Introduction to Computer Network Legal Framework
As the current society advances through massive usage of computer networks, various legal issues and regulations have been developed to ensure sustained protection of sensitive information and intellectual property among organizations. According to Lloyd (2008: 118), cyberspace remains an eminent issue in the current society dominated by massive increase in IT, where statutory amendments and rational precedents need to be reconciled with the existing laws.
Particularly, computer network security issues are becoming focal considerations with regard to the computer abuse in cyberspaces, where accurate legal and ethical formalities needs to be incorporated to protect the information and data relayed in networked environments. This paper will discuss the legal framework governing computer networks in UK, with regard to the legal obligations facing Hayes International operations.
Data protection refers to the measures and strategies incorporated in the information system to safeguard data within a networked environment. Data protection is a very complex strategy incorporating all processes and structures installed within networks to prevent any data damage or leakage within the network. With the introduction of cloud computing, the need of data protection has been rising significantly within computer networks to facilitate the protection of Intellectual Property among the users.
Brief History of Computer Network Legal Framework
Considering the reportedly increasing cyber crimes and fraud, the need of information security has been necessitated. Security education has been one of the major areas of specialization among scholars in order to enhance development of adequate information systems security. In the year 1985, fraudulence over the computer through internet was detected. As a revealed by Barry (2009: 541), Computer Fraud and Abuse Act was developed ; in which individuals who were found conning others or intimidating other online were to be prosecuted. The government intervened and instructed on development of systems to investigate on the crimes committed over the internet through the use of computer forensics science.
Notably, the law required the establishment of accurate evidence of any information which could be considered as involving fraudulence to be used in the court for prosecutions of the accused. As reported by Michele and Stokes (2010: 571), any individual found guilty of the offense was to be fined according to magnitude of the fraud case, or be imprisoned for two years. According to Data Protection Act of 1998, unauthorized access to private competitor information in a networked environment is illegal and the firm regulating the online network should be liable for the offense.
On this basis, Hayes International Company should reinforce its network security in order to facilitate privacy for the sensitive information relayed across its networks by its clients. This is an obligatory legal duty for Hayes Company to ensure safeguard its clientsâ data.
The Legal Framework of Computer Networks in UK with Regard to Hayes International Company
As revealed in the 2002 Social Networks Act, various security analyzers suggested the incorporation of extra elements in the information security systems including authenticity and possession. In this case, confidentiality has been upheld in the currently used security system since the encryption of personal credit cards and other confidential information have been limited to appear in very few places. This has greatly reduced fraud since various personal codes have not been publicly displayed. For instance, (2000: 22) reports on how online transactions using credit cards would only involve the displaying of the card data to limited number of places.
This would reduce the chances of the number being tracked reducing the chances of confidentiality breaching. In this regard therefore, confidentiality in information security systems has been uplifted which have increased privacy among individuals while making online transactions. On this basis, Hayes International Company should consider updating its network system, by having specific data for its clients be displayed at limited places with an aim of reducing the chances of any data leakages.
Since Hayes International Company owns a number of leading online retailers from the global society, its concerns on the data security for its clients should be a priority. According to UK Copyright Law, comprehensive protection of Intellectual Property requires businesses to honor and respect patent and copyright policies provided by data producers or developers. Since it has become easy and faster to copy digital information, the law prohibits not only the interference of any information on a networked environment, but also the tendency of making it available to the public without the consent of the owner.
On this basis, the Hayes International Company should ensure that the information relayed across its networks for its clients is not interfered with or tampered at the slightest point. Further, the information control center of the company should ensure no leakages of the information relayed, as it may interfere with the performance of its clients. By so doing, Lloyd (2008: 123) reveals how coherence and consistency in the network system would be achieved, which will enhance the ultimate achievement of the goals and objectives set by all parties within the system.
In the year 2005, information security integrity was established. This meant that, any data encrypted online should not be modified or changed without being detected. With regard to Michele and Stokes (2009: 577), this strategy has been enhanced through the involvement of ACID classic models which provide unique codes to the original data provided in which its modification amounts to its rejection in the process of decrypting the data. One of the most important aspects of this strategy is that, organizations which have adopted the strategy would be having more security of their information since it would not be easy for interrupters to make any alterations and modifications.
In order to ensure guaranteed security for its clientsâ data, Hayes International Company ought to conform to high-tech information system capable of ensuring un-interruptible information system in cases of data leakages. As noted by Farr and Oakley (2010: 89), this is a legal obligation entrusted to all data companies, since they are eligibly liable for any inconveniences arising out of data leakages within their network system. As a central point of data processing for its clients, Hayes International Company should establish computer software capable of monitoring all the transactions carried out by its clients in order to produce evidence for its clients in cases of any suspected crime of fraud.
Authenticity is another element that has been of late introduced in the information security as a result of development of e-commerce and international transactions. In this case, the parties involved in any transaction ought to provide genuine information which must be validated after the parties involved come into consensus. As held by Barry (2009: 544), this particular reinforcement of the information security systems in the year 2005 was found to impact positively on the development of international business transactions since there were low chances of fraud and other internet evils.
In order to facilitate efficiency among retailers and their clients, Hayes International Company need to establish a system capable of validating any transaction, only when the parties involved come into consensus. This strategy conforms to the 1998 Cyber Crime Act in the sense that, all online transactions ought to be facilitated sequentially with an aim of reducing cases of fraud among online businesses. In order to facilitate the policies presented in this Act, Hayes International Company should establish validation strategy in its systems in order to reduce cyber crimes among international businesses.
According to Brazell (2008: 56), the reinforcement of information security has been accompanied with ânon-repudiationâ, where each party involved in any transaction ought to fulfill the obligations of the contract. This acts as a guarantee for the clients to indulge into the transaction. This has enhanced lower chances of any act of fraud since each party can not breach the contact without a mutual consensus with the other.
