IT.Can Newsletter/IT.Can Bulletin
Transcription
IT.Can Newsletter/IT.Can Bulletin
October 20, 2005/20 octobre 2005 Newsletter/BULLETIN www.it-can.ca Part 1 of this newsletter is prepared by Professors Anne Uteck, Teresa Scassa and Chidi Oguamanam of the Law and Technology Institute of Dalhousie Law School. Part 2 of this newsletter is prepared by Professors Pierre Trudel and France Abran of the L.R. Wilson Chair in Information Technology and Electronic Commerce Law, Université de Montréal. arbitration service jointly appointed by the parties” (para 3). Part 1 The motion judge refused to stay the proceedings as sought by Money Mart’s motion. Smith brought a motion to quash Money Mart’s appeal against the motion judge’s ruling. Smith’s motion was allowed. Endorsing, the BCCA decision in Mackinnon v. National Money Mark Co., [2004] B.C.J. 1961 the Ontario Court of Appeal held that “the motions judge correctly held that the legality of the arbitration provision should be determined at the certification hearing and that it is premature to attempt to stay the action before hand” (para 14). Civil Procedure Computer And Privacy Law Smith v. National Money Mart Co.—Ontario Court of Appeal, Toronto Autosurvey Inc. v. Prevost and Others—Ontario Superior Court of Justice, Brampton The Plaintiff, Margaret Smith, is a pensioner. She patronized Money Mart Fast Cash Advance. This service allowed patrons to borrow up to 30% of their net pay cheque until the following payday. It also allowed a maximum term of thirty-one days. Customers sign a Fast Cash Advance agreement and provide Money Mart post-dated cheques of value corresponding to the principal, plus interests and Money Mart’s standard first party cheque cashing fee. The Plaintiff seeks a declaration that the interest rate charged exceeded by six percent the maximum permitted by s. 347 of the Criminal Code. She insisted on the jurisprudence which supports that her right to obtain the desired declaration should not be scuttled on grounds of public policy. She commenced her proceeding which has yet to be certified under the Class Proceedings Act. Money Mart brought a motion in objection on the basis that the substantive agreement Smith signed required her to mediate and/or arbitrate her dispute. The relevant portion of the Alternative dispute resolution clause of the agreement which was added following a revision in 2003 read in part that “parties may elect to proceed with the arbitration in person, in writing only, or electronically using an Internet or online The Plaintiff, Autosurvey and the principal Defendant, Joseph Prevost, were partners in the business of selling computerized customer survey services to automobile dealerships with potential to serve other users. Prevost, a software developer, consultant and website administrator designed and developed the Plaintiff’s main software for delivering customer service surveys via the Internet. He developed this software from other software products or source codes he already owned. He was the Vice President Research and Development of Autosurvey. A falling out between Mark Durst of the Plaintiff Company and Prevost led the latter to terminate his relationship with the Plaintiff Company. Les auteurs de la première partie du présent bulletin sont les professeurs Anne Uteck, Teresa Scassa et Chidi Oguamanam de l’Institut de droit et de technologie de la Faculté de droit de l’Université de Dalhousie. Les professeurs Pierre Trudel et France Abran de le Chaire en droit des technologies de l’information et du commerce électronique L.R. Wilson de la Faculté de droit de l’Université de Montréal ont rédigé la seconde partie du présent bulletin. Subsequently, the Plaintiff commenced an action against the principal Defendant and others. Autosurvey alleged breach of contractual and fiduciary duties and appropriation of its intellectual property rights in both the software and associated business opportunities. It also sought an “Anton Piller” injunction and other interim relief. Further, it sought to restrain the Defendants from carrying on the business of providing computerized online customer survey and pooling in a number of fields. Contrary to the Plaintiff’s claim, the Defendants maintained that the source code for the software in issue belonged to the principal Defendant and was not modified or developed from any product he previously assigned to Autosurvey. The Defendants also denied soliciting Autosurvey’s employees as alleged. While the Plaintiff’s motion for “Anton Piller” order pended, one of its customer’s employees complained that he was not able to access Plaintiff’s website in order to file customer surveys. The Plaintiff suspected that its critical intellectual property has been removed from its New Jersey based computer server. It discovered that there was no data relating to the complaining customer. Plaintiff’s investigation traced the data removal to another server located in the same building as its New Jersey server. That server was under the control of the principal Plaintiff, Joseph Prevost. By means of “brute force entry”, the Plaintiff launched “a preemptive strike by obtaining access to Prevost’s server on its own initiate” (para 17). This hacking into Prevost’s computer was done following several attempts, even