Introduction to Computer Information Systems: Chapter 9 - PDF

Summary

This document is a chapter on privacy, security, and ethics in computer information systems. It discusses important issues from a theoretical perspective. It covers topics like privacy issues, security threats posed by computer criminals, computer crimes, and ways to protect computer security.

Full Transcript

**INTRODUCTION TO COMPUTER INFORMATION SYSTEMS**

**MODULE I: INTRODUCTION TO COMPUTER INFORMATION SYSTEMS**

**CHAPTER IX: Privacy, Security and Ethics**

I. **OBJECTIVES**

At the end of this chapter, the students should be able to:

- Identify the most significant concerns for effective implementation
of computer technology.

- Discuss the primary privacy issues of accuracy, property, and
access.

- Describe the impact of large databases, private networks, the
Internet, and the Web on privacy.

- Discuss online identity and major laws on privacy.

- Describe the security threats posed by computer criminals including
employees, hackers, crackers, carders, organized crime, and
terrorists.

- Discuss computer crimes including creation of malicious programs
such as viruses, worms, Trojan horse, and zombies as well as denial
of service attacks, Internet scams, social networking risks,
cyber-bullying, rogue Wi-Fi hotspots, theft, data manipulation, and
other hazards.

- Detail ways to protect computer security including restricting
access, encrypting data, anticipating disasters, and preventing data
loss.

- Discuss computer ethics including copyright law, software piracy,
and digital rights management as well as plagiarism and ways to
identify plagiarism.

II. **SUBJECT MATTER**

Topic: Privacy, Security and Ethics

Sub topic: - Primary privacy issues of accuracy, property, and
access

\- Online identity and major laws on privacy

\- Security Threats

\- Computer crimes and computer ethics

III. **PROCEDURE**

A. **Preliminaries**

Pre- Assessment

1. Discuss primary privacy issues of accuracy, property, and access.

2. Enumerate the effects and impact of large databases, private
networks, the Internet, and the Web on privacy.

3. Define and describe the different grounds for security threats posed
by computer criminals.

4. Review and identify various computer crimes and other hazards.

5. Analyze and discuss computer security and ethics including copyright
law.

B. **Lesson Proper**

1. **People**

Effective implementation of computer technology involves maximizing
positive effects while minimizing negative effects. The most significant
concerns are privacy, security, and ethics.

- **Privacy** -- What are the threats to personal privacy and how can
we protect ourselves?

- **Security** -- How can access to sensitive information be
controlled and how can we secure hardware and software?

- **Ethics** -- How do the actions of individual users and companies
affect society?

**Privacy**

Every computer user should be aware of ethical matters, including how
databases and networks are used and the major privacy laws. **Privacy**
concerns the collection and use of data about individuals. Three primary
privacy issues includes; **Accuracy, Property, Access.**

2. **Large Databases**

Large organizations are constantly compiling information about us.
**Reverse directories** list telephone numbers followed by subscriber
names. **Information resellers** (information brokers) collect and sell
personal data. **Electronic profiles** are com-piled from databases to
provide highly detailed and personalized descriptions of individuals.

**Identity theft** is the illegal assumption of some-one's identity for
the purposes of economic gain. **Mistaken identity** occurs when an
electronic profile of one person is switched with another. **The Freedom
of Information Act** entitles individuals access to governmental records
relating to them.

3. **Private Networks**

Many organizations monitor employee e-mail and computer files using
special software called **snoopware.** Snoopware records virtually
everything you do on your computer.

A proposed law could prohibit this type of electronic monitoring or at
least require the employer to notify the employee first.

4. **The Internet and the Web**

Many people believe that, while using the Web, little can be done to
invade their privacy. This is called the **illusion of anonymity.**

**History files** record locations of visited sites. **Cookies** store
and track information. Two basic types are **traditional cookies and ad
network cookies (adware cookies)**.

- **Traditional cookies** provide information to a single site. Most
cookies are harmless and are intended to provide customized service.

- **Ad network or adware cookies** record your
activities across different sites -- spyware. Once deposited onto a
hard drive, they continue to actively collect information on Web
activities; form of spyware.

**Spyware** are programs designed to secretly record and report Internet
activities. Ad network cookies are one type of spyware. Another type---
**computer monitoring** (keystroke loggers) ---watches what you do,
while **Web bugs** provide information back to spammers about activity
on your e-mail account. **Antispyware** (spy removal programs) detects
Web bugs and monitoring software.


5. **Online Identity**

With the popularity of social networking, blogging, and photo- and
video-sharing sites, many people post personal information and sometimes
intimate details of their lives without considering the consequences.
This creates an **online identity**. With the archiving and search
features of the Web, this identity is indefinitely available to anyone
who cares to look for it.

6. **Major Laws in Privacy**

The **Gramm-Leach-Bliley Act** protects personal financial information;
the **Health Insurance Portability and Accountability Act (HIPAA)**
protects medical records; and the **Family Educational Rights and
Privacy Act (FERPA)** restricts disclosure of educational records.

7. **Security**

What if someone gains unauthorized access to our computer or other
computers that contain information about us? What if someone steals our
computer or other computers that contain information about us? What are
the major threats to computer security, and how can we be protected?

**Computer Criminals**

**Computer criminals** include employees, outside users, hackers and
crackers, organized crime, and terrorists.

- **Hackers** ---create or improve programs and share those programs
with fellow hackers. Typically are not criminals.

- **Crackers** ---share programs designed to gain unauthorized access
to computer systems or disrupt networks. Typically are criminals.

