{"id":60094,"date":"2023-11-22T10:22:33","date_gmt":"2023-11-22T01:22:33","guid":{"rendered":"https:\/\/monolith.law\/en\/?p=60094"},"modified":"2024-03-04T14:45:19","modified_gmt":"2024-03-04T05:45:19","slug":"itsystem-database-law-problem","status":"publish","type":"post","link":"https:\/\/monolith.law\/en\/it\/itsystem-database-law-problem","title":{"rendered":"Legal Issues Associated with Databases in IT Systems"},"content":{"rendered":"\n<p>When dealing with legal issues related to IT systems, it is necessary to have a systematic understanding of the law. However, it is equally important to understand the components of an IT system. In this article, we will explain how IT systems are composed of various parts and how these parts interact to function. We will also discuss legal issues that are particularly related to databases, which may not be readily visible from the user&#8217;s perspective.<\/p>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_53 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<span class=\"ez-toc-title-toggle\"><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/monolith.law\/en\/it\/itsystem-database-law-problem\/#IT_Systems_are_Composed_of_%E2%80%9CInterface%E2%80%9D_and_%E2%80%9CLogic%E2%80%9D\" title=\"IT Systems are Composed of &#8220;Interface&#8221; and &#8220;Logic&#8221;\">IT Systems are Composed of &#8220;Interface&#8221; and &#8220;Logic&#8221;<\/a><ul class='ez-toc-list-level-3'><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/monolith.law\/en\/it\/itsystem-database-law-problem\/#What_is_the_%E2%80%9CInterface%E2%80%9D_in_IT_Systems\" title=\"What is the &#8220;Interface&#8221; in IT Systems?\">What is the &#8220;Interface&#8221; in IT Systems?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/monolith.law\/en\/it\/itsystem-database-law-problem\/#What_is_the_%E2%80%9CLogic%E2%80%9D_in_IT_Systems\" title=\"What is the &#8220;Logic&#8221; in IT Systems?\">What is the &#8220;Logic&#8221; in IT Systems?<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/monolith.law\/en\/it\/itsystem-database-law-problem\/#The_Risk_of_Discussing_Systems_Solely_from_the_Perspective_of_%E2%80%98Appearance%E2%80%99\" title=\"The Risk of Discussing Systems Solely from the Perspective of &#8216;Appearance&#8217;\">The Risk of Discussing Systems Solely from the Perspective of &#8216;Appearance&#8217;<\/a><ul class='ez-toc-list-level-3'><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/monolith.law\/en\/it\/itsystem-database-law-problem\/#The_Risk_of_Users_and_Vendors_Having_Completely_Different_Concerns\" title=\"The Risk of Users and Vendors Having Completely Different Concerns\">The Risk of Users and Vendors Having Completely Different Concerns<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/monolith.law\/en\/it\/itsystem-database-law-problem\/#The_Risk_of_Users_Being_Indifferent_to_the_Backside_%E2%80%98Logic%E2%80%99\" title=\"The Risk of Users Being Indifferent to the Backside &#8216;Logic&#8217;\">The Risk of Users Being Indifferent to the Backside &#8216;Logic&#8217;<\/a><ul class='ez-toc-list-level-4'><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/monolith.law\/en\/it\/itsystem-database-law-problem\/#The_Risk_of_Issues_Arising_in_Maintenance_and_Security\" title=\"The Risk of Issues Arising in Maintenance and Security\">The Risk of Issues Arising in Maintenance and Security<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/monolith.law\/en\/it\/itsystem-database-law-problem\/#The_Risk_of_Governance_Not_Extending_to_the_Work_of_Operation_Managers\" title=\"The Risk of Governance Not Extending to the Work of Operation Managers\">The Risk of Governance Not Extending to the Work of Operation Managers<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/monolith.law\/en\/it\/itsystem-database-law-problem\/#The_Risk_of_Logic_Being_Wrong_Even_If_It_Appears_to_Be_Working_Correctly\" title=\"The Risk of Logic Being Wrong Even If It Appears to Be Working Correctly\">The Risk of Logic Being Wrong Even If It Appears to Be Working Correctly<\/a><\/li><\/ul><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/monolith.law\/en\/it\/itsystem-database-law-problem\/#Summary\" title=\"Summary\">Summary<\/a><ul class='ez-toc-list-level-3'><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/monolith.law\/en\/it\/itsystem-database-law-problem\/#Systematic_Understanding_of_System_Development_and_Legal_Affairs\" title=\"Systematic Understanding of System Development and Legal Affairs\">Systematic Understanding of System Development and Legal Affairs<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"IT_Systems_are_Composed_of_%E2%80%9CInterface%E2%80%9D_and_%E2%80%9CLogic%E2%80%9D\"><\/span>IT Systems are Composed of &#8220;Interface&#8221; and &#8220;Logic&#8221;<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/monolith.law\/wp-content\/uploads\/2019\/09\/pixta_40551871_M-1024x588.jpg\" alt=\"\" class=\"wp-image-5064\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"What_is_the_%E2%80%9CInterface%E2%80%9D_in_IT_Systems\"><\/span>What is the &#8220;Interface&#8221; in IT Systems?<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>When trying to understand the structure of an IT system, the most noticeable aspect is likely the appearance of the interface. Indeed, in the general process of system development, after defining requirements such as functionality, the next steps usually involve &#8220;interface design&#8221; and organizing &#8220;interface transitions&#8221;. These aspects of the interface are naturally noticeable to the users who order system development, and it is also the area where communication between users and vendors is most likely to be active. In the following article, we explain the &#8220;obligation to cooperate&#8221; that users bear towards vendors throughout the entire process of system development in order to achieve project goals.