Data Security in Computer Networks and Legal Problems



Similar documents
LSICLG18 Interpret and apply ethical and legal frameworks in the practice of counselling

SMDG-Interchange EDI - Understanding

Information & ICT Security Policy Framework

Mutual legal recognition of electronic communications and electronic signatures and paperless trade facilitation: challenges and opportunities

Moving Towards an Electronic Real Estate Transaction

EDI Agreement EDI AGREEMENT. Article 1: Object and scope. Article 2: Definitions

International Privacy and Data Security Requirements. Benedict Stanberry, LLB LLM MRIN Director, Centre for Law Ethics and Risk in Telemedicine

How To Protect Decd Information From Harm

PENNSYLVANIA STATUTES TITLE 73. TRADE AND COMMERCE CHAPTER 41. REGULATORY ELECTRONIC TRANSACTIONS CHAPTER 1. PRELIMINARY PROVISIONS

REGULATIONS FOR THE DEGREE OF MASTER OF SCIENCE IN CONSTRUCTION PROJECT MANAGEMENT (MSc[ConstProjectMan])

and contractual notices

1/ The opening of the French market for online games. Chaire Sorbonne-ICSS

UNCITRAL legislative standards on electronic communications and electronic signatures: an introduction

COMMONWEALTH OF PUERTO RICO OFFICE OF THE COMMISSIONER OF INSURANCE RULE 71

Guideline on professional indemnity insurance for psychologists

Scotland s Commissioner for Children and Young People Records Management Policy

Expert Group on European Insurance Contract Law. Meeting of November 2013 DISCUSSION PAPER 7: MOTOR INSURANCE.

Certified Florida Community Service Provider (CFCSP)

Navigating Cyber Risk Exposure and Insurance. Stephen Wares EMEA Cyber Risk Practice Leader Marsh

ELECTRONIC TRANSACTIONS LAW N0 (85) OF Article (1)

ISO Controls and Objectives

ISO27001 Controls and Objectives

Automotive Supply Chain Best Practices OFTP2 EXPLAINED. Version No 1.0. Date: October Copyright Odette International Ltd

SRI LANKA AUDITING PRACTICE STATEMENT 1013 ELECTRONIC COMMERCE EFFECT ON THE AUDIT OF FINANCIAL STATEMENTS

PS 172 Protective Monitoring Policy

1 L.R.O Electronic Transactions CAP. 308B ELECTRONIC TRANSACTIONS

Data management plan

INTERNATIONAL AUDITING PRACTICE STATEMENT 1013 ELECTRONIC COMMERCE EFFECT ON THE AUDIT OF FINANCIAL STATEMENTS

REQUEST FOR QUALIFICATIONS PROPERTY APPRAISAL SERVICES. Prepared by. City of Richmond Finance Department. February 18, 2016 RESPONSES DUE:

PRACTICE NOTE 1013 ELECTRONIC COMMERCE - EFFECT ON THE AUDIT OF FINANCIAL STATEMENTS

POSITION OF THE NOTARIES OF EUROPE ON THE POST-STOCKHOLM PROGRAMME

STEERING COMMITTEE ON THE MEDIA AND NEW COMMUNICATION SERVICES (CDMC)

REGULATIONS FOR THE DEGREE OF MASTER OF SCIENCE IN CONSTRUCTION PROJECT MANAGEMENT (MSc[ConstProjectMan])

Option Table - Directive on Statutory Audits of Annual and Consolidated Accounts

LAW ON ELECTRONIC TRANSACTIONS

Ethics Training for Local Government Officials

REQUEST FOR PROPOSAL LARIMER COUNTY COLORADO 200 W. OAK ST., SUITE 4000 FORT COLLINS, COLORADO

Electronic And Digital Signatures

Authentication of Documents/Use of Professional Stamps

Article 29 Working Party Issues Opinion on Cloud Computing

CONSULTATION ON A POSSIBLE STATUTE FOR A EUROPEAN PRIVATE COMPANY (EPC)

HAMILTON COUNTY SCHOOL DISTRICT

2.0 Emended due to the change to academy status Review Date. ICT Network Security Policy Berwick Academy

Electronic and Digital Signatures

Quality Assurance Agreement (QAA)

European Treaty Series - No. 116 EUROPEAN CONVENTION ON THE COMPENSATION OF VICTIMS OF VIOLENT CRIMES

ELECTRONIC DATA INTERCHANGE (EDI) TRADING PARTNER AGREEMENT THIS ELECTRONIC DATA INTERCHANGE TRADING PARTNER AGREEMENT

Summary of replies to the public consultation on crossborder inheritance tax obstacles within the EU and possible solutions

As simple as and as secure as postal mail.

