Gartner Says IT Products and Services Will Likely Be Subject to Regulation by 2015
Software and Service Providers Need to Prepare Now for Increased Liability
"Three years ago Gartner published research predicting that either catastrophe from IT failure, or a continuing history of lower-level failures would provoke either a governmental regulation or industry self-regulation of IT products and services in the US by 2015 and in the European Union by 2015 to 2018," said Richard Hunter, vice president and distinguished analyst at Gartner. "Although the exact date of arrival for regulation is difficult to predict, we believe that, in recent months, the tempo and intensity of the indications of such an event have increased."
Mr Hunter said several recent articles describing the growth and scale of criminal hacking networks aimed at governmental and industry targets, as well as recent statements by representatives of the US and UK governments, indicate that the state of IT security is now viewed as unacceptably dangerous. Mr Hunter also referred to the emphasis that US President Barack Obama has placed on the importance of cyber technology and security in his appointments and public comments.
In addition, healthcare industry representatives have asked the Obama administration to hold software vendors liable for failures resulting from implementation of administrative software mandated by the US federal government by 2014. Elsewhere, corporate customers are filing litigation against their IT providers with greater frequency.
The rise of social networks such as Facebook, MySpace and Twitter have generated increased concern over the extent to which personal data and the safety of minors are threatened by criminals using these networks to gain access to potential victims.
"All these events are taking place within a global climate that is shifting towards regulation on many fronts," said Mr Hunter. "As a result of the economic crisis, the social environment is considerably less trusting and secure. The public is wary of cascading risks and would seem to be supportive of legislation and litigation aimed at reducing those risks, including those posed by IT."
While neither supporting nor opposing regulation of IT, Gartner considers it increasingly likely and thinks it is probable that the EU will take formal steps to establish a regime for regulation of consumer-oriented IT products and services as early as 2011. Given the increasing likelihood of this scenario, Gartner advises IT vendors, service providers and user organiations to consider the implications of the regulation of IT on their businesses.
Mr Hunter said software vendors need to be aware that increased liability will drive generic software out of the market, and they should prepare for transparency and product/price differentiation based on quality and certified fitness for purpose. IT service providers should do the same and mitigate risks by incorporating strong documentation, audit right provisions and legal compliance terminology into outsourcing deals.
Corporate technology users are likely to benefit from regulation in terms of clearly understanding the functions and features they buy but should be aware that they cannot outsource regulatory compliance. They should consider whether the liabilities applied to vendors will apply to them as well, and consider whether the enterprise is prepared to manage its processes to regulatory requirements.
Additional information is available in the Gartner report "Childhood Ends: The Signs Are Clearer." The report is available on Gartner's website at http://www.gartner.com/....
Gartner UK Ltd
Gartner, Inc. (NYSE: IT) is the world's leading information technology research and advisory company. Gartner delivers the technology-related insight necessary for its clients to make the right decisions, every day. From CIOs and senior IT leaders in corporations and government agencies, to business leaders in high-tech and telecom enterprises and professional services firms, to technology investors, Gartner is the indispensable partner to 60,000 clients in 10,000 distinct organizations. Through the resources of Gartner Research, Gartner Executive Programs, Gartner Consulting and Gartner Events, Gartner works with every client to research, analyze and interpret the business of IT within the context of their individual role. Founded in 1979, Gartner is headquartered in Stamford, Connecticut, U.S.A., and has 4,000 associates, including 1,200 research analysts and consultants in 80 countries. For more information, visit www.gartner.com.