Companies ignore digital legal risks

Berlin If German companies use new technologies, the legal risks are underestimated. This is the conclusion reached by a study by the commercial law firm Noerr in collaboration with the Technical University of Munich, which is available exclusively to the Handelsblatt.

According to this, 70 percent of the executives surveyed state that there is no special position in their company to monitor digital legal risks. Often there is also a lack of technical expertise.

“The economy has to observe more and more legal regulations and is at the same time strongly forced to digitize,” explains Sophia Habbe, Noerr expert for internal investigations and compliance with legal regulations by companies. “It is therefore essential that companies take serious care of digital legal risks.” In the corona crisis with a high proportion of home offices, however, there has been a loosening of guidelines recently.

For the study, the opinion research institute Kantar conducted a total of 300 interviews with executives from private companies on “digital compliance”. It turned out that almost every second company had already been the victim of digital legal violations or attacks – such as hacking, data protection violations, ransomware attacks, IT security deficits, copyright violations, extortion or data theft.

Top jobs of the day

Find the best jobs now and
be notified by email.

“The digital legal risks to which companies can be exposed are continuously increasing and at the same time becoming more complex,” says the study. It is astonishing that companies not yet affected only deal with the dangers to a limited extent.

Damage to the company’s image

Peter Bräutigam, an expert in IT law at Noerr, sees the companies needing to catch up: “Risk awareness has to be sharpened in this country.” The companies need guidelines on how to deal with digital legal risks and guidelines on how to deal with violations. After all, there was a risk of high fines, claims for damages, profit skimmings, cases of manager liability or damage to the company’s image.

According to the study, a company’s digital legal risks depend largely on the technologies used. This applies to mobile devices, cloud computing, the company network, the use of artificial intelligence (AI), blockchain or big data analyzes.

Here, too, there is a lack of risk awareness. Because the respondents rate the legal risks in almost all the technology areas surveyed as low or medium. Laptops, smartphones and tablets are the most likely to be considered risky.

The study states: “Due to the advancing digitization and automation of processes, companies are in constant danger of external attacks, especially in the form of hacker attacks, which in the worst case bring the company’s economic activity to a standstill by encrypting critical data can.”

On the other hand, rapid technical progress brings with it the risk of losing control. The further development of AI means that its results and reactions can no longer be fully controlled by humans.

Management responsible

After all, 89 percent of the executives surveyed stated that they had taken at least individual measures to reduce digital legal risks. Internal swot analyzes are the most common. 63 percent of those surveyed named these investigations of the strengths, weaknesses, opportunities and risks of their own company. The finance and insurance industry in particular is relying on this measure.

48 percent of those surveyed indicated that they had appointed a compliance officer, and another 23 percent a “Chief Digital Officer”. 37 percent of those surveyed state that they have installed special compliance software.

In fact, the respondents see digital compliance tools as a “future topic that is worth investing in”. Such systems can monitor the behavior of employees and only allow legally compliant behavior.

Take the banking sector as an example: A program checks transfers to see whether they contain an amount of more than 10,000 euros. If this is the case, the transaction is first stopped and presented to an employee. The transaction can only be completed after the latter has accepted the process. The program then archives the release for later reviews.

“However, new legal risks arise when using such tools,” says legal expert Habbe. Her credo: “The management is responsible for digital legal risks and must organize appropriate measures.”

More: Large German banks are going into the cloud



Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.