Chapter9
The use of computers and technology prompts some very important questions about the use of personal data and our right to privacy. This chapter covers issues related to the impact of technology on people and how to protect ourselves on the Web.
The most significant concerns: Information System consists of people, procedures, software, hardware, data and the Internet. This chapter focuses on people. The most significant concerns: Privacy – What are the threats to personal privacy and how can we protect ourselves? Security – How can access to sensitive information be controlled and how can we secure hardware and software? Ethics – How do the actions of individual users and companies affect society?
Privacy – concerns the collection and use of data about individuals Three primary privacy issues: Accuracy: responsibility of those who collect data to ensure that the data is correct Property: relates to who owns data Access: responsibility of those who have the data to control who is able to use it. Every computer user should be aware of ethical matters, including how databases and networks are used and the major privacy laws Accuracy – responsibility of those who collect data Secure Correct Property – who owns data and who has rights to software Access – responsibility of those who control data and use of data Technology moving faster than law can adapt
Large organizations constantly compile information about us. Federal government has over 2,000 databases Telephone companies Compile lists of calls we make, the numbers called, and location Supermarkets What we buy, when, and how much? Search engines record search histories including search topics. Every digital event (smartphone, buying ,sending..) is recorded Data collected and stored on citizens every day Collectors include Government agencies – Federal government has 2,000 databases; businesses Telephone companies – compile lists of the calls we make; reverse directory (key term) is a special telephone directory that lists telephone numbers sequentially and can be used to gather data about the persons we call Data has value – hence the rise of the information reseller: information resellers provide this gathered data to others for a fee
Information resellers or information brokers Collect, analyze and sell personal data Electronic profiles easily created using public and nonpublic databases Personal information is a marketable commodity, which raises many issues: Collecting public, but personally identifying information (e.g., Google’s Street View) Spreading information without personal consent by using your own facebook, google+ account, leading to identity theft Spreading inaccurate information Mistaken identity : In which the electronic profile of one person is switched with another. Freedom of Information Act in US: You are entitled to look at your records held by the government agencies Concerns include: Spreading information without consent – example: collecting your shopping habits and sharing; or medical records, or driver’s license number Last year over 10 million people were victimized by identity theft (key term) (illegal assumption of someone’s identity for economic gain) Spreading inaccurate information – Mistakes happen, but when those mistakes are recorded and your financial position is affected it becomes a problem Mistaken Identity – an electronic profile of one person is switched with another Under the Freedom of Information Act you are entitled to look at your records held by government agencies.
Employers can monitor e-mail legally 75 percent of all businesses search employees’ electronic mail and computer files using employee monitoring software (snoopware) Snoopware records virtually everything you do on your computer A proposed law could prohibit this type of electronic monitoring or at least require the employer to notify the employee first Currently legal for employers to monitor electronic mail; survey reported 75% do so using snoopware Snoopware records virtually everything you do on your computer
Illusion of anonymity People are not concerned about privacy when surfing the Internet or when sending e-mail When you browse the web, the browser stores critical info onto your hard disk History files in Web browsers, include location, address, sites that you have visted Temporary Internet files: also know as browser cache, contain web page content Cookies Spyware Illusion of anonymity -that if you are on the Internet and selective about disclosing names or other personal information that no one knows who you are or how to “find” you - false Recent cases of people tracing other people through Internet activity When you browse the Web your activity is monitored; when you visit a Web site your browser stores critical information onto your hard disk – usually without your permission or knowledge; a history file includes the locations of sites visited by your computer system
The information that people voluntarily post about themselves online Archiving and search features of the Web make it available indefinitely to anyone who cares to look How would you feel if information you posted about yourself on the Web kept you from getting a job?
