Protection of computer systems from criminals. Computer criminals violate the principles of confidentiality, integrity and availability of computer systems. It is better to prevent the violation than to prosecute it later. However, if other controls fail, legal action may be necessary. In this section, we examine several representative statutes to determine which acts are punishable under the law. 29 controls Reduce and mitigate the risk of security breaches “Security is not a product, it`s a process” – Bruce Schneier [Using a security product without understanding what it protects against and what it doesn`t protect against is a recipe for disaster.] On the other hand, ethics did not have to change because ethics is more situational and personal than the law. For example, the protection of personal data is becoming a very important element of IT security. And while this issue is technically only one aspect of confidentiality, it has practically a long history in law and ethics. The purpose of this chapter is to complement our review of the protection of computer systems by understanding the context in which security is assessed and applied.
Computer security laws affect programmers, designers, users and maintainers of computer systems and computerized databases. These laws protect, but they also regulate the behavior of people who use computers. In addition, IT professionals are among the most skilled advocates for changing old laws and creating new laws regarding computers. However, before recommending changes, professionals need to understand the current state of computers and the law. Therefore, we have three motivations for studying the legal part of this chapter: Understanding existing laws as a basis for recommending new laws aimed at protecting computers, data, and e-commerce security issues. General questions about e-business security Every e-business needs to take care of network security. The Internet is a “public”. Protection of the rights of programmers and employers. The law protects both programmers and people who employ programmers. In general, programmers have limited legal rights to access programs they have written while employed. This section provides an overview of employees` and employers` rights with respect to programs written for payment.
3 Aspects of protecting computer security Protection of computer systems against criminals Protection of code and data (copyright…) Protection of the rights of programmers and employers Protection of private data on individuals Protection of program users The following sections cover the following aspects of protecting computer security. Respect laws that protect the rights of others with respect to computers, programs and data However, the law does not always provide for adequate control. When computer systems are affected, the law evolves slowly because the problems are similar to those of property rights, but not the same. Computers are new compared to houses, land, horses or money. As a result, the place of computer systems in law is not yet firmly established. As laws are drafted and cases are decided, the roles of computers and the people, data and processes involved are increasingly defined in the law. However, the laws do not yet address all wrongdoing committed with computers. Finally, some judges, lawyers, and police officers don`t understand computers, so they can`t determine how data processing relates to other, more established parts of the law. Disinformation as a Strategic Weapon: The Role of Societal Polarization, the Cybersecurity Capacity of Governments and the Rule of Law Conflicts are not always resolved pleasantly. Some people will think they have been treated unfairly, and others act unfairly. In some countries, a citizen reacts to an illegal act by going to court.
The courts are seen as the ultimate arbiters and endangerers of fairness. But as most lawyers will tell you, the definition of fair courts may not match yours. Even if you could be sure that the courts would side with you, litigation can be emotionally draining. Our goal in this section is not only to understand how the legal system contributes to the protection of IT security, but also to know how and when to use the legal system wisely. 6 Copyright Õ Each copy may be marked with the copyright symbol © or the word copyright, the year and the name of the author Õ US copyright law lasts 70 years after the death of the last surviving author or 95 years after publication for a company Copyright in computer software (cannot protect the algorithm) You do not acquire software, just the license to use it.
