Please use this identifier to cite or link to this item:https://hdl.handle.net/20.500.12259/34823
Type of publication: Magistro darbas / Master thesis
Field of Science: Teisė / Law
Author(s): Lelekauskaitė, Greta
Title: Ar turi būti atlyginta patirta neturtinė žala įsibrovus į kibernetines fizines sistemas?
Other Title: Should intangible damage be covered in cases of breaking into cyber-physical systems?
Extent: 35 p.
Date: 2-Jun-2017
Event: Vytauto Didžiojo universitetas. Teisės fakultetas
Keywords: Kibernetinės fizinės sistemos;Neturtinė žala;Medicininiai prietaisai;Cyber-Physical systems;Medical devices;Intangible damage
Abstract: Robotikos mokslas vystosi labai greitai, tačiau teisinis reguliavimas atsilieka. Kibernetinės fizinės sistemos ypač svarbios asmenims, kurių gyvenimas priklauso nuo medicininių priemonių. Šių prietaisų dėka asmuo gali gyventi kokybišką gyvenimą, tačiau jų naudojimas gali sudaryti sąlygas naujų pažeidimų atsiradimo erai. Vystantis naujosioms technologijoms, padaugėja pažeidimų, sukeltų naudojantis nuotoliniu valdymu. Nors ne visada šios atakos turi realių padarinių, tačiau jei tokia ataka būtų padaryta aparatui, kuris užtikrina gerą asmens sveikatos būklę, asmeniui kiltų baimė dėl atakų pasikartojimo galimybių. Prietaisuose, kurie palaiko gerą žmogaus sveikatos būklę, yra saugoma konfidenciali informacija apie asmens sveikatą bei apie paskirtą medikamentų kiekį. Įsibrovus į kibernetinės fizinės sistemos prietaisus, sukeliama grėsmė asmens sveikatai ir gyvybei. Tiek Jungtinėse Amerikos Valstijose, tiek ES nėra nustatyta konkretaus reglamentavimo dėl pažeidimų kibernetinei fizinei sistemai. Neturtinės žalos atlyginimas asmeniui, kuris patyrė įsibrovimą į medicininį prietaisą, labai svarbus. Apie įsilaužimą sužinojęs naudotojas patirtų dvasinį išgyvenimą, baimę dėl savo sveikatos bei gyvybės ateityje. Šio darbo tikslas – atsakyti į klausimą: „Ar turi būti atlyginta patirta neturtinė žala įsibrovus į kibernetines fizines sistemas?“ Atsakius į pagrindinį darbe pateikiamą klausimą, suformuluotos aiškios ir konkrečios išvados. JAV ir ES rekomendacijose minima, jog būtina užtikrinti nuolatinę prietaisų kontrolę, programinės įrangos atnaujinimus bei apsaugos diegimą. Būtinas duomenų apsaugos stiprinimas. Svarbu, kad medicininiai prietaisai būtų saugūs ir teiktų naudą, o ne keltų riziką asmens sveikatos gerovei, todėl gamintojai turi rūpintis medicininių prietaisų apsauga Medicininių prietaisų kibernetinis saugumas yra neatsiejama atsakomybė tarp suinteresuotų šalių – sveikatos priežiūros įstaigų, paslaugų teikėjų, gamintojų bei pacientų. Europos Parlamento Mokslinių ir technologinių sprendimų vertinimo grupė, atlikusi tyrimą dėl etinių bei teisinių aspektų robotikos srityje, pateikė pagrįstą pasiūlymą dėl privalomo civilinio draudimo asmeniui, kuris naudojasi KFS įrenginiais. Draudimas atlygintų patirtą turtinę ir neturtinę žalą. Taip pat teikiamas rekomendacinis pasiūlymas dėl gamintojų standartų ES ribose sulyginimo. Teisės normų, kurios reglamentuotų kibernetines fizines sistemas, nėra. Pateikiamos rekomendacijos su civilinės atsakomybės užuomazgomis. Net jei po įsibrovimo asmeniui nebus padaryta fizinė žala, kils psichologiniai išgyvenimai, nerimas, stresas, reputacijos pablogėjimas, orumo sumenkinimas, nuolatinis nesaugumo jausmas. Šie kriterijai atitinka neturtinės žalos atlyginimo pagrindus. Todėl galima daryti pagrindinę išvadą, kad įvykus įsibrovimui į žmogaus naudojamas ir jam gyvybiškai svarbias kibernetines fizines sistemas, nukentėjusiajam turi būti atlyginta neturtinė žala. Apibendrinant atliktos analizės rezultatus ir ištyrus esamas teisės normas, siūloma įstatymų leidėjams išleisti specialias teisės normas, kurios reglamentuotų kibernetines fizines sistemas ir visus jų naudojimo aspektus.
The science of robotics has been advancing very fast in modern society yet the regulations of law stand behind. Every day all around the globe scientists examine new technologies and search for possible improvements in every sphere. Cyber physical systems are very important to people whose life depends on medical devices: insulin pumps, heart stimulators, head brain stimulators, hearing devices, defibrillators, stomach stimulators. Due to these devices a person can live a quality life but the use of such devices might cause an environment for a new crime area. As technology advances, the crimes that are caused by remote control increase. Although these attacks not always have real consequences but if this kind of attack was done to the device which regulates the good health of an individual, the person would be frightened of the possible repeated attacks. In the digital world crimes become different – they are committed remotely. The devices that maintain a person‘s good health protect personal data about the individual‘s health condition and about the amount of prescribed medicine. When it is hacked into the cyber physical system devices a threat is caused to the person‘s health and life. Neither the Unites States of America, nor the European Union have established a clear regulation for crimes of cyber physical systems and due to this reason uncertainty prevails who is responsible for the inflicted damage. The intangible damage coverage is very important to the person who has experienced a break- in into a medical device. The person having learned about the break – in would feel emotional shock and fear for his health and life in the future. The negative experiences that the person would feel after the break – in would haunt him every day and in that way would diminish his communication level while also have a negative impact on personal honor and dignity. That is why intangible damage