Romeo D.

Bartolome IV
BE4AA

Cybercriminals
Are motivated by the potential for monetary gain and hack info corporate
computers to steal, often by transferring money from one account to another to
another, leaving a hopelessly complicated trail for law enforcement officers to
follow. Cybercriminals also engage in all forms of computer fraud, stealing and
reselling credit card numbers, personal identities, and cell phone IDs. Because the
potential for monetary gain is high, they can afford so spend large sums of money
to buy the technical expertise and access at they need from unethical insiders.

Hacktivists
A combination of the words hacking and activism, is hacking to achieve a political or
social goals.

Cyberterrorists
Launches computer based attack against other computer or networks in an attempt
to intimidate or coerce a government in order to advance certain political or social
objective. Cyberterrorist are more extreme in their goals than hacktivits although
there is no clear demarcation line. Because of the internet cyberattacks can easily
originate from foreign countries, making detection and retaliation much more
difficult.

What is a Profession
A profession is a disciplined group of individuals who adhere to ethical standards
and who hold themselves out as, and are accepted by the public as possessing
special knowledge and skills in a widely recognized body of learning derived from
research, education and training at a high level, and who are prepared to apply this
knowledge and exercise these skills in the interest of others. It is inherent in the
definition of a profession that a code of ethics governs the activities of each
profession. Such codes require behavior and practice beyond the personal moral
obligations of an individual. They define and demand high standards of behavior in
respect to the services provided to the public and in dealing with professional
colleagues.
Due to the Obligation to Profession

1. I will not knowingly allow my competence to fall short of that necessary

execution of my duties
2. I will conduct my professional affairs in such a manner as to cause no
harm to the stature of the profession
3. I will take appropriate action on reasonably certain knowledge of
unethical conduct on the part of a colleague.

SANCTION AGAINST VIOLATIONS

Purpose of Sanctions
Sanctioning individuals for unethical conduct has four major goals:
1. To penalize the person in violation
When an individual violates the Code of Ethics there must be consequences
associated with that misconduct. Depending on how egregious the misconduct is,
the Board of Ethics has a range of sanctions that it can impose, from less to more
punitive depending on the violation and the totality of the facts.
2. To serve as a mechanism to educate and rehabilitate
It is important to provide feedback to individuals who violate the Code of Ethics so
that they understand and appreciate exactly how their past conduct was
inappropriate, so that it will be less likely to occur again in the future. These
measures serve a rehabilitation function.
3. To protect the public
The welfare of the consumer and the reputation and integrity of the professions
must be protected.
4. To inform other ASHA members and certificate holders that the Association
enforces its ethical standards and alerts them that there are penalties for engaging
in professional miscounduct
The Association requires the Board of Ethics to publish the majority of its sanctions
in The ASHA Leader to serve as a means of informing the membership of their
ongoing ethical responsibilities and to alert them that there are penalties for
engaging in professional misconduct.

2
Types of Sanctions the Board of Ethics Can Impose

The Board of Ethics has a range of sanctions it can impose when individuals are
found in violation of one or more provisions of the Code of Ethics; generally, the
more egregious the misconduct, the harsher the sanction.

Reprimand - The sanction of Reprimand is confidential and imposed in cases where

unethical conduct is of a minor nature. A Reprimand is disclosed only to the person
found in violation and to the individual who originally filed the complaint
(Complainant). Any further unauthorized disclosure of the sanction of Reprimand is,
itself, a violation of the Code of Ethics.

Censure - The sanction of Censure is essentially a public reprimand. The violation is

published in The ASHA Leader to the full membership in a manner that identifies the
individual in violation, his or her city/state of residence, and the principles and rules
of the Code of Ethics violated. When a sanction of Censure is imposed, notice of the
ethics violation may also be sent to, among others, any state agency that provides
a license to the individual and to any other professional organization the individual
is a member of that enforces a code of ethics or code of professional conduct.

Revocation - For cases of egregious misconduct, the Board of Ethics can revoke the
individual's ASHA membership and certification for a period of years, up to life. The
sanction of Revocation requires a two-thirds vote of the members of the Board of
Ethics present and voting. Notice of this sanction to the ASHA membership and
other entities is the same as with the sanction of Censure.