though Autosurvey deleted the log containing this information. The Plaintiff informed its lawyers of the forced access into Prevost’s computer and was advised to “secure its property, preserve the evidence and note the contents” (para. 20). The Plaintiff subsequently obtained complete copy of the contents of the server and transferred them onto DVDs. Meanwhile, Plaintiff’s suspicion of unauthorized transfer of its client data from its New Jersey server was unfounded. The customer or owner of the dealerships in question was Prevost’s long time friend and had approved the transfer to Prevost’s server at a time Prevost worked for Autosurvey on the software. Meanwhile, Prevost’s New Jersey server contained other personal and privileged information between him and his clients and third parties, including perhaps most importantly, 29 e-mail communications passed back and forth between the Defendants and their solicitors. These were subject to solicitor-client privilege. The Plaintiff had already taken advantage of some of the information. A fourth affidavit by the Plaintiff, deposed on its behalf by Mark Durst, contained exhibits printed from Prevost’s server. Autosurvey and its counsel had opportunities to come clean with possession of privileged information and “do the right thing” (para 101). But they failed to so do. Following an urgent case conference at the instance of the Defendant’s counsel, the court ordered Autosurvey to turn over to it two DVDs containing materials copied by Autosurvey from Prevost’s server and to delete all the remaining copies and to refrain from reviewing or accessing any of the materials. The Defendants’ motion prayed for stay of the Plaintiff’s action for Anton Piller order and other relief and for the removal of Davis Webb as solicitors on record for Autosurvey. In his ruling, the Court, M.J. Quigley, J. held that the right to privacy guaranteed under section 8 of the Charter is “at the heart of liberty in our modern state” (para 47) and it is not limited in its application to “the context of public law matters” but extends to “relationships between persons in a private law context” (ibid). He observed that the Defendants were entitled to reasonable expectation of privacy and confidentiality in regard to solicitorclient privilege which preserves the integrity of the administration of justice. The Plaintiff’s conducts clearly breached this expectation. The Court noted that even an Anton Piller order is given under appropriate safeguards so as not to trump or compromise the sanctity of solicitor-client confidentiality. The case raises inter alia the issue of balancing two competing values, namely the integrity of the judicial system and litigants’ right not to be deprived of counsel of choice without reasonable cause. According to the judge, “[i]n the case before me … the insult to the integrity of the judicial system is even greater” than in relevant earlier cases (para 72). In the Court’s words, “this is a stronger case of improper and wanton conduct than any of those reported in our jurisprudence in recent years” (para 114). After a painstaking review of authorities, the Court held that “the Defendants are or would be entitled to succeed on the motion for removal of the Davis Webb firm as solicitors of record for Autosurvey” (para 110). In the Court’s finding, they did not act in a professional manner and they “breached their obligation not only under the rules of professional conduct but to the Court as well” (ibid). In all of these, the Defendants’ reasonable belief that the proceedings could be conducted in a manner that would not be prejudicial to them has been compromised. The Court also agreed that “the Defendants are entitled to succeed on the motion and that the remedy they seek by way of a stay should be granted” (para 111). The Court observed that in cases of this nature there is no perfect solution, rather the Court should strive toward “the best of the imperfect ‘alternatives’” (para 78). Bringing the proceedings to an end is the only remedy that can compensate the Defendants in any meaningful way (para 115). Privacy The Canadian Privacy Commissioner has presented the 2004-2005 Annual Report on the Privacy Act. The Report highlights some of the most significant issues the Office has faced this year, including security, surveillance and the sharing of information and outsourcing of data operations across borders. The Report emphasizes the need to modernize the Privacy Act because “it is an outdated and inadequate public sector protection law.” Commissioner Stoddard’s 2004 Annual Report on the Personal Information Protection and Electronic Documents Act (PIPEDA) was also tabled. This Report highlights a number of key investigations, including opportunities to work jointly with provincial counterparts, workplace surveillance and a new emphasis on settling complaints. As well, a number of innovations were introduced to increase the Office’s ability to ensure compliance with PIPEDA. A review of PIPEDA is planned for 2006. Several new Findings have been posted by the federal Privacy Commissioner. In Finding #313, the Office of the Canadian Privacy Commissioner has denied a series of complaints launched after the CIBC disclosed that American law enforcement could access credit