enlarged not only the number of users, but also brought a large number of advantages. However, the advantages of information technology use started to get darker against the dangers and dilemmas that have appeared so far. Social, legal and ethical ones have found a lot of countries and individuals unprepared. The situation has especially hit the countries in transition, like Yugoslavia, already touched by changes together with undeveloped national, social, legal, ethical and information infrastructure. The way to information society, for such countries, is covered with thorns, and it is to the degree of our readiness to adapt ourselves that we can expect to successfully overcome these obstacles on the course. The article presents the existing reality in Yugoslavia, and tries to give some answers to what should be done and how to realise that if we like the changes to bring some benefits and make the vision of having the Yugoslav way to information technology possible.

Key Words: Information technology, Dilemmas, Yugoslav experience and possibilities.

1. Yugoslav Reality Belgrade, March 1991. A group of Belgrade hacker enthusiasts managed to broadcast through the computer network called SEZAM (the system of modern communication of the magazine "Computers"), the current events occurring on the agitated streets and therefore became the attraction itself as well as the specific information releasement of closed circle of censored news. However, the computer network suddenly appeared to be the fourth mass - media of the greatest importance, which had never been counted on. At the same time, there was imposed another question, demanding the answer - whether the acting of the enthusiasts - hackers (although far ahead of their rights which they have as the regular authorized consumers) could be considered both legally and ethically to have been dangerous or useful and what are the consequences to the society caused by either one of the treatments.

Another, recent case was the Internet presentation of the students' protest in 1996/97. Namely, seven days after the beginning of the protest the Steering and Main Committees, have made the decision as to present the students' movement on the Internet. First of all the causes of the protest were given and after that daily actions connected to the actual situation in Serbia. Web sites of the Students' Protest were often entered (over 80.000 during four months) and the main purpose was reached - day to day information and the exchange of thousands of e-mail messages.

The situation with intellectual property rights in Yugoslavia is rather complicated. On one side, there is a legal regulation, but the practice greatly differs from it. Namely, "a good business habit" has taken its roots in unauthorized copying and distribution of computer programmes and software almost immediately after appearing in the world informatics' market. Various explanations were given for such a practice, from the fact that most of the programmes and software is foreign in origin and that by obeying common property rights of the authors (paying compensation and the like) a great "damage" is done to already weakened Yugoslav economy and its companies. It is also said that if the Yugoslav designers and authors' rights are not obeyed why should the foreigners be treated differently. As there is no systematic and organized development of software industry in Yugoslavia, in spite of having highly gifted and creative individual authors, more efficient system of intellectual property rights protection is not necessary at all. Added to that is a highly problematic view that the number of 300.000 personal computers and 500 medium and large size machines(1), existing in Yugoslavia at present (on average one computer on 34.8 people), is not very important market for software producers, especially large ones. Most of this equipment, of course, is not brand-new(2), and the software used is not up-to-date, often obsolete. A few warnings were not enough to change these views and the situation. The practice prevails in spite of the fact that copyright protection has been provided for since 1990. Unenforcement of the Law and the resulting new and unusual ethical standards related to copyright are greatly helped by the sanctions under which Yugoslavia has been since 1992. The data got by the research(3) quite clearly show that: 39.7% of the main equipment is purchased just during sanctions' period (1992-1995). It should be added that even then 67% of the total equipment is enlarged, the tendency being to keep up the trend in 1996, too (main equipment purchase - 3.6%, i.e. enlargement of 22%, in relation to other figures within these categories).

On the other side, new problems that appeared with data base protection are being considered as to be solved according to the world's and/or at least European standards; the process of matching them has been taking for too long. Copyright and Related Rights Act has been waiting for more than a year the procedure to be enacted in the Parliament. Early in March this year the Law was given back to the proposer without time limit to be finished off. It could mean a great lagging of the Yugoslav law and will bring a series of negative consequences to data bases and other works to be protected for the first time, as well as other abuses of author's works, through cable networks or public exposure of author's works in incorporeal form (Internet and etc.). Even more so that by delaying to adopt the Law the possibilities to apply newly proposed sanctions for breaking all author's and the related rights are also delayed. Such a situation has given rise to various abuses and malversations that fill the legal gap. The protection of the user's interface or audio-visual displays, reverse programming products and computer generated works, computer assisted or computer-aided works, as well as topographies of integrated circuits, has not been given a proper place in the Yugoslav governing law.

