Privacy,
Security and Ethics
1. Identify the most
significant concerns for effective implementation of computer technology.
2. Discuss the primary
privacy issues of accuracy, property, and access.
3. Describe the impact of
large databases, private networks, the Internet, and the Web on privacy.
4. Discuss online identity
and major laws on privacy.
5. Discuss cybercrimes
including creation of malicious programs such as viruses, worms, Trojan horse,
and zombies as well as denial of service attacks, Internet scams, identity
theft, cyberbullying, rogue Wi-Fi hotspots, and data manipulation.
6. Detail ways to protect
computer security including restricting access, encrypting data, anticipating
disasters, and preventing data loss.
7. Discuss computer ethics
including copyright law, software piracy, digital rights management, the
Digital Millennium Copyright Act, as well as plagiarism and ways to identify
plagiarism.
Introduction
The ubiquitous use of
computers and technology prompts some very important questions about the use of
personal data and our right to privacy.
This chapter covers issues related
to the impact of technology on people and how to protect ourselves on the Web.
People
Technology has had a very
positive impact on people, but some of the impact could be negative.
Most
Significant Concerns:
Privacy – What are the
threats to personal privacy and how can we protect ourselves? Security – How can access
to sensitive information be controlled and how can we secure hardware and software?
Ethics – How do the
actions of individual users and companies affect society?
Privacy
Privacy – concerns
the collection and use of data about individuals
Three primary privacy issues:
Accuracy – responsibility
of those who collect data must be secure
and correct
Property – who
owns data and who has rights to software
Access – responsibility
of those who control data and use of data
Large Databases
Large
organizations compile information about us daily
Big Data is exploding and ever-growing
·
90% of the data collected has been collected
over the last 2 years
Data collectors include
·
Government agencies
·
Telephone companies
·
Credit card companies
·
Supermarket scanners
·
Financial institutions
·
Search engines
·
Social networking sites
Information Resellers/Brokers
·
Collect and sell personal data
·
Create electronic profiles
Personal information is a
marketable commodity, which raises many issues:
·
Collecting public, but personally identifying
information (e.g., Google’s Street View)
·
Spreading information without personal consent,
leading to identity theft
·
Spreading inaccurate information
§ Mistaken
identity
·
Freedom of Information Act
o
Entitlement to look at your records held by
government agencies
Private Networks
Employee
monitoring software
·
Employers can monitor e-mail legally
o
A proposed law could prohibit this type of
electronic monitoring or at least require the employer to notify the employee
first
The Internet and the Web
·
Illusion of anonymity
o
People are not concerned about privacy when surfing
the Internet or when sending e-mail.
When browsing the web,
critical information is stored on the hard drive in these locations:
·
History Files
·
Temporary Internet Files
o
Browser cache
·
Cookies
·
Privacy Mode
·
Spyware
History Files and Temporary Internet
Include locations or addresses of sites you
have recently visited
Temporary
Internet Files / Browser Cache
·
Saved files from visited websites
·
Offers quick re-display when you return to the
site
Cookies
o
Cookies are small data files that are deposited
on your hard disk from web sites you have visited.
o
First-party cookies are generated only by websites
you are visiting
o
Third-party cookies are generated by an advertising
company that is affiliated with the website.
v Also known as tracking cookies that keep track
of your Internet activities through 3rd party cookies
v Refer
to the accompanying graphic displaying how to block 3rd party cookies
Privacy Modes
o
o
·
Ensures your browsing activity is not recorded
on your hard drive
·
Incognito Mode
o
Google Chrome
o
Private Browsing
o
Safari
Privacy Threats
·
Web bugs
o
Invisible images or HTML code hidden within an
e-mail message or web page.
o
When a user opens the message, information is
sent back to the source of the bug
·
Spyware
o
Wide range of programs that are designed to
secretly record and report Internet activities, add Internet ad cookies.
