Spyware Act Loses Its Cookies >>
<< Making ToGo Products ToGo For Real...
 tdicon 


Ramblings

by Mike Masnick

Wed, Feb 16th 2005 3:59pm





Sued For Leaving Your Computer Open To Hackers?

from the blame-the-victim dept

This idea seems to come up whenever a bunch of computer security professionals get together: should victims of hack attacks take the blame? There are compelling arguments on both sides, but inevitably it leads back to the discussion of whether or not users should be required to have a certain proficiency before being allowed online (the so-called "internet driver's license" concept). In this case, however, the argument is whether or not victims of hacking attacks can get sued, and whether or not that might lead to a form of insurance, which, in turn would encourage users to be better about security to keep their "premiums" down. The idea isn't completely ridiculous. Last year, we mentioned that the FTC was fining companies that didn't properly secure their own records. However, it seems that there needs to be a second layer of review, here. First, in cases where companies are handling the sensitive data of others, then there's an expectation that they need to protect that data. However, when it's just your own systems, it does seem like "blaming the victim" to threaten lawsuits against people who haven't properly secured their computers. The real focus should go back to those who created the systems with holes in it.

3 Comments | Leave a Comment..


If you liked this post, you may also be interested in...
 

Reader Comments (rss)

(Flattened / Threaded)

  1.  

    No Subject Given

    identicon
    Anonymous Coward, Feb 16th, 2005 @ 9:34pm



    Who is going to blow the whistle on this one?

    “Whoops - I just got a virus… I better go tell someone so I can pay my fine.”

    Not likely.

    reply to this | link to this | view in thread ]

  2.  

    Re: No Subject Given

    identicon
    Another Anonymous Coward, Feb 17th, 2005 @ 7:39am

    Let's face it, because of lack of proper and secure coding practices, features are being scaled back or restricted faster than they're being added. What's the point of networking computers if you can't securely exchange files or remotely manage databases?

    The funny thing is, viruses, trojans, exploits, hacks etc. are (for the most part) created just "because it's there". There isn't even a monetary motive for the majority of viruses.

    This whole situation is really beginning to suck.

    reply to this | link to this | view in thread ]

  3.  

    Responsibility

    identicon
    Jared, Feb 17th, 2005 @ 9:14am

    If I don't wear a seat belt and I get in a wreck, should I sue the car mfg? No, it's absurd.

    Now, if my friend rips my seatbelt off of me when I'm driving a car and I get in a wreck, do I sue my friend? That's probably a personal decision.

    What about if my friend leaves my house, leaves my front door open on his way out, and a burglar steals my furniture. Who do I sue?

    It looks like the issue is sensitive to what the crime is, and who was responsible for the action. As far as computer security goes, it seems to be the undefined line.

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>


Spyware Act Loses Its Cookies >>
<< Making ToGo Products ToGo For Real...
 tdicon 

A word from our Sponsors...
Follow Techdirt
Flattr rss rss

Powered by Postrank

From the Techdirt Archive...
A word from our Sponsors...

Close

Email This