Christine

I'd be very interested in this as, I should imagine, will everyone else
who has been to the Copyright Workshops. The question on electronic
signatures has not yet been tested in court. However, as each person is
supposed to have their own private username & password/User no &
PIN/Athens authentication, I find it hard to believe that the courts
would accept that a system that is secure enough to be used on Bank
Accounts (user id + PIN) is not secure enough to be used for requesting
a journal article.

As people have to agree to Terms & Conditions, including not sharing
their log on details with anyone else, this is as secure as it can get.
The onus would have to be on the requester to comply, not on the
receiver of the request to police this.

I think this whole area is still open to debate, but I can't see how a
system accepted worldwide as secure for financial transactions could be
seen as insecure when it comes to copyright.

Public libraries also work on a user id + PIN for remote access to
borrowing records, to place requests etc. If this were considered
insecure, they would be at risk under Data Protection Act etc.

However, I'd really like someone to clear up for me precisely what an
electronic signature is. Also, surely it's easier to fake someone's
written signature than to crack/steal their ID + PIN?

Before I went to the copyright workshops I was fairly confident that I
knew what I was doing. Now, I'm not so sure.


Tricia Rey
Library Services Manager
Queen Victoria Hospital NHS Foundation Trust
East Grinstead
Tel: 01342 414266
Mailto:[log in to unmask]


-----Original Message-----
From: Christine Reid [mailto:[log in to unmask]] 
Sent: 18 July 2007 15:00
To: Rey Patricia
Subject: Re: electronic signatures

Tricia

I recently read a book by Bradford & Brine titled "Interlending and
document supply in Britain today".  It says that electronic signatuires
are now legal - and gives details of legislation etc.  But it goes on to
say that for an e signature to be valid, the user must be able to
demonstrate that it is authentic and that usernames and passwords are
"very unlikely" to meet this test.

I can give you a bit more detail if necessary. 

Christine



Christine Reid, Librarian 
[log in to unmask]
                    
(Mon, Wed, Fri) 
NHS Staff Library, Cookridge Hospital   
Hospital Lane, Leeds LS16 6QB 
Phone 0113 3924293         

(Tues, Thurs)
NHS Staff Library, Chapel Allerton Hospital
Chapeltown Road, Leeds LS7 4SA
Phone 0113 3924662 

>>> Rey Patricia <[log in to unmask]> 17 July 2007 14:01 >>>
At the workshop in Bristol it was suggested that we accept only email
requests that have come either from a secure NHS Trust email address
or
nhs.net email address. There is no need for these requests to arrive
on
an official request form. Under CLA licence, there is no need for the
terms & conditions to be agreed as the CLA licence permits wider
copying
including for business purposes. Obviously, if the article requested
is
not covered by the CLA Licence, terms & conditions tickbox or
equivalent
is necessary, or maybe just a statement agreeing to the terms &
conditions added to the foot of an email.

Surely when you print out the email the sender's email address is at
the
top & that can act as a paper copy of an electronic signature?

Where an article is requested through an electronic medium such as a
Library Management System, presumably the fact that someone has had to
log onto the system with their own id before placing their request &
has
ticked the box would cover the electronic signature issue & a paper
copy
would satisfy legal requirements as the security of the system could
be
demonstrated if required. Presumably (because I've not seen one) a
printout would contain the user ID in some form.

I'm not an expert, but I feel that maybe we sometimes try to go too
far
in policing copyright. The onus is on the requester to obey the law
and,
presumably, if we have provided the copy in good faith we are doing
all
we can. No system is absolutely foolproof.

We currently accept email requests from our users and send them a
paper
statement for signature if the request falls outside CLA licence. Of
course, we have the advantage of being a single site Trust with only a
few offsite members. I hope we will soon be able to produce a template
that people can complete & send from their secure email address so
that
we won't have to send the forms for signature.