Individual privacy protection from too large amount of information concerning a person is followed by still more interesting situation. Namely, the most developed countries enacted the first laws at the beginning of the 1970s. Within five years after them, Yugoslavia also started its preparations to workout corresponding regulations. A working group within the Federal Government was formed and prepared in 1976 the Information on the Problems of Application of Computers. The Government then ordered the work on the new analysis that should have found the grounds of enacting of the law and other regulations in the field. Apart of the suggestions given in the analysis the law has not been enacted. The situation is no better today. In the preparation of the Privacy Protection Act three versions of which have passed the Government procedure, came to the Parliament and were withdrawn during consideration (the first draft of the bill was prepared by the Federal Bureau of Informatics and was passed to the Federal Government in April 1994. The Draft was stopped in the parliament procedure and replaced by the new one in June 1995, while the third of September 1995 was revoked during the last instance of decision making. The Draft of the Law is characterized by the following(4):

First. It is based on the European Convention as well as on some solutions found in the Directives of the UN and the laws of other countries. However, the solutions of the European Directives are missing, although it had been enacted before the third version was put into procedure, bringing some great omissions made in that way.

Second. Considerable differences are due to radical solutions and institutes (providing setting-up contracts) that were followed in some provisions, while, in some others, the terms and institutes were taken over from earlier phases in the development of information systems; the point is to begin with modern trends (BP, collaboration systems), and in supplements to provide for the previous state (reference data, data catalogues) to be fitted into the existing provisions.

Third. The provided rights of individuals as physical persons the data refers to are as follows: the right to the access of information (what inventories are his personal data stored in, what data are stored, the person who stores them, the purpose of storing them and on what grounds, who uses them and on what grounds); the right to be informed about confusing data and the written document concerning the data that are stored about the person (being the document on the grounds of which a person can have an insight into the data, make necessary corrections, delete the data, forbid the use of incorrect data and those not brought up to date and incomplete, as well as those not used pursuant to the law or the contract); the right on remedy in case of the breach of the individual's right and injury resulting in the use got in the way or for the purposes not pursuant to the corresponding provisions of the law; the right of foreigners on national treatment and the right on keeping a certain quality of data. These rights should have been systematized differently in order to cover their whole complexity.

Fourth. The principals without whom any modern and complete law of the kind can be imagined are missing.

Fifth. No instructions, as necessary supplement provisions for the realization of this law are provided for in order to more fully define the rules and phases in procedure for the purposes of enforcing the rights and obligations stipulated by the Law.

Sixth. Penal regulations are, it seems, too conciliatory, and the fines not high enough as to warn potential law breakers and punish wrongdoers. Only high fines and longer imprisonment can be a serious threat for all of them.

Seventh. A greater attention should be paid to cross-border information flow.

Eighth. It is inadmissible to leave the supervision to a federal body, as well as it is not fully regulated who the members of the body are and what is its status, the control procedure, obligations and responsibilities, and, of course, the jurisdiction.

However, a special controversy appears with the fact that the fourth draft has been given to the Home Office, a solution not provided for in any country. Until the drafting of the new text of the Law has been done the European Council's Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data could be used and which the Federal Assembly of FR of Yugoslavia accepted as the European Convention Confirmation Act(5) However, as there is no common practice in Yugoslavia to individually seek legal protection of human rights, especially the rights on privacy and information privacy, it is very doubtful whether and when the Convention will be applied. However, it must be given a credit for the effort to definitely enact the Law at all, being undoubtedly not only a positive trend in the Yugoslav legal system but also a way closer to the countries that have defined and regulated these problems.

Computer related crime presents a very interesting problem because Yugoslavia becomes a real Mecca for computer criminals. Yugoslav informatics specialists turn their attention even more from software piracy to hacking and virus creating and distribution. "Computer crime" practice began as early as 1980s when the first forms of criminal acts performed by the use of machine were registered. Between 1980 to 1985 computers were used more and more in commercial banks and the employees were registered for theft and the abuse of official position. The situation was especially noted in Belgrade and was closely followed by Belgrade Police Department(6) Apart from these acts others have not unfortunately been registered and are strictly kept secret. However, something "leaks" out from time to time and warns on the danger.

