The Software Industry Wakes Up To A Brave New World

In a surprising decision early in July, in the case of UsedSoft GmbH v. Oracle International, the highest court in Europe, at the stroke of the pen, has re-written the basic rules of the game relating to the distribution of software in the European Union. In a word, the European Court of Justice (“ECJ”) held… Read More

The 9th Circuit: Employees Are Free to Steal from the Company Computers

Yesterday the 9th Circuit Court of Appeals issued an opinion holding that limiting an employee’s access to the company computers solely for business purposes, i.e. not stealing the data for a competitor, cannot be the predicate for a violation of the federal computer crime statute, the Computer Fraud and Abuse Act (“CFAA”), Title 18, U.S. C. § 1030. U.S. v. Nosal, 2012 WL 1176119 (9th Cir. April 10, 2012). The CFAA makes it a crime in various instances to access a computer “without authorization” or to have “exceeded authorized access” to obtain information from the computer and permits those, including companies, who are victims of violations of the statute to bring a civil action against the perpetrators. Acknowledging that its decision conflicts with the 5th, 7th and 11th Circuits, there is a good chance the Supreme Court will have the final say on this issue if the Department of Justice decides to appeal. As the dissent pointed out, this decision is counter to the common sense notion that a “bank teller is entitled to access a bank’s money for legitimate purposes, but not to take the bank’s money for himself.”

Company computer policies risk becoming obsolete — Policies must reflect new laws and court decisions on data theft, social networking and cloud computing.

Have your client companies’ policies kept
pace with changes in the law affecting
computer technology? New statutes and court
decisions relating to computer technology
affect every business. Many companies
overlook opportunities to respond to these
new laws by adopting robust policies to
take advantage of the protections they
afford and to minimize the risks they pose.
This article will review three critical areas
of computer technology that should be
addressed by company policies: theft of data,
social networking and cloud computing.

Hacking, Malware, and Social Engineering—Definitions of and Statistics about Cyber Threats Contributing to Breaches

This article was first published on IRMI.com and is reproduced with permission. Copyright 2012, International Risk Management Institute, Inc As breaches continue to occur and affected organizations determine whether and how to disclose these breaches, breaches and disclosure continue to be the subject of reports as well as media, legislative, and regulatory attention. See, for… Read More

The Securities and Exchange Commission’s Guidance On Cybersecurity and Cyber Incident Disclosure

BY MELISSA J. KRASNOW Background The U.S. Securities and Exchange Commission on occasion provides disclosure guidance on topics of interest to the business and investment communities. The SEC said recently that it has observed ‘‘an increased level of attention focused on cyberattacks.’’ The rash of costly cyberattacks against companies like Epsilon and Sony, among others,… Read More

Post navigation