<br><\/p>\n\n\n\n<p><a href=\"https:\/\/monolith.law\/corporate\/user-obligatory-cooporation\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/monolith.law\/corporate\/user-obligatory-cooporation[ja]<\/a><\/p>\n\n\n\n<p>In this article, we mainly explain the need for users to collaborate with vendors during phases such as basic design (i.e., the interface) as part of their obligation to cooperate in system development.<\/p>\n\n\n\n<p>The &#8220;interface&#8221; in IT systems is typically described according to the rules of computer languages such as HTML and CSS. Discussions about the &#8220;interface&#8221; of an IT system are often referred to by various names such as &#8220;front-end&#8221; and &#8220;UI (User Interface)&#8221;, but the main points of discussion are &#8220;ease of operation&#8221; and &#8220;visibility&#8221; from the user&#8217;s perspective.<br><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"What_is_the_%E2%80%9CLogic%E2%80%9D_in_IT_Systems\"><\/span>What is the &#8220;Logic&#8221; in IT Systems?<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>However, if an IT system is based solely on the &#8220;interface&#8221;, it would be nothing more than a static &#8220;interface&#8221; without any &#8220;movement&#8221; or &#8220;change&#8221;. Even if the system accepts input from users and displays output through the &#8220;interface&#8221;, there is a process of &#8220;calculation&#8221; involved.<\/p>\n\n\n\n<p>Complex calculations and controls are performed by components that are not visible to the user, which could be referred to as the &#8220;back-end&#8221; of the system. Processes such as searching for data from the interface, rewriting data, adding, or deleting, are only possible because there is a pre-built database in the background. Various operations on the information in the database are usually done in a computer language called SQL.<\/p>\n\n\n\n<p>By creating a path from the trigger, such as a button set up on the interface side, to the execution of the necessary SQL statement, a complete picture of a system with movement and change is completed.<\/p>\n\n\n\n<p>Note that discussions about assembling various logics that are not visible from the &#8220;interface&#8221; are often referred to as &#8220;back-end&#8221;.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"The_Risk_of_Discussing_Systems_Solely_from_the_Perspective_of_%E2%80%98Appearance%E2%80%99\"><\/span>The Risk of Discussing Systems Solely from the Perspective of &#8216;Appearance&#8217;<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/monolith.law\/wp-content\/uploads\/2019\/09\/pixta_19191219_M-1024x837.jpg\" alt=\"\" class=\"wp-image-5065\" \/><\/figure>\n\n\n\n<p>Up to this point, our discussion has laid the foundation for understanding the structure of IT systems (assuming they operate on the web). Understanding these matters is significant for legal discussions, conflict prevention in projects, and crisis management. Specifically, there can be communication gaps between users who focus solely on the &#8216;appearance&#8217; on the screen and vendors who handle important tasks on the unseen &#8216;logic&#8217; side.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"The_Risk_of_Users_and_Vendors_Having_Completely_Different_Concerns\"><\/span>The Risk of Users and Vendors Having Completely Different Concerns<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>For example, users who discuss IT systems mainly in terms of the &#8216;screen&#8217; often pay little attention to the complexity of the internal structure. Therefore, they may not understand how what appears to be a &#8216;minor addition of functionality&#8217; or a &#8216;slight change in specifications&#8217; can impact many processes. The following article explains legal issues that often arise when decommissioning existing systems during the development of a new system.<br><\/p>\n\n\n\n<p><a href=\"https:\/\/monolith.law\/corporate\/the-transition-from-the-oldsystem\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/monolith.law\/corporate\/the-transition-from-the-oldsystem[ja]<\/a><\/p>\n\n\n\n<p>Here, we explain that troubles often occur during data migration to the new system when the old system is decommissioned. In other words, the complexity of the internal calculation and control mechanisms, which are unimaginable from the appearance, can be a source of unexpected trouble for the user side. Also, if the user does not understand the &#8216;feelings of the system-making vendor&#8217;, situations may arise where changes are made incrementally after the fact.<br><\/p>\n\n\n\n<p><a href=\"https:\/\/monolith.law\/corporate\/howto-manage-change-in-system-development\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/monolith.law\/corporate\/howto-manage-change-in-system-development[ja]<\/a><\/p>\n\n\n\n<p>In such cases where changes in specifications or additions of functions are ordered after the fact, whether it is possible to increase the reward afterwards can sometimes become a serious issue.<br><\/p>\n\n\n\n<p><a href=\"https:\/\/monolith.law\/corporate\/increase-of-estimate\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/monolith.law\/corporate\/increase-of-estimate[ja]<\/a><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"The_Risk_of_Users_Being_Indifferent_to_the_Backside_%E2%80%98Logic%E2%80%99\"><\/span>The Risk of Users Being Indifferent to the Backside &#8216;Logic&#8217;<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Furthermore, the parts that cannot be observed by the user may have become a major incident when trouble is discovered. The following is such an example.