After the period of revocation has expired, in order for the individual to seek
reinstatement of ASHA membership and/or certification a petition must be made to
the Board of Ethics and the board must approve reinstatement by a two-thirds vote.
In petitioning for reinstatement [PDF], the individual has the burden of
demonstrating that conditions that led to the revocation have been rectified and
that, upon reinstatement, the individual will abide by the Code of Ethics. The
individual must also satisfy all certification standards and procedures of the Council
for Clinical Certification and/or membership requirements that are in effect at the
time of the Board of Ethics Reinstatement Order.

Suspension - The Board of Ethics can impose the sanction of Suspension of ASHA
membership and certification in lieu of Revocation. The sanction is usually intended
to be employed for short periods of time (e.g., 6 months). A major difference
between Revocation and Suspension is that during the period of suspension, the
sanctioned member must pay all dues and fees as well as fulfill certification
maintenance requirements. At the end of the period of suspension, the sanctioned
member must directly contact ASHA Certification to find out how to become current
again; approval of the Board of Ethics is not required.

3
Withholding - The Board of Ethics can impose the sanction of Withholding of
ASHA membership and certification in cases where an applicant for membership
and/or certification is found in violation of misconduct, or a Clinical Fellow who is a
member in the application process but is not yet certified. The Board of Ethics
cannot revoke what the applicant does not yet have, but the board can impose the
sanction of Withholding of membership and/or certification for a period of years up
to life.

After the period of withholding has expired, in order for the individual to seek
reinstatement of ASHA membership and/or certification a petition must be made to
the Board of Ethics and the board must approve reinstatement by a two.

Cease and Desist Orders

In addition to the sanctions identified above, the Board of Ethics can also order an
individual to cease and desist from any practice or conduct found to be in violation
of the Code of Ethics. The order

Electronic Fund Transfer Act

The Electronic Fund Transfer Act was passed by the U.S. Congress in 1978
and Rights of consumers
The EFT Act recognizes their right to nominate the financial institution to which such
payments are to be made.
The EFT Act also prohibits a creditor or lender from requiring a consumer to repay a
loan or other credit by electronic fund transfer, except when there is an overdraft on
checking plans.
Financial institution liability

The financial institution must give the customer notice of their liability in case the
card is lost or stolen. This must thirds vote in.

Limit to customer liability on loss or theft of card

If a customer reports to the financial institution that their card is missing before any
transactions takes place, they are not held responsible for any transaction that
takes place after the report of a missing/stolen card.
A customer can be liable for unauthorized withdrawals if their card is lost or stolen
and they do not follow certain criteria:

Loss is limited to $50 if institution is notified within two business days

4
 Loss could be up to $500 if institution is notified between 3 and 59
days

If loss is not reported within 60 business days customer risks unlimited

loss on transfers made after the 60-day period could lose all money in
account plus maximum over draft if any.

EFT Errors
EFT is not a perfect system; therefore customers should still be diligent in reviewing
their EFT statements for possible errors as they would with any other type of
transaction. Should a customer notice that there has been an error in an electronic
fund transfer relating to their account certain steps must be taken.
Under the Acts, the customer must:

Promptly investigate the error and resolve it within 45 days

Errors involving new accounts (opened last 30 days), POS transactions, and
foreign transactions may take up to 90 days
If it takes more than 10 business days to complete the investigation:
Must recredit the amount in question
For new accounts may take up to 20 business days to recredit the account
Must notify customer of the results of investigation:
If there was error correct it or make recredit final
If no error explanation in writing, notify customer of deducted recredit
Customer has the right to ask for copies of any documents relied on in the
investigation.

What the EFT Act covers

The EFT Act does not apply to all preauthorized plans. The EFT Act does not
apply to automatic transfers from any account held in the name of the institution
the consumer uses to the account the consumer uses.

An example of this would be where the EFT Act would not apply to any
automatic payments put towards a mortgage held by the financial institution
where a consumer would hold their electronic funds account.
The EFT Act would also not apply to automatic transfers among a consumers
account at a specific financial institution.
The EFT Act also does not cover all transfers. Some banks, other financial
institutions, and vendors will produce cards with a cash value imprinted into
the card itself
Examples of these include public transit passes, store gift cards, and prepaid
telephone cards. These cards may not be covered by the EFT Act.
When using electronic funds transfer, the Act does not give the consumer the
right to stop payment.

