Information Technology Ethics Essay

Definitions-the right to be alone the most comprehensive of rights, and the right most treasured by people. (Justice Louis Brandeis, Olmstead v. US, 1928)-the right of individuals to control the order and use of education most themselves. Legal AspectsProtection from unreasonable intrusion upon ones isolation. Protection from annexation of ones name or likeness.Protection from unreasonable publicity given to ones private. Protection from publicity that unreasonably places one in a false light before the public.RECENT HISTORY OF PRIVACY PROTECTIONCommunication bring of 1934-it restricted the governments ability to in secret intercept communications. However, under a 1968 federal statute, law enforcement officers bum use wiretapping if they first obtain a judicature order.Wiretapping the interception of telephone or telegraph communications for purpose of espionage or surveillance. Freedom of Information Act (FOIA) (passed -1966, amended-1974) provides the public with the mo de to gain access to certain government records such as the spending patterns of an part, the agencys policies and the reasoning behind them, and the agencys mission and goals. Fair Credit Reporting Act (1970) this act regulates the operations of credit-reporting bureaus, including how they collect, store, and use credit tuition. it is intentional to promote accuracy, fairness, and privacy of information in the files of credit reporting companies and to check verification systems that gather and sell information about people. Privacy Act (1974) declares that no agency of the U.S. government can conceal the existence of some(prenominal) in-person data record-keeping system, and that any agency that maintains such a system, must publicly get a line both the kind of information in it and the manner in which the information will be utilize. the Central Intelligence Agency (CIA) and the law enforcement agencies are excluded from this act. the constitution for Economic Cooperatio n and Development (OECD) Fair Information Practices are often held up as a model of ethical treatment of consumer data for organization to adopt. analysis of the 1980 OECD privacy guidelinespreceptGuidelineCollection specializeation saltation the collection of personal data. All such data must be obtained lawfully and moderately with the subjects consent and knowledge. Data QualityPersonal data should be accurate, complete, current and relevant to the purpose for which it is used. Purpose SpecificationThe purpose for which personal data is collected should be should be specified and should not be changed. Use LimitationPersonal data should not be used beyond the specified purpose without a persons consent or by authority of law. Security SafeguardsPersonal data should be protected against unauthorized access, modification, or disclosure. bleakness principleData policies should exist and a data controller should be identified. Individual participationPeople should pass the right to review their data, to challenge its correctness, and to accept incorrect data changed. AccountabilityA data controller should be responsible for ensuring that the above principles are met.Childrens Online Protect Act (COPA)(1998) The law states that a website that caters to children must offer comprehensive privacy policies, notify their parents or guardians about its data collection practices, and receive parental consent before collecting any personal information from children under 13 years of age. European Company Directives 95/46/EC (1998) requires any company that does business within the borders of 15 Western European nations to practice a set of privacy directives on fair and appropriate use of information.Summary of the European Data Privacy PrincipleNoticeTell all customer what is done with their information.ChoiceGive customer a way to opt out of marketing.Onward Transfer agree that suppliers comply with the privacy policy.AccessGive customer access to their informat ion.SecurityProtect customer information from unauthorized access.Data IntegrityEnsure that information are accurate and relevant.EnforcementIndependently enforce the privacy policy.Better Business Bureau Online (BBB Online) and TRUSTe independent, nonprofit initiatives that favor an industry-regulated approach to data privacy which concerned about the government regulation that could have a negative impact on the Internets use and growth, and that such regulation would be costly to implement and difficult to change.The BBB Online Seal adheres that the website has a high level of dataprivacy. The seal program identifies online businesses that love their own stated privacy policy.The TRUSTes main regulate is that websites should openly communicate what information it gathers, its use, to whom it will be shared, and does the consumer has a choice of opting out. Gramm-L for each one-Bliley Act (1998)-this act required all financial-services institutions to communicate their data priv acy policies and honor customer data-gathering preferences by July 1, 2001. This was to make them take actions to protect and secure customers nonpublic data from unauthorized access or use.KEY PRIVACY AND ANONYMITY ISSUESgovernmental ELECTRONIC SURVEILLANCEFederal Wiretap Act (U.S. computer code Title 18 Part 1, Chapter 119, Wire and Electronic Communications Interception and Interception of Oral Communications) it requires processes to obtain court authorization for surveillance of all kinds of electronic communications, including e-mail, fax, profit, and voice, in criminal investigation. A court order must be issued based on probable stir before a wiretap can commence. roving tap government authority to obtain a court order that does not name a specific telephone or e-mail, but allows them to tap any phone lines or internet accounts that the suspect uses.Electronic Communication Privacy Act of 1986 (ECPA, U.S statute Title 18, part 2, Chapter 206) standards for access to stor ed e-mail and other electronic communications and records.ECPA amended Title III (Omnibus Crime Control and Safe Streets Act of 1968) wide the title IIIs prohibitions against the unauthorized interception (use of persons oral or electronic communications).-this act failed to address emerging technologies such as radio modems, cellular, data networks, etc. thus, this communication can still be legallyintercepted.Foreign Intelligence Surveillance Act of 1978 (FISA) allows wiretapping of aliens and citizens in the U.S. based on a finding of probable cause that the target is a member of a foreign terrorist group or an agent of a foreign power.Executive nine 123333 (U.S. Pres. Reagan, 1982) legal authority for electronic surveillance outside the U.S. It permits intelligence agencies to intercept communications outside the U.S. without a court order.Communication Assistance for Law Enforcement Act (CALEA, 1994) it covers radio-based data communication. The Federal Communications Commi ssion (FCC) required providers of Internet phone and broadband services to ensure that their equipment can allow police wiretaps.USA nationalist Act of 2001 Gives sweeping new powers to Domestic law enforcement and International intelligence agencies. It contains several sunsets that gives the government much more surveillance capability. Sunset provisions can terminalinates itself or portions after a specific date unless further actions is taken to extend the law entropy ENCRYPTIONCryptography the science of encoding messages so that only the sender and the intended receiver can understand them. Encryption the process of converting an electronic message into a form that can be silent only by the intended recipients. Public key encryption system uses two keysMessage receivers public key readily functionalMessage receivers private key kept secretPrivate key encryption systemSingle key to encode and decipher messagesRSA (named after Rivest, Shamir and Adleman) is a public key encryption algorithm, the basis for much of the security that protects Web consumers and merchants. PGP ( Pretty Good Privacy) uses 128 bit encryption that represents a add together of 2128 . DES (Digital Encryption Standard) the standard for encryption, it employs a 56 bit key that represents 7.21016 . (It can now be crack using brute methods) AES (Advanced Encryption Standards) requires cockamamy to try as many as 1.11077 combinations.IDENTITY THEFT occurs when someone steals key pieces of personal information to gain access to a persons financial accounts. fastest growing form of fraud in the United States.Phishing is an attempt to steal personal identity data by tricking substance abusers into entering the information on a counterfeit Website. Spear-phishing is a variation in which employees are sent phony emails that look like they came from high-level executives within their organization. Spyware is a term for keystroke-logging software that is downloaded to users com puter without adequate notice, consent, or control for the user. It creates a record of keystrokes entered into the computer with or without internet and will send to the email of the spy when internet connections are available.Identity Theft and Assumption Deterrence Act of 1998 the congress passed this act to fight identity fraud, making it a federal felony punishable by a prison sentence of 3 -25 years. researchers estimated that 1 of 700 identity crimes were led to conviction.CONSUMER PROFILING Companies openly collect personal information about Internet users. They too obtain information without users permission through the use of cookies. marketing firms uses this information in building databases that contains consumer behavioral data. They want to know about who the users are, what they like, how they behave, and what motives them to buy. Cookies a schoolbook file that a website puts on your hard drive so that it can remember your information later on. Affiliated Websites is a group or collection of websites served by a single advertising network. 3 Types of Data GatheredPOST it is entered into a blank fields on an affiliated website when a consumer signs up for a service. GET it reveals what the consumer requested intersection point in a specific store. Click-Stream Data it is the tracking of the information the user sought and viewed.4 Ways to Limit/ cut off deposit CookiesSet trimrs to limit or stop cookies or browse the web using the incognito browsing mode which will complete all marks of your browsing. Manually delete cookies in your hard drives.Download and install cookie management program.Or use anonymous proxy websites to browse websites.However, some websites lock users to browse in their page when cookie is disabled.Personalization software it is used by marketers to optimize the number, frequency and mixture of their ad placements. It is also used to evaluate how visitors react to new ads.Types of Personalization SoftwareRule-ba sed used business rules that are tied to customer provided preferences or online behaviors to determine the most appropriate page views and product information to display. Collaborative Filtering offers consumer recommendations based on the types of product purchased by other people with similar acquire habits.Types of Personalization Software (Continued)Demographic Filtering it augments click stream data and user supplied data with demographics information associated with user zip codes to make product suggestions. Contextual Commerce associates product promotions and other e-commerce offerings with specific content a user may receive in a new story online.Platforms for Privacy Preferences (P3P) shields users from site that dont provide the level of privacy protectionthey desire. instead of forcing users to find and read through the privacy policy for each site they visit, P3P software in the computers browser will download the privacy policy for each site, scan it and notify users if the policy does not match their preferences. The World Wide Web Consortium, an international privacy group whose members include Apple, Commerce One, Ericsson, and Microsoft, created P3P and is supporting its development. TREATING CONSUMERS DATA RESPONSIBILITY-Strong measures are required to avoid customer relationship problems. Code of Fair Information Practices most widely accepted approach to treating consumers data responsibly. Guidelines of Code of Fair Information Practices and the 1980 OECD an organizations collects only personal information that is necessary to deliver its product and services. Company ensures that the information is carefully protected and accessible only by those with a need to know, and that consumers can review their own data and make corrections. Company informs customers if it intends to use its information for research or marketing, and it provides a means for them to opt out.Chief Privacy Officer (CPO) executive to oversee data privacy po licies and initiatives. Duties of CPOAvoid government regulations and reassure customers that their privacy will be protected. Stop or modify major company marketing initiatives.Training employees about privacy and checking the companies privacy policy for potential risks. Figuring out if gaps exist and how to deal them.Developing and managing a process for customer privacy disputes.WORKPLACE MONITORINGEmployers monitor workers Ensures that corporate IT usage policy is followedFourth Amendment cannot be used to limit how a private employer treats its employees. Public-sector employees have far greater privacy rights than in the private industry. Privacy advocates want federal legislation To keeps employers from infringing upon privacy rights of employees.SPAMMING the transmission of the same(p) email message to a large number of people. Spammers target individual users with direct email messages, building their mail list by scanning Usenet postings, buying mail lists or searching t he web for addresses. extremely inexpensive method of marketing. used by many legitimate organizations. can contain unwanted and objectionable materials.Controlling the Assault of Non-Solicited Pornography and Marketing(CAN-SPAM)the act says it is legal to spam provided that the message meet a few basic requirements (1) spammers cannot disguise identity, (2) there must be a label in the message specifying that it is an ad or solicitation, and (3) include a way that the recipient can stop the receiving of spam. The act failed to slow the function of spam but instead, it actually increased the flow of spam by legalizing it.ADVANCED SURVEILLANCE TECHNOLOGYAdvanced surveillance technology provide a new data gathering capabilities, however, these advance can also diminish individuals privacy.Advocates of the technology argue that people have no legitimate expectations of privacy in a public place. Camera Surveillance is one of the most common advanced system used in surveillance nowada ys. It has the capability to record events, detective work unusual behaviour, automatically capturing important events, and used in monitoring day to day events in different places. Facial Recognition SoftwareThere have been numerous experiments with facial recognition software to help identify criminal suspects and other undesirable characters. It has been first tested by the Rampart Division of the Los Angeles guard Department and yielded a result. Global Positioning System (GPS)These are chips placed in different devices to monitor locations of theusers. It is useful in locating callers of 911, parents monitoring their children, etc.