1.03 understanding ethics and security in the programming process

Computer Ethics

ethical problems aggravated, transformed or created by computer technology

Who is ACM?

- Association for Computing Machinery
- membership organization for computing professionals
- provides resources
- professional development
- promotes polices & research for the benefit of society

ACM code of ethics

This code, consisting of 24 imperatives formulated as statements of personal responsibility, identifies the elements of such a commitment.

ACM professional conduct

The code is also supplemented with a set of guidelines. Both code and the guidelines "are intended to serve a basis for ethical decision making in the connduct of professional work.

Computer & Information Ethics

There are now research centers devoted to computing & information technology ethics.
- Center for Computing and Social Responsibility
- The Research Center on Computing & Society

Ethical considerations

- Information Age
- netiquette
- privacy
- online profiling
- cookie
- web beacons
- privacy policy

Information Age

Due to the computers ability to store & manipulate large amounts of information

Netiquette

- Don't attempt to access the account of another user without authorization
- Do not share your password- change periodically
- Use appropriate subject matter & language, and be considerate of other ppls beliefs and opinions

Privacy

- Ethical issue
- Computers record transactions, calls, etc (these records can be used to learn a lot about you.)
- b/c of privacy issues, many laws have been passed

Online profiling

Marketing technique where data is collected about customers visiting a website

Cookie

Text file created by the server computer when a user enters information into a website

Web beacons

Tiny, transparent graphics located in web pages or e-mail messages that are used in combination with cookies to collect data about web page users or email senders

Privacy policy

Legally binding document that explains how any personal information will be used

US information technology law

Many laws about information technology in the US

Identity Theft Penalty Enhancement Act of 2004

- establishes penalties for aggravated identity theft
- prohibits a court from giving parole, reducing any sentence or for providing for concurrent terms of imprisonment

FISMA 2002

Requires federal agencies to develop, document and implement an agency-wide program to provide information security.

Consumer Credit Reporting Reform Act of 1996

- amended the Fair Credit Reporting Act (FCRA) of 1970
- addresses data collected by credit, insurance and employment agencies
- gives individuals the right to see information maintained about them
- Restricts who may access credit files to only those wit

Privacy act of 1974

- restricts the way in which personal data can be used by federal agencies
-Individuals must be permitted access to information stored about them and may correct any information that is incorrect
- agencies must insure both the security and confidentialit

Right to Financial Privacy act of 1978

- requires government authorities have a subpoena, summons or search warrant to access individual's financial records
- when records are released, the financial institution must notify the individual of who has had access to them

ECPA 1986

- makes it a crime to access electronic data without authorization
- prohibits unauthorized release of such data

Electronic freedom of information act of 1996

- required federal government agencies to make certain agency information available for public inspection
- designed to improve public access to agency records

COPPA 1988

Requires commercial websites that collect personal information from children under the age of 13 to obtain parental consent

SAFE 1999

- gives Americans the freedom to use any type of encryption to protect their confidential information
- prohibits the government from monitoring ppls communications without their knowledge or consent

PATRIOT 2001

Gives law enforcement the ability to monitor individuals email and web activity

Acceptable use policies

- use appropriate language
- do not reveal personal info
- don't access, upload, download, or distribute inappropriate materials
- do not access another's account
- use of network for private business is prohibited
- only administrator installed software

Ergonomics

- the science that studies safe work environments
- repetitive stress injuries, eye strain, etc

Environmental concerns

- power & paper waste
- disposal of out dated hardware

Employee monitoring

Issues with computers in the workplace

Invasion of privacy

Identity theft

Copyright

- protection if digital information
- NET protects against copyright

Piracy

Illegal copies being distributed

Virus

program or series of instruction that can replicate without the user's knowledge

Trojan Horse

Appears as something else

Worm

program that is able to reproduce itself over a network

Antivirus Programs

install on computers to detect and remove code before it can replicate or damage data

precautions to take

- update virus software
- do not open email attachments without scanning

Crackers, Hackers

- illegal act to gain access to large computer systems to perform acts of vandalism
- Electronic Communications Privacy Act of 1986 makes it a federal offense
- most networks have a firewall to prevent this type of access

phishing

act of sending email to user falsely claiming to be legitimate business in an attempt to trick the user into revealing personal information that could be used for crimes like identity theft.