·
Computer monitoring software
o
Invasive and dangerous
o
Keystroke Loggers
v Record
activities and keystrokes
·
Anti-Spyware programs
o
Detect and remove privacy threats
Online Identity
·
The information that people voluntarily post
about themselves online
·
Archiving and search features of the Web make
it available indefinitely
·
Major Laws on Privacy
o
Gramm-Leach-Bliley Act protects personal
financial information
o
Health Insurance Portability and Accountability
Act (HIPAA) protects medical records
o
Family Educational Rights and Privacy Act
(FERPA) resists disclosure of educational records
Security
Involves
protecting individuals or organizations from theft and danger
·
Hackers
o
Gain unauthorized access with malicious intent
o
Not all hackers are illegal
Cybercrime
/ Computer Crime
·
Criminal offense that involves a computer and a
Network
o
Effects over 400 million people annually
o
Costs over $400 billion each year
Forms of Computer Crime
·
Malicious
Programs – Malware
o
Designed by crackers, computer criminals, to
damage or disrupt a computer system
o
Computer Fraud and Abuse Act makes spreading a
virus, a federal offense
o
3 most common programs
v Viruses
– migrate through networks and attach to different programs
v Worms
– fills the computer with self-replicating information
v Trojan
horse – programs disguised as something else
Ø Zombies
are computers infected by a virus, worm, or Trojan Horse
Cyber Crime
·
Denial of Service
o
(DoS) attack attempts to slow down or stop a computer
system or network by flooding it with requests for information or data
·
Rogue Wi-Fi hotspots
o
Imitate free Wi-Fi networks and capture any and
all information sent by the users to legitimate sites including usernames and
passwords
·
Data manipulation
o
Finding entry into someone’s computer network
and leaving a prankster’s message
Internet Scams
A
fraudulent or deceptive act or operation to trick someone into providing
personal information or spending money for little or no return
·
Identity Theft
o
Illegal assumption of someone’s identity for
purpose of economic gain
·
Cyber-bullying
o
Use of the Internet, cell phones, or other
devices to send or post content intended to harm
·
Phishing
o
Attempts to trick Internet users into thinking
a fake but official-looking website is legitimate
Types of Internet Scams
Measures to Protect Computer
Security
Principle
measures to ensure computer security
·
Restricting access
·
Encrypting data
·
Anticipating disasters
o
Physical security
o
Data security
o
Disaster recovery plan
·
Preventing
data loss
Restricting Access
·
Biometric scanning
o
Fingerprint scanners
o
Iris (eye) scanners
·
Passwords
o
Dictionary attack
o
Uses software to try thousands of common words
sequentially in an attempt to gain unauthorized access to a user’s account
Automated Security Tasks
Ways
to perform and automate important security tasks
·
Security Suites
o
Provide a collection of utility programs
designed to protect your privacy and security
o
Security buffer between a corporation’s provide
network and all external networks
·
Password Managers
o
Helps to create strong passwords
Encryption
Coding
information to make it unreadable, except to those who have the encryption key
•
E-mail encryption protects emails
•
File encryption protects files
•
Web site encryption uses HTTPS protocol for protection
o
HTTPS – hypertext transfer protocol secured
•
Virtual private networks (VPNs)
o
Encrypts connects between company networks and
their remote users
•
Wireless network encryption restricts access to authorized users
o
WPA2 – Wi-Fi Protected Access
Anticipating Disasters
·
Anticipating Disasters
o
Physical Security protects hardware
o
Data Security protects software and data from unauthorized
tampering or damage
o
Disaster Recovery Plan describes ways to
continue operating in the event of a disaster
·
Preventing Data Loss
o
Frequent backups
o
Redundant data storage
v Store
off-site in case of loss of equipment
Making IT Work for You
~Cloud-Based Backup
·
Cloud-based backup services such as Carbonite
provide cloudbased backup services.
Ethics
Standards
of moral conduct computer Ethics – guidelines for the morally acceptable use of
computers
·
Copyright
o
Gives content creators the right to control the
use and distribution of their work
o
Paintings, books, music, films, video games
·
Software piracy
o
Unauthorized copying and distribution of
software
v Digital
rights management (DRM) controls access to electronic media
v Digital
Millennium Copyright Act protects against piracy
Plagiarism
Representing
some other person’s work and ideas as your own without giving credit to the
original person’s work and ideas.
Careers in IT
·
IT Security Analysts maintain the security of a
company’s network, systems, and data.
·
Bachelors or associate’s degree in information
systems or computer science
·
Experience is usually required
·
Must safeguard information systems against
external threats
·
Annual salary is usually from
·
$62,000 to $101,000
·
Demand for this position is expected to grow
A Look to the Future the End of Anonymity
- Most forums and comment areas on
websites allow users to post messages anonymously
- Some use this for abusive and
threatening comments
- Online harassment
- Cyberbullying
- Stalking
- Damaging reputations