McGraw-Hill Technology Education © 2006 by the McGraw-Hill Companies, Inc. All rights reserved CHAPTER PRIVACY AND SECURITY

CE06_PP10-2 Competencies (Page 1 of 2) Discuss the privacy issues related to the presence of large databases, private networks, the Internet, and the Web Describe the major privacy laws and the Code of Fair Information Practice Describe the security threats posted by computer criminals, computer crime, and other hazards Page 270

CE06_PP10-3 Competencies (Page 2 of 2) Discuss ways that individuals and organizations protect their security Describe the common types of physical and mental risks associated with computer use and ways to protect yourself against these risks Discuss what the computer industry is doing, and what you can do to protect the environment Page 270

CE06_PP10-4 Information Systems people procedures software hardware data connectivity Page 272

CE06_PP10-5 Information Systems & Privacy People  computer can be used for both good and bad Does technology make it easy to invade our privacy? When we apply for a loan, school, DL; when check out from supermarket, library, etc. is that information about us being distributed and used without our permission? When we use the web, is info about being collected?

CE06_PP10-6 Information Systems & Security Does technology make it easy for others to invade the security of business organizations like banks, public & government organizations E.g. public organization: schools, health records Government organizations: e.g. classified information fom department of defense

CE06_PP10-7 Information Systems Concerns for People PrivacyPrivacy – What are the threats to personal privacy and how can we protect our selves? SecuritySecurity – How can access to sensitive information be controlled and how can we secure hardware and software? ErgonomicsErgonomics – What are the physical and mental risks to technology and how can these risks be eliminated or controlled? Environment Environment – What can individuals and organizations do to minimize the impact of technology? Page 272

CE06_PP10-8 Computer Ethics and Privacy Computer ethics provide guidelines for computer use Ethics issues include: Privacy: collection and use of data about individuals Accuracy: responsibility to ensure data is correct Property: who owns data and rights to software Access: responsibility of those who have data to control who is able to use that data Page 273

CE06_PP10-9 Large Databases Organizations are constantly collecting data The Fed. Gov. has over 2000 databases Data gatherers Information resellers or information brokers Electronic profiles are created Concerns Spreading information without consent Identify theft Spreading inaccurate information Mistaken identity Freedom of Information Act: You’re entitled to look at your records held by government agencies. Page 274 Return

CE06_PP10-10 Computer Ethics and Privacy Private networks Employer eavesdropping on employees Snoopware: software that records everything you do on your computer ~ 75% of employers use it. Legal Legal attempts to restrict its use

CE06_PP10-11 Private Networks Employers monitor e- mail Legally done Snoopware Software Online services right to censor content Screen and reject messages Terminate user accounts Page 276 Return

CE06_PP10-12 Internet and Web Illusion of anonymity Not concerned about privacy when surfing the Internet Not concerned about privacy when sending History file Cookies – two basic types Traditional Ad network or adware cookies Cookie-cutter programs Spyware Spy removal programs Page 276

CE06_PP10-13 Computer Ethics and Privacy Privacy laws exist, but privacy remains primarily an ethical issue

CE06_PP10-14 Major Privacy Laws Page 279

CE06_PP10-15 Code of Fair Information Practice PrincipleDescription No secret databasesNo personal data that is secret Right of individual access Individuals have a right to see information about them Right of consentInformation for one purpose cannot be used again Right to correctAbility to correct errors Assurance of reliabilityData must not be misused Page 279 Return

CE06_PP10-16 Security and Computer Criminals Threats to computer security are criminals, computer crime, and hazards Computer criminals are of five types: Employees Outside users Hackers and crackers Organized crime Terrorists Page 282

CE06_PP10-17 Computer Crime Number of Computers Crimes Going Up Malicious Programs Viruses Worms Trojan horse Denial of service (DoS) Internet Scams Theft Hardware or software Data Computer time Data Manipulation Computer Fraud and Abuse Act of 1986 Page 283

CE06_PP10-18 Commonly Encountered Viruses Return Page 286

CE06_PP10-19 Commonly Encountered Worms Return Page 286

CE06_PP10-20 Other Hazards Natural hazards Fires & floods Winds Hurricanes Tornadoes Earthquakes Civil strife and terrorism Wars Riots Terrorist acts Technological failures Voltage surge Use surge protector Human errors Page 287

CE06_PP10-21 Measures to Protect Computer Security Encrypting messages Restricting access Anticipating disasters Backing up data Encrypted Page 287 Return

CE06_PP10-22 Restricting Access Assigning passwords Biometric scanning Fingerprint scanners Retinal (eye) scanners Firewalls Special hardware and software Controls access to internal networks Page 238 Return

CE06_PP10-23 Ergonomics (Page 1 of 3) Study of human factors related to things people use Physical Health Eyestrain and headache Back and neck pain Repetitive strain injury Page 238

CE06_PP10-24 Ergonomics (Page 2 of 3) Page 291

CE06_PP10-25 Ergonomics (Page 3 of 3) Computer technology offers ways of improving productivity but can create irritants other than physical Noise Electronic monitoring Technostress Stress associated with computer use Page 292 Return

CE06_PP10-26 The Environment Page 293

CE06_PP10-27 Personal Responsibility to Help Protect the Environment What can you do? Conserve Recycle Educate Page 294

CE06_PP10-28 A Look to the Future Presence Technology Presence technology alerts you that someone is trying to reach you People can locate you People can tell which device is best to contact you Could become a standard feature of new cars, phones, and appliances Page 295

CE06_PP10-29 Discussion Questions Discuss the relationship between databases and privacy. Discuss the Code of Fair Information Act. Why has this act not been made into law? Discuss the various kinds of computer criminals. What are the principal measures used to protect computer security? What is encryption? How is it used by corporations and individuals What is ergonomics? How does computer use impact mental health? Physical health? Page 302