Section 2 Flashcards
What are the objectives of normative ethics?
To establish standards or norms for ethical behavior.
What are the objectives of descriptive ethics?
To describe and analyze people’s beliefs about morality.
What are the key tensions present in ethical discussions?
- Limited resources
- Competing kinds of good
- Different ideas about what is good.
What are the two varieties of ethical statements?
- Normative statements
- Descriptive statements
What is a normative statement?
An assessment of how things should be rather than how they are.
What is an example of a normative statement?
‘Being kind is more important than being the most successful.’
What is the relationship between descriptive and normative judgments?
Descriptive judgments can reflect underlying normative judgments.
What is the significance of choosing details in descriptions?
It involves normative judgments about relevance and importance.
What is the challenge in making ethical judgments?
Determining which facts are most important and how to describe them.
What is participatory design?
A practice that emphasizes multidisciplinary reflection in design.
What is the purpose of studying different ethical frameworks?
To provide different ways of asking and answering questions about ethical challenges.
True or False: Ethical living requires individuals to sacrifice their own needs.
False.
What is a zero-sum situation?
A scenario where one person’s gain is another person’s loss.
What is the difference between ‘ethics’ and ‘morality’?
‘Morals’ refer to personal standards, while ‘ethics’ involves thoughtful reflection on those standards.
What are the three changes that have been brought about by the societal impacts of computer technologies?
- Reproducibility of information
- Information Flow (many-to-many communication)
- Identity Conditions: the ability to communicate anonymously but also have made individuals easier to track/identify in general
What are the two major professional societies within the computing fields?
- ACM (The Association for Computing Machinery)
- IEEE (Institute of Electrical and Electronics Engineers)
What are the four major frameworks discussed in the textbook?
- Deontology
- Utilitarianism
- Virtue Ethics
- Communitarianism
Deontology
Emphasizes moral obligation and prescribes or describes moral principles that govern ethics
Virtue Ethics
Centers on the human character as the locus of moral activity and emphasizes how we develop and exercise good qualities.
Communitarianism
Focuses on the interdependence of human nature and how that shapes our possibilities for well-being and self-realization
Utilitarianism
Prioritizes the greatest happiness for the greatest number of people and therefore focuses on the outcomes of actions.
Metaphysics
Our understanding of how the world works and the nature of reality, including what human beings are and are for.
This ethical framework emphasizes the rightness or wrongness of an action by reference to certain principles.
Deontology
What is a moral relativist?
Someone who believes that all moral judgements are based on individual viewpoints and that no one viewpoint ought to be privileged above any other
What are the three deontic forms of authority?
Political, Divine, and Human Reason
Contractarianism
A deontological tradition that presupposes that human beings are driven by self-interest, and therefore the best strategy for deciding which institutions, principles, and social rules can place constraints on our otherwise selfish actions is to first find the ones on which we all would agree. Contractarianism grew out of social contract theory (from Thomas Hobbes in the early 1600s).
Divine Command Theory
A deontological tradition that derives its authority from God/gods. Moral obligations consist of obedience to deities in regards to obligatory or forbidden actions, and all other actions are considered to be permissible.
Natural law theory
A deontological tradition that accepts that law can be considered and spoken of both as a sheer social fact of power and practice, and as a set of reasons for action that can be and often are sound as reasons and therefore normative for reasonable people addressed by them. “Unjust laws are not laws.”
T/F
Deontology is organized around the question of what is right rather than what is good
True
Habitus
The patterns of living that issue from and reveal a person’s qualities of character
What are virtues?
Virtues are the basic building blocks of human character that all people possess. A virtue is the capacity to exercise a specific quality. Ex. A habitual liar is deficient in honesty rather than lacking honesty entirely
Confucianism
A tradition of virtue ethics that argues that we are all basically same by nature at birth and habituation is what differentiates us.
Aristotelianism
A tradition of virtue ethics based on Aristotle’s teachings particularly in the Nicomachean Ethics, which lists 11 moral virtues that must be developed through habituation.
Continence
The forcible restraining of one’s own appetites or desires
What are some of the general assumptions that communitarianism makes about how communities work?
- That they are enduring and have patterns, processes and structures that exist prior to the individuals who are formed by them
- Shared wisdom is carried to a large extent by elders, those who have excelled in living in a way that the community values, especially sympathetic awareness
What are the three ways that individuals rely on others to become the person they are?
- Through support: material, emotional, or psychological
- Through recognition and affirmation of one’s goals
- Self-realization is rooted in the shared social meanings within communities
Sub-Saharan Metaphysics
A communitarian tradition that views the entire world as an interdependent and harmonious system with gradient boundaries instead of absolute divides.
What is Ubuntu?
A human quality that involves engaging with the process of becoming/being human, attending and embracing the interdependence of human existence within an interdependent and harmonious universe. Being human means having particular obligations to other humans.
What is Yorùbá communitarianism?