card user’s personal information. The CIBC has sent a notification to its VISA customers amending its credit cardholder agreement in which reference was made to the use of a service provider located in the United States and the possibility that American law enforcement or regulatory agencies might be able to obtain access to cardholder’s personal information under American law. While each complaint raised slightly different issues, all the complaints primarily objected to the possible scrutiny of their personal information by American authorities within the context of foreign intelligence gathering. While the Privacy Commissioner has stated that the implications of anti-terrorism legislation and outsourcing need to be the focus of public debate, the central issue in this case was whether the bank acted in accordance with its obligations under PIPEDA. The Assistant Privacy Commissioner held that although the Act does not prohibit the use of foreign third-party service providers, it does, under Principle 4.1.3, oblige Canadianbased organizations to ensure a comparable level of service. In accordance with these obligations and the Office of the Superintendent of Financial Institutions (OSFI) Guidelines, CIBC has a contract with its third-party provider that provides guarantees of confidentiality and security of its personal information. However, while the customer personal information is in the hands of a foreign third-party service provider, it is subject to the laws of that country and no contractual provision can override those laws. In the Assistant Commissioner’s view, an organization with a presence in Canada that outsources the processing of personal information to an American firm cannot prevent its customer’s personal information from being lawfully accessed by American authorities. Further, “even if one were to consider the issue of “comparable protection” from the perspective of U.S. versus Canadian anti-terrorism legislation…there is a comparable legal risk that the personal information of Canadians held by any organization and its service provider – be it Canadian or American – can be obtained by government agencies, whether through the provisions of U.S. law or Canadian law.” She concludes, therefore, that CIBC was in compliance with Principle 4.1.3. Under Principle 4.8, organizations must be transparent about their personal information handling practices. CIBC notified its customers of the risk that their personal information might be accessed under the provisions of the USA Patriot Act while in the hands of an American third-party service provider. Thus, the bank was informing its customers about its policies and practices related to the management of their personal information and therefore, in compliance with Principle 4.8. While the Assistant Commissioner concluded that the complaints were not well-founded, she went on to consider the issue of opting-out and consent. In her view, the language used by the bank in the notice was problematic in that it appeared to have left the impression that a customer could opt-out of having their personal information sent to the third-party service provider. The Office has taken the position that companies are not required to provide customers with the choice of opting-out where the third-party service provider is offering services directly related to the primary purposes for which the personal information was collected, as was the case here. A customer provides consent to the primary uses when they sign the application form or when they continue to use the service after being advised of changes to the service agreement. Moreover, Principle 4.3 requires organizations to obtain meaningful consent of an individual to its actual and “proposed” collection, use and disclosure. In the Assistant Commissioner’s view, CIBC was notifying customers of the “risk” that their personal information could be lawfully accessed by American authorities because of where it was processed and therefore, did not offend the Act. She did, however, go on to encourage CIBC to clarify the language of the cardholder agreement to ensure its customers understood that they did not have the right to opt out. Comment on the issues raised in this article at the IT.CAN blog ➦ ● In Finding #314, a third-party filed a claim alleging the complainant had damaged her car. The insurance adjuster determined that the complainant was at fault, but the complainant disputed the claim and requested the name of the third-party’s insurance company and a written account of the claim. Not satisfied, she contacted the provincial superintendent of insurance who wrote to the insurance company on her behalf. The insurance company replied by stating that they could not release the documents because the claimant was not prepared to give her consent to share her personal information contained within the documents. The Assistant Commissioner found that the statement of claim contained the personal information of the complainant as well as the personal information of the claimant, but that this information could be severed in the manner described under subsection 9(1) of the Act. As this had not been done and the complainant was denied access to the entire document, the insurance company had denied the complainant access to