WORLD BANK REIMBURSABLE TECHNICAL ASSISTANCE ITIDA

Transcription

1 Public Disclosure Authorized Public Disclosure Authorized Public Disclosure Authorized WORLD BANK REIMBURSABLE TECHNICAL ASSISTANCE ITIDA SUPPORT FOR ITIDA S IPR OFFICE Public Disclosure Authorized INCEPTION REPORT WORLD BANK

2 TABLE OF CONTENTS I. Introduction & Background II. Scope of Work / Proposed Outline For Final Report A. Overview of Mandate and Organization... 4 B. Recommendations of Workflow Requirements... 5 C. Identify Training Needs for Staff... 5 III. Work Undertaken and Comments IV. Next Steps V. Annexes ANNEX A Terms of Reference... 7 ANNEX B World Bank Comments on ITIDA s Tender for an... 9 Enterprise Management Information System (EMS) of 11

3 I. Introduction & Background. The Ministry of Communications and Information Technology of the Arab Republic of Egypt (MCIT) and the World Bank (Bank) entered into an agreement (Agreement) for the provision by the Bank of technical assistance (RTA) to MCIT and certain of its affiliates. One of those affiliates is the Information Technology Industry Development Authority (ITIDA). The Agreement provided that the services to be provided by the Bank to ITIDA would be in the following six areas: Cyberlaws: Awareness raising campaigns and dissemination workshop to all stakeholders. E-signature and PKI frameworks: international benchmarks. Support to the Intellectual Property Right (IPR) Office in ITIDA. Measuring piracy rate (IPR). IT Export Industry. Mechanisms for assessing the socioeconomic impact of ICT. Prior to the first mission, ITIDA and the Bank agreed that of the six subcomponents, work on the following three subcomponents would be undertaken first: E-signature and PKI frameworks: international benchmarks. Support to the in ITIDA. Mechanisms for assessing the socioeconomic impact of ICT. This report focuses on providing support to ITIDA s and is being delivered pursuant to the RTA Agreement. The Terms of Reference (ToR) for this subcomponent is attached as Annex A. II. Scope of Work / Proposed Outline For Final Report. The outcome of this subcomponent is to make recommendations regarding the organization and functioning of ITDA s (IPR) office in order to help it fulfill its mandate, identifying additional work-flow requirements, requirements for software tools and procedures to implement workflow requirements, tasks to be undertaken by the IPR office to fulfill its mandate, and training needs for the IPR office staff. Following is an outline of issues that will be examined and expanded upon in the main report. 3 of 11

4 Egypt has emerged as the world s leading source for Arabic software, including language and translation tools, software localization services, and original software development. Growth over the past decade has been very high, with the industry essentially tripling in size every five years. Exports have reached 700 million Egyptian pounds. Eighty percent of Egypt s software is exported to the Arab world. 1 The will play an important role in the enabling environment for this significant industry. A. Overview of Mandate and Organization Under this section, the establishment and mandate of the will be reviewed in the context of protection of intellectual property rights in Egypt, with particular reference to software copyright protection. The overview will commence with a review of the legal framework for protection of intellectual property rights in Egypt. This will include both the legal enabling framework for the IPR office, but also the applicable legal regime for copyright and licensing of software, including Egypt s current international obligations with respect to intellectual property protection. Some countries (Brazil, e.g.) have specific legislation protecting software. 2 In addition to the IPR aspects of the legal framework, the overview will also take account of other factors affecting and best practices for maintaining electronic registries, including the overall Egyptian enabling environment and specific practices in place in the with particular regard to its on-line service offering including: Rules governing electronic transactions and requirements for electronic submissions (authentication and nonrepudiation); data collection, storage, protection & use; data integrity & accuracy; safeguards on data interception; data retention; access to data submitted by data subjects, opportunities to correct data, access to data by third parties; critical infrastructure protection (processing, collection, transfer and protection of data), ensuring that disruptions are brief, infrequent and isolated; cybercrime issues (interference with systems, ); and dispute resolution. 1 World Bank Report forthcoming. 2 See, Law No of February 19, Under this law, now registration is required, although it is optional at the National Institute of Industrial Property (INPI). 4 of 11

