IT professionals, in the course of doing their jobs, face a minefield of potential legal missteps that could lead to fines or even time in jail, writes Peter S. Vogel in a post at InfoWorld. What's most frightening, is that some of these hazards can be stumbled upon unwittingly. Vogel outlines four areas where IT workers could accidentally bump up against the law.

Confidential data naturally comes with privacy regulations that have to be complied with, but it can really get complicated when multi-national corporations are subjected to myriad privacy laws in different countries. Vogel suggests that IT workers understand the privacy restrictions on any data they work with.

Copyrighted material also poses risks for IT workers, Vogel writes. Individuals who make illegal copies of copyrighted software can be held responsible for the violation even though infringement suits are usually handed to the employer. "IT pros who have access to source code should make it a routine practice to verify that their employers have a proper license. If the source code was not properly licensed, or there are some limits on who may access the source code, you might have liability," he advises. 

Financial records can also present potential dangers. If an executives tells an IT worker to do something inappropriate with financial data, the worker can be held personally responsible and end up in jail, even if he did not know what was really going on.

IT professionals carry a heavy burden to look out for child pornography on corporate computers, Vogel warns, because if they find it on someone else's computer and do not turn in the person who possesses it, they can be found guilty.

"There is no question that judges and juries are not technically savvy enough to understand what IT pros do on a day-to-day basis. That lack of understanding can lead them to conclude you're at fault or should have known better," Vogel writes. "To avoid legal problems, the best advice for IT pros is to be wary of what does not pass the smell test. If something seems wrong, it probably is."

For more:
- see Peter S. Vogel's post at InfoWorld

Related Articles:
Making security legally defensible
Data breach laws, e-discovery increase compliance duties
This email will self destruct