background image
34
T H E P R I M E R U S P A R A D I G M
Management of Digital Risks
In the Spring 2015 issue of this
publication, we addressed the subject of
risk management. This article will focus
on one particular type of risk ­ digital
risk. Firms' IT systems can be breached
both from the inside and from the outside.
For example, breaches can come from
a network attack (hacking, distributed
denial of service [DDoS]), viruses (Trojan
horse, time bombs, worms), cybercrime,
human error, a failure of the IT provider
or power failure. The consequences for an
enterprise can be serious ­ inaccessibility
of the network, loss or theft of (part of)
the computer system, data destruction,
data manipulation, leaking of confidential
information or personal data and related
privacy issues. What are the legal options
to manage these consequences and to
ensure the continuity, security and privacy
of the network and information systems of
the company?
Contracts and Liability
Regarding digital risks, most business
owners will immediately think of the
security of the software and the quality
of the hardware. However, you can limit
digital risks and manage any potential
negative effects in advance by means of
good information and communications
technology (ICT) contracts.
Entering a Contract
For the different digital services (such as
maintenance and operation of the network
system, data processing and data storage)
the company will conclude contracts with
different ICT suppliers (providers, cloud
servers, big software providers, such as
Microsoft, Apple and Google). These
contracts are often standardized. However,
an enterprise does not have to accept such
standard contracts unreservedly, and it
is advisable to negotiate the contents of
such contracts. The contract has to provide
clarity for both parties on several basic
things: Who is responsible for what? Who
has the power to do what? And what are
the rights and duties of the parties involved
in the service chain? Here, it is vital to
observe the liability for claims of clients or
third parties.
International ­ Europe, Middle East & Africa
Reinier W.L. Russell
is the managing partner of
the Dutch law firm Russell Advocaten B.V. He is
an experienced lawyer who serves as outside
corporate counsel for both domestic and foreign
businesses in the retail and IT sectors. He deals
with business formation and reorganization,
corporate governance, employment issues, real
estate and all aspects of liability and contract law.
Russell Advocaten B.V.
Reimersbeek 2
1082 AG Amsterdam
Netherlands
+31.20.301.55.55 Phone
+31.20.301.56.78 Fax
reinier.russell@russell.nl
russell.nl
Reinier W.L. Russell