E-security legal issues
One way for a reseller to gain an edge on competitors is to market the advantages associated with its products in a unique way. In the security channel, a white paper marketing the legal and commercial advantages of a security product presented in a compelling way may prove to be a successful method of enticing a customer into purchasing your security solution.
Security is critical, there is no doubt about it. The smallest breach or compromise can result in situations that can cripple business. Recently, the two big e-security stories have been the disruption to the Russian Trading System (RTS) stock exchange caused by a virus in early February and the extradition proceedings currently underway in the UK against a hacker who allegedly hacked into approximately 100 Pentagon, NASA and other American military networks.
One area of e-security that a white paper could be prepared on is surveillance. Many organisations are already aware of the vulnerabilities posed by internal staff and subcontractors using the organisation’s corporate network and always-on internet access. In fact, most large organisations now track their employees’ internet and email usage to ensure that trade secrets are not being leaked to competitors via these means and that employees are not using internet access for other unscrupulous purposes.
In New South Wales, parliament has passed workplace surveillance legislation that is now in effect. Your customers should be made aware of these laws. The laws regulate the use of computer, camera and tracking devices. The main obligation imposed on your customers under these laws is the obligation to notify employees of surveillance practices at least 14 days prior to commencing surveillance activities. The new laws also set out specific procedures and practices associated with covert surveillance. Further, obligations are imposed in relation to the retention of surveillance records and there are new obligations related to computer policies and other documentation that employees need to be made aware of. The new laws should not be taken lightly. Breach of the new laws may attract significant penalties. In addition, if a company contravenes any provision of the new laws, all directors and management of the company may also be held accountable.
Another way of enticing your customers is to mention the legal consequences associated with breaching e-security. Hackers can be brought before courts under Australian computer crime laws for gaining unauthorised access to computer systems. These laws may even see hackers thrown in jail.
Organisations who are serious about e-security should ensure they are covered by an insurance policy that extends to loss occasioned as a result of hacking or breach of the organisation’s e-security generally. Customers should be reminded that breaches of electronic security measures can be just as disastrous as breaches of physical security measures.
Disclaimer: This column is for general informational purposes only. It is not legal advice nor is it a substitute for legal advice. Readers should seek legal advice on their own particular circumstances. Alan Arnott is a technology & telecommunications lawyer with qualifications in computer science and law with Arnotts Lawyers Jones Bay Wharf in Sydney. For more information, please visit http://www.arnotts.net.au.