coverage is very important in this case because intangible damage is connected to the individual‘s experiences. The goal of this research is to answer this question: Should intangible damage be covered when it has been broken into cyber physical systems? To achieve this goal certain tasks were created. The first goal was to identify cyber physical system meaning and law regulation relevance. The goal of this task was to discuss the conception of cyber physical system and to describe what medical devices are included into cyber physical systems. Also, to discuss how cyber physical systems work and to give examples about break – in possibilities, to reveal the relevance of regulations by law and the need to discuss new generation cyber crimes for the cyber physical system and the consequences due to the absence of law regulations. The second goal was to reveal the problem of intangible damage coverage by analyzing crimes to cyber physical system. The regulation of cyber physical system in the USA and the European Union were analyzed in the research. The recommendations are presented which reveal the sources of civil responsibility. In the developing society the advancing of technologies is faster than the establishment of new law regulations and due to this reason many scientific articles have been published to indicate how CPS work and describe their technical drawbacks, also providing possible security methods. These articles are the ground basis for lawyers to understand that without law regulations modern technologies can inflict major damage to individuals. This part of the research also discusses the main ethical aspects of robotics. To achieve the third goal that is to reveal the problem of intangible damage coverage by analyzing crimes against cyber physical system and an opportunity of covering intangible damage when it was broken into cyber physical systems is analyzed. The concept of intangible damage in Lithuania is analyzed in the research as well as its development, origin, special law regulations about coverage of intangible damage are discussed. A hypothetical situation is analyzed to reveal the experiences when it was broken into cyber physical systems. The Lithuanian court practice is presented regarding the cases of intangible damage coverage. After completing all the goals of the research – the main question about the intangible damage coverage has been answered. Having examined the tasks and having answered to the research goal the conclusions are presented. FDA and EP recommendations indicate that it is vital to ensure permanent control of devices, updates of programs hardware and the installation of security. It is crucial to strengthen the security of data. It is important that the medical devices are safe and provide benefit not posing a risk to the health of an individual and that‘s why manufacturers have to ensure the safety of the devices so that there would be no possibility to break into cyber physical systems. The security of the medical device is one of the most important reasons and thus manufacturers should make sure that cyber physical system devices which ensure good health condition and life support are safe and that there would not be any possibility to break into medical devices. The products have to be completely safe, be beneficial and not pose a risk to an individual‘s health. However, the cyber security of medical devices is a huge responsibility of all interested parties: healthcare companies, service providers, manufacturers and patients. The Science and Technology Options Assessment have given a proof proposal for a mandatory insurance for a person who is using CPS devices after having conducted an investigation about ethical and law aspects for robotics. The insurance would cover both property damage and intangible damage. A recommendation proposal is also presented to match the manufacturer standards in the EU boundaries. There are no law regulations that would regulate cyber physical systems either. The recommendations are presented with the sources of civil responsibility and a possible responsibility of the manufacturer is mentioned due to inappropriate functioning of medical device or failure to ensure data security. The crimes committed to the cyber physical system might cause health deterioration of an individual or some situations even death. Even if physical harm has not been caused to a person after a break – in, psychological stress, anxiety, constant insecurity feeling will be caused as well as decrease in reputation and dignity. These criteria’s correspond the basis of intangible damage coverage. Thus, the conclusion could be reached that after having broken into cyber physical systems intangible damage should be covered to an indivual. The present law regulations and rules can be applied but certain aspects have to be taken into consideration. The civil law regulations in the robotics sphere have to be coordinated with the general data security regulation and have to match the principles of necessity and proportion. In conclusion, after having carried out the research and having examined the present law regulations it is recommended for law legislators to establish special law regulations in order to regulate cyber physical systems.
Internet: https://eltalpykla.vdu.lt/1/34823
https://hdl.handle.net/20.500.12259/34823
Appears in Collections:2017 m. (TF mag.)

Files in This Item:
greta_lelekauskaite_md.pdf681.25 kBAdobe PDF   Restricted AccessView/Open   Request a copy

Show full item record

Page view(s)

98
checked on Oct 13, 2019

Download(s)

10
checked on Oct 13, 2019

Google ScholarTM

Check


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.