However, Yugoslavia has neither made special experts' body that would deal with these problems nor were these and other related computer crimes included in the regulations of the Criminal Law amendments. Not a word is given about special computer fraud and abuse. This is going to be a serious problem because of all the more intensive computer education, both in elementary and secondary schools, as well as in so many departments at which informatics is taught at professional level. That could be the starting point of amateur recruiting, and even worse, professional computer criminals. When will these criminal acts become organized crime, it is only the matter of time.

The actual decrease in the standard of living, resulting in the process of transition going on in the isolation of the country, is, all the more so, being solved by such activities. Glorification of hardware-software protection 'breakers' and also the unwillingness of informatics specialists to change such a practice at least by ethical standards should be added to all this. Therefore, the development and use of information technology are deepening more and more the gap of ethical dilemmas. The main problem appears to be the development and use of general ethical standards and norms. That task is something to be done by information scientists and their professional associations. However, this profession in Yugoslavia has been established quite recently and time has been too short as to form a special code of conduct. Besides, "superior" position in which these specialists put themselves in relation to others has a great share in suspiciousness and intolerance making the situation even harder. The problem is even more difficult because of a small number of cases on the grounds of which it would be possible to define certain ethical principles. Besides, in relatively poor-developed conditions in Yugoslavia that enable the use of this technology it is evident more suitable to make up for the principles and ethical norms that allow of everything that is not explicitly forbidden by law. That is the reason why the heroes who have broken the barriers of protection and succeeded in "misleading" a computer by giving it false, obsolete and incorrect data are put on a pedestal. Such actions are brought in the foreground when individuals have close connections with official bodies and institutions. All that is helped by insufficient knowledge among the specialists of the importance to set up ethical courts and strict principles.

Ethical dilemmas also appear in the use of this technology for special purposes, notably police, political and military, as well as in police following and watching of people. For example, for the reasons of so called "higher" purposes of various political parties and groups that appeared in the period of transition as mushrooms after rain "confidential" data have been collected and their combinations are giving rise to serious consequences either for individuals or groups; their use has not been regulated in Yugoslavia by law yet. It is the matter of ethical norms whether it will happen or not. The growing problem is the existence of viruses and hacking that are treated either as criminal acts, mistakes or something else. Of great importance is a problematic borderline dividing permitted children's play and destructive recalcitrance or intentional crime activity. Setting up of ethical norms and standards in this field is of highest importance not only for epidemic reasons these phenomena tend to have but also because of missing the possibility to regulate and sanction all this by law.

A special problem is creating a proper social environment in Yugoslavia for the application and development of information technology, as well as a transition into information society. To join Yugoslavia to the global information society there has been made a plan: "The information development strategy in the FR of Yugoslavia", aiming at giving directions to achieve the right course. The presupposition of reaching that is the development of the national infrastructure and strategic information systems (in government bodies, industry, health services, transportation, etc), the structural change in economy and increase of its competitiveness, larger investing in science and research in order to get a higher degree of innovation, productivity and growth, making the population literate in informatics and creating the "culture" of life-time studying, as well as the conditions for the development of real democratic society, providing for the efficient protection of individual's rights, and also the cultivation of co-operation with other countries and international organizations and associations. That implies(7):" free competition, the abolishing of state monopoly, fostering of private initiative, definition of adaptable legal framework, providing for open network access, promotion and (realization) of equal possibilities given to individuals, promotion of various events, including those dealing with culture and language". Such an ideal course to information society is difficult to reach if all available agents are not recruited. In other words it presupposes the changes in attitudes and activities of the society as a whole, as well as of individuals within it, especially having in mind the following: first, a prompt and quick reacting in the presentation of our contemporary culture and tradition in electronic form and the network as Internet - every delay brings the loss of cultural identity and integrity as well as the possibility of taking part in the global cultural heritage; second, getting ready to painlessly cross the way to a "new culture", a "new working environment" (virtual class, courtroom, market, stock exchange, museum, university) based on virtual reality, impersonality, invisibility and relative anonymity; third, choice and application of appropriate methods to control the boom of the new class - "net-class" and to prevent forming of a new social layer - "Net-Mafia" appearing within cyberspace environment; fourth, following and fight with the resulting phenomena of IT transformation into obsession and vice provoking addiction, especially with the young; fifth, developing of other possibilities and foundation of the institutions to help those suffering from "computer syndrome" as a way of living among the individuals socially unadapted, though otherwise intellectually fit; sixth, following and covering of consequences of all the greater and fewer social anonymity of individuals that communicate with computer substituting it for communication with other people; seventh, control of the phenomena related to new media perverting the questions of the status of individuals in society; eighth, following other changes affected by the use of IT in various fields, e.g. in the forms of dispensing justice, etc.

