Information technology is another form of cyber law (hereinafter referred to as IT). It concerns itself with the use of computers to create, process, store, retrieve and exchange all kinds of informative data.[1] In an era where both computers and the internet have taken the world in a storm, it is important to regulate the same. There are both advantages and disadvantages of the internet, easy access to communicate with a far-away relative and we have also seen increased misuse of the internet in the form of cyber-attacks and bullying. In this article, we will discuss a few laws governing these aspects.
An information technology system (IT system) is generally an information system, a communications system, or, more specifically speaking, a computer system — including all hardware, software, and peripheral equipment — operated by a limited group of IT users, and an IT project usually refers to the commissioning and implementation of an IT system.[2]
“The United States cyber security laws and privacy system is arguably the oldest, most robust and effective in the world. The State’s privacy system relies more on post hoc government enforcement and private litigation. Currently, cyber security regulation comprises of directives from the Executive Branch and legislation from Congress that safeguards information technology and computer systems.”[3]
LIST OF IT LAWS IN THE UNITED STATES:
1. Cybersecurity Information Sharing Act (CISA)
2. Cybersecurity Enhancement Act of 2014
3. Federal Exchange Data Breach Notification Act of 2015
4. 1996 Health Insurance Portability and Accountability Act (HIPAA)
5. 1999 Gramm-Leach-Bliley Act
6. 2002 Homeland Security Act, which included the Federal Information Security Management Act (FISMA)
7. National Cybersecurity Protection Advancement Act of 2015
Question:[4] What are the maximum penalties available, and examples of prosecutions in concerned jurisdiction regarding electronic theft (e.g. breach of confidence by a current or former employee, or criminal copyright infringement)?
Answer: “Electronic theft could violate the CFAA, 18 U.S.C. § 1030(a)(2) (obtaining information, without authorisation or exceeding authorisation, imprisonment of up to one year, or five if aggravating factors apply). It may also, or alternatively, violate the Economic Espionage Act, 18 U.S.C. §§ 1831–1839, which creates two crimes based on the theft of trade secrets; the first makes it a crime to acquire, without authorisation, trade secrets in order to benefit a foreign government, and the second if the theft will create economic benefit for others and will injure the target of the theft. While some courts previously held that obtaining information otherwise available on a computer system in violation of written policies prohibiting such access could constitute a violation of the CFAA, the Supreme Court found in Van Buren v. U.S. that violations of such purpose-based restrictions (i.e. restrictions imposed by contract or company policies) do not themselves constitute violations of the CFAA without other acts that exceed technical restrictions. 141 S. Ct. 1648 (2021).”[5]
Most common problematic area of technology law is the use of electronic signatures in signing e-contracts. Business who are tech-savvy and using efficient means to conduct and grow their businesses, tend to often use e-signatures. Naturally, additional care must be taken in order to not misplace any sensitive information, for example: customer personal information data. With respect to electronic signature laws, business owners should be aware of at least the following two pieces of legislation: the Uniform Electronic Transactions Act (UETA), and the Electronic Signatures in Global and National Commerce Act (ESIGN).[6] You can learn more on e-signatures in this article What are e contracts? – Layman Litigation
‘State governments also have taken sincere measures to improve cyber security by increasing public visibility of firms with weak security. In 2003, California passed the Notice of Security Breach Act which requires that any company that maintains the personal information of California citizens and has a security breach, must disclose the details of the event. The security breach regulation regulations punish firms for their cyber security failures while giving them the freedom to choose how to secure their systems.’[7]
If you want to save yourself from any liabilities that occur through any business activities that you might be conducting through online means. It is always best to get in touch with a lawyer expertise in the field of information technology.
[1] Daintith, John, ed. (2009), "IT", A Dictionary of Physics, Oxford University Press, ISBN 9780199233991. [2] Forbes Technology Council, 16 Key Steps To Successful IT Project Management, published 10 September 2020. [3] Federal Laws | Information Technology | Drexel University [4] Cybersecurity Laws and Regulations Report 2023 USA (iclg.com) [5] Ibid. [6] Information Technology Law - HG.org [7] United States CyberSecurity Laws & Regulations (appknox.com)
