Unit 2 PDF
Document Details
Uploaded by Deleted User
Tags
Summary
This document discusses the differences between ethics and law, and the various forms of cyberbullying and ethical concerns in cybersecurity. It provides information on the moral principles and guidelines that govern human behavior, and legal consequences for violations of laws. It also explores issues of privacy, accuracy, property, and accessibility in the digital world.
Full Transcript
Differentiate between Ethics and Law What is Ethics? Moral principles that govern a person's behaviour or the conducting of an activity. Ethics refers to a set of principles or moral values that govern human behavior and decision-making. It is an internal system of beliefs,...
Differentiate between Ethics and Law What is Ethics? Moral principles that govern a person's behaviour or the conducting of an activity. Ethics refers to a set of principles or moral values that govern human behavior and decision-making. It is an internal system of beliefs, values, and principles that individuals develop based on their upbringing, cultural background, personal experiences, and philosophical perspectives. Ethics provides guidelines for distinguishing between right and wrong, good and bad, and morally acceptable and unacceptable actions. It focuses on questions of morality and aims to promote virtuous behavior, fairness, and the well-being of individuals and society. Ethics are subjective and can vary among individuals or cultures, leading to different ethical frameworks or systems. Ethics in Cyber Security Confidentiality Integrity Availability Privacy Ethical Hacking Responsible Disclosure Ethical Decision-Making Legal and Regulatory Compliance Awareness and Education What is Law? The system of rules which a particular country or community recognizes as regulating the actions of its members and which it may enforce by the imposition of penalties. Laws, on the other hand, are rules and regulations established by governing bodies, such as governments or legislative bodies, to maintain order, provide a framework for society, and protect the rights and well-being of individuals. Laws are based on ethical principles but are enforceable and have legal consequences if violated. They are designed to be impartial and apply to all members of a society equally. Laws are typically enacted through a formal legislative process and are codified in legal statutes, constitutions, or regulations. They cover various aspects of human conduct, such as criminal behavior, property rights, contracts, employment, and public safety. Violations of laws can result in penalties, such as fines, imprisonment, or other legal consequences. "Shooting the birds is against the law“. Difference Between Ethics and Laws Laws Ethics Laws are rules that mandate or prohibit Ethics comprises of guidelines and certain behavior in society; they are drawn principles that inform people about from ethics, which define socially how to live or how to behave in a acceptable behaviors. particular situation. laws tend to be more rigid and may Ethics are more flexible and adaptable require formal amendments. to changing circumstances, allowing individuals. laws are created by governing bodies as formal rules and regulations. Ethics stem from personal beliefs, Laws are generally intended to be values, and moral principles. universally applicable within a specific Ethical frameworks can vary among jurisdiction. individuals, cultures, and societies. Distinguish among types of ethical concerns. Privacy: This deals with the right of an individual to control personal information. It is the protection of personal or sensitive information. Privacy is subjective. Different people have different ideas of what privacy is and how much privacy they will trade for safety or convenience. Accuracy: This talks about the responsibility for the authenticity, fidelity an accuracy of the information. Property: This determines who the owner of the information is and who controls access. Accessibility: This deals with the issue of the type of information, an organization has the right to collect. And in that situation, it also expects to know the measures which will safeguard against any unforeseen eventualities. Cyber Bullying Cyberbullying or cyber harassment is a form of bullying or harassment using electronic means. Cyberbullying and cyber harassment are also known as online bullying. Cyberbullying refers to the act of using digital communication technologies, such as social media platforms, online forums, text messages, or emails, to harass, intimidate, or harm another person. It involves the repetitive and intentional use of these technologies to target an individual or a group, causing emotional distress, humiliation, or fear. It has become increasingly common, especially among teenagers, as the digital sphere has expanded and technology has advanced. Cyberbullying is when someone, typically a teenager, bullies or harasses others on the internet and other digital spaces, particularly on social media sites. Harmful bullying behavior can include