On the other side, the reasons to resist change of IT, especially in companies, are very important. On the basis of the data that we got through the research within the strategic project, "Management in Function of Innovation', realized during 1995/96 in Serbia, and which covered 746 managers (25% were general managers, and the other 75% of them executive managers in manufacturing, marketing, information and research & development departments) from 192 companies in all fields of economic activity, it was found that the first reason to that is insufficient information concerning the advantages of new technology (46.7%). After it, there is a fear of being not able to properly manage the application of new technology (16.7%). And what was expected to be the main reason of resistance, to lose the job, took the third place (with only 11.1%). The smallest number of them (7.8%) gives the fear of being sneered at because of difficulties in getting used to something new and learning the application of IT.

2. What is to be done? Having in mind the importance and range of IT, it becomes clear that it is necessary to do something so that its use be legalized and legitimate. That is why it is necessary to undertake many legal measures. Nevertheless, the idea only that legal regulation is necessary doesn't by itself bring the solution . It is needed to give answers to the most important questions - what and with what legal instruments we should do something. It is not going to be a simple and an easy task to perform because the legal system in Yugoslavia has experienced changes for the past 7 years which neither appeared on time nor adequately followed the changes that were met in the countries with highly developed information systems. As in other Central and Eastern European countries Yugoslav legal system must be prepared for these challenges and it is expected from them to alleviate negative consequences, some to be neutralised, and some to be treated appropriately. The measure of their development could be the measure of their legal systems to adapt themselves to information society demands.

Comparative analysis shows that applications of IT can not be imagined without legal system's modernisation and reform. Modernisation and reform of legal systems can not be done without adequate preparation and identification:

In any case, legal system's reform and modernisation must be the part of the national policy and strategy with extensive use of similar experiences in other countries (especially European Community and the member states).

The reform and modernisation of legal system must focus on the following factors:

1) degree of development and degree information technology use;

2) fields of information technology applications;

3) dangers and phenomena brought out by such use;

4) development level of legal system and the conditions of legislation in relation to basic legal problems and dilemmas brought out by information systems usage; and

5) possibilities for legal regulation of these problems in the future.
 
 

The most important changes to be realized are as follows: a) Intellectual property rights protection. Particularly important is the question of copyright and other intellectual property rights protection: computer programs, multimedia masterworks; data bases, integrated circuits; and electronic document design. The basic need is to assure a balance between intellectual property rights' protection and 'fair use' in large and open information systems and networks. To realize that the real need is to innovate Copyright and Related Rights Bill and enact it by urgent procedure. It is also necessary to end the procedure to pass Integrated Circuit Topography Protection Act no matter Yugoslavia is not a major manufacturer.

After that there is a need to innovate Patent Law with provisions providing conditions to protect computer programmes. Of course, other laws should also be amended by appropriate solutions the application of which should give more adequate protection to information technology as an intellectual property. Court laws should support these laws and procedures going on in them because the Draft of the Author's and Related Rights Act provided for a special court of intellectual protection the purpose of which would be to settle cases related to these rights by arbitration.

b) Privacy and information privacy protection. Individuals and privacy are endangered by IT and by the existing large number of personal data that can be easily integrated and enormously emitted. The analysis should provide for the data as to study and understand modern trends in privacy and information privacy protection. The law conditions in Yugoslavia, especially in European Community legislative context, show nonaccordance and leterally proper work out. It is of utmost importance as to pass adequate Privacy Act which by no means must not be prepared by Home Office. This Act should be amended by special provisions or a special Act providing specific problem of network privacy. A special point should be the question of forming a special board to look after the observance of the law. At the same time it presupposes amending the existing proceeding laws as to define an adequate judicial protection.

c) Computer crime protection. If the protection from computer crime is to be realized, especially in standard forms from (theft, spying, sabotage, abuse, etc.), to typical (hacking, viruses, etc.) it would be necessary to take serious and complex steps and measures.

