Computer Security Ethics Legal Issues Privacy Ethics Definition
- Slides: 14
Computer Security Ethics, Legal Issues, Privacy
Ethics Definition – moral ideals and principles that govern behavior for the good of the individual and society Purpose of discussion n Not to say what’s right or wrong, but to raise issues that we need to consider in the context of computer security
Cycle of Development of Ethical Positions and Legal Rules in Response to Technology (Oz, “Ethics for the Information Age”) Ethical Values Discussion New or Modified Technology Legislation
Ethics in Cyberspace Computing technology changes very quickly Changes raise new ethical questions Decisions are made without the opportunity for well-reasoned deliberation
Importance of Ethics in Computer Security Your security knowledge and behavior affects others n n e. g. , Robert Morris Internet worm (1988) http: //www. swiss. ai. mit. edu/6805/articles/morrisworm. html Important to consider the impact of your actions n n n e. g. , security policies affect privacy e. g. , security work may give additional privileges e. g. , hacking causes time and financial resources to be spent
Computer Ethics Resources Computer Professionals for Social Responsibility n http: //www. cpsr. org Electronic Frontier Foundation n http: //www. eff. org ACM Code of Ethics n http: //www. acm. org/constitution/code. html Sample Security Professionals Code of Ethics n n http: //www. issa. org/codeofethics. html https: //www. isc 2. org/cgi/content. cgi? category=12
Legal Issues in Security Many relevant statutes for information security n Federal Computer Fraud and Abuse Act (1986) (Morris) Electronic Communications Privacy Act (1986) Computer Security Act (1987) (Mitnick) Digital Millennium Copyright Act (Intellectual Property - 1998) Health Insurance Portability and Accountability Act (HIPAA (2000) Public Company Accounting Reform and Investor Protection Act (Sarbanes/Oxley Act - 2002) n State general laws on trespassing, theft, fraud, property damage specific laws on computer data, usage
Problem: Which Laws Are Relevant? Randal Schwartz case n n n http: //www. lightlink. com/spacenka/fors/ convicted under Oregon Computer Crime Law did his actions constitute: trespassing? theft? altering data? fraud? none of the above? n related questions: were his actions unethical? were his actions improper in any other sense?
Case Studies http: //www. unknownnews. net/040123 spyin g. html – Political Information Gathering http: //itmanagement. earthweb. com/secu/ar ticle. php/2217781 - Virus Writing 101 at University of Calgary
The Legal Point Computing and telecommunication technology is changing so fast that laws are being: n n applied in new and innovative ways generated with only partial understanding of their consequences Computer security workers must be careful that their work is not construed as being illegal
Privacy Issues Computer Security allows us to maintain privacy n n n Much more information available Easier to correlate once the Internet became available Without security, personal information can be read, taken, or altered
Privacy for whom? n Individuals on a personal level n e. g. , personal firewall on home computer on a global level n n e. g. , keeping records of you from others (credit, government, business, medical, …) Businesses protect against industrial espionage
Privacy Resource Electronic Privacy Information Center n http: //www. epic. org
Summary Important to keep issues of ethics, legal ramifications, and privacy in mind as a computer security professional Lines between ethical/not ethical and legal/ illegal are not always clear – need to think and act carefully Important to use computer security skills in ways that: n n “contribute to society and human well being” (ACM Code of Ethics) “avoid harm to others” (ditto)
- Destructive event or prank a virus was created to deliver
- Legal ethical and societal issues in media and information
- Legal and ethical issues in computer security
- Ethical issues in computer security
- Chapter 9 privacy security and ethics
- Chapter 9 privacy security and ethics
- Chapter 9 privacy security and ethics
- Privacy awareness and hipaa privacy training cvs answers
- Legal and ethical issues in information security
- Ethical issues in computer science
- Issues surrounding information privacy
- Big data privacy issues in public social media
- Three primary privacy issues are accuracy property and
- Privat security
- Azure security privacy compliance and trust