Page 2 of 2 FirstFirst 12
Results 11 to 12 of 12

Thread: Companies May Be Held Liable for Spreading Viruses

  1. July 30th, 2003, 01:13 AM #11
    Juridian
    Juridian is offline
    Ninja Code Monkey
    Join Date
    Nov 2001
    Location
    Washington State
    Posts
    1,027
    Actually your point is not really valid. The company itself is most likely the one that any litigation would be against, not the admin. If the admin has done her job and properly documented it before going on maternity leave, then she can easily prove that it is not her fault to both the legal authorities and her superiors. It would however be up to the company to prove that the 'power user' was adequately trained, followed the processes laid down consistently, documented their activities, etc. in order to avoid any liability in the incident.

    It's not a set of 'you didn't do this so you get a fine' type of ideals....modern litigation relating to this is trying to prove that the company did not follow through and do the server maintenance that they should have. The company simply has to prove that it did everything it could to keep it's systems safe (which it should be doing and documenting for liability reasons anyways).

    It isn't incredibly difficult to keep logs of maintenance activities, audits, etc.
    "When I get a little money I buy books; and if any is left I buy food and clothes." - Erasmus
    "There is no programming language, no matter how structured, that will prevent programmers from writing bad programs." - L. Flon
    "Mischief my ass, you are an unethical moron." - chsh
    Blog of X
    Reply With Quote Reply With Quote
  2. July 30th, 2003, 01:57 AM #12
    r8devil
    r8devil is offline
    Senior Member
    Join Date
    Jul 2003
    Posts
    217
    I think in the case of a something spreading from company A to company B. U cant hold company A liable bcos if company B had patched their system then they wouldnt have been infected. And then company A would have got it from somewhere else anyway and this would diasy chain the whole thing. It wouldnt be posssible or logical.

    For the case of a DOS it would seem more likely to be able to sue company A. But isnt it the same as a bank robber using a stolen car to commit his crime. How can the bank sue the owner of the car whose car got stolen. Its the seems the same thing to me.

    But then if you think about it and are considering this, then wouldnt it be the liability of the company that produces the OS to not have these loopholes when the OS is released. U might say that the patch is available for months. But then the OS company should be the one to inform you about it. Not thru the website but by coming down to your office and fixing the problem. Take a home security system that you purchase eg home alarm, if a bug is discovered in the system, the security company will normally come down and fix the bug. I know this is a little simplistic explanation but it highlights the problem where its very hard to place blame on these kinds of things when it happens.

    There's too many things to cover with this kind of legislation that its better to let the market forces decide things. Maybe the govt could help bty offering tax incentives to companies that conduct external security audit checks regulary.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules