Joining the ranks: South Africa on track to adopting DNA legislation

South Africa has recently been at the epicentre of a spate of horrific violence, with reports of rape and murder making headlines almost daily. Disturbingly regarded as the ‘rape capital of the world’, South Africa has never before required a more urgent need for the effective use of DNA profiling in aiding investigations as now. Although South Africa has conducted DNA profiling since 1998, there has been no supporting legislative framework for its use thus far. The ‘DNA Bill’ has recently been passed by Parliament and we reflect on the key events that have brought us to this milestone.The DNA Project, a non-profit organisation, has long been lobbying to pass such legislation, as well as providing free DNA awareness workshops to a variety of first-on-the-crime-scene personnel. As with all new DNA legislation, there arises an essential need to intensify training and awareness around the DNA process, from the crime scene to the court room, in order for the value of DNA evidence be realised. Enacting legislation is only a step on a journey to effectively utilise DNA profiling resources in a more intelligent manner and it is necessary that significant investment be continually made towards the improvement and advancement of this exceptional technology and tool.     

Contemporary piracy research in criminology: a review essay with directions for future research

The realm of the ocean is scarcely studied by criminologist despite it being a component of the space of society. With the growth of maritime piracy in the past decade, this void has become increasingly palpable. The aim of this article is to catalyze more research in the field by providing an introduction and overview of the topic. The article starts by clarifying what piracy is, reviewing and evaluating some of its definitions and typologies. Furthermore, using the new Contemporary Maritime Piracy Database, the article charts the location of contemporary piracy. The article outlines factors that have been suggested as precursors of piracy before suggesting some key areas for future research.     

Legal rights in data

It is now apposite to speak of the ‘data centric world’. Businesses are paying ever more attention to their own, and others’ data, as a way of adding value to the organisation and conferring competitive advantage. This in turn is focusing attention on legal rights in data across many business sectors, where we’re starting to see more disputes. Data is funny stuff in and of itself - effectively inert in legal terms. It is more precise to speak of ‘legal rights in relation to data’. Those rights are IP rights - copyright, database right, confidentiality, patents and trade marks - and contract rights. Each IP right has its own rules, and applying those rules to data leads to a complex, multi-layered analysis where the law is unsettled and uncertain. This means that data is an area where contract is very often king, so most businesses regulate access to data by means of a series of agreements. The most commonly contested points in negotiations are around licence scope, derived data, commingled data and post term use.     

Independence of data privacy authorities (Part II): Asia-Pacific experience

Part I of this article in [2012] 28 CLSR 3-13 analysed the views of learned commentators on what constitutes the ‘independence’ of data protection authorities (DPAs). It concluded that a more satisfactory answer needed to be found in the international instruments on data privacy and on human rights bodies, their implementation and judicial interpretation, and in the standards that have been proposed and implemented by DPAs themselves. It found that only the OECD and APEC privacy agreements did not require a DPA (and therefore had no standards for its independence). Thirteen factors were identified as elements of ‘independence’ across these instruments and standards, five of which were more commonly found than others.     

The proposed data protection Regulation replacing Directive 95/46/EC: A sound system for the protection of individuals

The recent release by the European Commission of the first drafts for the amendment of the EU data protection regulatory framework is the culmination of a consulting and preparation process that lasted more than two years. At the same time, it opens up a law-making process that is intended to take at least as much time. The Commission has undertaken the herculean task to amend the whole EU data protection edifice, through the introduction of a General Data Protection Regulation, intended to replace the EU Data Protection Directive 95/46/EC, and a Police and Criminal Justice Data Protection Directive, intended to replace the Framework Decision 2008/977/JHA. This paper shall focus at the replacement of the EU Data Protection Directive by the draft General Data Protection Regulation. Due to the fact that the draft Regulation is a long (and ambitious) text, a selection has been made, with the aim of highlighting its treatment of basic data protection principles and elements, in order to identify merits and shortcomings for the general data protection purposes.     

UK government's Open Standards Consultation – A step in the wrong direction?

