Thank you for sharing!

Your article was successfully shared with the contacts you provided.
The National Infrastructure Protection Center (NIPC) has reported an increasing trend of online attacks against electronic commerce sites. And the U.S. Office of the Comptroller of the Currency just put banks on notice about potential hacking of bank Web sites and recommended that banks ensure the security of their networks. Of course, at this point, none of this is terribly surprising. However, while companies doing online business recognize that they may be vulnerable to online threats, many do not understand their own potential liability to others. And by falling into a “this will never happen to me” syndrome, many companies are not taking steps to protect their systems. Adoption of such a passive, head-in-the-sand approach can lead to significant potential liability. Never mind that a company’s own business may be compromised, but cyber attacks may expose an otherwise innocent company to an array of legal exposures. A distributed denial of service attack example really drives this point home. Imagine a disgruntled college dropout who decides he wants to bring down a major Web site for kicks. To help cover his tracks, he launches his attack through a third-party’s servers — say, your company’s servers. The attack works, and the major Web site is shut down by the attack for a period of time, resulting in real business interruption. Sure, the hypothetical college dropout may be prosecuted for his crime, but this does nothing to make the major Web site financially whole. And mounting a civil lawsuit against the dropout won’t yield anything, because it is likely that the dropout is not monetarily solvent. Therefore, the aggrieved major Web site likely will come after your company to the extent you did not take adequate steps to protect your systems and if you have money. The legal theory is quite straightforward. Namely, your company will be accused of negligence by not acting as a reasonably prudent business would have under the same circumstances. Accordingly, there is incentive to implement measures to protect your network, not only to safeguard your own business, but also to keep you off the hook with others. Eric J. Sinrod is a partner in the San Francisco office of Duane Morris LLP, where he focuses on technology and litigation matters. His Web site is sinrodlaw.com and his firm’s site is Duane Morris.

This content has been archived. It is available exclusively through our partner LexisNexis®.

To view this content, please continue to Lexis Advance®.

Not a Lexis Advance® Subscriber? Subscribe Now

Why am I seeing this?

LexisNexis® is now the exclusive third party online distributor of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® customers will be able to access and use ALM's content by subscribing to the LexisNexis® services via Lexis Advance®. This includes content from the National Law Journal®, The American Lawyer®, Law Technology News®, The New York Law Journal® and Corporate Counsel®, as well as ALM's other newspapers, directories, legal treatises, published and unpublished court opinions, and other sources of legal information.

ALM's content plays a significant role in your work and research, and now through this alliance LexisNexis® will bring you access to an even more comprehensive collection of legal content.

For questions call 1-877-256-2472 or contact us at [email protected]


ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2020 ALM Media Properties, LLC. All Rights Reserved.