Public Law, an Introduction
Criminal – deals with crime and legal punishment of criminals.
Administrative – deals with regulation and public institutions, administered by the executive branch of the government.
Constitutional – deals with relationship between state and individual as well as the relationships between the branches of the government.
Financial Services Laws
Financial Services Modernization Act (Gramm-Leach-Bliley Act)
This act has a great effect on the privacy and disclosure of information. It requires financial institutions to disclose their policies on nonpublic personal information. They are also required to give customers notice so they may request their information not be shared. This act also ensures privacy policies are available to customers from the start as well as throughout the business relationship.
Unlike other property, intellectual property assumes the subject of the product is of the mind or intellect. This has varying implications on legal rights and entitlements to the holder of the IP.
Unfortunately, there are very few international laws that apply to information security and privacy. This is part of global business. Each nation must be sensitive to the policies and laws that pertain to the different nations. This is because these nations have varying philosophies on information security as well as being in different stages in information security evolution.
The Economic Espionage Act (EEA) in 1996 was passed to help protect trade secrets limiting the sharing of such information.
United States copyright laws also extend their grasp into intellectual property allowing these materials and ideas to be protected.
The European Council Cyber-Crime Convention and the United Nations Charter both help with protection and information security in Europe. While the Cyber-Crime Convention has no real enforcement power, it does help with the standardization of technology laws and improving the effectiveness of international investigations.
Due care means that an organization has made each and every employee aware of what behaviors are acceptable and which are not. This is an important concept when discussing liability. If an organization decides not to actively participate in due care, it may be held liable for improper actions of an employee. This is even true in cases where the organization is completely unaware of these actions. The goal is to hold each business to some sort of ethical standards.
Due Diligence vs. Due Care
Due diligence speaks to an organization’s responsibility to protect anyone who may possibly be harmed by its members. Both due diligence and due care are important ethical commitments the nation has required businesses to make. They help protect people that may otherwise be harmed because they may not have been well informed or aware of actions deemed unacceptable.