Tricia Rey
Library Services Manager
Queen Victoria Hospital NHS Foundation Trust
East Grinstead
Tel: 01342 414266
Mailto:[log in to unmask] 


-----Original Message-----
From: UK medical/ health care library community / information workers
[mailto:[log in to unmask]] On Behalf Of Farquharson Helen
Sent: 17 July 2007 12:47
To: [log in to unmask] 
Subject: electronic signatures

Apologies for cross posting

I attended a workshop on copyright for health librarians in Manchester
yesterday.  One of the subjects that came up was electronic signatures
and their acceptability for use on requests for interlibrary loans.  I
think the consensus was that we could accept an electronic signature
provided the sender had ticked a box agreeing to terms and conditions
including an agreement to abide by copyright legislation and had
accessed the request form using ID and password.  However there was a
school of thought that there would be difficulties when storing the
requests for the six or so years required by the legislation.  It was
thought that once these requests were printed off the "signature"
would
no longer be valid as it would no longer be an electronic document and
no-one seemed to be aware of a reliable method of storing them
electronically.
Can anyone out there shed any light on this?  Are there any other
consequences of using electronic signatures in the library world?

Helen Farquharson
Outreach Librarian
Heart of England NHS Foundation Trust
Good Hope Hospital
Sutton Coldfield
B75 7RR

Tel 0121-378-6206 ext 3549



**********************************************************************
This email contains proprietary information some or all of which may
be
legally privileged. 
It is for the intended recipient(s) only. If an addressing or
transmission error has misdirected this e-mail, please notify the
author
by replying to this e-mail. 
If you are not the intended recipient you must not use, disclose,
distribute, copy, print, or rely on this e-mail.

Please note, the information contained in this e-mail may be subject
to
disclosure under the Freedom of Information Act 2000 or the Data
Protection Act 1998

This footnote also confirms that this email message has been swept by
McAfee Group Shield for the presence of computer viruses.
www.McAfee.com 
**********************************************************************



____________________

INFORMATION NOTICE 

Please check for viruses before accessing this email and any
attachments. 

This email and any attachments may contain confidential information and
is intended only to be seen and used by the named addressee(s). However,
even if confidential, the information contained within it may be subject
to public disclosure under the Freedom of Information Act (2000), unless
it is legally exempt from disclosure. If you are not a named addressee,
any use, disclosure, copying, alteration or forwarding of this email and
any attachments is prohibited. If you have received this email in error
please notify the sender immediately by email or by telephoning 01342
414000 and permanently delete this email and any attachments from your
system. 

The views expressed within this email and any attachments are those of
the writer and are not necessarily the views or policies of Queen
Victoria Hospital NHS Foundation Trust. Except as required by law, the
Trust shall not be responsible for any damage, loss or liability of any
kind suffered in connection with this email and any attachments, or
which may result from reliance on the contents of this email and any
attachments.

If you wish to make a request for information under the Freedom of
Information Act (2000), please send your request to [log in to unmask]

Queen Victoria Hospital NHS Foundation Trust
Website: www.qvh.nhs.uk 
E-Mail: [log in to unmask] 
Switchboard: 01342 414000
IT Support: 01342 414411
______________________

____________________

INFORMATION NOTICE 

Please check for viruses before accessing this email and any attachments. 

This email and any attachments may contain confidential information and is intended only to be seen and used by the named addressee(s). However, even if confidential, the information contained within it may be subject to public disclosure under the Freedom of Information Act (2000), unless it is legally exempt from disclosure. If you are not a named addressee, any use, disclosure, copying, alteration or forwarding of this email and any attachments is prohibited. If you have received this email in error please notify the sender immediately by email or by telephoning 01342 414000 and permanently delete this email and any attachments from your system. 

The views expressed within this email and any attachments are those of the writer and are not necessarily the views or policies of Queen Victoria Hospital NHS Foundation Trust. Except as required by law, the Trust shall not be responsible for any damage, loss or liability of any kind suffered in connection with this email and any attachments, or which may result from reliance on the contents of this email and any attachments.

If you wish to make a request for information under the Freedom of Information Act (2000), please send your request to [log in to unmask]

Queen Victoria Hospital NHS Foundation Trust
Website: www.qvh.nhs.uk
E-Mail: [log in to unmask] 
Switchboard: 01342 414000
IT Support: 01342 414411
______________________