• image description

Avoiding Legal Traps on the Web

Bret Hill
Source:
The Internet
Published:
Apr 13, 2009
Pages:
21

The Internet is obviously a valuable resource for many organizations. However, in my work with companies of all sizes, I find that many are exposed to security and legal liability concerns because they fail to control Internet access across their organizational assets. Often, IT departments simply put in place patch management and virus scanning software to secure the internal network, then consider the job complete. However, such measures don't protect an organization from criminal Internet use, intended or otherwise.

Additionally, most companies don't take formal steps to protect their systems against Trojans, viruses, listeners, and other malware that lure users to official-looking Web sites where users give approval to download updates. For example, such malware might lure a user to a site with the promise of free music downloads if the user simply installs a special "player." The player is actually a Server service that, once installed, is used to distribute illegally pirated DVDs. Such activity can bring down a network due to overwhelming traffic and result in lawsuits from the copyright holders. In some cases, the material might be ethically objectionable, resulting in distasteful materials being distributed from your organization's systems. In such situations, you might be required to keep such distribution on line while criminal investigations are occurring with Federal agencies.

As CNET's News.com reported3, Nancy Flynn, executive director of the ePolicy Institute, summarized a survey published by ePolicy with the American Management Association on surveillance in the workplace. "Productivity is a concern; loss of confidential information is still a concern; security breaches are a concern. But...the No. 1 concern is liability. Employers are afraid of being sued," she said. In my opinion, they have reason to be concerned.

The International Federation of the Phonographic Industry (IFPI) represents the interests of the recording industry worldwide. IFPI made headlines in the United States by suing more than 5700 individual file sharers for copyright infringement, not including 750 suits filed during October 2004. The same organization has carried
out similar actions against individuals in the UK, Austria, Denmark, Germany, and Italy4.

Although these particular actions are against individuals and not organizations, it's just a matter of time until organizations without reasonable precautions in place to prevent illegal Internet use with company assets will be charged with liability. This next step was made clear in March 2004 when Sony, EMI, and Universal took legal
action against the University of Melbourne, Sydney and Tasmania over students illegally downloading music5.

In fact, in Copyright Use and Security Guide for Companies and Government6, Jason Berman, Chairman and CEO of IFPI, states.

Unfortunately, employees of companies and government bodies sometimes engage in unauthorised copying of music on the organisation's computer systems. This activity not only wastes the organisation's time and system resources, it is illegal. Such activities on your systems can put your organisation at risk of legal prosecution [emphasis added], tarnish your organisation's reputation and increase security risks for your computer systems.

IFPI sent a letter to every university in Britain reminding them of the implications of unlicensed Internet copying.

The legal risks include injunctions, damages, costs and possible criminal sanctions against the institutions and their heads where systems are used for copyright theft.

In the United States, the same article3 states. One student at a California college tripped an "electronic alarm" at Warner Bros when he downloaded a Clint Eastwood film. The company threatened to prosecute the college and the student had to write a letter of apology to Warner Bros as punishment.

In one of the most aggressive actions in the United States, News.com reported that the Recording Industry and Association of America (RIAA) filed a suit against Integrated Information Systems of Arizona because employees were using the company's resources to distribute copyrighted music; the suit was settled for $1 million7. In perhaps the clearest statement to date of an organizations exposure to liability, Matt Oppenheim, RIAA senior vice president of business and legal affairs, said in a statement of the settlement, "This sends a clear message that there are consequences if companies allow their resources to further copyright infringement."

To download the full whitepaper/case study, please provide the following information:

Other The Internet White Papers

Re-engineering Legacy to Web Application

Reengineering of software is described as the examination and alteration of a system to reconstitute in a new form. The approach is to renovate and extend the current application into new technology to best support the needs of the current business. Application modernization should be achieved by leveraging the existing investment in application infrastructure and reposition the product advantageously for the future. The challenge on hand is to convert legacy application to web application by reengineering legacy components to re-usable components. The web application can be easily integrated with web technologies.

View all White Papers by The Internet