Archive for August, 2012

VISA, Olympic Park and accessible ATMs – what does the law say?

This morning news broke about the RNIB‘s row with VISA over the accessibility of ATMs at Olympic Park. Despite the fact that Olympic Park opened for business a month ago, I’m sure that it is no coincidence that the RNIB chose to break this story on day 2 of the Paralymics.

The issue relates to the accessibility features incorporated into VISA’s ATMs.

As a sponsor of the Olympics, VISA is the only provider of ATMs at Olympic venues (although it’s not clear whether the ATMs are in fact white-labelled ATMs provided by a UK retail bank such as London 2012 sponsor Lloyds).

RNIB had apparently been working with LOCOG and VISA for three years in the run up to the Olympics to ensure that the ATMs onsite were accessible. It appears that the ATM hardware deployed had accessibility features such as Braille pads and headphone sockets, but the software needed to enable these features was not installed.

The RNIB threatened VISA with legal action, but withdrew this threat when VISA promised to install the necessary software on two of the ATMs on site. Despite that promise, this work has still not been done.

The law
The relevant law here is the Equality Act, under which service providers have an obligation not to discriminate against people with disablities in the provision of goods and services. The duty is an evolving duty, meaning that service providers should continue to review the services they provide and the availabilty of new technology that might enable them to overcome accessibiltiy barriers.

In this case, the ATM is a means of providing access to cash (the service). You can find out a bit more about the duties under the Equality Act in this blog post.

On the face of it, given that LOCOG and VISA were fully aware of the issue, it appears that a breach of the Equality Act may have taken place. VISA’s official excuse appears to be that it “ran out of time”, but that’s not a justification open to service providers under the Equality Act.

Both LOCOG and VISA have large resources available to them, and had years to plan for the Games, so it’s hard to see how a lack of time is a credible justification. Given that talking ATMs are widely deployed in the United States (and in smaller numbers in the UK), the necessary software is clearly available on the market.

VISA’s position
VISA still maintains that it has complied with its obligations under the Equality Act.

It’s not clear what VISA’s reasoning is for this. Having been to Olympic Park last month, I’m also pretty sure that there isn’t an over the counter money withdrawal facility which might be more accessible to visually impaired users. VISA may be relying upon the tactile/Braille keypads providing visually impaired users with a level of accessibility, and the fact that talking ATMs are not (yet) widely available in the UK.

Of course, the tactile/Braille pad doesn’t allow the user to “see” what is on the screen (which is the pupose of the audio/headphone facility), meaning that the ATMs are likely to be more difficult for visually impaired users to use. Whether that leads to any visually impaired spectator bringing legal action under the Equality Act remains to be seen.

PR impact
Regardless of whether any legal action is raised, it’s not a good story for LOCOG and VISA.

12 years ago, the organisers of the Sydney Olympics (SOCOG) were successfully sued by a visually impaired Australian man over the inaccessibility of the Sydney 2000 website, and ordered to pay him AU$20,000 in damages. In finding that SOCOG had breached the Australian equivalent of the Equality Act, the Australian EHRC made a particular point of emphasising that SOCOG and its technology partner IBM could not rely upon excessive cost or lack of time as a justification for not provding an accessible website. The case became a landmark case for website accessibility throughout the world.

ATM accessibility is something that has been on the RNIB’s agenda for a number of years, and many banks have commited to improving the accessibility of their ATMs as they refresh their estate. In this case, VISA was deploying new ATMs at a new facility. It was not a case of outdated equipment at legacy sites.

Given the high profile nature of the Olympics and PR damage caused to both VISA and LOCOG by this morning’s story, it’s therefore surprising that this issue wasn’t addressed as a priority when deploying the on-site ATMs.

ICT procurement in the public sector – avoiding delays, overruns and service failures

Audit Scotland today published its report following an audit of three public sector IT projects in Scotland. I’d recommend that anyone in the public sector who is involved in ICT procurement reads it – particularly if they are about to embark on any transformational or shared services projects.

Common issues
The findings could be summarised in a single phrase: “lack of governance” – whether within the contracting authority itself or as between the contracting authority and its supplier.

But the report goes into more detail than this, and highlights a number of common issues:

  • Project teams often had a lack of skills and experience in relation to ICT projects.
  • External consultants were used to plug these gaps, but often only at key stages (and often after the project was underway), meaning that there was little support during the intervening periods. Elsewhere, the contracting authority relied upon the supplier for guidance on key decisions.
  • Business cases did not always clearly define the planned benefits of a project, meaning that it was then difficult to measure success – in some cases the “whole-life costs” section was left blank. As such, it was impossible to measure value for money.
  • Intended users of the ICT were not sufficiently involved in the design of programmes – this meant that the solution delivered didn’t always meet the requirements of users. This was exacerbated by an over reliance on the supplier for key decisions.
  • Programme management was weak – with failings in financial control and progress reporting. Boards were provided with insufficient detail, and governance arrangements that were in place weren’t always adhered to.
  • In complex projects, there was a lack of ownership of individual elements of the project, which contributed to cost and time overruns and led to a failure to identify that the overall project was behind schedule and over budget (the “boiling frog” analogy)
  • Finally, Audit Scotland also identified problems with the Scottish Government’s “Gateway” review process, which is intended to provide assurance on project management.

Surprisingly, it seems that in many cases these projects were commenced without carrying out a competitive procurement exercise. Instead, the organisations concerned appointed an incumbent supplier to carry out the work. This lack of competitive procurement undoubtedly exacerbated the problems encountered with cost overrruns and the unsuitability of the solution provided by the supplier.

The cost of getting it wrong can be high. Poor project implementation results in delays, increased cost and end user dissatisfaction, as the ICT service fails to meet the needs of users. In the case of one project reviewed by Audit Scotland, the contracting authority decided that the structure of its wider contract with its IT supplier was inappropriate. It is now in negotiations over the level of compensation due to that supplier as a consequence of terminating 20 months early.

Audit Scotland’s Recommendations
Audit Scotland makes a number of recommendations which all procuring authorities should consider adopting:

  • ensure that an effective governance procedure is in place and is being complied with
  • ensure that established project management frameworks are followed
  • ensure that robust performance management arrangements have been developed and that appropriate progress reporting is taking place
  • ensure that a detailed skills assessment has been completed at the outset of a project to ensure that team members have the necessary skills and experience to undertake their roles

To assist procuring authorities, Audit Scotland’s report includes a list of questions that senior managers and project boards can use to scrutinise and challenge the management of ICT programs undertaken by their authority.

Some additional recommendations
I would add some additional recommendations to the Audit Scotland list:

  • Think carefully before appointing an incumbent supplier to deliver a project. Even if there aren’t procurement law issues, a competitive procurement is likely to deliver better cost efficiencies and a more appropriate solution.
  • Consider the most appropriate procurement procedure for the project. Should you buy off-catalogue (eg OGC) or procure directly? If the latter, consider whether the competitive dialogue procedure gives you more control in more complex projects.
  • Ensure that a clear specification for the services being procured is developed up front with input from all key stakeholders (including those that will be using the services).
  • Develop an appropriate governance and reporting structure both for the internal team within the contracting authority(ies), and also between the contracting authority and the supplier, to ensure that performance, costs and delivery are closely monitored and problems quickly identified and resolved.
  • If there are multiple contracting authorities or agencies, ensure that there is an appropriate governance and reporting structure between the lead authority and the other agencies/authorities, so that the interests of all relevant parties are properly managed.
  • Ensure that a suitably qualified team is assembled to support the procurement throughout the project. This includes external IT consultants (where skills aren’t available in-house) and legal advisors to ensure that the contract terms and conditions and procurement documents are fit for purpose and incorporate the agreed governance structure. This team should be involved from the outset to ensure that the initial ITT or RFP is as detailed as possible, and doesn’t set the project off in the wrong direction.

ICO investigation highlights importance of information security to brand reputation

The story earlier this week about the Information Commissioner’s (ICO) investigation into concerns over the security of user passwords for the website is a timely reminder that information security is an evolving area, and one that organisations need to keep under constant review.

