See assignment criteria Essay Example | Topics and Well Written Essays - 1000 words

See assignment criteria - Essay Example Lando Calrissian, of Alderaan Security Solutions Ltd., claims that companies must implement the latest and most advanced technologies to protect client data and that the European Union’s Electronic Signature Directive not only puts electronic signatures on equal footing with physical ones, but also assigns responsibility for the technology underpinning electronic signatures. I believe Lando Calrissian is wrong in his assessment that companies must implement the latest and most advanced technologies to protect client data, but I do agree that the Electronic Signature Directive puts electronic signatures on equal footing with physical ones and that it also assigns responsibility for the technologies that electronic signatures employ. The statement made by Lando Calrissian regarding the requirement for companies to deploy the latest and most advanced technologies to protect confidential client data is misguided. Indeed, his argument is based entirely on the premise that not only is technology infallible, but that all security breaches can be avoided. Between power and network outages, maintenance downtime and natural events, it is utterly impossible to maintain or guarantee perpetual 100% integrity of an online data warehouse due to its reliance on a distributed physical infrastructure. Moreover, with new virtual security threats emerging on a daily basis, the depreciating cost of processing power and the pervasiveness of high-speed networks, unlawfully gaining access to a secured remote computer system is only a question of skill, time and opportunity. Since The Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data 1995 art 17 establishes that only the deployment of appropriate security instruments sufficient to maintain an adequate level of security are required, it is clear that legislation only expects companies to accomplish their due diligence in attempting to maintain the integrity of their cli ents’ confidential data. Therefore, it would probably be most responsible of companies to i) delegate their IT security to consulting firms and to ii) insure themselves against the risk of data security breaches, rather than engage in the technological rat race of unremitting software transition and constant security infrastructure turnover. I do agree with Lando Calrissian’s statement that the Electronic Signature Directive puts electronic signatures on equal footing with physical signatures. Indeed, a physical signature not only signifies consent of the signatory to the subject matter, it also provides a crude form of verifiability of the signatory’s identity. This time-honored practice is vulnerable to forgery with minimal skill and to usurpation of identity and misrepresentation of intent, since the legitimate signature of the signatory is not always readily known to the other contracting party. On the other hand, electronic signatures using paired public an d private keys as implied by the Community Framework for Electronic Signatures 1999 art 2 deliver a more robust and reliable voucher of the signatory’s identity. In fact, electronic signatures of this type require far more advanced skills to forge than physical signatures do, skills not readily accessible to most individuals. Furthermore, given the high-speed data cross-referencing infrastructure already deployed whereby the identity of a signatory can be rapidly validated with distant third