Computer hackers are a serious threat to businesses and their customers, particularly if those businesses operate complex computer networks or operate as on-line businesses. However, now that corporate telecommunication networks are becoming more sophisticated, a company's phone system may also be susceptible to invasion. These telephonic hackers, called phone phreaks (and telecom hacking itself is known as phreaking), can cause large monetary losses as well. The question of who is liable for these losses, losses that are specifically caused by illegal activity, is the subject of this comment. This comment addresses the issue of liability for monetary losses in the event that a company's computer network or multifaceted phone system is violated. It will also explain what duty of care companies must have in order to maintain a secure system. In addition, it alerts the reader to some of the newest technologies available to protect corporate networks, including encryption, firewalls and virtual private networking. Recognizing that oftentimes the real victim of an attack is someone other than the company itself, this comment proposes a model statute that states could adopt in order to protect these third-party victims. Also, it includes aproposed clause for use in corporate contracts that provide a safeguard for the computer networks of all involved. Lastly, the comment suggests that the increased use of insurance to protect online and networked environments would serve as a useful solution to the problem of liability.
Sarah Faulkner, Invasion of the Information Snatchers: Creating Liability for Corporations with Vulnerable Computer Networks, 18 J. Marshall J. Computer & Info. L. 1019 (2000)