A tradition based in western Africa that takes hearing(instead of seeing) to be the foundation of how understanding works. This approach underscores the relational, rather than biological, nature of social roles and relationships, as physical appearances are not a significant indicator of who a person is.
What is the consensus principle?
A principle rooted in both knowledge theory and the social organization of communitarianism that urges us to find common ground with others who have a stake in a given issue
What is consequentialism?
A category of ethical theories that focuses primarily or solely on consequences in determining the moral worth of an action. Ex. Utilitarianism
Classical Utilitarianism
The tradition of early utilitarian thinkers such as British philosophers John Stuart Mill and Jeremy Bentham. Sometimes associated with ethical hedonism(the pursuit of pleasure).
Preference Utilitarianism
Moral statements are prescriptive and universalizable: to claim that we ought to do something, we must be willing to make the same claim from the perspectives of everyone affected. Preference satisfaction is the primary good, so one must take into account individuals present and future selves.
Responsibility Ethics
An approach to ethical reasoning that begins with the notion that human beings are not only acting beings, but beings that are constantly reacting to powers, forces and events that are beyond our control. The idea that we could meaningfully anticipate the outcomes of our actions is unrealistic.
Feminist Ethics
An approach to ethics that offers “a way of doing ethics” shaped by “the needs of those one cares for in relational contexts” rather than by “abstract, universal principles”
The Capability Approach (CA)
Capabilities are the resources that individuals have (money, shelter, health, education, etc.). These capabilities along with their barriers should be considered within the context of governmental, institutional, and society-level choices more than individual ones.
What is ethics?
A code of behavior that is defined by the group to which an individual belongs
What are morals?
The personal principles upon which an individual bases his or her decisions about what is right and what is wrong
What is corporate social responsibility?
The concept that an organization should act ethically by taking responsibility for the impact of its actions on its shareholders, consumers, employees, community, environment and suppliers.
What are five reasons for pursuing corporate social responsibility goals?
1) to gain the goodwill of the community
2) to create an organization that operates consistently
3) to foster good business practices
4) to protect the organization and its employees from legal action
5) to avoid unfavorable publicity
What are the five core characteristics of a profession?
- A core body of theoretical knowledge
- Authority, a professional has clients not customers
- Special and often unique privileges given to them by the community
- A code of ethics
- Its own culture
IEEE
Institute of electrical and electronics engineers. Formed from the merging of the American Institute of Electrical Engineers(AIEE) and the Institute of Radio Engineers (IRE) in 1963
ACM
Association for Computing Machinery. The largest educational and scientific society dedicated to information technology that broadly encompasses computer science.
SECEPP
Software Engineering Code of Ethics and Professional Practice. Was composed jointly by the ACM and the IEEE to target software engineering specifically.
What are some of the major codes found within the ACM and IEEE codes of ethics?
- Avoidance of harm & disclosure of risks
- Honesty and accurate assessment
- Avoidance or disclosure of conflicts of interest
- Nondiscriminatory treatment
- Education of the public
- Working only in areas of competence
- Respect for intellectual property
- Professional development
- Accepting & giving review
- Workplace confidentiality
- Equitable and privacy-protecting design
What are the seven principles for designing and deploying algorithms to maximize transparency and accountability as outlined by the ACM?
1) Awareness (of possible biases)
2) Access and redress (enable questioning and redress for those affected)
3) Accountability
4) Explanation (of how decisions are made)
5) Data Provenance (how was training data collected?)
6) Auditability
7) Validation and testing
AITP
Association of Information Technology Professionals. Chicago-based CompTIA acquired the AITP in 2017
SysAdmin, Audit, Network, Security (SANS) Institute
Provides information security, training, and certification for a wide range of individuals.
Common IT Industry Certifications
- Security: CompTIA Security+
- Security: Certified Security Analyst
- Forensics: Certified Computer Examiner
- Governance: Certified in the Governance of Enterprise IT
- Project Management: Project Management Professional
Common Vendor-Specific Certifications for IT Workers
- Apple Certified Technical Coordinator
- Cisco Certified Design Associate
- Cisco Certified Network Professionals
- Cisco Certified Internetwork Expert
- Microsoft Certified Professional
- Citrix Certified Administrator (CCA)
- Oracle Database 12c: Certified Expert Performance Management and Tuning
- Salesforce.com Certified Administrator
Why are computer incidents becoming increasingly prevalent?
Increasing computer complexity, expanding and changing systems, an increase in the prevalence of BYOD policies, a growing reliance on vulnerable software, and the increasing sophistication of those who would do harm.
What is the US-CERT?
US Computer Emergency Readiness Team
A partnership between DHS and the public and private sectors that was established to protect the nation’s Internet infrastructure against cyber attacks by serving as a Clearinghouse for info on new viruses, worms and other cyber security topics.
What are the key elements of a risk-based strategy?
