Lecture 25 - Ethics and Privacy in IT Flashcards
Ethics
Ethics are a set of common beliefs about appropriate conduct within a community (a business, country, etc.)
Business ethics
Business ethics concerns issues that confront business professionals.
Practical Circumstances Influence Ethical Decisions (6)
- Consequences (harm or benefit from the decision)
- Society’s opinion (what others think)
- Likelihood of effect (probability of harm or benefit)
- Time to consequences
- Relatedness (how much you identify with the person or persons who will be affected)
- Reach of result (how many people will be affected)
What is utilitarianism?
Greatest good for the greatest number – measure good
What is Kant’s categorical imperative?
o Would things work if everyone behaved this way?
o Must uphold promises to individuals
What is the ethic of justice?
What if the roles were reversed? Still fair?
What is the ethic of virtue?
Would you be proud to display this behavior to the public?
Dimensions of Ethical Computer Use (5)
- Ownership and Intellectual Property
Who owns data/process? Who has right to modify/destroy them? - Responsibility
Who is responsible for quality of data/process? - Personal privacy
Who has the right to see (a copy of) “private” data? - Access
Who has the right to access official data/processes? - Unethical handling of information within business is a problem
Relevant for designing any IT system
Intellectual property
Intellectual property is intangible creative work that is embodied in physical form e.g. software, music, sketches of a company’s product.
Copyright
Copyright is legal protection for an expression of an idea.
Why is the security of email an important issue?
Email is completely insecure…
o Each e-mail you send results in at least 3 or 4 copies being stored on different computers.
o You can take measures to protect your e-mail, such as encrypting your messages.
What are technologies to help monitor employees? (5)
• Key logger software: records each stroke and mouse click performed
• Screen capture programs periodically record what is displayed on the computer screen.
• Any CD your computer burns can be traced back to your CD drive.
• An Event Data Recorders (EDR) in a car collects data if a collision occurs. It will even keep information if a second impact follows the collision.
• Computer servers (Web, Email) keep a record of:
o Each email received and sent
o Each website visited and duration
What are technologies to track customers? (6)
- Cookie
- Adware
- Spyware
- Trojan-horse software
- Web log
- Anonymous Web browsing (AWB)
Cookie
Cookie - a small record deposited on your hard disk by a Web site containing information about you and your Web activities.
Adware
Adware is software that generates ads. It installs itself when you download another (usually free) program from the Web.
Spyware (sneakware, stealthware)
Spyware (sneakware, stealthware) is malicious software that comes hidden in downloaded software. It tracks your on-line movements and/or mines the information stored on your computer.
Trojan-horse software
Trojan-horse software – unwanted software, hidden inside software you do want.
Web Log
Web Log - Even without spyware, a Web site can capture a great deal of visitor information in its Web log. The Web log is usually stored on the Web server. At the very least, it will record the visitor’s clickstream (Web sites visited and for how long, ads viewed, and information about purchases).
Anonymous Web browsing (AWB)
Anonymous Web browsing (AWB) services hide a user’s identity from the Web site being visited. Identifying information is removed by sending the information through the AWB’s server.
Spam
Spam is unsolicited e-mail sent from businesses to advertise their goods and services.
Identity theft
Identity theft is the forging of someone’s identity for the purpose of fraud.
Phishing (carding, brand spoofing)
Phishing (carding, brand spoofing) is a technique used to get personal information for the purpose of identity theft. This is usually done using email.
Pharming
- When on a legitimate Web site, pharming occurs when your request is rerouted to a fake site for the purpose of collecting your information.
- Pharming is accomplished by gaining access to the giant databases that Internet providers use to route Web traffic.
PIPEDA
- Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) became law in the late 1990s (includes ten principles).
- It meets the privacy criteria of the European Union and ensures that the personal information of European citizens is protected in Canada.
Foundations of PIPEDA (10)
- Accountability
- Identify the purposes and uses at or before the time you collect the information – must be for a reasonable purpose
- Consent to collect, use or disclose personal information
- Limiting Collection
- Limiting use, disclosure, and retention
- Accuracy
- Safeguarding personal information
- Openness
- Individual Access
- Challenging compliance – handling complaints in a timely and fair manner