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"The_Risk_of_Issues_Arising_in_Maintenance_and_Security\"><\/span>The Risk of Issues Arising in Maintenance and Security<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p>This includes situations where additional functions cannot be implemented, or the operation gradually becomes heavy while using it, and it stops working.<\/p>\n\n\n\n<p>Also, there is a method called &#8216;SQL Injection&#8217; as a security attack that performs a security attack that extracts personal information and confidential information that should not be displayed on the screen due to the inadequacy of the code implemented on the screen side. The following article details cases that have become serious disputes due to this.<br><\/p>\n\n\n\n<p><a href=\"https:\/\/monolith.law\/corporate\/risks-of-libraryuse-and-measures\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/monolith.law\/corporate\/risks-of-libraryuse-and-measures[ja]<\/a><\/p>\n\n\n\n<p>The main theme of this article is the risks associated with the use of frameworks and libraries, but the cited court case is one where an attack was made on vulnerabilities using SQL Injection.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"The_Risk_of_Governance_Not_Extending_to_the_Work_of_Operation_Managers\"><\/span>The Risk of Governance Not Extending to the Work of Operation Managers<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p>The indifference of IT system users to the backside &#8216;logic&#8217; is also linked to the problem that governance is difficult to extend to the work of IT system operation managers. The following article explains the importance of database handling work on the theme of &#8216;data loss due to negligence of operation managers&#8217;.<br><\/p>\n\n\n\n<p><a href=\"https:\/\/monolith.law\/corporate\/dataloss-risk-and-measures\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/monolith.law\/corporate\/dataloss-risk-and-measures[ja]<\/a><\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"The_Risk_of_Logic_Being_Wrong_Even_If_It_Appears_to_Be_Working_Correctly\"><\/span>The Risk of Logic Being Wrong Even If It Appears to Be Working Correctly<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p>The fact that the system&#8217;s story does not stop at the &#8216;screen&#8217; means that even if the system appears to be working correctly on the surface, the actual &#8216;logic&#8217; may be wrong. This can be unexpectedly revealed in irregular operations such as &#8216;once every six months&#8217; or &#8216;once a year&#8217;.<\/p>\n\n\n\n<p>In such cases, it becomes a problem of defect warranty liability under the law as a case where a defect was found after the system was delivered once.<br><\/p>\n\n\n\n<p><a href=\"https:\/\/monolith.law\/corporate\/defect-warranty-liability\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/monolith.law\/corporate\/defect-warranty-liability[ja]<\/a><\/p>\n\n\n\n<p>As a countermeasure in case a defect is found after acceptance, the flow is explained in detail in the following article.<br><\/p>\n\n\n\n<p><a href=\"https:\/\/monolith.law\/corporate\/system-flaw-measure-after-acceptance\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/monolith.law\/corporate\/system-flaw-measure-after-acceptance[ja]<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Summary\"><\/span>Summary<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Systematic_Understanding_of_System_Development_and_Legal_Affairs\"><\/span>Systematic Understanding of System Development and Legal Affairs<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>When dealing with legal issues related to system development, it is crucial to understand which component of the IT system the problem arose from, even before identifying the legal points of contention. Whether it&#8217;s a legal issue or an IT system issue, in disputes arising from system development projects, it&#8217;s particularly important to maintain a holistic view and to strive for collaboration across different industries.<br><\/p>\n","protected":false},"excerpt":{"rendered":"<p>When dealing with legal issues related to IT systems, it is necessary to have a systematic understanding of the law. However, it is equally important to understand the components of an IT system. In t [&hellip;]<\/p>\n","protected":false},"author":32,"featured_media":61075,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[16],"tags":[19,31],"acf":[],"_links":{"self":[{"href":"https:\/\/monolith.law\/en\/wp-json\/wp\/v2\/posts\/60094"}],"collection":[{"href":"https:\/\/monolith.law\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/monolith.law\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/monolith.law\/en\/wp-json\/wp\/v2\/users\/32"}],"replies":[{"embeddable":true,"href":"https:\/\/monolith.law\/en\/wp-json\/wp\/v2\/comments?post=60094"}],"version-history":[{"count":1,"href":"https:\/\/monolith.law\/en\/wp-json\/wp\/v2\/posts\/60094\/revisions"}],"predecessor-version":[{"id":61076,"href":"https:\/\/monolith.law\/en\/wp-json\/wp\/v2\/posts\/60094\/revisions\/61076"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/monolith.law\/en\/wp-json\/wp\/v2\/media\/61075"}],"wp:attachment":[{"href":"https:\/\/monolith.law\/en\/wp-json\/wp\/v2\/media?parent=60094"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/monolith.law\/en\/wp-json\/wp\/v2\/categories?post=60094"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/monolith.law\/en\/wp-json\/wp\/v2\/tags?post=60094"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}