It's All About Trust: The Expanding Scope of Security Obligations in Global Privacy and E-Transactions Law
47 Pages Posted: 4 Mar 2008 Last revised: 1 Feb 2014
Trust is a key requirement for all electronic information and transactions, and information security is the means used establish a level of trust appropriate to the situation. Through the implementation of appropriate information security measures, businesses seek to ensure a reasonable level of trust in the accuracy of the identity of the person who created, signed, and/or sent an electronic record, trust that the record has not been altered without authorization, and trust that contents of the record have been and will be kept confidential.
When viewed in the aggregate, it is clear that global legal trends in the laws that regulate privacy, electronic transactions, and electronic records evidence a significant focus on information security and this requirement for trust. In particular, three legal trends regarding security are rapidly shaping the global privacy and electronic transactions landscape for most companies:
* A legal duty to provide appropriate information security for a company's data and electronic transactions is expanding in scope and is being applied to all companies. * A legal standard for compliance - i.e., a definition of reasonable security - is emerging. * A new legal duty - a duty to warn the stakeholders affected by security breaches - is also emerging.
This article examines the expanding legal obligation of business to address information security issues in the context of privacy and electronic transaction laws.
Keywords: information security, security, privacy, electronic transactions, e-transactions, authentication, integrity, confidentiality, electronic records, corporate governance
JEL Classification: K10, K19, K20, K29, K30, K33, K39
Suggested Citation: Suggested Citation