Expanding data storage capabilities mean that a “security incident” involving the loss of company or personal data will result in much more damage than was previously possible.
Specialist information technology lawyer Lance Michalson warns that until recently, losing a briefcase would only result in the loss of the papers in that case “whereas today, loosing a memory stick, CD, DVD, portable hard drive or smart phone may result in vast amounts of information being lost.”
Making his “TechLaw Predictions for 2009“, Michalson says this will have legal implications for peope and companies as it “could result in the test for negligence changing shape in that the ‘foreseeability of loss` of data will become more and more applicable as the value of data increases.”
For this reason, among others, Michalson foresees that more encryption technologies will be deployed at the hardware level (e.g. laptops being encrypted) and that end point security will become more important with organisations looking to lock down USB ports and “regulate” the use of USB ports through information security polices.
He also expects companies to keep grappling this year with implementing the Regulation of Interception of Communication and Provision of Communication-related Information Act (RICA) in a legally compliant manner.
Michalson anticipates further developments in IT forensics – including the emergence of “counter forensics”.
“We will begin to see a lot of new entrants in the IT forensics and electronic discovery areas, he says. “With this will come the beginning of the ‘decomposition` of certain types of work carried out by lawyers in that the discovery of electronic data will be outsourced to outside companies and no longer handled by law firms as has traditionally been the case.
“We also expect to see more of what some people refer to as ‘counter forensic` techniques on potential evidence arising, as ordinary people become more and more technically literate – in that a lot of people are now aware (assisted with the popularity of the popular TV series ‘CSI`) of what is needed to remove valuable evidence, and ensure that it is never collected on computers in the first place.”
The IT law specialist notes that it has been suggested that 2009 will be “a year of increased tension between the opening up and the closing down of information.
“In one sense information wants to be free (because it is easily available, often free, easy to copy and forward) a fact which is reinforced by the ‘Internet generation` that is at home with YouTube, Wikipedia, Facebook and other social networking websites.
“In another sense, information wants to be controlled: with oceans of information out there, people are looking for accurate, highly relevant information (“knowledge”) which they are prepared to pay for – hopefully many organisations will also appreciate that bad information and records management results in larger volumes of irrelevant paper-based and electronic documents being reviewed by their attorneys in litigation, which in turn leads to unnecessarily high legal fees”.
Other developments foreseen is the further expansion of the use of electronic signatures with the Department of Communications set to accredit the first “advanced electronic signature”.
Michalson also expects the Consumer Protection Bill to be enacted this year. It will, amongst other things, place an ever increasing emphasis on the need to review current website terms and conditions and standard contracts to comply with the plain English provisions of this Bill. He does not, however, expect the Protection of Personal Information Bill that is currently before the South African Law Commission (and has been since 2003) to reach the statute books this year.