First and foremost it is of prime importance to form an expert group to thoroughly prepare amendments to Criminal Law (or the new, special one). Apart from classical computer crime acts this group should provide for net crime acts. Not of less importance are the innovations of in Criminal Law Procedure that should provide for specific investigating activities in punishing the doers. They should be amended by appropriate provisions concerning police force activities in investigation and catching the doers.
 
 

Simultaneously, the law system should be followed by a change in ethical standards that should be developed and brought into concordance with the highest professional codes in developed countries. That would mean better organization of professional associations of informatics experts and forming of special boards (e.g. Ethical Court) that should especially deal with these problems. At the same time it would be also necessary to found special lawyer's associations (e.g. for computer law) or within the existing ones (The Bar, Lawyer's Association of Yugoslavia), special sections in communication with the associations of information scientists which would, through their co-operation and solving the doubtful problems, try to help defining ethical norms. The established principles and norms in such a way should necessarily be "rooted" in the minds of individuals.

Sociologically taken, the influence could be exerted only if the conditions be prepared to substantially try to change the social and economic system. Of course, there is a need as to change a value system in general which is at the moment on the level of primitive accumulation and the settlement of the "Wild West". Computer and Internet literacy is not a sufficient ground for overcoming the syndrome of glorification of computer violence that is an abiding dwelling place of certain individuals and groups, on one side, and also of a 'citizen on uncertain ground' favoured by the government, on the other side. Information primitivism cannot be overcome if the cultural and social primitivism of the population is not put under control.

3. How to carry out the changes? No individual or a group cannot realize these changes without complete backup of the state. It is, however, the most difficult thing. How to make it be involved, that is the question. One of the ways of doing it is to exert pressure (through nongovernmental organizations, e.g. the Chamber of Commerce, lawyers' and informatics' associations) on legislative and executive bodies to change the legal system in accordance to the changes that had taken place in other countries in transition. All this is not going to be void if the changes of the legal system are not followed by the changes in the realization of law provisions. Hence it is necessary to provide for special bodies (inspection ones, e.g. software licence rights' inspection, seal forgery or forgery of products with in-built topography in various companies) with special, very strict ingerence to exercise control over all those using IT (severe punishment, stiff fines especially, for distributing and keeping piracy software). Then co-operation between judicial bodies and computer knowledge improvement as to get the essence of law cases in which they have to pass judgement. That will be neither easy nor fast and it will require the reform of curricula a law schools, as well as other faculties at which it would be possible to educate specialists and court experts whose role could be very important in such cases. These curricula would be supplemented by the texts related to ethics and ethical norms as to make pressure on every mind to accept the standards and improve the quality of professional work. That requires the need to form special boards of judges - informatics' experts. It is equally necessary to develop and cherish the practice that individuals turn to courts or other institutions in jurisdiction in case of violated rights (on privacy or information privacy). No less than that is the role of investigating bodies and the forming of special "units" in the police on both republic and federal levels, and their co-operation, as well as that with corresponding ones abroad. (Interpol, Europol). The need for help by others and to raise the "curtain" behind which Yugoslavia is today is also important. Of course, one of the possibilities is the introduction of the Ombudsman Institute being non-existent in the Yugoslav legal system. 4. Final considerations The development and application of information technology in Yugoslavia, as in all other countries that are less developed and in those in transition, have created unbelievable possibilities and opened a "window" into the world. All that has brought a series of dangers, problems and dilemmas. As the rate of development in Yugoslavia is not so fast, including some other and numerous problems, the possibility to overcome the obstacles are not so great. Much higher developed countries have also had the same difficulties in overcoming their problems and dilemmas, with a lot of them they are still fighting, but they were much more prepared to flexibly tackle the changes and adapt themselves to them. The way out of the information crises in Yugoslavia is possible if social conscience were changed, if legal infrastructure fitted into the information one in order to enable it to legally establish everything that is new and if these new concepts were enriched by ethical principles and norms. Of course, all that would be the labours of Sisyphus if it were not followed by the change in individual's conscience. If all these pieces were fitted properly together the puzzle of the Yugoslav information society would be solved and the country would quite easily join the global information society. 1 These data are the estimating results of the computer equipment conditions in Yugoslavia in 1997. The estimate was done as required by the project: Strategic Development of Informatics in FR of Yugoslavia, accepted by the Federal Government on its 49th Session of Nov. 27th, 1997.