Computer Ethics

ethical problems aggravated, transformed or created by computer technology

Who is ACM?

- Association for Computing Machinery
- membership organization for computing professionals
- provides resources
- professional development
- promotes polices & research for the benefit of society

ACM code of ethics

This code, consisting of 24 imperatives formulated as statements of personal responsibility, identifies the elements of such a commitment.

ACM professional conduct

The code is also supplemented with a set of guidelines. Both code and the guidelines "are intended to serve a basis for ethical decision making in the connduct of professional work.

Computer & Information Ethics

There are now research centers devoted to computing & information technology ethics.
- Center for Computing and Social Responsibility
- The Research Center on Computing & Society

Ethical considerations

- Information Age
- netiquette
- privacy
- online profiling
- cookie
- web beacons
- privacy policy

Information Age

Due to the computers ability to store & manipulate large amounts of information

Netiquette

- Don't attempt to access the account of another user without authorization
- Do not share your password- change periodically
- Use appropriate subject matter & language, and be considerate of other ppls beliefs and opinions

Privacy

- Ethical issue
- Computers record transactions, calls, etc (these records can be used to learn a lot about you.)
- b/c of privacy issues, many laws have been passed

Online profiling

Marketing technique where data is collected about customers visiting a website

Cookie

Text file created by the server computer when a user enters information into a website

Web beacons

Tiny, transparent graphics located in web pages or e-mail messages that are used in combination with cookies to collect data about web page users or email senders

Privacy policy

Legally binding document that explains how any personal information will be used

US information technology law

Many laws about information technology in the US

Identity Theft Penalty Enhancement Act of 2004

- establishes penalties for aggravated identity theft
- prohibits a court from giving parole, reducing any sentence or for providing for concurrent terms of imprisonment

FISMA 2002

Requires federal agencies to develop, document and implement an agency-wide program to provide information security.

Consumer Credit Reporting Reform Act of 1996

- amended the Fair Credit Reporting Act (FCRA) of 1970
- addresses data collected by credit, insurance and employment agencies
- gives individuals the right to see information maintained about them
- Restricts who may access credit files to only those wit

Privacy act of 1974

- restricts the way in which personal data can be used by federal agencies
-Individuals must be permitted access to information stored about them and may correct any information that is incorrect
- agencies must insure both the security and confidentialit

Right to Financial Privacy act of 1978

- requires government authorities have a subpoena, summons or search warrant to access individual's financial records
- when records are released, the financial institution must notify the individual of who has had access to them

ECPA 1986

- makes it a crime to access electronic data without authorization
- prohibits unauthorized release of such data

Electronic freedom of information act of 1996

- required federal government agencies to make certain agency information available for public inspection
- designed to improve public access to agency records

COPPA 1988

Requires commercial websites that collect personal information from children under the age of 13 to obtain parental consent

SAFE 1999

- gives Americans the freedom to use any type of encryption to protect their confidential information
- prohibits the government from monitoring ppls communications without their knowledge or consent

PATRIOT 2001

Gives law enforcement the ability to monitor individuals email and web activity

Acceptable use policies

- use appropriate language
- do not reveal personal info
- don't access, upload, download, or distribute inappropriate materials
- do not access another's account
- use of network for private business is prohibited
- only administrator installed software

Ergonomics

- the science that studies safe work environments
- repetitive stress injuries, eye strain, etc

Environmental concerns

- power & paper waste
- disposal of out dated hardware

Employee monitoring

Issues with computers in the workplace

Invasion of privacy

Identity theft

Copyright

- protection if digital information
- NET protects against copyright

Piracy

Illegal copies being distributed

Virus

program or series of instruction that can replicate without the user's knowledge

Trojan Horse

Appears as something else

Worm

program that is able to reproduce itself over a network

Antivirus Programs

install on computers to detect and remove code before it can replicate or damage data

precautions to take

- update virus software
- do not open email attachments without scanning

Crackers, Hackers

- illegal act to gain access to large computer systems to perform acts of vandalism
- Electronic Communications Privacy Act of 1986 makes it a federal offense
- most networks have a firewall to prevent this type of access

phishing

act of sending email to user falsely claiming to be legitimate business in an attempt to trick the user into revealing personal information that could be used for crimes like identity theft.