**Computer Crime**

**Computer crime** is an illegal action involving special knowledge of
computer technology.

- **Malicious programs (malware)** include viruses (the Computer Fraud
and Abuse Act makes spreading a virus a federal offense), worms**,
and Trojan horses**. Zombies are remotely con-trolled infected
computers used for malicious purposes. A collection of zombie
computers is known as a botnet, or robot network.

- **Denial of service attack (DoS)** is an attempt to shut down or
stop a computer system or network. It floods a computer or network
with requests for information and data.

- **Scams** are designed to trick individuals into spending their time
and money with little or no return. **Common Internet scams**
include identity theft, chain letters, auction fraud, vacation
prizes, and advance fee loans. These are frequently coupled with
**phishing** Web sites or e-mails.

- Social networking risks include posting work-related criticisms and
disclosure of personal information.

- **Rogue Wi-Fi hotspots** imitate legitimate hot-spots to capture
personal information.

- Theft takes many forms including stealing hard-ware, software, data,
and computer time.

- Data manipulation involves changing data or leaving prank messages.
The **Computer Fraud and Abuse Act** helps protect against data
manipulation.

- Other hazards include natural disasters, civil strife, terrorism,
technological failures (**surge protectors protect against voltage
surges or spikes)**, and human error.


8. **Measures to Protect Computer Security**

**Security** is concerned with keeping hardware, soft-ware, data, and
programs safe. Some measures are restricting access by using **biometric
scanning** devices, **passwords**, and **firewalls;** encrypting data
using **encryption keys** for e-mail, Web site, **VPN, and wireless
network encryption** (WEP, WPA, and WPA2 protocols); anticipating
disasters ( **physical and data security, disaster recovery plans** );
and preventing data loss.

9. **Ethics**

Ethics are standards of moral conduct. **Computer ethics** are
guidelines for the morally accept-able use of computers in our society.
We are all entitled to ethical treatment. This includes the right to
keep personal information, such as credit ratings and medical histories,
from getting into unauthorized hands.

**Copyright and Digital Rights Management**

Copyright is a legal concept that gives content creators the right to
control use and distribution of their work. Materials that can be
copyrighted include paintings, books, music, films, and even video
games.

**Software piracy** is the unauthorized copying and distribution of
software. Two related topics are the Digital Millennium Copyright Act
and digital rights management.

- **Digital Millennium Copyright Act** establishes the right of a
program owner to make a backup copy of any program and disallows the
creation of copies to be sold or given away. It is also illegal to
download copyright-protected music and videos from the Internet.

- **Digital rights management (DRM)** is a collection of technologies
designed to prevent copyright violations. Typically, DRM is used
to (1) control the number of devices that can access a given file as
well as (2) limit the kinds of devices that can access a file.

**Plagiarism**

**Plagiarism** is the illegal and unethical representation of some other
person's work and ideas as your own without giving credit to the
original source. Examples of plagiarism include cutting and pasting Web
content into a report or paper. Recognizing and catching plagiarists is
relatively easy. For example, services such as Turnitin are dedicated to
preventing Internet plagiarism. This service examines a paper's content
and compares it to a wide range of known public electronic documents
including Web page content. Exact duplication or paraphrasing is readily
identified.


**ACTIVITY 1: MULTIPLE CHOICE**

Encircle the letter of the correct answer.

1\. Reverse \_\_\_\_\_ list telephone numbers followed by subscriber
names.

a\. directories

c\. databases

b\. order

d\. listing

2\. The privacy issue that relates to the responsibility of controlling
who is able to use data is \_\_\_\_\_

a\. access

c\. accuracy

b\. property

d\. encryption

3\. Two basic types of cookies are \_\_\_\_\_.

a\. advanced and remedial

c\. natural and ad network

b\. traditional and natural

d\. ad network and traditional

4\. A small image or other HTML code that is hidden within an e-mail
message is called a \_\_\_\_\_.

a\. virus

c\. denial-of-service attack

b\. worm

d\. Web bug

5\. People who create or improve programs and share those programs are
\_\_\_\_\_.

a\. employees

c\. crackers

b\. hackers

d\. members of organized crime

6\. An attempt to slow down or stop a computer system or network by
flooding the system with requests for information is called a
\_\_\_\_\_\_

a\. virus

c\. denial-of-service attack

b\. worm

d\. Trojan horse

7\. Secret words or phrases used to gain access to a computer system are
called \_\_\_\_\_

a\. encryption

c\. crackers

b\. codes

d\. passwords

8\. Computer \_\_\_\_\_ are guidelines for the morally acceptable use of
computers in our society.

a\. business demands

c\. laws

b\. ethics

d\. security requirements

9\. Copyright is a (n) \_\_\_\_\_ concept that gives content creators the
right to control use and distribution of their work.

a\. economic

c\. legal

b\. ethical

d\. moral

10\. \_\_\_\_\_ is a collection of technologies designed to prevent
copyright violations.

a\. DBMS

c\. DRM

b\. DoS

d\. RSS

**ACTIVITY 2: ESSAY WRITING**

Answer the questions and / or statements briefly. Write on the spaces
provided below.

1. What are the principal measures used to protect computer security?
What is encryption? How is it used by corporations and individuals?

\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_

\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_

\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_

\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_

\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_

2. What is a copyright? Discuss software piracy.

\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_

\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_

\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_

\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_

\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_

3. What is plagiarism? Discuss how computers make plagiarism easy and
tempting to busy people and how a plagiarist can be easily
identified.

\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_

\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_

\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_

\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_

\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_