Stephenson County, Illinois

Agreement for Services

WEST LOTHIAN COUNCIL RECORDS MANAGEMENT POLICY. Data Label: Public

Explanatory notes VAT invoicing rules

INSTRUCTIONS FOR COMPLETING THE USPTO CERTIFICATE ACTION FORM

Document A312 TM SURETY. (Name, legal status and principal place of business)

COOPER US, INC. ELECTRONIC DATA INTERCHANGE (EDI) TRADING PARTNER AGREEMENT

Business Law and Ethics, , Page 1 of 5

CCBE POSITION WITH RESPECT TO THE FREE CHOICE OF A LAWYER IN RELATION TO LEGAL EXPENSES INSURANCE

WEEK CHAPTER OBJECTIVES ASSIGNMENTS & TESTS A medical necessity as it ICD-9-CM Coding. relates to reporting diagnosis codes on claims.

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 114 thereof,

CODE OF ETHICS. CARLO GAVAZZI IMPIANTI S.p.A

This revision replaces AF Form 40A with AF Form 1289 in Attachment 3. A bar ( ) indicates a revision from the previous version.

Kommerskollegium 2010:4. e-invoicing in cross-border trade

Policy on Public and School Bus Closed Circuit Television Systems (CCTV)

TELEFÓNICA UK LTD. Introduction to Security Policy

L ARAMIE C OUNTY C OMMUNITY C OLLEGE Cheyenne Wyoming

Document A312 TM SURETY. (Name, legal status and principal place of business)

Apprenticeship Standard for Paralegal (Level 3) Assessment Plan

INFORMATION SECURITY POLICY. Contents. Introduction 2. Policy Statement 3. Information Security at RCA 5. Annexes

Prescription of qualifications: ARB Criteria at Parts 1, 2 and 3

LICENSING PROCEDURES FOR MANAGING GENERAL AGENTS TO OBTAIN AUTHORITY IN VIRGINIA

NATIONAL HEALTHCARE SAFETY NETWORK USER RULES OF BEHAVIOR. Version /08/05

CHAPTER 6. UNIFORM ELECTRONIC TRANSACTIONS ACT

A Bill Clarifying a Workers Compensation Insurer s. Subrogation Interest in Third-Party Claims

Healthcare Professionals Crossing Borders Agreement

Business process, document archiving and workflow, all words when joined together can add significant cost to your business

INFORMATION SECURITY MANAGEMENT SYSTEM. Version 1c

Montana Code Annotated 2011 Title 30, chapter 18, part 1 Electronic Signatures

NATIONAL INTEREST ANALYSIS

NEW MEXICO STATUTES ANNOTATED CHAPTER 14. RECORDS, LEGAL NOTICES AND OATHS ARTICLE 9A. UNIFORM REAL PROPERTY ELECTRONIC RECORDING ACT

Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL. on electronic invoicing in public procurement. (Text with EEA relevance)

H. R SEC DIRECTORATE FOR INFORMATION ANALYSIS AND INFRA STRUCTURE PROTECTION.

Design and Implementation of RMP - A Virtual Electronic Market Place

Message exchange with. Finnish Customs

ACH Welcome Kit. Rev. 10/2014. Member FDIC Page 1 of 8

The Land Registration System in Italy Principles, organization and evolution. Aldo de Luca Central Director Land Registration and Legal Affairs

ELECTRONIC SIGNATURES FACTSHEET

Executive summary and overview of the national report for Denmark

Evaluate the Usability of Security Audits in Electronic Commerce

Kafka works: Reducing red tape in Belgium. Electronic Billing: functioning and advantages CERTIPOST Brussels, 20 June 2006

Transcription:

Data Security in Computer Networks and Legal Problems Wolfgang Kilian/Andreas Wiebe (eds.) stmv S. Toeche-Mittler Verlag