2 According to the data got in the research: "Management in the Function of Innovation" which was done only for the Republic of Serbia in 1995 and 1996 in 192 companies, the average date of equipment purchase was the first quarter of 1990 (though there is some of it from as far as 1975) The latest purchase was on average from the second quarter of 1994.

3 The quoted research was published in the book: "Management in the Function of Innovation", University of Belgrade, Belgrade, 1996, co-authors were the authors of this article.

4 Drakulic M., Osnovi Kompjuterskog prava, Beograd, DOPIS, 1996, pp. 158-160.

5 Act of Ratification of Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data, Slu`beni list SRJ, No. 1/92.

6 Kruscic M., Iskustva GSUP-a Beograd u otkrivanju novih pojavnih oblika krivi~nih dela iz oblasti privrednog kriminaliteta u poslovnim bankama, Bezbednost, No. 2/86, pp. 169 - 176.

7 Resolution of the Informatic Development Strategy in the FR of Yugoslavia, pp. 4 - 5.

Notes
  1. These data are the estimating results of the computer equipment conditions in Yugoslavia in 1997. The estimate was done as required by the project: Strategic Development of Informatics in FR of Yugoslavia, accepted by the Federal Government on its 49th Session of Nov. 27th, 1997.
  2. According to the data got in the research: "Management in the Function of Innovation" which was done only for the Republic of Serbia in 1995 and 1996 in 192 companies, the average date of equipment purchase was the first quarter of 1990 (though there is some of it from as far as 1975) The latest purchase was on average from the second quarter of 1994.
  3.The quoted research was published in the book: "Management in the Function of Innovation", University of Belgrade, Belgrade, 1996, co-authors were the authors of this article.
 4. Drakuli} M., Osnovi Kompjuterskog prava, Beograd, DOPIS, 1996, pp. 158-160.
 5.  Act of Ratification of Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data, Slu`beni list SRJ, No. 1/92.
 6. Kru{~i} M., Iskustva GSUP-a Beograd u otkrivanju novih pojavnih oblika krivi~nih dela iz oblasti privrednog kriminaliteta u poslovnim bankama, Bezbednost, No. 2/86, pp. 169 - 176.
7. Resolution of the Informatic Development Strategy in the FR of Yugoslavia, pp. 4 - 5.

References

Drakulic M., OSNOVI KOMPJUTERSKOG PRAVA, DOPIS, Beograd, 1996.

Drakulic M., Drakulic R., MANAGERS IMPACT ON INFORMATION SYSTEMS INNOVATIONS IN YUGOSLAVIA, zbornik apstrakata sa medjunarodne konferencije EURO XV / INFORMS XXXIV: OR / MS for the New Millennium, Universitat Polictecnica de Catalunya, Barcelona (Spain), 1997.

Drakulic M., Drakulic R., YU-MENAD`ERI I RAZVOJ INFORMATIKE, rad prezentiran na IV nau~nom skupu: "Tehnologija, kultura i razvoj", Institut Mihajlo Pupin i Elektrotehni~ki fakultet u Podgorici, Herceg Novi, 1997.

Grupa autora, Menad@ment u funkciji inovacija, knjiga II, Centar za menad`ment Univerziteta u Beogradu, Beograd, 1996.

Savezna vlada, Strategija razvoja informatike u Saveznoj Republici Jugoslaviji, Savezni zavod za informatiku, Beograd, 1997.