her personal information, contrary to Principle 4.9. Therefore, the complaint was well-founded. The Assistant Commissioner went on to recommend that third party claimants be notified that statements of claim will be shared with the insured person upon request and only the personal information of the third party claimant that is not directly related to the statement of claim be severed from the statement of claim. In Finding #315, an e-mail account holder complained that a web-centered company did not adequately protect her personal information because her e-mail account had allegedly been improperly accessed by, she suspected, her estranged husband; did not provide her with a satisfactory explanation when she tried to resolve her concerns; and did not give her access to the personal information she requested. First, with respect to the access complaint, the complainant requested a report showing any information that could help her determine who, when and from where her account was being accessed and how many times the password had been changed. The company replied by telling her how to change her password. She wrote again requesting an investigation into her account after which the company informed her that if she wanted the information regarding password changes, she would need to provide a subpoena or court order. The complainant also wanted to know the name of the individual changing the password, but the company did not have this information nor were they able to provide what the passwords were because they are encrypted when they are typed in by the user. The Assistant Commissioner was of the view that the IP address requested by the complainant should be released to the account holder upon request and then the account holder is free to pursue identifying the individual through legal channels. In any event, the company did not have information regarding the identity of the IP address and therefore there was no reason to withhold the information. After the OPC intervened, the company released the dates that the password was changed and the IP addresses of the computers that were used. Therefore the complainant was given access to her personal information in accordance with Principle 4.9 and the complaint was resolved. Second, the Assistant Privacy Commissioner concluded that the safeguard complaint was not well founded. Having reviewed the company’s measures for changing the password, she deemed them to be reasonable and not difficult to understand. She noted that while the organization is responsible for protecting personal information in their possession, there is also some onus on the individual to protect their own personal information. Here, the complainant had not taken the company’s advice to fully protect her personal information because she chose a password and challenge question that someone else could guess. Third, the compliance complaint was well-founded because the company did not act in accordance with Principle 4.10. As a web-centered company that provides free e-mail accounts to its customers, it relies on online reference material and e-mail responses from customer care to address complaints and inquiries. Although this approach “appeared acceptable and in compliance” with the Act, in this case, the complainant had specifically requested the name and telephone number of a supervisor and it was at this point that the matter should have been referred to the company’s privacy officer. The Assistant Commissioner went on to note that the customer care representatives in this situation should have recognized that the complainant’s concerns were not being addressed to her satisfaction and should have escalated the matter to the appropriate officials. Thus, she recommended the company implement a procedure where outstanding privacy concerns are referred to the company’s privacy officer. 2ième partie Vers une reconnaissance d’un droit universel à la protection des données La 27ème Conférence internationale des Commissaires à la protection des données et à la vie privée s’est tenue à Montreux du 14 au 16 septembre 2005 et s’est conclue par l’adoption d’une déclaration finale visant au renforcement du caractère universel des principes de la protection des données. La Conférence a également adopté une résolution sur l’utilisation des données biométriques dans les passeports, cartes d’identité et documents de voyage et une résolution sur l’utilisation de données personnelles pour la communication politique. Commissariat à la vie privée du Canada, Déclaration : Vers la reconnaissance d’un droit universel à la protection des données et à la vie privée. CNIL, La conférence internationale de Montreux, à laquelle la CNIL a participé, demande la reconnaissance d’un droit universel à la protection des données. Protection des renseignements personnels dans le secteur privé – Québec Cette étude, publiée par le Commissariat à la vie privée du Canada, passe en revue et résume l’expérience du Québec en ce qui concerne la Loi sur la protection des renseignements personnels dans le secteur privé. Comme la loi québécoise est réputée essentiellement similaire à la Loi sur la protection des renseignements personnels et les documents électroniques (LPRPDÉ), ce document est utile étant donné que le Commissariat et les autres