Lecture 25 - Ethics and Privacy in IT

Question 1

Ethics

Answer 1

Ethics are a set of common beliefs about appropriate conduct within a community (a business, country, etc.)

Question 2

Business ethics

Answer 2

Business ethics concerns issues that confront business professionals.

Question 3

Practical Circumstances Influence Ethical Decisions (6)

Answer 3

1. Consequences (harm or benefit from the decision)
2. Society’s opinion (what others think)
3. Likelihood of effect (probability of harm or benefit)
4. Time to consequences
5. Relatedness (how much you identify with the person or persons who will be affected)
6. Reach of result (how many people will be affected)

Question 4

What is utilitarianism?

Answer 4

Greatest good for the greatest number – measure good

Question 5

What is Kant’s categorical imperative?

Answer 5

o Would things work if everyone behaved this way?

o Must uphold promises to individuals

Question 6

What is the ethic of justice?

Answer 6

What if the roles were reversed? Still fair?

Question 7

What is the ethic of virtue?

Answer 7

Would you be proud to display this behavior to the public?

Question 8

Dimensions of Ethical Computer Use (5)

Answer 8

• Ownership and Intellectual Property
  Who owns data/process? Who has right to modify/destroy them?
• Responsibility
  Who is responsible for quality of data/process?
• Personal privacy
  Who has the right to see (a copy of) “private” data?
• Access
  Who has the right to access official data/processes?
• Unethical handling of information within business is a problem
  Relevant for designing any IT system

Question 9

Intellectual property

Answer 9

Intellectual property is intangible creative work that is embodied in physical form e.g. software, music, sketches of a company’s product.

Question 10

Copyright

Answer 10

Copyright is legal protection for an expression of an idea.

Question 11

Why is the security of email an important issue?

Answer 11

Email is completely insecure…

o Each e-mail you send results in at least 3 or 4 copies being stored on different computers.
o You can take measures to protect your e-mail, such as encrypting your messages.

Question 12

What are technologies to help monitor employees? (5)

Answer 12

• Key logger software: records each stroke and mouse click performed
• Screen capture programs periodically record what is displayed on the computer screen.
• Any CD your computer burns can be traced back to your CD drive.
• An Event Data Recorders (EDR) in a car collects data if a collision occurs. It will even keep information if a second impact follows the collision.
• Computer servers (Web, Email) keep a record of:
o Each email received and sent
o Each website visited and duration

Question 13

What are technologies to track customers? (6)

Answer 13

1. Cookie
2. Adware
3. Spyware
4. Trojan-horse software
5. Web log
6. Anonymous Web browsing (AWB)

Question 14

Cookie

Answer 14

Cookie - a small record deposited on your hard disk by a Web site containing information about you and your Web activities.

Question 15

Adware

Answer 15

Adware is software that generates ads. It installs itself when you download another (usually free) program from the Web.

Question 16

Spyware (sneakware, stealthware)

Answer 16

Spyware (sneakware, stealthware) is malicious software that comes hidden in downloaded software. It tracks your on-line movements and/or mines the information stored on your computer.

Question 17

Trojan-horse software

Answer 17

Trojan-horse software – unwanted software, hidden inside software you do want.

Question 18

Web Log

Answer 18

Web Log - Even without spyware, a Web site can capture a great deal of visitor information in its Web log. The Web log is usually stored on the Web server. At the very least, it will record the visitor’s clickstream (Web sites visited and for how long, ads viewed, and information about purchases).

Question 19

Anonymous Web browsing (AWB)

Answer 19

Anonymous Web browsing (AWB) services hide a user’s identity from the Web site being visited. Identifying information is removed by sending the information through the AWB’s server.

Question 20

Spam

Answer 20

Spam is unsolicited e-mail sent from businesses to advertise their goods and services.

Question 21

Identity theft

Answer 21

Identity theft is the forging of someone’s identity for the purpose of fraud.

Question 22

Phishing (carding, brand spoofing)

Answer 22

Phishing (carding, brand spoofing) is a technique used to get personal information for the purpose of identity theft. This is usually done using email.

Question 23

Pharming

Answer 23

• When on a legitimate Web site, pharming occurs when your request is rerouted to a fake site for the purpose of collecting your information.
• Pharming is accomplished by gaining access to the giant databases that Internet providers use to route Web traffic.

Question 24

PIPEDA

Answer 24

• Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) became law in the late 1990s (includes ten principles).
• It meets the privacy criteria of the European Union and ensures that the personal information of European citizens is protected in Canada.

Question 25

Foundations of PIPEDA (10)

Answer 25

1. Accountability
2. Identify the purposes and uses at or before the time you collect the information – must be for a reasonable purpose
3. Consent to collect, use or disclose personal information
4. Limiting Collection
5. Limiting use, disclosure, and retention
6. Accuracy
7. Safeguarding personal information
8. Openness
9. Individual Access
10. Challenging compliance – handling complaints in a timely and fair manner