The law
The Data Protection Act (DPA) states that:

Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data

In determining what measures are appropriate, organisations have to ensure that the level of security is appropriate to the level of harm that might arise from unauthorised access or disclosure and the nature of the data in question.

So, the greater the potential damage to users, the greater the level of protection should be. Importantly, the organisation also has to have regard to technological development.

This means that information security measures need to be kept under constant review as technology (and the cost of that technology to the organisation) evolves. In this case, the question appears to be whether or not Tesco is following industry best practice, and whether its current approach to password security is sufficient, given the technological developments that allow for a more secure way of storing and providing access to passwords.

Brand reputation
However, the story also a reminder that information security is now about more than just legal compliance. It’s also about brand reputation.

Whether or not Tesco’s website falls short of the requirements of the DPA will be a matter for the ICO to come to a view on.

Yet, the very fact that the ICO is investigating the information security procedures of one of the UK’s largest retailers is enough to make front page news. There hasn’t actually been a security breach in relation to the Tesco website, but the possibility that Tesco’s site is may be more vulnerable than others is sufficient for it be reported by the media.

e-Commerce is a notoriously brand fickle industry, with websites being in fashion one minute and not the next. An information security leak can be highly damaging to the brand. For that reason, organisations that trade online should ensure that information security is kept constantly under review, and that they respond to technological developments that help to keep the data of their users secure.

Practical steps
So what should you be doing? In practice, this means ensuring that your internal policies are kept under review and that someone is responsible for information security compliance.

Where you rely upon external suppliers, it’s essential that information security is properly addressed in your software development and hosting contracts through reference to appropriate standards. It’s also important that you are able to audit and review the information security of your websites and systems and ensure that the measures in place continue to be fit for purpose, and mandate that changes can be made where vulnerabilities are identified.

Gill Grassie joins Brodies’ IP and technology litigation team

Following on from my announcement earlier this year about our recruitment of leading IP and technology litigation specialists Gill Grassie and Robert Buchan from Maclay Murray and Spens, I’m delighted to say that Gill Grassie joined the team here at Brodies last week.

Gill joins Robert and assistant Mark Cruickshank, who both arrived at Brodies in the spring.

Gill, formerly head of IP and Technology at Maclays, is described by the Legal 500 independent law directory as

outstanding… her knowledge and experience of contentious IPR and technology matters is clearly second to none.

Both Robert and Gill are accredited IP specialists and give us unparalleled expertise in the Scottish legal marketplace.

You can find out a bit more about Gill on her website biog. To read more about Robert and Gill generally, follow this link or get in touch with your usual TIO Group contact.

Last opportunity to take part in our survey on how organisations identify, value and exploit their intellectual assets

Our survey on how organisations value and protect their intellectual assets closes at the end of this week.

Launched in conjunction with industry bodies ADS, SCDI and ScotlandIS, our survey is looking to identify how key intellectual property (IP) assets are dealt with and the IP issues which matter most to businesses today. We want to hear your views and appreciate your participation.

Year on year investment in the UK in intangible assets such as IP is higher than investment in traditional physical assets such as machinery or premises. IP rights, whether to a brand, design or manufacturing process, are often the most valuable asset that a business owns.

For any business to maintain a competitive advantage in the marketplace and maximise the return on investment, IP rights require to be properly managed or they will simply go to waste. Are you confident that you are making the most of your IP?

Please click here to take part (anonymously) in our 60-second survey and let us know what matters most to you in intellectual property. The survey will close at 5pm on Friday 24 August.

We look forward to sharing the results with you.

We’re keen to canvass views from as many organisations as possible. If you’d like to share the survey with your contacts then please feel free to use this shortened URL:

Does the move to app stores inhibit software development and competition?

Microsoft today confirmed its launch hardware partners for its new touch screen/ARM based version of Windows, Windows RT (is this a subliminal advertising campaign by Microsoft to encourage people to promote Windows on Twitter?).

At the end of the BBC News article linked to above, a comment is made about the fact that Microsoft has locked down software distribution on the platform. As pioneered by Apple on the iOS platform, apps for Windows RT may only be distributed through a Microsoft controlled app store, in return for which Microsoft will take the now standard 30% commission.