provinces ayant aussi adopté des lois réputées essentiellement similaires, doivent interpréter et appliquer des dispositions semblables. Karl DELWAIDE et Antoine AYLWIN, Leçons tirées de dix ans d’expérience : la Loi sur la protection des renseignements personnels dans le secteur privé du Québec, Commissaire à la vie privée du Canada. Proposition de directive sur la conservation des données de connexion – Europe La Commission européenne a présenté le 21 septembre une proposition de directive sur la conservation de données relatives au trafic des communications électroniques. Cette proposition prévoit l’harmonisation des obligations qui pèsent sur les fournisseurs de services de communications électroniques accessibles au public, ou d’un réseau public de communications, en matière de traitement et de conservation de données relatives au trafic concernant la téléphonie mobile et la téléphonie fixe, ainsi que des données relatives au trafic concernant l’utilisation d’Internet, la durée de conservation étant de un an pour les premières et de six mois pour les secondes. Elle ne s’applique pas au contenu des communications. La proposition contient une disposition prévoyant que les fournisseurs de services ou d’un réseau obtiendront le remboursement des surcoûts qu’ils justifient avoir supportés. Le traitement de données se fera sous le contrôle exclusif des autorités chargées de la protection des données, instituées dans tous les États membres. Communiqué, La Commission présente un arsenal de mesures sur la lutte contre le terrorisme. Liliana BOUBEKEUR, Une proposition de directive pour la conservation des données de connexion, Juriscom.net, 28 septembre 2005 Étienne WERY, Données de connexion : le grand b…, Droit-technologie.org, 19 octobre 2005. Au décès, à qui reviennent les courriels ? – France Murielle Cahen, dans un article publié dans Clic-Droit, examine le statut des courriels. Les messages de courriel sont des données personnelles, une adresse électronique permet généralement d’identifier une personne physique. Dans la plupart des situations, la question ne comporte pas d’enjeux financiers. Les héritiers s’attachent à la valeur affective des courriels. En France, les hébergeurs de courriel refusent généralement de communiquer les données personnelles même aux héritiers. On qualifie ces messages de correspondance privée. Toute autre personne que le destinataire et l’expéditeur n’est pas habilitée à en prendre connaissance. L’auteure aborde aussi les dimensions de propriété intellectuelle que comportent la dévolution des courriels de la personne défunte. Murielle CAHEN, Décès : les emails sont des données personnelles, Clic-Droit, 21 septembre 2005. Responsabilité de l’intermédiaire de paiement pour accès par des mineurs à un site pornographique – France Dans une décision rendue en application de l’article 227-24 du Code pénal français, un juge correctionnel a acquitté le fournisseur d’une solution de paiement en ligne. Ce dernier était poursuivi pour avoir fourni ses services à un site sur lequel un mineur avait téléchargé des documents à caractère pornographique en payant via les services de la firme accusée. L’acquittement est en grande partie fondée sur l’absence d’intention de la part de l’entreprise accusée. Il n’a pas été établi que la prévenue avait conscience de faire commerce de messages pornographiques susceptibles d’être reçus par des mineurs. Le prévenu, dans cette affaire, ne faisait que procurer le moyen de paiement. Il ne prend aucune part à l’élaboration ou à la diffusion du matériel pornographique. Étienne WERY, Quelle responsabilité pour le fournisseur d’une solution de paiement électronique ? Droit-technologie.org, 7 octobre 2005. « Corporate governance », protection des données personnelles et obligations de dénoncer les pratiques illicites – France personnelles et le respect des lignes directrices relatives à la dénonciation de comportements susceptibles de mettre en péril la bonne gouvernance de l’entreprise. En mai 2005, la Commission nationale de l’informatique et des libertés (CNIL) a rendu des avis tendant à écarter les lignes directrices mises en place afin de favoriser la dénonciation de pratiques condamnables au sein des entreprises, notamment celles découlant de la législation américaine telle la Loi Sarbanes-Oxley. Ce type de conflit entre la protection de la vie privée et la nécessité d’assurer la circulation de l’information relative aux obligations de rendre compte témoigne d’un besoin croissant de trouver des formules proportionnées. Aussi : Actualités, Une nouvelle censure judiciaire d’un système d’alerte éthique, Legalis.net, 14 octobre. Étienne WERY, Corporate governance : les codes fleurissent tandis que les autorités s’inquiètent des dérives des « lignes d’éthiques », Droit-technologie. org, 30 septembre 2005. CNIL, Lignes éthiques, whistleblowing : la CNIL prépare des recommandations à l’usage des entreprises. Publication des règles relatives au domaine « .eu » Les règles régissant l’enregistrement de noms de domaine en «.eu » ont été rendues publiques le 30 septembre dernier. Ces règles traitent des formalités administratives d’enregistrement du nom de domaine en «.eu » ainsi que des conditions, droits et obligations auxquelles les registres et les titulaires des