If you manage a network it is wise to take legal protection measures in addition to technical as well. Meanwhile, the question is whether you should take into account as the administrator of your network with the law. For what exactly should you do or do not?
When activity on your network place at variance with the law, including the illegal uploading of movies, there can be with you - as holder of the IP address - be true. In that case, you must prove that you do not damage someone else has done over your network. Read also: As sharp in the Windows privacy settings 10.
Risk Network Administrator
That network operators at risk, evidenced by the lawsuit between Mc Fadden and Sony Music, which Szpunar delivered an opinion to the Court. To attract customers had Mc Fadden, a German trader in light and sound techniques, free wifi available to all. Through this network was uploaded music illegally in 2010, where the copyright holder of Sony's. Since Sony can not figure out illegal uploader, the company behind Mc Fadden on. Which could make better security measures to prevent illegal upload, for example by setting a password on his network . The European Court now needs to review the law in this case outweighs: the copyright interests of Sony or the right of Mc Fadden to a barrier-free wifi to set up network.
Wifi is often freely available in shops and restaurants as a service for customers, but also to collect additional customer information.
School example
In 2009, on the website 4chan.org posted that a shooting would take place at a school. Based on the IP address of the police initially had considered a woman as a suspect. Could only later through the MAC address of the MacBook from a neighbor of the woman, finds that he had posted the threats. According to the boy he had been given the network's credentials because its network was too slow. To ensure that you end up in the same position as the wife in this case, it is wise to actively keep track of who you have provided exactly the password for your network.
Password?
It is not mandatory in the Netherlands to have a password set on your network just got this from a legal point of view, a good way to cover yourself. With a password, you can directly prove that you have not fully open the gate to put your network for illegal activities. Further, the rules regarding protection for networks are becoming increasingly stringent, particularly in the area of privacy . So will soon enter the European Privacy Regulation. This law can force you to take "appropriate technical and organizational measures" to protect the personal data on your network. How heavy these security measures should be depends on the data processed on your network. If his medical records, you should do more on security than if your network is set up for a LAN party. If you do not comply with the privacy laws, you risk a fine by the Authority Authority (formerly Data Protection, CBP).
Legal Tips & Tricks
You can in the event of damage to your network, reduce the risk of legal claims or a fine of the Authority Personal somewhat by taking the following measures.
- Warn users of the risks they run when using your network.
- Let your visitors explicitly agree with the warning that they are themselves liable in the event of damage.
- Advise visitors network using VPN.
- Set a strong firewall.
- Encrypt the data being processed within your network.
- Remove personal information on your network on time.
- If you design a network that is accessible to everyone, tell it on time to the Authority for Personal Data.
- Secure your network with a password or restrict access to your network in a different way.
manage data Rating
If you have a Wi-Fi network open to anyone, you do the activities of your visitors by law to keep up with. You may well consider the MAC addresses of the devices that connection to your network and the duration of that compound to store a short time (you can see for example in many routers). For example, if child pornography is distributed through your network, the police with this information can quickly pick up a suspect. Often Should You must cooperate with the police, but can not be forced to hand over data that you do not. If a lot like Buma Stemra to knocks you for personal information of a visitor, you do not always need to work on their request. Your guests have a clear right to privacy that can oppose this.
In the case Lycos vs. Pessers (see box), the court found, in any case, when it is obvious that you have been a guest engaged in illegal activities, and only you can determine who carried out illegal activities, you have the data to help determine the identity of the visitor does to cede.
Lycos vs. Pessers
A well-known case in which a party had to give personal information, the case Lycos - Pessers. Stamp dealer Pessers was accused of fraud through a website that was hosted by Lycos. The court ruled that Lycos the details of the person who suggested it anonymously Pessers was a crook, had to hand indeed. Pessers if the judge is not fair game for the claims of an anonymous person. It turned out that there was a false name was given by Lycos, which the offender could not be caught.
Monitor a network: what are the limits?
In practice it is difficult for network administrators to determine how they should scour their network, for example, illegal activities. From the case shows that this is often dependent on the purpose of the control of the network . In addition, the privacy expectations of your guests is often crucial. If you inform your network users well in advance about the fact that you control the network and you thereby clearly indicate the purpose of the audit, there is less talk of an invasion of privacy. So you can check if administrator striking data traffic, for example to prevent damage to your network, but email traffic intercept course, is a different story. It is especially important that you as a network administrator not only the state of the art in the field of security tracking but also the law. Thus, the Court's final judgment in the case can Mc Fadden against Sony Music ensure that the rules are less strict in this area or are tightened correctly.
In any case, it is by a third party secretly monitor of the data processing on your public network with tools such as a pineapple not permitted.
No comments:
Post a Comment