In the eyes of the law what is the legal obligation of a developer to keep data secure on the web?

Posted on 2007-10-02
Last Modified: 2010-08-05
What is the legal responsiblity of a web developer to keep data secure?

After a company has been informed verbally and in writing are there any legal obligation?  If the individual making the decisions does not understand the implications and they have been informed in writing, what are the legal responsiblities of the developer.

Question by:swansonplace
    LVL 23

    Assisted Solution

    by:Erik Bjers
    I've noticed that you have posted multiple questions ont this topic.  It is my opinion that you contact a lawyer and get proper leagle advise as it appears that this has alredy happend.  If this has not happend you may want to do so me research in law books.

    LVL 6

    Expert Comment

    Ditto with eb , This question cannot be answered properly on EE as Laws differ so much between countries.


    Author Comment

    I am in the process of conferring with some lawyers, but I also wanted a point of veiw of developers to see how they handle it.  I posted two seperate questions as one is aboutthe  data availablity, and the other about the obligations of a developer when building an inhouse security system.
    LVL 18

    Accepted Solution

    This is indeed a question that has to be answered by specialized lawyers.
    But in general I can assure you this: ultimately, top management is responsible! Ignorance is not a valid reason to not take responsibility as a management team. This is so for all business matters and decisions. Management should make sure it is well informed, either by it's employees or external sources. Since you even took the initiative to set this in writing to you mangement, you can certainly not be taken resposible if mangement does not act upon this. But even without that, it would not be your responsibility as a non-management developer.

    Which country are you in?


    Featured Post

    What Should I Do With This Threat Intelligence?

    Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

    Join & Write a Comment

    Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
    Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now