Unlike previous hacks in the past such as the Mossack Fonseca release of confidential information, these are financially motivated through the use of Ransomware. This is why it has never been more important for businesses to have full understanding of the requirements imposed on them by law to prevent financial and reputational loss to their business. Not only will a business suffer but individuals in that company, such as directors, may have criminal proceedings brought against them and could be subject to fines. This article will provide you with a quick overview of the cybersecurity legislation in place on the Isle of Man.

Types of threats

Historically the most common form of hacking is Phishing where a hacker will target an individual and through the use of either spam emails or fake websites, attempt to trick them into providing their personal details such as bank details or personal passwords. In the past few months, the threat of hacking has been growing at an alarming rate and hackers are deploying various new methods. They are deliberately targeting businesses that may potentially have overlooked their cybersecurity due to lack of threat in the past.

As mentioned, Ransomware has now been drawn into the public eye through many public attacks and due to the South Korean web provider Nayana paying out about $1 million in Bitcoins to the hackers. This may only further encourage others to pursue this potentially lucrative method. Ransomware is when software is maliciously deployed onto a computer that blocks access to data until a ransom is paid. In more elaborate attacks this can be combined with other hacking tools advertising a method preventing or removing the Ransomware in question, which in turn is malware software that causes further harm once downloaded.

Outline of the legal framework

In the Isle of Man at present there is no comprehensive piece of cybersecurity legislation, instead a number of different statues govern cybersecurity.

Data Protection Act 2002 (the DPA)

Regulates the storage of information and imposes obligations to protect personal data collected by a company through security measures under the Seventh Principle of the DPA. A breach of the obligation to keep data secure gives rise to potential criminal sanctions and/or financial penalties enforced by the Isle of Man Information Commissioner (the Commissioner).

Computer Security Act 1992 (the CSA)

The CSA criminalises the interference with computers without authority, including where the intention is to commit other crimes by means of accessing computers, altering computer programs or producing ‘hacking tools’. Offences under the CSA are not limited to the offenders being present in the Isle of Man.

View the below PDF version to find out more on who is responsible for cybersecurity in the Isle of Man, and what future development in this area may mean.

PDF Version

Twitter LinkedIn Email Save as PDF
More Publications
30 Jul 2021 |

Fighting international fraud

First published in New Law Journal, July 2021. Appleby partners Anthony William and Jared Dann an...

Contributors: Jared Dann, Claire Corkish
28 Jul 2021 |

Trust Protectors and the Exercise of Trustee Powers

The recent judgment of the Staff of Government Division in the case of Mazzoleni v Summerhill Trust ...

Contributors: Erin Trimble-Cregeen
18 Jun 2021 |

Isle of Man – Extension of Economic Substance Requirements to Partnerships and Limited Liability Companies

The Income Tax (Substance Requirements) Order 2021 was approved by Tynwald on 16 June 2021.  This O...

12 Mar 2021 |

Material adverse change clauses in light of the Covid-19 pandemic

Experts from each of our key global offices provide jurisdiction specific advice and answer question...

8 Mar 2021 |

Appleby Celebrates International Women’s Day

International Women’s Day is celebrated annually in support of gender equality and equal participa...

8 Dec 2020 |

The International Comparative Legal Guide to Gambling 2021 – Isle of Man Chapter

This chapter was first published in The International Comparative Legal Guide to: Gambling 2021, by ...

Contributors: Sophie Corkish
30 Oct 2020 |

When Worlds Collide – How COVID is Connecting Technology with Natural Resources

Dating back to the beginning of 2020, the natural resources sector has been extremely active at both...

Contributors: Peter Colegate