A risk assessment to ID and prioritize threats, a well-defined disaster recovery plan, definition of security policies needed to guide employees to avoid security-related problems, periodic security audits, compliance standards defined by external parties, and use of a security dashboard to help track key performance indicators of their security strategy.
What are some key elements of the network security layer?
Authentication methods, firewalls, routers, encryption, proxy servers, VPN, and an IDS
What are some key elements of the application security layer?
Authentication methods, user roles and accounts, and data encryption.
What are some key elements of the end-user security layer?
Security education, authentication methods, antivirus software, and data encryption
Smishing
Text phishing
What should a security intrusion response plan address?
Notification, evidence protection, activity log maintenance, containment, eradication, and follow-up
Vishing
Similar to smishing but victims receive a voice-mail message telling them to call a phone number or access a website
What is the 4th amendment?
No unreasonable search and seizure.
Fair Credit Reporting Act
Regulates operations of credit reporting bureaus
Right to Financial Privacy Act
Protects the financial records of financial institution customers from unauthorized scrutiny by the federal government
Gramm-Leach-Bliley Act (GLBA)
Established mandatory guidelines for the collection and disclosure of personal financial information by financial institutions: requires financial institutions to document their data security plans; and encourages institutions to implement safeguards against pretexting
Fair and Accurate Credit Transaction Act
Allows consumers to request and obtain a free credit report each year from each of the three consumer credit reporting agencies
HIPAA
Defined numerous standards to improve the portability and continuity of health insurance coverage. Reduce fraud, waste and abuse in health insurance care and healthcare delivery; and simplify the administration of health insurance
American Recovery and Reinvestment Act
Included strong privacy provisions for EHRs, including banning the sale of health information, promoting the use of audit trails and encryption, and providing rights of access for patients. It also mandated that each individual whose health information has been exposed being notified within 60 days after discovery of a data breach.
FERPA
Provide students and their parents with specific rights regarding the release of student records
COPPA
Requires websites that cater to children to offer comprehensive privacy policies, notify parents or guardians about their data collection practices and receive parental consent before collecting any personal information from children under the age of 13.
Title III of the Omnibus Crime Control and Safe Streets Act (AKA the Wiretap Act)
Regulates the interception of wire and oral communications
FISA
Describes procedures for the electronic surveillance and collection of foreign intelligence information between foreign powers and agents of foreign powers.
Executive Order 12333
Identifies the various government intelligence gathering agencies and defines what information can be collected, retained and disseminated by the agencies. It allows for the tangential collection of US citizen data even when those citizens are not specifically targeted.
ECPA
Deals with the protection of communications while in transit from sender to receiver; the protection of communications held in electronic storage; and the prohibition of devices from recording, dialing, routing, addressing, and signaling information without a search warrant.
CALEA
Requires the telecommunications industry to build tools into its products that federal investigators can use after gaining a court order to eavesdrop on conversations and intercept electronic communications
USA Patriot Act
Modified 15 existing statutes and gave sweeping new powers both to domestic law enforcement and to international intelligence agencies, including increasing the ability of law enforcement agencies to eavesdrop on telephone communication, intercept email messages and search medical, financial and other records. The Act also eased restrictions on foreign intelligence gathering in the US.
USA Freedom Act
Terminated the bulk collection of telephone metadata by the NSA instead requiring telecommunications carriers to hold the data and respond to NSA queries for data. The act also restored authorization for roving wiretaps in the tracking of lone wolf terrorists
OECD for the Protection of Privacy and Transborder Data Flows of Personal Data
Created a set of fair information practices that are often held up as the model for organizations to adopt for the ethical treatment of consumer data
EU Data Protection Directive
Requires member countries to ensure that data transferred to non-EU countries is protected. It also bars the export of data to countries that do not have data privacy protection standards comparable to those of the EU. After the passage of this directive, the EU and the US worked out an agreement that allowed US companies that were certified as meeting certain safe harbor principles to process and store data of European consumers and companies.
European-United States Privacy Shield Data Transfer Program Guidelines
A stop-gap measure that allows businesses to transfer personal data about European citizens to the US. The guidelines were established after the European court of justice declared invalid the safe harbor agreement between the EU and the United States.
GDPR
Addresses the export of personal data outside the EU, enabling citizens to see and correct their personal data, standardizing data privacy regulations within the EU and establishing substantial penalties for violation of its guidelines.
FOIA
Grants citizens the right to access certain information and records of the federal government upon request.
Privacy Act
Prohibits US government agencies from concealing the existence of any personal data record-keeping system
E-discovery
The collection, preparation, review and production of electronically stored information for use in criminal and civil actions and proceedings
What is an EDR?
A device that records vehicle and occupant data for a few seconds before, during and after any vehicle crash that is severe enough to deploy the vehicle’s airbags. The fact that most cars now come equipped with an EDR and that the data from this device may be used as evidence in a court of law is not broadly known by the public
What is predictive coding?
A process that couples human guidance with computer driven concept searching in order to ‘train’ document review software to recognize relevant documents within a large collection