Ethics and Legal Flashcards
Collection, Dissemination, and Use of CC Information
1970 Fair Credit Reporting Act
Penalties related to organized crime, incl extortion & blackmail
1970 RICO Racketeer Influenced and Corrupt Organization
Personal data systems reviewable, system owners must prevent misuse
1973 Code of Fair Information Practices
Identifies who can possess PII
1974 Privacy Act
Addresses malicious and unauthorized access of systems, penalties expanded under Patriot Act
1986 Computer Fraud and Abuse Act
Addresses the right to intercept transmission of electronic data sent by computers
1986 Electronic Communication Privacy Act
Protect corporations and industries from espionage
Property covers proprietary economic information
1996 Economic and Protection of Proprietary Information Act
Protection of personal information within the health industry
1996 HIPAA Health Information Portability and Accountability Act
The theft of trade secrets is a federal crime
1996 Title I, Economic Espionage Act
Bonding
A bonding company has secured money that is available in the event that someone files a claim.
When an employee is bonded, the bonding company has investigated the employee’s background and found the person to be “trustworthy” and “good” enough to insure.
Pre-Engagement Activities determines…
Goal Target Communication (who receives, encrypted Timing How intrusive Non-disclosure Agreements Payment - when
Non-disclosure Agreements cover
Personally Identifiable Information
Trade Secrets
Company confidential information
Black Hat
Gray Hat
White Hat
Black Hat: unauthorized, intentions: financial, curiosity, attack
White Hat: Pen testing with agreements in place
Gray Hat: unauthorized with goal of identifying vulnerabilities (reverse engineering)