This paper comments on UK government's Open Standards Consultation which opened on 7 February 2012. It questions the UK government's mandating of open standards defined as standards which include patents licensed on a royalty free basis. The paper suggests that instead of promoting a level playing field, the government's policy will actually restrict competition and hinder interoperability. This policy is contrary to EU policy in a number of different fields which have all accepted, despite significant in-depth debate on this issue, that the best way to ensure the most effective competition, innovation and interoperability is to allow both royalty free patents and royalty bearing patents to compete provided the latter are licensed on FRAND terms. Lastly the paper suggests that the public procurement rules are not the place to apply industrial policy, instead a full market analysis should be conducted involving other government departments such as BIS and the IPO.     

Web数据库安全应用策略

Web数据库的安全是一个系统性、综合性的课题。想要建立完美的安全体系是困难的,实际中的Web数据库系统会采取多种技术来构建安全体系。只有通过不断地改进和完善安全手段,才能提高系统的可靠性。     

Victims and the restorative justice ambition: a London case study of potentials,assumptions and realities

Restorative justice is coming out of the shadows and in Europe this interest grows alongside a stronger victims’ movement with a domino effect on EU member states’ laws. In the UK, legislation now allows restorative justice at all stages of the criminal justice system, and as part of these developments, new restorative justice services that will be ‘victim-led’ are being funded. This paper questions this ‘kind’ of restorative justice, using unpublished findings from a research project that was conducted in 2017 in London. The project involved a survey with 66 victims and 44 offenders, followed by 11 in-depth victim interviews and a focus groups with 7 victims and practitioners. The data point out a number of assumptions and caveats, which must be addressed in order to ensure that further investment in restorative justice will yield benefits to all those whose lives are blighted by crime. The conclusions are relevant to anyone practising restorative justice internationally including policy makers and funders.     

TraceBase; A database structure for forensic trace analysis

A data structure is proposed that can store forensic data obtained by experts from different disciplines and acquired using different instruments. This data structure, called TraceBase, is congruent with the forensic examination in the laboratory. We describe the design as well as its planned introduction in casework.The back-end of TraceBase is based on PostgreSQL and can be accessed by front-end applications such as the open-source LibreOffice office suite. The back-end regulates the flexible and robust storage of data, as well as the relation between items, samples, and analyses. The front-end applications allow the user to enter or retrieve data in an easy fashion, while the modular structure ensures that different aspects, such as the data entry, the processing and reporting of entered data, can be optimised individually. Additional analyses can be introduced and linked to items or samples already present.The database is designed such that data from several sources, different forensic disciplines and data acquired by different analytical techniques can be entered. When data needs to be retrieved for further analysis, a subcollection can be filtered for use in a specific situation.     

Forensic investigation framework for the document store NoSQL DBMS: MongoDB as a case study

The NoSQL DBMS provides an efficient means of storing and accessing big data because its servers are more easily horizontally scalable and replicable than relational DBMSs. Its data model lacks a fixed schema, so that users can easily dynamically change the data model of applications. These characteristics of the NoSQL DBMS mean that it is increasingly used in real-time analysis, web services such as SNS, mobile apps and the storage of machine generated data such as logs and IoT (Internet of Things) data. Although the increased usage of the NoSQL DBMS increases the possibility of it becoming a target of crime, there are few papers about forensic investigation of NoSQL DBMS.In this paper, we propose a forensic investigation framework for the document store NoSQL DBMS. It is difficult to cover all of the NoSQL DBMS, as 'NoSQL' includes several distinct architectures; our forensic investigation framework, however, is focused on the document store NoSQL DBMS. In order to conduct an evaluative case study, we need to apply it to MongoDB, which is, a widely used document store NoSQL DBMS. For this case study, a crime scenario is created in an experimental environment, and then we propose in detail a forensic procedure and technical methods for MongoDB. We suggested many substantial technical investigation methods for MongoDB, including identifying real servers storing evidences in a distributed environment and transaction reconstruction method, using log analysis and recovering deleted data from the MongoDB data file structure.