http://www.securityfocus.com/columnists/481
Presently, unauthorized access, even with good intent, is seen as an unlawful action. In the minds of law enforcement, unauthorized access is unauthorized access.
Waive Goodbye to Liability
http://www.thefreelibrary.com/Waive+Goodbye+to+Liability.-a069982804
Penetration testing of a computer network requires careful planning and limits on the scope of work.
...
But both the company and the consultants can open themselves to legal liability if something goes wrong. For example, if a client's data is compromised or a third-party system is broken into as a part of the test, that third party or client might bring action against the company or the consultant or both. Additionally, an unscrupulous member of a penetration test team might steal and resell corporate secrets.
thefreedictionary.com: Computer Fraud and Abuse Act
The Computer Fraud and Abuse Act is a law passed by the United States Congress in 1986 intended to reduce "hacking" of computer systems. It was amended in 1994, 1996 and in 2001 by the USA PATRIOT Act.
18 U.S.C. § 1030. Fraud and related activity in connection with computers
http://www.law.cornell.edu/uscode/18/1030.html
No comments:
Post a Comment