enregistrements doivent se soumettre. On y trouve également la politique encadrant la base de données Whois et enfin les règles de règlements des litiges prévues par le Règlement de la Commission Européenne du 28 avril 2004. Brèves Intellex, Les règles du «.eu» sont enfin disponibles. Depuis le début de la décennie, on a vu se multiplier les initiatives afin d’améliorer la qualité de la gouvernance des entreprises. Au nombre des enjeux concernés, il y a la protection des données Censure d’un annuaire sur le dopage sportif au nom de la protection des données personnelles – France La suprématie du droit à la protection des données personnelles, même à l’encontre des mécanismes destinés à assurer un comportement conforme aux exigences de probité dans la pratique de sports professionnels est bien illustrée par cette décision de la CNIL interdisant la diffusion d’un annuaire recensant plus de 1000 coureurs cyclistes ayant reconnu s’être dopés ou avoir été contrôlés positifs. Il reste à se demander ce qu’il adviendrait si on tenait compte des dimensions relatives à l’intérêt public plutôt que de pratiquer une approche à sens unique au seul profit de la censure de données portant sur les comportements publics des personnes. Lionel THOUMYRE, Hyperdossier sur le droit d’auteur et les droits voisins dans la société de l’information, Juriscom.net, 11 octobre 2005. Murielle CAHEN, Qui est responsable en matière de contrefaçon de marque sur les liens commerciaux des moteurs de recherche?, Clic-Droit, 21 septembre 2005. CNIL, Communiqué : Suite à l’information donnée sur son site par l’intéressé lui-même, la CNIL confirme qu’elle a mis en demeure le responsable de ce site de cesser la publication d’un annuaire du dopage, 30 juin 2005. Brèves Intellex, France-La CNIL censure un annuaire du dopage cycliste diffusé sur Internet, 6 juillet 2005. Commentez cet article au Blogue de IT.CAN ➦ ● À signaler Tenue du sixième Forum Mondial e-Démocratie– Du 28 au 29 septembre, 1,800 congressistes venus de 43 pays ont assisté aux débats des 105 intervenants du 6 ième Forum Mondial e-Démocratie. Administration électronique, cartes d’identité électroniques, vote par Internet, nouvelles formes de journalisme, lutte contre la fracture numérique, logiciels libres… les sujets de discussion n’ont pas manqué au cours de ces deux journées de débats. Les participants ont lancé un appel mondial pour une démocratie électronique libre (http:// edemocratie-libre.org/) et constaté la progression du vote par Internet dans le monde. This newsletter is intended to keep members of IT.Can informed about Canadian legal developments as well as about international developments that may have an impact on Canada. It will also be a vehicle for the Executive and Board of Directors of the Association to keep you informed of Association news such as upcoming conferences. If you have comments or suggestions about this newsletter, please contact Professors Anne Uteck, Teresa Scassa and Chidi Oguamanam at [email protected] if they relate to Part 1 or Pierre Trudel at pierre.trudel@ umontreal.ca if they relate to Part 2. Disclaimer: The IT.Can Newsletter is intended to provide readers with notice of certain new developments and issues of legal significance. It is not intended to be a complete statement of the law, nor is it intended to provide legal advice. No person should act or rely upon the information in the IT.Can Newsletter without seeking specific legal advice. Copyright 2005 by Anne Uteck, Teresa Scassa, Chidi Oguamanam, Pierre Trudel and France Abran. Members of IT.Can may circulate this newsletter within their organizations. All other copying, reposting or republishing of this newsletter, in whole or in part, electronically or in print, is prohibited without express written permission. Le présent bulletin se veut un outil d’information à l’intention des membres d’IT.Can qui souhaitent être renseignés sur les développements du droit canadien et du droit international qui pourraient avoir une incidence sur le Canada. Le comité exécutif et le conseil d’administration de l’Association s’en serviront également pour vous tenir au courant des nouvelles concernant l’Association, telles que les conférences à venir. Pour tous commentaires ou toutes suggestions concernant la première partie du présent bulletin, veuillez contacter les professeurs Anne Uteck, Teresa Scassa et Chidi Oguamanam à l’adresse électronique [email protected] ou en ce qui concerne la deuxième partie, veuillez contacter Pierre Trudel à [email protected]. Avertissement : Le Bulletin IT.Can vise à informer les lecteurs au sujet de récents développements et de certaines questions à portée juridique. Il ne se veut pas un exposé complet de la loi et n’est pas destiné à donner des conseils juridiques. Nul ne devrait donner suite ou se fier aux renseignements figurant dans le Bulletin IT.Can sans avoir consulté au préalable un conseiller juridique. © Anne Uteck, Teresa Scassa, Chidi Oguamanam, Pierre Trudel et France Abran 2005. Les membres d’IT.Can ont l’autorisation de distribuer ce bulletin au sein de leur organisation. Il est autrement interdit de le copier ou de l’afficher ou de le publier de nouveau, en tout ou en partie, en format électronique ou papier, sans en avoir obtenu par écrit l’autorisation expresse.