Presentation is loading. Please wait.

Presentation is loading. Please wait.

E-Commerce: Legal and Practical Issues Legal Issues: Security – December 2, 2005 Stephen M. Foxman Philadelphia.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "E-Commerce: Legal and Practical Issues Legal Issues: Security – December 2, 2005 Stephen M. Foxman Philadelphia."— Presentation transcript:

1 E-Commerce: Legal and Practical Issues Legal Issues: Security – December 2, 2005 Stephen M. Foxman Philadelphia

2 Security - Federal Legislation Computer Fraud and Abuse Act 18 U.S.C. § 1030 Identity Theft and Assumption Deterrence Act of 1998  Amends 18 U.S.C. § 1028 Gramm Leach Bliley requirements for financial institutions - (Public Law 106-102) 15 U.S.C. § 6801 et seq. HIPAA requirements for healthcare services - Health Insurance Portability and Accountability Act of 1996 Children’s Online Privacy Protection Act of 1998 15 U.S.C. § 6501 et seq. Federal Trade Commission Act

3 Security – Federal Legislation Federal Focus on Protecting Infrastructure  USA Patriot Act  Creation of National Infrastructure Protection Center  Maritime Transportation and Security Act of 2002  Sarbanes-Oxley Act of 2002

4 Security – State Legislation Pennsylvania legislation  Wiretapping and Electronic Surveillance Control Act 19 Pa.C.S.A. § 5701 et seq.  Hacking and Similar Offenses 18 Pa.C.S.A. § 7611 et seq. Computer Theft (unlawful access) § 7613 Unlawful Duplication of Computer Data § 7614 California SB1386 law relating to disclosure to public if private information is hacked or inadvertently disclosed to third parties (effective July 1, 2003)

5 SOX and Security Moving away from business judgment rule – Delaware Law  Old law: Directors not obligated to ferret out wrongful conduct  Graham v. Allis-Chalmers Mfg. Co., 188 A.2d 125, 130 (Del. 1963) (directors have no duty affirmatively to seek out corporate employees’ wrongdoing)

6 SOX and Security  New law: Directors must develop internal programs to assure compliance with laws Smith v. VanGorkom, 488 A.2d 858 (Del. 1985) (board decision must be “informed”) Kahn v. MSB Bancorp., Inc., 24 Del. J. Corp. L. 266, 1998 (Del. Ch.) (protection under the business judgment rule may be lost through gross negligence) In re Caremark International Derivative Litigation, 698 A.2d 959 (Del Ch. 1996) (even though directors and officers may not be liable for wrongdoing that they have no reason to suspect, they have an affirmative duty to establish a compliance system).

7 SOX and Security Moving away from business judgment rule – Criminal Sentencing  Sentencing Reform Act of 1984: Organizational Sentencing Guidelines cited in Caremark as evidencing need for corporations to adopt effective compliance programs to detect violations of law  U.S. Sentencing Commission (Jan. 10, 2003) adopts emergency plan for harsher sentences in corporate crime cases  Advisory Commission (Oct. 7, 2003) report to U.S. Sentencing Commission on sentencing organizations that recommends more sophisticated compliance programs.

8 SOX and Security Moving away from business judgment rule – Duties under SOX  Section 404 -- SEC must prescribe rules requiring annual reports to contain an “internal control report” stating management’s responsibility “for establishing and maintaining an adequate internal control structure and procedures for financial reporting” and assesses the “effectiveness” of such structure and procedures Requires management to assess and implement internal controls for security of MIS and business process security – responsibility likely with audit committee

9 SOX and Security Moving away from business judgment rule – Duties under SOX  Section 409 -- public companies must disclose on a rapid and current basis such additional information concerning material changes in the financial condition or operations of the issuer necessary to protect investors and the public interest  Section 302 – certifications required from executives; covers internal controls  Directors and audit committee in particular, to meet new standards, must develop risk assessment and response to protect company information infrastructure

10 SOX and Security Developing and implementing appropriate security procedures  National Institute of Standards and Technology 800 Series  supports the implementation of the Federal Information Security Management Act (FISMA) of 2002  Focused on federal information systems, but relevant to private systems, processes and assessment issues  For more information -- http://csrc.nist.gov/index.html http://csrc.nist.gov/index.html

Download ppt "E-Commerce: Legal and Practical Issues Legal Issues: Security – December 2, 2005 Stephen M. Foxman Philadelphia."