Federal laws governing privacy matters have been created Gramm-Leach-Bliley Act Protects personal financial information Health Insurance Portability and Accountability Act (HIPAA) Protects medical records Family Educational Rights and Privacy Act (FERPA) Restricts disclosure of educational results and records
Security involves protecting individuals and organizations from theft and danger. Computer security focuses on protecting info, hardware and software from unauthorized use. Computer criminals: Outside users Hackers and crackers Carders Organized crime Computer crime – illegal action in which the perpetrator uses special knowledge of computer technology Computer criminals – those using computer technology to engage in illegal action, five types Employees – the largest category; may be trying to steal hardware, software, proprietary information and could be doing this out of resentment and trying to get back at the company Outside users – could include employees and clients or suppliers having access to a company’s computer system; could obtain confidential passwords (key term) “Hackers” and “crackers” – hackers gain unauthorized access to computer systems “for fun”, crackers on the other hand, create and share programs designed to gain unauthorized access to computer systems. Their motives are malicious and can be very destructive and costly. Carders – criminals who specialize in stealing, trading, and using stolen credit cards over the Internet Organized crime – tracking illegal enterprises, forgery, counterfeiting Terrorists – could potentially crash satellites and wage economic warfare by disrupting navigation and communication systems Most people don’t realize that security involves theft by employees as well as deliberate thefts from viruses, electronic break-ins, etc. Re-emphasize ethics as an integral part of security – what belongs to the company, belongs to the company (computer time, software, floppies, getting into area in computer where you don’t need to be)
Malicious Programs – Malware: Designed to damage and disrupt a computer systyem A cracker is a computer criminal who creates and distributes malicious programs Three types of malware: Viruses: programs that migrate through networks and operating systems and most attach themselves to different programs and databases Worms: programs that replicate themselves over and over again. Worm does not attach itself to a program to change something, but it can carry a virus. Trojan horse: programs appear to be harmless, but contain malicious programs. like worms they are carriers of viruses; The most common type of trojan horses appear as free computer games. Creation of malicious programs – called malware (key term)which is short for malicious software Viruses (key term)–migrate through networks and operating systems and most attach themselves to different programs and databases; can alter and/or delete files; can damage system components; Computer Fraud and Abuse Act (key term) makes spreading a virus a federal offense Worms (key term) – a special type of virus Doesn’t attach to a program Fills the computer with self-replicating information or can be a carrier of a more traditional virus Trojan horse – programs that are disguised as something else; like worms they are carriers of viruses; The most common type of Trojan horses appear as free computer games. Zombies – computers infected by a virus, worm, or Trojan horse that allows them to be remotely controlled for malicious purposes A collection of Zombie computers is knows as a botnet, or robot network. Malicious activities include password cracking or sending junk email. Denial of service attacks – attempts to slow down or stop a computer system or network by flooding a computer or network with requests for information and data. The targets of these attacks are usually ISPs.
Zombies: are computers infected by maware Denial of Service attack (DoS) attack: attempts to slow down or stop a computer system or network by flooding a computer or network with requests for information and data. The targets of these attacks are usually ISPs. Internet scams: deceptive act or operation to trick someone into providing personal information or spending money for little or no return Phishing: attempts to trick internet users into thinking a fake but official looking website. Like replicationg entire websites like PayPal Internet scams (key term) –a fraudulent or deceptive act or operation to trick someone into providing personal information or spending money for little or no return
Cyber-bullying: the use of the Internet, cell phones, or other devices to send or post content intended to hurt another person. Rogue Wi-Fi hotspots: imitate free Wi-Fi networks and capture any and all information sent by the users including usernames and passwords Identity Theft: Is illegal assumption of a person's identity for economic gain.. Identity is stolen apply for new credit cards.. Data manipulation : finding entry into someone’s computer network and leaving a prankster’s message Social networking risks Information posted can be used by others to steal personal identities and commit other types of crimes Cyber-bullying - the use of the Internet, cell phones, or other devices to send or post content intended to hurt or embarrass another person. sending repeated unwanted emails ganging up on victims in electronic forums posting false statements designed to injure the reputation of another maliciously disclosing personal data about a person that could lead to harm to that person sending any type of communication that is threatening or harassing Rogue Wi-Fi Hotspots – imitate free Wi-Fi networks and capture any and all information sent by the users to legitimate sites including usernames and passwords. Theft – hardware, software, data, computer time, confidential information Data manipulation – finding entry into someone’s computer network and leaving a prankster’s message Computer Fraud and Abuse Act – law states that it’s a crime for an unauthorized person to view, copy or damage data using any computer across state lines
Anticipating disasters Restricting access Encrypting data Anticipating disasters Physical security Data security Disaster recovery plan Preventing data loss: Routinely copy data and store it at a remote location Security involves protecting information, hardware, and software from unauthorized use, damage from intrusions, sabotage, and natural disasters Encryption – coding messages to prevent people from reading your messages Anticipating disasters Physical security (key term)– protecting hardware Data security (key term)– protecting software and data from unauthorized tampering or damage Disaster recovery plan (key term)– describing ways to continue operating until normal computer operations can be restored; can create special emergency facilities called hot sites which are fully equipped backup computer centers or cold sites if hardware must be installed to be utilized Preventing data loss Use physical backups – off-site storage using tapes or disks in case of loss of equipment
Standards of moral conduct Copyright Gives content creators the right to control the use and distribution of their work Paintings, books, music, films, video games Software piracy Unauthorized copying and distribution Plagiarism: representing some other person's work and ideas as your own without giving credit to the original source Technology is moving so fast it is hard for our legal system to keep up. The essential element that controls how computers are used today is ethics. Computer ethics - guidelines for the morally acceptable use of computers Digital Millennium Copyright Act – the right of the owner to make a backup copy Digital rights management – prevents copyright violations Plagiarism – representing some other person’s work and ideas as your own without giving credit to the original person’s work and ideas as your own