Table of Contents DATA SECURITY IN COMPUTER NETWORKS AND LEGAL PROBLEMS (Kilian) 13 1. Computer Networks 13 2. Types of Data Transactions 13 2.1. Financial Information 13 2.2. Trade Accompanying Information 14 2.3. Technical and Research Information 14 2.4. Person-related Information 14 3. Assumed Threats concerning Computer Networks 14 3.1. Deficiencies 14 3.2. Misuse Complex 15 4. Required Basic Security Functions 15 5. Technical Standards and the Law 16 6. Technical and Legal Model of a Secure Computer Network 17 7. Levels of Regulations 18 7.1. International Conventions and International Administrative Agreements 18 7.2. Private International Contracts 18 7.3. Law of the European Community 19 7.4. National Law 19 7.5. Private national contracts 19 8. Final Remark 20 TECHNICAL ASPECTS OF DATA SECURITY (Jandach) 21 1.1 ntroduction 2. Theoretical Concepts of Data Security 21 22 2.1. Data Protection Law 22 2.2. "Orange Book" 23 2.3. "Red Book" 24 2.4. "Green Book" 24 2.4.1. Discussion of the quality requirements 26 2.5. "White Book" 26 2.6. Criteria of special user groups 27 3. Practical problems in the context of data security 27 3.1. Security Problems in Connection with Stand Alone Computers 27 3.1.1. Identification and authentication 28 3.1.1.1. Single User Systems 28 3.1.1.2. Multi User Systems 28 3.1.2. Access rights 29 3.1.3. Object reuse 29 3.2. Practical Problems in Networks 29 3.2.1. Network Security Problems in Relation to the ISO-OSI-Model 30 3.2.2. Network-Commands 31 3.2.3. Network security in general 31 3.3. Cryptosystems and electronic signature 3-1 4. Closing remarks 32

OPEN SOCIETIES - CLOSED NETWORKS? (Burkert) 33 1. Once A Perspective 33 2. Different Perspectives 33 3. Observations of Change 35 3.1. The loss of tacit restrictions of information technology 35 3.1.1 The Ethical Void 36 3.1.2 Multiplication of risk factors 37 3.1.3 Impossibility to contain the security debate 37 3.2. The dialectics of security 37 3.2.1. The Railway Traveller Syndrome 37 3.2.2. The Broken Windows Syndrome 38 4. The Role of Law 38 4.1. The functions of technology law 38 4.2. The role of Criminal Law 39 4.3. Re-Trusting Technology to Overcome Distrust 40 5. From Security to Control? 42 INTERNATIONAL AND NATIONAL LEGISLATION ON EDI (Martino/Palmerini)... 45 1. The Electronic Document 45 2. The Levels of Legislation 47 2.1. The International Legal Order 47 2.2. National Legal Orders 48 3. International Instruments 48 3.1. Model Interchange Agreements 50 4. National Legislation: The Situation in Europe 50 5. National Legislation: The Situation in Italy 52 5.1. Positive Law 52 5.2. The Law and Civil Procedure 52 5.3 Evidence 53 5.4 The Signature 53 5.5. Electronic Data Interchange 54 5.6. Case Law 55 5.7. The Facsimile 55 5.8. The EDIFORUM (Italy) Standard Agreement 55 6. Conclusion 56 EEC LAW AND POLICY IN TELECOMMUNICATIONS (Wiebe) 57 1. Introduction 57 1.1. Telematics - technical and economic developments 57 1.2. New Regulatory Problems in national telecommunications 58 1.3. Demand for European action 59 2. EEC telecommunications policy and law 60 2.1. Network infrastructure 61 2.2. Services 63 2.2.1. Competition directive 64 2.2.2. ONP Directive 65 2.3. Terminal equipment 68 2.4. Standardisation 70 2.5. Organisation 70 2.6. EEC policies in adjacent fields 71 2.7. Data Security 72 3. Complementary regulation on a case-by-case basis 73 3.1. Competition law (Art. 85,86) 74

3.2. Freedom to provide services (Art. 59) 77 3.3. Free Movement of Goods (Art. 30, 37) 77 4. Conclusion 78 Table of Community Documents in the Telecommunications Field 80 HOW TO ADVANCE COMPUTER SECURITY BY LEGAL INSTRUMENTS? (Kaspersen) 85 1. Introduction 85 2. Information Security 86 2.1. Policies 86 2.2. The levels of an Information Security Policy 86 3. Legal obligations 87 3.1. Examples in Present legislation 87 4. ITSEC, a case study 88 4.1. Who made it and what for? 88 4.2. How docs ITSEC work? 89 4.3. Limitations of ITSEC 90 5. INFOSEC 91 6. Conclusions as to how Information Security can be advanced 91 LEGAL ASPECTS OF STANDARDIZATION AND CERTIFICATION OF INFORMATION TECHNOLOGY AND TELECOMMUNICATIONS AN OVERVIEW (Stuurman) 95 1. Introduction 95 2. The process of standardization and certification 97 2.1. Standardization 97 2.1.1. Europe 97 2.1.2. Coordination 98 2.1.3. Other international organizations 99 2.1.4. Further players 99 2.2. Certification 100 3. Legal status of IT&T standards 102 4. Protection of standards documents and certification marks 103 4.1. Standards documents 103 4.2. Certification marks 105 5. Impact on liability 106 5.1. Damages 106 5.2. Standards and contractual liability 107 5.3. Product liability 108 5.4. General 109 6. Standardization and competition law 109 6.1. Effects on competition 110 6.2. The European Communities: unharmonized standards as a barrier to the internal market 110 6.3. De facto standards: the boundaries of cooperation and monopolies 113 7. Concluding remarks 114 EDI AND NATIONAL LEGISLATION (Riisnaes) 117 1. Introduction 117 2. What is security all about 117 2.1. More than just technical aspects 117 3. What kind of networks and data exchange are we talking about 118

