© Photo: ThinkstockPhotos – Sebastian Kaulitzki
How to protect business information technology against viruses? Who is liable when computers are infected?
The Internet also brings fraudsters onto the scene, who use viruses, Trojans, etc., to commit crimes. try to get hold of other people’s money and sensitive data. They are becoming more and more resourceful when it comes to developing malicious software (so-called malware). In the past it was possible to distinguish more clearly between a virus, a worm and a Trojan horse. Today, combinations of these malware programs are often in circulation, which makes them difficult to detect and combat.
According to experience In the past, these malware programs were mainly introduced to the user’s computer via e-mail or by clicking on links to "infected" websites run websites. The intruders then spread on the computer, search the programs or files there and manipulate them. The effects can be devastating, whereby slowed down processes might still be the least problem of an affected entrepreneur. In the worst case, sensitive data (e.g.B. passwords or credit card numbers) and forwarded to the hacker, who can then use the credit card numbers to purchase goods, for example, or to access other computers- for example by means of spam attacks- can cause harm. This in turn can lead to the person concerned being exposed to warnings, payment claims or claims for damages.
Because the hacker or. If the virus developer remains untraceable, victims turn to the company that developed the virus for compensation.B. sent the contaminated email. This knows However, in most cases the victim does not even know about the virus attack. However, the knowledge does not play any role in the liability for damages in principle. It is sufficient for a company to be liable if it has not taken any or only insufficient protective measures against viruses, although it was obliged to do so. This is u.a. the case if it creates a source of danger, z.B. By sending promotional emails. However, especially in the case of business relationships between companies, the injured party could also be partly to blame- is nevertheless likewise obligated to take protective measures, in order to protect its computers against virus attacks.
Protect business partners
A company can be liable for damages due to the breach of a contractual collateral duty (according to §§ 280, 241 II German Civil Code (BGB)). This means that when a company enters into a contract, it is also "automatically" liable the obligation to protect the business partner from damage caused by malicious software by taking appropriate protective measures. Liability in tort can also be considered (according to § 823 I or.
§ 823 II BGB in connection with a protection law, like e.g.B. § 303b Criminal Code StGB). For example, the company is liable if it sends contaminated emails to a third party who is not a business partner.
If an employee detects a virus for example, by clicking on a dubious e-mail If the employer is responsible for the damage caused by the user, the employer may be able to claim compensation in accordance with the rules of the so-called internal compensation system. This also applies to the permitted and tolerated private use of the company computer. How much liability you have or. whether the employee is liable at all depends on the degree of his fault. The employee is only liable in full if he intentionally intended to cause the damage and opens the mail attachment even though the nature of the mail suggests that it is contaminated by malware. However, the degree of fault is difficult to prove in practice, so that the employer usually has to pay for the damage.
Protection against malicious software
When dealing with virtual vermin, companies must take organizational defensive measures to avoid liability. That’s how companies after§ 9 German Federal Data Protection Act (BDSG), you have a duty to ensure a secure IT infrastructure and so-called IT risk management. They can do that especially by