Get hacked, go to jail

Hacker and virus incursions could spell not only disruption and possible civil liability for companies whose computer systems are compromised, but also civil and even criminal penalties potentially including prison terms for the companies’ executives, it’s being warned. “Though health-care, banking and deceptive-business laws all create security obligations, a new accounting-reform law being phased in […]

Hacker and virus incursions could spell not only disruption and possible civil liability for companies whose computer systems are compromised, but also civil and even criminal penalties potentially including prison terms for the companies’ executives, it’s being warned. “Though health-care, banking and deceptive-business laws all create security obligations, a new accounting-reform law being phased in is likely to have the biggest impact. The 2002 Sarbanes-Oxley Act holds executives liable for computer security by requiring them to pledge that companies’ ‘internal controls’ are adequate, and auditors are starting to include cybersecurity in that category, said Shannon Kellogg, director of government affairs at RSA Security.” (“Online security: who’s liable?”, Reuters/Wired News, Mar. 28). For more on hackee liability and related issues, see May 29, 2001; Jul. 12, Feb. 26-27, and Feb. 10-11, 2000.

One Comment