Similar presentations

Additional Assurance Services: Other Information

Additional Assurance Services: Other Information
McGraw-Hill/Irwin Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.

McGraw-Hill/Irwin Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Sarbanes-Oxley Act of 2002 UAA – ACCT 316 – Fall 2003 Accounting Information Systems Dr. Fred Barbee.

Sarbanes-Oxley Act of 2002 UAA – ACCT 316 – Fall 2003 Accounting Information Systems Dr. Fred Barbee.
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
Core principles in the ASX CGC document. Which one do you think is the most important and least important? Presented by Casey Chan Ethics Governance &

Core principles in the ASX CGC document. Which one do you think is the most important and least important? Presented by Casey Chan Ethics Governance &
The Financial Modernization Act of 1999, also known as the Gramm-Leach-Bliley Act (GLBA) UNDERSTANDING AND DEVELOPING A STRATEGIC PLAN TO BECOME COMPLIANT.

The Financial Modernization Act of 1999, also known as the Gramm-Leach-Bliley Act (GLBA) UNDERSTANDING AND DEVELOPING A STRATEGIC PLAN TO BECOME COMPLIANT.
Identity Theft “Red Flags” Rules Under the FACT Act Reid Fudge CISSP, CISA Pulte Mortgage, LLC November 2008.

Identity Theft “Red Flags” Rules Under the FACT Act Reid Fudge CISSP, CISA Pulte Mortgage, LLC November 2008.
Process of CG in Egypt Mohamed Omran Vice Chairman Cairo & Alexandria Stock Exchanges December, 13 th 2006.

Process of CG in Egypt Mohamed Omran Vice Chairman Cairo & Alexandria Stock Exchanges December, 13 th 2006.
Sarbanes-Oxley Act of 2002. 2 Benefits of Act Three quarters of the financial executives in the Oversight Systems survey said that their company had realized.

Sarbanes-Oxley Act of Benefits of Act Three quarters of the financial executives in the Oversight Systems survey said that their company had realized.
IS3350 Security Issues in Legal Context

IS3350 Security Issues in Legal Context
Chapter 6 The Role of Government Copyright © 2014 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written.

Chapter 6 The Role of Government Copyright © 2014 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written.
The Enforcement of Ethics: An Update on the Federal Sentencing Guidelines and Ethics Office Requirements Charles R. McGuire, J.D. Illinois State University.

The Enforcement of Ethics: An Update on the Federal Sentencing Guidelines and Ethics Office Requirements Charles R. McGuire, J.D. Illinois State University.
Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Chapter Six Legal and Regulatory Obligations in an Ethical Framework.

Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Chapter Six Legal and Regulatory Obligations in an Ethical Framework.
Sarbanes-Oxley Act. 2 What Is It? Act passed by Congress in response to the recent and continuing corporate scandals. Signed into law July 30, 2002. Established.

Sarbanes-Oxley Act. 2 What Is It? Act passed by Congress in response to the recent and continuing corporate scandals. Signed into law July 30, Established.
McGraw-Hill/Irwin Copyright © 2008 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 The Role of Government.

McGraw-Hill/Irwin Copyright © 2008 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 The Role of Government.
Copyright © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 The Role of Government McGraw-Hill.

Copyright © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 The Role of Government McGraw-Hill.
1 Sarbanes-Oxley Section 404 June 29, 2005. 2  SOX 404 Background 3  SOX 404 Goals 4  SOX 404 Requirements 5  SOX 404 Assertions 6  SOX 404 Compliance.

1 Sarbanes-Oxley Section 404 June 29,  SOX 404 Background 3  SOX 404 Goals 4  SOX 404 Requirements 5  SOX 404 Assertions 6  SOX 404 Compliance.
Third ICAC Symposium The New York Stock Exchange – A Regulator and a Listed Company James F. Duffy Executive Vice President & General Counsel NYSE Regulation,

Third ICAC Symposium The New York Stock Exchange – A Regulator and a Listed Company James F. Duffy Executive Vice President & General Counsel NYSE Regulation,
REGULATIONS Dr. Andy Wu BCIS 4630 Fundamentals of IT Security.

REGULATIONS Dr. Andy Wu BCIS 4630 Fundamentals of IT Security.
Brief Synopsis of Computer Security Standards. Tenets of Information Systems Security Confidentiality Integrity Availability Over the years, standards.

Brief Synopsis of Computer Security Standards. Tenets of Information Systems Security Confidentiality Integrity Availability Over the years, standards.

Similar presentations

Ads by Google