Michalsons Attorneys

 Print

Michalsons Information Security Services

We can assist by providing services around the following:

ECT ACT related issues

We can help you:

• understand the difference between an “electronic signature” and an “advanced electronic signature” and what this means to your organisation;
• have your “advanced electronic signature” accredited with the South African Accreditation Authority;
• understand whether or not your organisation needs to register as a “cryptography provider” and help your register.

E-Commerce related issues

We can help you:

• address your concerns regarding whether the contracts you form electronically online with your customers are binding and enforceable;
• understand whether electronic signatures or “advanced” electronic signatures provide sufficient proof (i) that someone intended to “sign” an electronic document and (ii) of a permanent record demonstrating that a customer entered into a certain transaction;
• ensure that your internal information security policies, standards and procedures can generate valid evidence for use in court now that the Computer Evidence Act has been repealed;
• understand the information security risks posed by outsourcing your IT infrastructure.

Information Security related disputes

Information security breaches, especially by employees, are becoming more common. We provide immediate legal advice in response to computer intrusions and theft of electronic information.

The frequency of these breaches means disputes are likely and will end up in litigation.

Examples of possible court cases include:

• Cases stemming from external hacking attacks and internal security breaches;
• These attacks and breaches cause damage not only to the initial targets, but also third parties. The possibility of a claim by an affected third party against the company (the initial target) raises what is called “downstream liability” (downstream liability claims involve allegations that the target’s failure to protect its own systems damaged a third party when the attacker used the target’s systems as a conduit or weapon against the third party);
• Cases against technology vendors based on claims that the vendor failed to ensure the security of its services, or claims that hardware or software products contain security flaws (which has become an important “product liaiblity” issue under the new Consumer Protection Act of 2009;
• Cases concerning electronic records, and whether they are archived properly to ensure their integrity and reliability;
• Cases arising from e-mails and other electronic information based on issues of appropriate usage, long-term archival, or intentional or inadvertent destruction.

We have a wealth of experience in the litigation of disputes in various dispute resolution forums in South Africa. At the same time, the firm has extensive expertise in information security, enabling it to grasp highly technical matters of security technology.

Michalsons marries this technical expertise with litigation experience to provide effective legal representation for its clients.

PKI Services

Clients seek information about the legal implications, including risks and liability, of using a PKI. Clients want to establish appropriate policies and practices. If they are performing key escrow and key management, they want to know what policies they should have in place.

The legal implications of implementing and operating a PKI require specialists who understand business and technical matters relating to PKI, as well as the law. Michalsons are one of the few law firms in South Africa who have actively been involved in providing advice around PKIs since 1997 and have been involved in several project relating to PKIs.

We can help you:

• understand what PKI is all about;
• contextualise PKI in the context of the ECT Act;
• develop a PKI legal framework;
• draft or review your Certificate Policy, Certifcate Practice Statement, Subscriber and Relying Party agreements.

Similar Posts:

• Infosec Policies - Role of Attorneys
• What is “information security law”?
• Michalsons Information Security Qualifications
• Michalsons Information Security Policy Framework
• Bevan Lane

Tags: RIC Act