In this respect therefore, information security has been reinforced to a great extent. Having full understanding of the virtual nature of many online businesses, Hayes International Company should ensure the establishment of non-repudiation strategy in order to curb any chances of fraud cases among the clients involved in the online transactions. Since the company is in control of the network system for all transactions, it would be quite reliable to have its businesses come into contract fulfillment before facilitating the transactions made between the parties.
Further, the introduction of cryptographic technology in information security has been one of the most reliable strategies. As noted by Lloyd (2008: 127), cryptographic strategies are meant to secure data and information displayed online by converting the data into unreadable form by other people apart from the user alone. Though various information infrastructures apart from the computer are being developed, the computer remains the main infrastructure among the others as it ultimately controls a number of processes.
Since this technology has been proved to be quite reliable, Hayes International Company should ultimately consider it as an ultimate reinforcement for the security of its clientsâ data. Particularly, the law provides for network businesses to employ the best strategies possible to enhance the highest level of security among its online clients who might be relying on such networks.
According to Computer Fraud and Abuse Act of 2001, it is illegal to access and retrieve information of another individual or organization without prior permission from the owner. Since Hayes International Company deals with facilitating communications between businesses and their clients, it is unlawful for its employees to access any information relayed within its systems belonging to such businesses. As reported by Macdonald and Rowland (2000: 17), in cases of abuse of the Act, the individual or organization alleged will be liable to pay $ 10,000 to the plaintiff. In this case, the Act acts as a safeguarding strategy to confidential information and data among organizations to enhance efficiency and coherence in the achievement of the organizationsâ goals and objectives.
As reflected in Cornell and OâConnor (2006: 97), this Fraud Act of 2001 inhibits intentional alteration of computer programs within a networked environment which may cause damages resulting into threatening or loss of peopleâs lives. More so, if the alteration of the programs results in losses of data stored within a networked environment, the individual or organization responsible is held guilty and liable for compensating the victim of the information loss amount not less that $ 5,000.
In the former case where the alteration of the programs involved results into loss of lives, the individual or organization responsible is held guilty of an offense, and liable to pay a fine not less than $ 9,000. On this basis, Hayes International should ideally control the programs facilitating the process of relaying information of its online clients in order to avoid any dangers resulting into either data of lives loss. By having the law restricts program alterations; it makes it possible to reduce the risks associated with information systemâs security within a networked environment.
Further, according to the Computer Fraud and Abuse Act the action of knowingly defrauding or trafficking of sensitive information like passwords in a networked environment without permission is considered as illegal. As held by Bainbridge (2007: 39), if an individual or organization gets involved in an act of trafficking encrypted data belonging to other individuals or organizations trough using software to transform the encrypted information into readable form without prior permission from the authorities is considered as guilt.
In this case, Hayes International Company should ultimately safeguard the information relayed within its networks without getting involved in act of trafficking any of such sensitive information. More specifically, the organization should have its staff be aware of the legal obligations associated with such actions and consider respecting and safeguarding intellectual property belonging to other organizations or individuals.
In response to the invading viruses, the software security law restricts the introduction of any malware to another computer in a networked environment intentionally. Since most of the known malware softwares like viruses have been known to interfere with the stored information in a computer, it is considered as an offense to infect other computers within the networked environment. In order to reduce the rates of viruses infection within the system, Linux and UNIX security wares have been necessitated since the invasion of viruses in the computer files goes to the UNIX and Linux systems and interfere with the entire computer system (Farr and Oakley 2010: 87).
In this respect therefore, the development of encrypted viruses by the Hayes International should be facilitated in order to enhance reliable security against malware infections within the networked environment.
Conclusion
As it has been revealed, the current advancement of information system requires a regulation and control measures in order to enhance efficiency and consistency through the use of computers. Particularly, the legal system has been found quite significant to reinforce the information systems regulation in order to protect intellectual property among organizations, which may be considered as the central nerve for their profitability or performance.
On this basis, Hayes international has an obligatory role of safeguarding its network system with an aim of upholding Intellectual Property for its clients. Quite importantly, its conformity to the legal requirements in computer networks forms a basis for its prosperity. As it has been revealed, the 1998 Cyber Crime Act and 2001 Computer Fraud and Abuse Act have been quite important in governing computer processes in networked systems in UK.
Since the law stipulates on misuse of information systems to interfere with other people or organizationâs sensitive information, coherence and consistency in the information system has largely been achieved. More so, any computer program which may pose danger to other peopleâs lives within a networked environment has largely been addressed in the Computer Law. As a result, the information systemâs law is not only concerned with data security, but also on human welfare.
Reference List
Bainbridge, D. (2007) Introduction to Information Technology Law, 6th Edition. London: Longman Publishers, 24-51.
Barry, S. (2009) Contemporary Legal Issues Facing Information Technology. Computer, Internet and Electronic Commerce Terms, (February Issue): 543-571.
Brazell, L. (2008) Information Technology Law and Regulation. Oxford: Oxford University Press, 37-81.
Cornell, D. and OâConnor, M. (2006) EU Communications Law. Manchester: Sweet & Maxwell Publisher, 95-132.
Farr, S and Oakley, V. (2010) Internet Law and Regulation. London: McMillan Publishers, 57-93.
Lloyd, I. (2008) Information Technology Law. Oxford: Oxford University Press, 103- 141.
Macdonald, E and Rowland, D. (2000) Information Technology Law, 3rd Edition. England: Routledge Publishers, 5-38.
Michele, R. and Stokes, S. (2009) Information Technology Law. Computer and Telecommunications Law Review, (Issue): 357 – 404.