« Free software licensing & Software as a Service | Main | 6 months is enough, Article 29 Working Group tells search engines »

04 April 2008

Banking Code: user liability for losses from online banking

Out-law reports on the new Banking Code, which will see customers regarded as liable for losses from their bank (e.g. from hackers gaining access to their account) if they do not act with reasonable care.

One of the key examples of not using reasonable care given by the Code is failing to comply with the advice in clause 12.9. The clause is a vague list of steps that customers should take to keep safe online, including not using "out of date" anti-virus/firewall software. On the one-hand, such vagueness is arguably a necessity because being over-specific would risk the Code being out-of-date (just like that anti-virus software!) very quickly. On the other hand, given that we are talking about the difference between a bank customer being able and not being able to recover from the bank what could be a significant amount of their money, this is a point that many will feel should be addressed clearly and comprehensively.

Andres at Technollama does a nice job of pulling apart 12.9. To his list of questions, I would add:

  • The "anti-virus" requirement seems to be only relevant to bank customers who use the various versions of Windows, all of which are the target of thousands of viruses and bits of spyware. The other 2 main types of operating system, Apple Mac OSX and Linux, have few reported items of viruses/malware on the loose. If a customer using Mac/Linux calls their bank about losses from their account and tells them they use Mac/Linux and therefore don't have anti-virus installed, they may struggle to reclaim their losses from the bank simply through technical ignorance on the part of their bank.
  • What about bank losses if a customer has in the past accessed their account in an internet cafe or from their office PC? Access to your bank anywhere is one of the main benefits of online banking, but in using another organisation's PC, you have to trust that organisation to have good IT security but you cannot guarantee this.
  • What about losses suffered if the customer uses their mobile phone as a method of accessing their account? Mobile banking is predicted to be a big growth area, but IT security software for mobile phones isn't exactly commonly used.

Posted at 11:05 AM in IT & e-commerce law |

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d8341c948553ef00e551ba06108834

Listed below are links to weblogs that reference Banking Code: user liability for losses from online banking:

Comments

Andres

Nice question about the anti-virus requirements in Windows. I wonder if using a Mac would suffice as taking "reasonable care".

Posted by: Andres | 04 April 2008 at 12:48 PM

The comments to this entry are closed.

About IMPACT

Contact IMPACT

  • Feel free to email the IMPACT team with any suggestions for new content, or if you'd like us to assist you with any legal issues.

Search


  • search the web
    search IMPACT

The legal bit

  • The news and articles on IMPACT are not legal advice and you shouldn't rely on them as if they were. Please don't act on any of the information on this blog without getting professional advice on the subject. Like most free general information blogs, we don't accept any liability in connection with your use of the information on the site.

    If you do need specific legal advice, the team behind IMPACT would be delighted to help.

    Creative Commons License

    We post the information on this blog under a Creative Commons Attribution NonCommercial ShareAlike 2.0 Licence (English law). You provide any comments and materials that you make on the same Creative Commons licence terms.

    Find out why we use a Creative Commons licence.

    We've registered our brands as trade marks. The following links will take you to the registrations for IMPACT, Freeth Cartwright and FC.

Accessibility

  • We take accessibility very seriously. We want everyone to be able to access the stuff we've put on the blog. If you've got any comments or suggestions for how to make the blog more accessible, please email the team.

    To learn more about accessibility and why it's important see our article Making websites open to all. There are more accessibility posts in the Accessibility section of IMPACT.