The article includes a comment from a couple of games industry executives, who label the decision a “catastrophe”, “not awesome” and a “wrongheaded approach”.

So does this mean that games and app developers will turn away from the new platform?

The games industry and app stores
Last week, I was at Edinburgh Interactive one of the UK’s major video games industry conferences.

What struck me was how many of the speakers (from both large and small developers) are focussing their development efforts on the iOS and Android platforms. There was very little discussion in the sessions about the development of games for consoles and PCs. It was all about iPads, iPhones, Android and promoting your product on the app stores. And the future sounded pretty bright.

Indeed, a large amount of discussion on the first day looked at the move to so-called “freemium” products, where the app is free to download and the developer then makes its cash from selling in in-app content (such as additional levels, power-ups etc) or in-app advertising.

So it seems that not everyone agrees with the view of the larger games companies – or if they do then they are prepared to accept the commercial model in order to access the new platforms.

Indeed, for smaller indies, the app stores operated by Google and Apple offer an easy way to market. You can self-publish, without the need for a traditional middle-man to publish your game, and don’t need to fund expensive promotions in bricks and mortar stores – instead using social media and word of mouth to promote your app. This reduces the risk to the developer and fosters the development of innovative new products.

The 30% margin is high (particuarly given that it also now often includes a share of revenue from in-app purchases), but given the sales platform provided (and the fact that the app store will handle all payment processing), for many developers the cost is worth it.

In reality, I suspect the comments quoted above reflect commercial concerns over the fact that the publisher’s margin for Windows products is now under attack. They can no longer sell games to consumers direct from its own website – it is a return to the pre-internet days where a distributor and a bricks and mortar retailer also took a cut.

Competition law
What will be interesting is whether any of the competition authorities look at the cast iron control the operating system providers have over the sale of content on their platforms, and whether this constitutes an abuse of a dominant position. Unlike the Android platform (where there are multiple app stores), it looks like Microsoft will follow Apple and others in that its app store will be the only way to sell content on the platform. In the absence of any competing app store, the 30% margin cannot be challenged. This could be viewed as anti-competitive.

What do you think? Does the app store model put you off developing for iOS, Android and Windows RT? Or are you prepared to work with the new model to access new markets?

Free guide to protecting your intellectual property

Link to Brodies guide to protecting IP

Are you interested in finding out more about the  intellectual property that you or your organisation creates or usses in your business? Would you like to learn about the steps you can take to protect your intellectual efforts and prevent others from copying your work?

Often intellectual property rights (IP), whether in a brand name, design or manufacturing process, form a key part of the value of a business and its ability to stand out from the crowd and effectively compete.

To be able to optimise the value of IP and be best placed to generate a maximum return from it, it is important that a business takes active ongoing steps to identify, protect, exploit and enforce such rights. Over many years our IP specialists have worked with local and international businesses of all shapes and sizes to ensure that their IP is being fully protected.

Based on that direct experience we have compiled a brief overview guide to protecting your IP which we would like to share with you.

The guide is free to download. You can access the guide by following this link.

You can also share the guide using the shortened link

We hope you find it useful.

To find out more about our expertise and the services that we offer here at Brodies you have any questions then please contact me or another member of Brodies’ IP and technology team.

Finally, remember that you can also take part in our anonymous survey on how organisations use and value their intellectual assets. We’re keen to hear what you think. To take part, follow this link.

A decision to make your hair stand on end? When is a self employed individual really a worker?

Our employment law colleagues over on EmploymentBlog have blogged on a recent Court of Appeal decision upholding a claim by a self-employed individual that he was actually an employee of the company. Notably, the individual’s contract with the company (a hospital) expressly stated that he was a self-employed contractor.

The decision will be of particular interest to organisations that use self-employed IT contractors. It’s clear that organisations cannot just rely on a contractual statement to create a customer/contractor relationship, but instead need to look at the facts and circumstances surrounding the individual’s appointment. The blog sets out a three part test used to determine the individual’s status.

Read the blog: A decision to make your hair stand on end? When is a self employed individual really a worker?


Twitter: @BrodiesTechBlog feed

August 2012
« Jul   Sep »

%d bloggers like this: