Download - EIT - Ethics for IT Professionals
-
8/12/2019 EIT - Ethics for IT Professionals
1/45
Chapter 4 Privacy
Ethics in Information Technology,Second Edition
Updates by Carlotta Eaton, NRCC
-
8/12/2019 EIT - Ethics for IT Professionals
2/45
1. What is Right of Privacy?2. La s for electronic s!rveillance". #orms of data encry$tion
%. What is identify theft?&. Strategies for cons!mer $rofiling'. Treat c!stomer data res$onsi(ly). Why and ho or* $lace monitoring+. What is s$amming?
. -a$a(ilities ethical iss!es of advanceds!rveillance technologies
Chapter 4 Privacy Objectives
-
8/12/2019 EIT - Ethics for IT Professionals
3/45
Systems collect and store *ey data from everyinteraction ith c!stomers/any o(0ect to data collection $olicies ofgovernment and (!sinessPrivacy ey concern of Internet !sers To$ reason hy non!sers still avoid the InternetReasona(le limits m!st (e set
istorical $ers$ective on the right to $rivacy #o!rth 3mendment 4 reasona(le e5$ectation of $rivacy
Privacy Protection and the Law
-
8/12/2019 EIT - Ethics for IT Professionals
4/45
6efinition 7The right to (e left alone8the most com$rehensive of
rights, and the right most val!ed (y a free $eo$le9 7The right of individ!als to control the collection and !se
of information a(o!t themselves9Legal as$ects Protection from !nreasona(le intr!sion !$on one:s
isolation Protection from a$$ro$riation of one:s name or li*eness
The Right of Privacy
-
8/12/2019 EIT - Ethics for IT Professionals
5/45
Legal as$ects Protection from !nreasona(le $!(licity given to one:s
$rivate life Protection from $!(licity that !nreasona(ly $laces one in
a false light (efore the $!(lic
The Right of Privacy (continued)
-
8/12/2019 EIT - Ethics for IT Professionals
6/45
Legislative acts $assed over the $ast %; years /ost address invasion of $rivacy (y the government
-
8/12/2019 EIT - Ethics for IT Professionals
7/45
>ther initiatives BBB >nline and TRCSTe Inde$endent, non$rofit initiatives #avor an ind!stry4reg!lated a$$roach to data $rivacy
Recent History of Privacy Protection(continued)
-
8/12/2019 EIT - Ethics for IT Professionals
8/45
-
8/12/2019 EIT - Ethics for IT Professionals
9/45
u!!ary of the "#$% O&C' Privacyuide ines
-
8/12/2019 EIT - Ethics for IT Professionals
10/45
Sec!re #light airline safety $rogram -om$ares the names and information of 1.% million daily
C.S. airline $assengers ith data on *no n or s!s$ectedterrorists
iolation of Privacy 3ct
Lega Overview* The Privacy +ct
-
8/12/2019 EIT - Ethics for IT Professionals
11/45
Aovernment electronic s!rveillance6ata encry$tionIdentity theft
-!stomer $rofiling
-
8/12/2019 EIT - Ethics for IT Professionals
12/45
#ederal Wireta$ 3ct >!tlines $rocesses to o(tain co!rt a!thoriFation for
s!rveillance of all *inds of electronic comm!nications G!dge m!st iss!e a co!rt order (ased on $ro(a(le ca!se
3lmost never deny government reD!ests 7Roving ta$9 a!thority 6oes not name s$ecific tele$hone lines or e4mail acco!nts 3ll acco!nts are tied to a s$ecific $erson
overn!enta & ectronic urvei ance.
-
8/12/2019 EIT - Ethics for IT Professionals
13/45
/u!ber of Tit e --- 0iretaps ranted
-
8/12/2019 EIT - Ethics for IT Professionals
14/45
Electronic -omm!nications Privacy 3ct of 1 +'=E-P3 Sets standards for access to stored e4mail and other
electronic comm!nications and records E5tends Title III:s $rohi(itions against the !na!thoriFed
interce$tion, disclos!re, or !se of a $erson:s oral orelectronic comm!nications
Prosec!tor does not have to 0!stify reD!ests G!dges are reD!ired to a$$rove every reD!est
overn!enta & ectronic urvei ance.
-
8/12/2019 EIT - Ethics for IT Professionals
15/45
Electronic -omm!nications Privacy 3ct of 1 +'=E-P3 ighly controversial Es$ecially collection of com$!ter data sent over the Internet #ailed to address emerging technologies
overn!enta & ectronic urvei ance.
-
8/12/2019 EIT - Ethics for IT Professionals
16/45
#oreign Intelligence S!rveillance 3ct of 1 )+=#IS3 3llo s ireta$$ing of aliens and citiFens in the Cnited
States Based on finding of $ro(a(le ca!se that a target is /em(er of a foreign terrorist gro!$ 3gent of a foreign $o er
E5ec!tive >rder 12""" Legal a!thority for electronic s!rveillance o!tside the
Cnited States
overn!enta & ectronic urvei ance.
-
8/12/2019 EIT - Ethics for IT Professionals
17/45
-omm!nications 3ssistance for La Enforcement 3ct =-3LE3
ReD!ires the telecomm!nications ind!stry to (!ild toolsinto its $rod!cts so that federal investigators caneavesdro$ on conversations
3fter getting co!rt a$$roval -ontains a $rovision covering radio4(ased data
comm!nication Incl!des voice over Internet = oIP technology
overn!enta & ectronic urvei ance.
-
8/12/2019 EIT - Ethics for IT Professionals
18/45
CS3 Patriot 3ct of 2;;1 Aives s ee$ing ne $o ers to 6omestic la enforcement International intelligence agencies -ontains several 7s!nset9 $rovisions
overn!enta & ectronic urvei ance
-
8/12/2019 EIT - Ethics for IT Professionals
19/45
-ry$togra$hy Science of encoding messages >nly sender and intended receiver can !nderstand the
messages ey tool for ens!ring confidentiality, integrity, a!thenticity
of electronic messages and online (!siness transactions
Encry$tion Process of converting electronic messages into a form
!nderstood only (y the intended reci$ients
'ata &ncryption .
-
8/12/2019 EIT - Ethics for IT Professionals
20/45
Encry$tion *ey aria(le val!e a$$lied !sing an algorithm to encry$t or
decry$t te5t
P!(lic *ey encry$tion system !ses t o *eys /essage receiver:s $!(lic *ey 4 readily availa(le /essage receiver:s $rivate *ey 4 *e$t secret
RS3 4 a $!(lic *ey encry$tion algorithmPrivate *ey encry$tion system Single *ey to encode and decode messages
'ata &ncryption .
-
8/12/2019 EIT - Ethics for IT Professionals
21/45
Pub ic ,ey &ncryption .
-
8/12/2019 EIT - Ethics for IT Professionals
22/45
/ost $eo$le agree encry$tion event!ally m!st (e(!ilt into
-
8/12/2019 EIT - Ethics for IT Professionals
23/45
Theft of *ey $ieces of $ersonal information to gainaccess to a $erson:s financial acco!ntsInformation incl!desH
-
8/12/2019 EIT - Ethics for IT Professionals
24/45
#astest gro ing form of fra!d in the Cnited StatesLac* of initiative in informing $eo$le hose data
as stolen
Phishing 3ttem$t to steal $ersonal identity data By tric*ing !sers into entering information on a
co!nterfeit We( site S$ear4$hishing 4 a variation in hich em$loyees are sent
$hony e4mails that loo* li*e they came from high4levele5ec!tives ithin their organiFation
-dentity Theft .
-
8/12/2019 EIT - Ethics for IT Professionals
25/45
S$y are eystro*e4logging soft are Ena(les the ca$t!re ofH 3cco!nt !sernames
Pass ords -redit card n!m(ers >ther sensitive information >$erates even if an infected com$!ter is not connected to
the InternetIdentity Theft and 3ss!m$tion 6eterrence 3ct of1 + as $assed to fight fra!d
-dentity Theft .
-
8/12/2019 EIT - Ethics for IT Professionals
26/45
&1!ai 2sed by Phishers
-
8/12/2019 EIT - Ethics for IT Professionals
27/45
-om$anies o$enly collect $ersonal informationa(o!t Internet !sers-oo*ies Te5t files that a We( site $!ts on a !ser:s hard drive so
that it can remem(er the information later
Trac*ing soft areSimilar methods are !sed o!tside the We(
environment6ata(ases contain a h!ge amo!nt of cons!mer(ehavioral data
Consu!er Profi ing .
-
8/12/2019 EIT - Ethics for IT Professionals
28/45
3ffiliated We( sites Aro!$ of We( sites served (y a single advertising
net or*
-!stomiFed service for each cons!mer Ty$es of data collected hile s!rfing the We( AET data P>ST data -lic*4stream data
Consu!er Profi ing .
-
8/12/2019 EIT - Ethics for IT Professionals
29/45
#o!r ays to limit or even sto$ the de$osit ofcoo*ies on hard drives Set the (ro ser to limit or sto$ coo*ies /an!ally delete them from the hard drive 6o nload and install a coo*ie4management $rogram Cse anonymo!s (ro sing $rograms that don:t acce$t
coo*ies
Consu!er Profi ing .
-
8/12/2019 EIT - Ethics for IT Professionals
30/45
PersonaliFation soft are is !sed (y mar*eters too$timiFe the n!m(er, freD!ency, and mi5t!re oftheir ad $lacements R!les4(ased -olla(orative filtering 6emogra$hic filtering -onte5t!al commerce
Platform for Privacy Preferences =P"P Shields !sers from sites that don:t $rovide the level of
$rivacy $rotection desired
Consu!er Profi ing .
-
8/12/2019 EIT - Ethics for IT Professionals
31/45
Strong meas!res are reD!ired to avoid c!stomerrelationshi$ $ro(lems-ode of #air Information Practices
1 +; >E-6 $rivacy g!idelines-hief $rivacy officer =-P> E5ec!tive to oversee data $rivacy $olicies and initiatives
Treating Consu!er 'ata Responsib y
-
8/12/2019 EIT - Ethics for IT Professionals
32/45
Em$loyers monitor or*ers Ens!res that cor$orate IT !sage $olicy is follo ed
#o!rth 3mendment cannot (e !sed to limit ho a$rivate em$loyer treats its em$loyees P!(lic4sector em$loyees have far greater $rivacy rights
than in the $rivate ind!stry
Privacy advocates ant federal legislation To *ee$s em$loyers from infringing !$on $rivacy rights of
em$loyees
0or3p ace onitoring
-
8/12/2019 EIT - Ethics for IT Professionals
33/45
Transmission of the same e4mail message to alarge n!m(er of $eo$leE5tremely ine5$ensive method of mar*eting
Csed (y many legitimate organiFations-an contain !n anted and o(0ectiona(lematerials
pa!!ing .
-
8/12/2019 EIT - Ethics for IT Professionals
34/45
-ontrolling the 3ssa!lt of
-
8/12/2019 EIT - Ethics for IT Professionals
35/45
-amera s!rveillance C.S. cities $lan to e5$and s!rveillance systems 7Smart s!rveillance system9
#acial recognition soft are Identifies criminal s!s$ects and other !ndesira(le
characters ields mi5ed res!lts
Alo(al Positioning System =APS chi$s Placed in many devices Precisely locate !sers
+dvanced urvei ance Techno ogy
-
8/12/2019 EIT - Ethics for IT Professionals
36/45
-
8/12/2019 EIT - Ethics for IT Professionals
37/45
2/2 &' L-'R>/ TEJTB>>
-
8/12/2019 EIT - Ethics for IT Professionals
38/45
What is the right of $rivacy, and hat is the (asisfor $rotecting $ersonal $rivacy !nder the la ?
What are some of the la s that a!thoriFeelectronic s!rveillance (y the government, and
hat are the associated ethical iss!es?
What are the t o f!ndamental forms of dataencry$tion, and ho does each or*?
Objectives
-
8/12/2019 EIT - Ethics for IT Professionals
39/45
What is identity theft, and hat techniD!es doidentity thieves !se?
What are the vario!s strategies for cons!mer$rofiling and the associated ethical iss!es?
What m!st organiFations do to treat cons!merdata res$onsi(ly?
Objectives (continued)
-
8/12/2019 EIT - Ethics for IT Professionals
40/45
Why and ho are em$loyers increasingly !singor*$lace monitoring?
What is s$amming, and hat ethical iss!es areassociated ith its !se?
What are the ca$a(ilities of advanced s!rveillancetechnologies, and hat ethical iss!es do theyraise?
Objectives (continued)
P i i f h 2 P i bj
-
8/12/2019 EIT - Ethics for IT Professionals
41/45
,ey Provisions of the 2 + Patriot +ct ubjectto unset
P i i f th 2 + P t i t + t bj t
-
8/12/2019 EIT - Ethics for IT Professionals
42/45
,ey Provisions of the 2 + Patriot +ct ubjectto unset (continued)
-
8/12/2019 EIT - Ethics for IT Professionals
43/45
anager6s Chec3 ist for TreatingConsu!er 'ata Responsib y
-
8/12/2019 EIT - Ethics for IT Professionals
44/45
The legal conce$t of the right to $rivacy has fo!ras$ects
3 n!m(er of la s have (een enacted over the$ast %; years that affect a $erson:s $rivacyLa s a!thoriFe electronic s!rveillance (y thegovernment6ata encry$tion
P!(lic *ey encry$tion system Private *ey encry$tion system
Identity theft
u!!ary
-
8/12/2019 EIT - Ethics for IT Professionals
45/45
-ons!mer (ehavior data is collected (oth onlineand offline-ode of #air Information Practices and 1 +;>E-6 $rivacy g!idelinesEm$loyers record and revie em$loyeecomm!nications and activities on the 0o(
3dvances in information technology
S!rveillance cameras #acial recognition soft are APS systems
u!!ary (continued)