Skip to site navigation Skip to main content Skip to footer content Skip to Site Search page Skip to People Search page

Bylined Articles

Transparency When It Comes To Online Security Breaches

By Eric J. Sinrod
January 25, 2011
Findlaw.com

Transparency When It Comes To Online Security Breaches

By Eric J. Sinrod
January 25, 2011
Findlaw.com

Read below

Eric SinrodThe hacking of commercial websites can have real world consequences. Case in point: http://www.lush.co.uk

The United Kingdom website for Lush, a cosmetics retailer, voluntarily was shut down after having been hacked recently. According to an announcement posted on the website, ongoing monitoring demonstrated that the site continues to be targeted for further hacking entry attempts.

Thus, in order not to put its customers “at risk,” the website will remain closed. Meanwhile, Lush plans to set up an independent website soon that will be able to take orders for Lush products and will accepts payments via PayPal.

Notwithstanding the hacking and subsequent site shut down, Lush has emphasized that orders can be placed in its stores and over the telephone. That is well and good, but of course, Lush would prefer not to have lost the revenue stream from its UK website. Plainly, hacking causes business interruption and decreased revenue flow for companies that are victims of such activities. And one of the reasons for such interruption and decreased revenues is the potential responsibilities owed by companies to their customers.

Companies will be looked to by their customers and possibly by regulators to be transparent in terms of online security breaches and to protect the private data of customers. Indeed, according to Internet legal expert Jonathan Armstrong, the UK has adopted new rules on online advertising and the Office of Fair Trading there recently instituted a campaign on online fairness.

In a best case scenario, hackers will not be successful in penetrating and disrupting websites. But when they do succeed, remedial actions and openness make abundant sense.

Biography

Eric Sinrod is a partner in the San Francisco office of Duane Morris. His focus includes information technology and intellectual property disputes. To receive his weekly columns, send an e-mail to with the word "Subscribe" in the subject line.

Disclaimer: This column is prepared and published for informational purposes only and should not be construed as legal advice. The views expressed in this column are those of the author and do not necessarily reflect the views of the author's law firm or its individual partners.

Reprinted with permission of Findlaw.com