3.1. EDI: definition 118 3.2. Internal networks like PC networks 118 3.3. EDI Closed Networks 119 3.4. EDI Open Networks 119 4. The duty to implement security measures 120 4.1. General security measures 120 4.2. Transmission errors 120 4.3. Data log 120 4.4. Certification 121 5. Other rights dependant on certain security measures 121 5.1. Transmission and Storage of Accounting Information 122 6. Acknowledgement of receipt 124 6.1. The duty to comply with a request for acknowledgement of receipt 124 6.2. What should be the consequences of failing to send such an acknowledgement?.125 7. Evidential questions 126 7.1. Ensuring the admissibility of proof 126 7.2. Judgement of strength of proof 126 7.3. Regarding the burden of proof 126 DATA SECURITY AND FORMATION OF CONTRACTS (Elias) 129 1. Introduction 129 2. The risks and security procedures 129 3. Solutions adopted by law 130 4. To anew solution in an EDI-environment? 131 THIRD PARTY SERVICES AND THE CONCEPT OF NEGOTIABILITY (Torvund).135 1. Basic third party services 135 2. Negotiability 136 3. Liability 137 4. Conflict of law 137 5. Conclusions M38 ELECTRONIC DOCUMENTS RELATED TO THE SWEDISH EDI-SYSTEM FOR CUSTOMS AUTHORITIES (Seipel) 139 1. Documents and related concepts 139 1.1. General viewpoints. Lexical definitions 139 1.2. Documents and legal language. An illustration - Swedish statutes 139 1.3. Characteristics of paper documents from a legal viewpoint 141 1.4. New kinds of documents: electronic media and messages 142 1.5. Characteristies of electronic data media and messages 143 2. Documents and the Swedish constitution. The right of access 146 2.1. Brief remarks on the development 146 2.2. Documents and recordings under valid law. Chapter 2 of the 146 2.3. Two doctrines: fixed documents and potential documents 147 2.4. Co-ordination with surrounding legislation: decision support, archives, data protection, criminal laws, etc 149 2.5. A uniform document concept? 150 3. The Customs Data System (TDS) 150 3.1. Background. The development of the TDS 150 3.2. Legal issues: an overview 153 3.3. Legal requirements, functional requirements and technical 154 3.4. The electronic seal 155

3.5. Electronic documents 156 3.6. Practical consequences and acceptance 157 4. Coordinated strategies and legal system management 158 4.1. Decisive factors for the development of concepts 158 4.2. Private solutions versus regulated and general solutions 158 4.3. A co-ordinated system of concepts and standards 158 4.4. The notion of legal system management 159 5. Concluding remarks. Research tasks 159 5.1. A legal theory of automated information handling 159 5.2. Law and informatics as the suitable framework 160 EDI MODEL AGREEMENTS (Seiler) 161 1. Present Extent of the Use of EDI 161 2. A Legal Framework for EDI 161 3. National EDI Model Agreements 162 4. The Necessity for EDI Agreements in Germany 165 5. The Relationship Between the EDI Agreement and the Commercial Contracts 166 6. Liability for EDI-Risks 167 7. The Electronic Message as Legal Evidence 170 INSURANCE COVERAGE AND EDI (Rettig/Otto) 173 1. Engineering and fidelity insurance 173 1.1. Insurable risks 173 1.2. Property damage 174 1.3. Financial loss 174 1.4. Summary 175 2. Third party liablity insurance 177 2.1. Bodily injury and property damage 177 2.2. Finacial loss 177 2.3. Exclusions 177 2.4. Legal defense 178 2.5. Coverage for pure financial losses 178 ABOUT THE AUTHORS 181

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information