Date: August 25, 2008 - 6 pm
Category: Advice, eTransactions, Free, Information Security, Labour, Privacy and POPI
Section 43(5) of the ECT Act requires the supplier in an electronic transaction to “utilise a payment system that is sufficiently secure with reference to accepted technological standards at the time of the transaction and the type of transaction concerned.” If a payment system is breached, the supplier must reimburse the consumer for any loss suffered. In most instances the supplier does not provide or operate the payment system and this obligation will shift to the provider who is sometimes the ISP.
Apart from the aforegoing, whilst there is no specific law which imposes specific information security related obligations on companies and ISP’s, both have a common law duty not to be “negligent”. When South African Courts consider whether an act was negligent or not, they will try to find out if a “reasonable man” in the defendant’s position (e.g. the ISP) would have acted differently if the damage was reasonably foreseeable and preventable. It may be argued that compromises to an organisation’s information security is a foreseen risk which should be guarded against and that any omission to take preventative or remedial steps could be regarded as a negligent act which may lead to liability.
- Register - It's quick, easy and FREE to get greater access instantly. [ Register ]
- If you are a client of Michalsons, you get registered user access and complimentary access to client content. Register at [ Register ] and then send us an email requesting access as a client of Michalsons. We will give you access and notify you by email.
Tags: ECT Act, electronic transactions, Information Security, information security policies, internet transactions
No Comments Yet