5 This will also look at the priority (if any) of the electronic filing vs. a paper filing. This overview will form the basis for the recommendations under this subcomponent regarding reinforcing the mandate of the IPR office. It will also form the basis: (i) for evaluating the steps necessary to stem software piracy (a separate component under the RTA), as well as (ii) of the enabling environment for the promotion of software as a key IT industry export (another separate component under the RTA). 3 The overview will take account of the current organization, staffing and processes of the IPR office, with particular reference to its activities with respect to software registries. The mandate, organization and process of the IPR office will be compared with similar institutions in other jurisdictions, and the functions and processes for protection of software copyright will be compared with international best practice, including industry practice. B. Recommendations of Workflow Requirements Based on the findings of the overview in the preceding section, the main report will focus on recommendations regarding workflow in the IPR office, including both the front office registration functions, but also back office registry administration and enforcement functions, including the software and other information management tools necessary to accomplish these functions. As discussed in more detail in III, below, and in Annex B, in order to be consistent with the new Enterprise Management System (EMS) being procured by ITIDA, the parts of the EMS tender and EMS Consultant s applicable to the IPR office should be reviewed. A number of potential issues regarding specific requirements under the EMS are described in more detail in Annex B. These recommendations will also examine other enabling environment factors, including registry management (both front- and back-office processes) functions, and requisite staffing and skills of staff to perform those functions. They will also be made with a view towards compliance with possible requirements on infrastructure protection, privacy and data protection related to registry administration and maintenance as they may emerge in new Cybercrime legislation being considered in Egypt. C. Identify Training Needs for Staff A final chapter will focus on building capacity among the staff of the IPR office, including reviewing job descriptions, identifying the training needs and training opportunities on best practices, including evidence gathering and analysis, counterfeit identification and enforcement activities of the IPR office. Any enterprise management system procured by ITIDA should contain specific functionality for the specific requirements of the IPR office or be interoperable with s own workflow software tools and include training modules for Staff. 3 It is recommended in III Other Issues of this report that ITIDA consider combining the anti-piracy subcomponent with this subcomponent. 5 of 11

6 III. Work Undertaken and Comments. The Bank has made queries with major software vendors about key issues regarding software registries and software piracy. In addition to looking at other nation s responses to software registries, there are a number of industry associations (e.g., the Business Software Alliance 4, and the Federation Against Software Theft (FAST) 5 ) that have useful guidelines on protection of software. It is understood that development of Arabic Language software is a key industry sub-segment in Egypt s IT sector, and any steps that are taken to provide an enabling environment for this industry will undoubtedly reinforce Egypt s central role as a software home. In addition, the Bank has already provided comments with respect to potential IPR office procurement requirements under ITIDA s tendering for a management information system (MIS). These are attached as Annex B. In summary, these comments were aimed at addressing two related issues of: (i) ensuring that ITIDA s overall MIS included functionality to permit the IPR office to undertake its activities to the greatest extend possible on-line at the same time as (ii) addressing not only the font-office or intake procedures, but also the s back office functions of managing and using the data received for addressing potential software copyright violations including piracy. For example, these requirements would include integration of on-line filing of data with administration and management of the software database. It was recommended that the of the consultants working on the MIS be reviewed for consistency with the specific requirements of the s mandate in the area of software protection, so that, for example, on-line filing with the IPR office be linked to the management of the software registry. It was also recommended that the technical specifications for the MIS include appropriate software tools and support (including granting ITIDA editorial rights over the software code of the MIS). Other comments and recommendations that apply generally to ITIDA were also included in our review of the tender document. IV. Next Steps. Contact organizations (bilateral, multilateral and international organizations) regarding best practices in software registries, as well as any available training programs relevant to this activity. Prepare Draft Report of 11

7 V. Annexes. ANNEX A Terms of Reference ITIDA Component Scope of Work 2.a Assistance with Setting up ITIDA s BACKGROUND Under the Agreement between the Ministry of Communications and Information Technology (MCIT) and the World Bank (Bank) dated 20 June 2006, the Bank will provide technical assistance to the Information Technology Industry Development Agency (ITIDA) described below. OBJECTIVES The Bank has been asked to support ITIDA by making recommendations regarding the organization and functioning of ITDA s Intellectual Property Rights (IPR) office in order to help it fulfill its mandate. These recommendations are to include identifying additional work-flow requirements, requirements for tools to implement workflow requirements, tasks to be undertaken by the IPR office to fulfill its mandate, training needs for the IPR office staff and related matters. TASKS In connection with the foregoing objective, the Bank will undertake the following tasks: Review background of the establishment of ITIDA s, its mandate (as well as the mandate of related institutions in Egypt), appraise itself of the existing organization, staffing and processes of the IPR office, and related matters; appraise itself of best practices in connection with such activities in other jurisdictions; determine and recommend workflow priorities, including, without limitation, related to front office functions, back office functions, and enforcement; identify requirements for tools to facilitate workflows; identify actions and tasks in addition to its current activities recommended for the IPR office to fulfill its mandate; identify training needs for IPR office staff and make recommendations; and such other matters related to the foregoing 7 of 11

8 DELIVERABLES The Bank will prepare an containing its initial findings and verifying with ITIDA the tasks to be undertaken under 2.a, as well as confirm the timing of the draft and final reports referred to below. Upon sign-off by ITIDA of the, the Bank will prepare a draft report for review by ITIDA and, after consultation with ITIDA, will submit a Final Report addressing the matters covered by this scope of work and as agreed in the Inception Report. 8 of 11

