| One way for a reseller to gain an edge on | | | | these laws is the obligation to notify |
| competitors is to market the advantages | | | | employees of surveillance practices at least |
| associated with its products in a unique way. | | | | 14 days prior to commencing surveillance |
| In the security channel, a white paper | | | | activities. The new laws also set out |
| marketing the legal and commercial advantages | | | | specific procedures and practices associated |
| of a security product presented in a | | | | with covert surveillance. Further, |
| compelling way may prove to be a successful | | | | obligations are imposed in relation to the |
| method of enticing a customer into purchasing | | | | retention of surveillance records and there |
| your security solution. | | | | are new obligations related to computer |
| | | | policies and other documentation that |
| Security is critical, there is no doubt about | | | | employees need to be made aware of. The new |
| it. The smallest breach or compromise can | | | | laws should not be taken lightly. Breach of |
| result in situations that can cripple | | | | the new laws may attract significant |
| business. Recently, the two big e-security | | | | penalties. In addition, if a company |
| stories have been the disruption to the | | | | contravenes any provision of the new laws, |
| Russian Trading System (RTS) stock exchange | | | | all directors and management of the company |
| caused by a virus in early February and the | | | | may also be held accountable. |
| extradition proceedings currently underway in | | | | |
| the UK against a hacker who allegedly hacked | | | | Another way of enticing your customers is to |
| into approximately 100 Pentagon, NASA and | | | | mention the legal consequences associated |
| other American military networks. | | | | with breaching e-security. Hackers can be |
| | | | brought before courts under Australian |
| One area of e-security that a white paper | | | | computer crime laws for gaining unauthorised |
| could be prepared on is surveillance. Many | | | | access to computer systems. These laws may |
| organisations are already aware of the | | | | even see hackers thrown in jail. |
| vulnerabilities posed by internal staff and | | | | |
| subcontractors using the organisation's | | | | Organisations who are serious about |
| corporate network and always-on internet | | | | e-security should ensure they are covered by |
| access. In fact, most large organisations now | | | | an insurance policy that extends to loss |
| track their employees' internet and email | | | | occasioned as a result of hacking or breach |
| usage to ensure that trade secrets are not | | | | of the organisation's e-security generally. |
| being leaked to competitors via these means | | | | Customers should be reminded that breaches of |
| and that employees are not using internet | | | | electronic security measures can be just as |
| access for other unscrupulous purposes. | | | | disastrous as breaches of physical security |
| | | | measures. |
| In New South Wales, parliament recently | | | | |
| passed new workplace surveillance | | | | Disclaimer: This column is for general |
| legislation that is now in effect. Your | | | | informational purposes only. It is not legal |
| customers should be made aware of these laws. | | | | advice nor is it a substitute for legal |
| The new laws regulate the use of computer, | | | | advice. Readers should seek legal advice on |
| camera and tracking devices. The main | | | | their own particular circumstances. |
| obligation imposed on your customers under | | | | |