Re: Where to get this kindof advice.

Your employment contract, generally otherwise worthless in most cases, should contain a hold harmless clause -- make sure it does. If you have any doubt, you might consider paying an attorney to review your employment contract and advise you about the applicable statutes. If you consult with an attorney, keep it secret (even from your cow-orkers) so you don't prompt an overreaction from your employer.

IANAL, but: Assuming you're adequately protected by a hold harmless clause, you should be covered unless you do something you know or should know is illegal. Ethics might be personally bothersome, but any legal liability for unethical conduct falls upon your employer as long as you personally don't break the law.

If you were a third party (consultant|contractor) I'd suggest walking away from the project if the security specifications don't fall within your risk acceptance comfort zone. If you were a third party, you would have to meet a much higher standard in order to maintain the legal shield, because your client would be considered to be "acting in reliance upon your professional judgment". It's generally not a defense to show that you had to choose between doing a stupid thing and losing the contract.

Comment on Re: Where to get this kindof advice.

Replies are listed 'Best First'.
Re^2: Where to get this kindof advice. by rinceWind (Monsignor) on Oct 26, 2005 at 15:55 UTC
Assuming you're adequately protected by a hold harmless clause, you should be covered unless you do something you know or should know is illegal. Ethics might be personally bothersome, but any legal liability for unethical conduct falls upon your employer as long as you personally don't break the law. Also IANAL but I do work in the banking sector. Much depends on the laws of the country in which the OP is operating. But, banking is a global market, and you should know something of other regulatory bodies outside your own country, as they will have an effect. The USA has the Sarbanes Oxley Act of 2002, which makes hiding and misrepresentation of financial information, a felony, as indeed is having knowledge of such and doing nothing about it. This affects third parties including contractors and auditors. SOX has provision for protecting whistle blowers, but this is probably a part of the legistlation which has not been invoked, owing to the newness of the act. Also, be aware of some of the dangers of whistle blowing, as in the Chip Salzenberg case. Outside the US, is the Basle Accord, in particular Basle II, which covers practices for banks which need to operate in Europe. Some pointers for you: Research Sarbanes Oxley and work out what implications it has for you Research Basle II (which is also written Basel II, depending whether the paper is of Franco-Swiss or Germanic-Swiss origin) Follow the Refco case, read the news feeds as it happens, study the legal aspects -- Oh Lord, won’t you burn me a Knoppix CD ? My friends all rate Windows, I must disagree. Your powers of persuasion will set them all free, So oh Lord, won’t you burn me a Knoppix CD ? (Missquoting Janis Joplin)	[reply]

Replies are listed 'Best First'.

Re^2: Where to get this kindof advice.
by rinceWind (Monsignor) on Oct 26, 2005 at 15:55 UTC

Assuming you're adequately protected by a hold harmless clause, you should be covered unless you do something you know or should know is illegal. Ethics might be personally bothersome, but any legal liability for unethical conduct falls upon your employer as long as you personally don't break the law.

Also IANAL but I do work in the banking sector. Much depends on the laws of the country in which the OP is operating. But, banking is a global market, and you should know something of other regulatory bodies outside your own country, as they will have an effect.

The USA has the Sarbanes Oxley Act of 2002, which makes hiding and misrepresentation of financial information, a felony, as indeed is having knowledge of such and doing nothing about it. This affects third parties including contractors and auditors.

SOX has provision for protecting whistle blowers, but this is probably a part of the legistlation which has not been invoked, owing to the newness of the act. Also, be aware of some of the dangers of whistle blowing, as in the Chip Salzenberg case.

Outside the US, is the Basle Accord, in particular Basle II, which covers practices for banks which need to operate in Europe.

Some pointers for you:

Research Sarbanes Oxley and work out what implications it has for you

Research Basle II (which is also written Basel II, depending whether the paper is of Franco-Swiss or Germanic-Swiss origin)

Follow the Refco case, read the news feeds as it happens, study the legal aspects

--

Oh Lord, won’t you burn me a Knoppix CD ?
My friends all rate Windows, I must disagree.
Your powers of persuasion will set them all free,
So oh Lord, won’t you burn me a Knoppix CD ?
(Missquoting Janis Joplin)

[reply]