9 ANNEX B World Bank Comments on ITIDA s Tender for an Enterprise Management Information System (EMS) From: David Satola on 09/21/2006 To: momran@mcit.gov.eg cc: bcc: SHashem@mcit.gov.eg, nagwash@mcit.gov.eg, mohegazy@mcit.gov.eg, nnoshy@mcit.gov.eg, Isabelle Huynh-Segni/Person/World Bank Subject: Comments on ToR for EMS for ITIDA Dear Eng. Omran, In our wrap-up meeting you asked for comments on ITIDA's ToR for EMS advertised on the UNDP website. I have reviewed the ToRs and have the following comments, primarily from the perspective of how it relates to support to be provided to ITIDA from the World Bank under the RTA agreement, especially with respect to building out the capacity of ITIDA's IPR office and other potential on-line activities of ITIDA. I would like to express our gratitude for your invitation to review these ToRs, especially as it relates to work under the RTA agreement. First, allow me to thank you and your staff for all the support provided during the recent mission in Cairo. I will, as we discussed in our wrap-up meeting, provide you a separate note on that. Having worked on projects in over 70 countries, the full engagement of counterparts makes all the difference, and everyone I encountered at ITIDA demonstrated a commitment to a successful outcome. Thanks again. The ToRs for the EMS are generally very good and well-conceived and presented. The context of these comments relates to an initial observation that many of the issues of building the capacity of the IPR office will depend on its having a robust management information system (MIS) for intake, administration and management of information related to its functions in registering software and dealing with piracy issues. Many of these activities could be done "on-line" and a good MIS would go a long way towards meeting the IPR office's objectives. In large part the MIS that we discussed appear to fit in well with the proposed EMS. At this stage, I would not recommend any changes to the EMS ToRs. Rather, to ensure that the consultant chosen to prepare the EMS specifications and selection incorporates these business process needs of the IPR office, it will be important to ensure in the downstream work of the consultant that specific IPR office functional needs are included in the ToRs and technical specifications to be developed by the consultant. For instance, ITIDA should ensure that the specific business process needs of the IPR office are included in the Inception and Draft/Final reports of the consultant. That would entail, for example, that ITIDA ensure that the consultant take note of the IPR office's desire to be able to integrate the on-line filing of data with the administration and management of its software database. As it currently stands in the ToRs, such issues are only addressed in generic terms. ITIDA's reaction to the consultant's Inception 9 of 11

10 report would be the opportunity to clarify the specific needs of ITIDA's constituent functions, including the IPR office. It would seem that this approach would be preferable to revising the ToRs posted at the UNDP website, since they are generally very good. In a nutshell, it is recommended to work very closely with the selected consultant in the downstream aspects of its work to ensure the particulars of ITIDA's business processes are met, rather than try and anticipate every business process need ex ante in a revised posting at the UNDP website, although consideration could be given to modifying the UNDP posting to address these issues. In general terms, it could be clarified that, with respect to the ToRs/technical specifications for any EMS software tools, appropriate software support and maintenance agreements with vendors be addressed as part of the ToRs/technical specifications and that ITIDA has editorial rights in the source and object code of those tools. In that regard, ITIDA could encourage the consultant to consider open source alternatives. Generally, ITIDA should consider the "ownership" aspects of the software tools that will support its EMS In more concrete terms, the particular MIS needs of the IPR office are not specifically addressed in section 5, Project Objectives, although some issues - redundant keying and reconciliation of data, replacement of current manual systems, and enabling ITIDA to efficiently interact with its clients - are mentioned in a generic sense. On the latter issue (efficient conduct of business with clients), the specific issue with respect to the IPR office is facilitating on-line filing for the IPR office software registry. It will be important to ensure that the facilitation (online filing) is linked to management of registry data and "Knowledge Flow" referred to elsewhere in the ToRs. Ultimately, the software tool that supports ITIDA's EMS should ensure that data collected in on-line filings automatically populates fields for administration and management. The two should be linked. In 6, Requested Services, make sure that the ToRs developed by the consultant include IPR office work-flow requirements. In 7.3, the recommendations for subsystem specifications should reflect the different functional attributes of ITIDA as Regulator (of digital certificates), enforcement agency (software piracy) and industry promoter. It is also noted that in certain respects there may be some overlap or complementarity with the scope of work under the World Bank RTA. These include, for example, training (section 5, 8th bullet - this potential overlaps with the training recommendations for the IPR office) work-flow requirements (section 5, 3rd bullet; and 7.1, 4th bullet - especially with respect to the IPR office). One way of managing potential duplication of effort would be for the World Bank to review an have input in ToR to be produced by the consultant, to be able to assess dynamically with ITIDA whether the selected consultant or the World Bank would be better placed to provide support in specific areas. In that regard, we would be happy to assist in review the Inception and draft/final reports of the consultant to ensure optimization of the support. 10 of 11

11 Please let me know if you have any questions or comments on the above, as we look forward to working with you on these matters. 11 of 11