posting rumors, threats, sexual remarks, a victims' personal information, or pejorative labels (i.e. hate speech). Bullying or harassment can be identified by repeated behavior and an intent to harm. Victims of cyberbullying may experience lower self-esteem, increased suicidal ideation, and various negative emotional responses, including being scared, frustrated, angry, or depressed. Cyberbullying can take various forms:- Verbal Abuse: Sending threatening, abusive, or derogatory messages, comments, or emails. Harassment: Repeatedly sending unwanted messages, spreading rumors, or making false statements about someone online. Exclusion: Deliberately excluding someone from online groups, chats, or activities to isolate and ostracize them. Impersonation: Creating fake profiles or pretending to be someone else to deceive and harm others. Disclosure of Personal Information: Sharing someone's private information, photos, or videos without their consent, often with the intention of embarrassing or blackmailing them. Cyberstalking: Persistent and intrusive online monitoring, tracking, or following of an individual, causing them fear or anxiety. Trolling: Posting provocative or offensive content with the aim of provoking emotional responses and disrupting online discussions. Identify actions that constitute cyberbullying Sending mean, hurtful, or threatening messages Sharing or spreading false rumors Posting or sharing embarrassing or private information Creating fake profiles or impersonating others Online harassment and stalking Trolling and baiting Exclusion or cyber isolation Hate speech and discriminatory language Photoshopping or altering images to ridicule Identify possible warning signs of someone being cyberbullied Emotional distress Changes in sleep or eating patterns Avoidance of technology Self-blame or low self-esteem Changes in social behavior Secrecy about online activities Physical complaints Decline in academic or work performance Withdrawal from family and friends Expressions of hopelessness or Unexplained anger or frustration suicidal thoughts Sudden loss of interest Identify laws applicable to cybersecurity General Data Protection Regulation (GDPR): Implemented in the European Union, the GDPR regulates the processing and handling of personal data to safeguard individual privacy and data security. Computer Fraud and Abuse Act (CFAA): In the United States, this law addresses unauthorized access to computer systems and data, making it illegal to hack into protected networks. Cybersecurity Information Sharing Act (CISA): Encourages the sharing of cybersecurity threat information between private companies and government agencies to improve cybersecurity measures. The Data Protection Act 2018 (UK) Information Technology Act, 2000 (IT Act): The IT Act is the primary legislation governing electronic transactions, cybersecurity, and digital signatures in India. It defines various cyber offenses, such as unauthorized access, hacking, and the spreading of malicious code, and prescribes penalties for these offenses. Information Technology (Amendment) Act, 2008: This amendment to the IT Act was enacted to address emerging cyber threats and provide additional provisions for dealing with cybercrimes, including the introduction of new offenses and higher penalties. Indian Computer Emergency Response Team (CERT-In): Although not a law, CERT-In is the national agency responsible for coordinating responses to cybersecurity incidents in India. It plays a crucial role in enhancing the security of the country's cyberspace. Data Protection Laws and Rules: While India does not have a comprehensive data protection law, various rules and guidelines govern data protection. The Personal Data Protection Bill, 2019, is currently under consideration to establish a comprehensive data protection framework. Payment Card Industry Data Security Standard (PCI DSS): While not a law, PCI DSS is a set of industry standards that apply to organizations handling credit card data. It aims to ensure the security of cardholder information and prevent data breaches. National Cyber Security Policy, 2013: This policy outlines India's vision and strategy for ensuring a secure cyberspace and strengthening the country's cybersecurity posture. Guidelines for Corporate Governance in IT Sector: The Ministry of Corporate Affairs has issued guidelines for good corporate governance in the IT sector, which includes recommendations for cybersecurity practices. Indian Penal Code, 1860: While not specific to cybersecurity, various sections of the Indian Penal Code deal with offenses related to cybercrimes, such as fraud, identity theft, and cyber defamation. Securities and Exchange Board of India (SEBI) Cybersecurity Guidelines: SEBI has issued guidelines for listed companies and market intermediaries to enhance their cybersecurity and protect against cyber threats. Reserve Bank of India (RBI) Guidelines: The RBI has issued guidelines and circulars related to cybersecurity in the banking and financial sector, mandating certain security measures and incident reporting.