5
Privacy Protection Act of 1980

When CPSR was established, it was concerned solely about the use of computers in
warfare. It was focused on the Strategic Computing Initiative, a US Defense project
to use artificial intelligence in military systems, but added opposition to
the Strategic Defense Initiative (SDI) shortly after the program was announced. The
Boston chapter helped organize a debate related to the software reliability of SDI
systems which drew national attention ("Software Seen as Obstacle in Developing
'Star Wars', Philip M. Boffey, (The New York Times, September 16, 1986) to these
issues. Later, workplace issues, privacy, and community networks were added to
CPSR's agenda.
CPSR began as a chapter-based organization and had chapters in Palo Alto, Boston,
Seattle, Austin, Washington DC, Portland (Oregon) and other US locations as well as
a variety of international chapters including Peru and Spain. The chapters often
developed innovative projects including a slide show about the dangers of launch on
warning (Boston chapter) and the Seattle Community Network (Seattle chapter).
CPSR sponsored two conferences: the Participatory Design Conferences which was
held biennially and the Directions and Implications of Advanced Computing (DIAC)
symposium series which was launched in 1987 in Seattle. The DIAC symposia have
been convened roughly every other year since that time in conjunction with the
Community Information Research Network (CIRN) annual conference. Four books
(Directions and Implications of Advanced Computing; Reinventing Technology,
Rediscovering Community; Community Practice in the Network Society; Shaping the
Network Society; "Liberating Voices: A Pattern Language for Communication
Revolution") and two special sections in the Communications of the ACM ("Social
Responsibility" and "Social Computing") resulted from the DIAC symposia.
CPSR awarded the Norbert Wiener Award for Social and Professional Responsibility.
Some notable recipients include David Parnas, Joseph Weizenbaum, Kristen
Nygaard, Barbara Simons, Antonia Stone, Peter G. Neumann, Marc Rotenberg, Mitch
Kapor, and Douglas Engelbart. The final award in 2013 went posthumously to the
organizations first executive director, Gary Chapman.The organization was
dissolved in May 2013.

Code of Conduct
This Code sets out the professional standards required by the Society as a condition
of membership. It applies to members of all grades, including students, and
affiliates, and also non-members who offer their expertise as part of the Societys
Professional Advice Register. Within this document, the term relevant authority is
used to identify the person or organization which has authority over your activity as
an individual. If you are a practicing professional, this is normally an employer or
client. If you are a student, this is normally an academic institution. The Code
governs your personal conduct as an individual member of the BCS and not the

6
nature of business or ethics of the relevant authority. It will, therefore, be a matter
of your exercising your personal judgment in meeting the Codes requirements. Any
breach of the Code of Conduct brought to the attention of the Society will be
considered under the Societys disciplinary procedures. You should also ensure that
you notify the Society of any significant violation of this Code by another BCS
member. Code of Conduct British Computer Society.

The public Interest

You shall carry out work or study with due care and diligence in accordance with the
relevant authoritys requirements, and the interests of system users.

Relevant Authority
You shall avoid any situation that may give rise to a conflict of interest between you
and your relevant authority. You shall make full and immediate disclosure to them if
any conflict is likely to occur or be seen by a third party as likely to occur. You shall
not disclose or authorize to be disclosed, or use for personal gain or to benefit a
third party, confidential information except with the permission of your relevant
authority.

Duty to the Profession

You shall uphold the reputation and good standing of the BCS the Chartered
Institute.

Professional Competence and Integrity

You shall seek to upgrade your professional knowledge and skill, and shall maintain
awareness of technological developments, procedures and standards which are
relevant to your field, and encourage your subordinates to do likewise.. You shall not
claim any level of competence that you do not possess. You shall only offer to do
work or provide a service that is within your professional competence.
Right to Financial Privacy Act of 1978 RFPA
codified at 12 U.S.C. ch. 35, 3401 et seq. is a United States federal law, Title XI of
the Financial Institutions Regulatory and Interest Rate Control Act of 1978, that
gives the customers of financial institutions the right to some level of privacy from
government searches.
Before the Act was passed, the United States government did not have to tell
professional competence for undertaking a particular job, customers that it was
accessing their records, and customers did not have the right to prevent such
actions. The Act came about after the United States Supreme Court held, in United
States v. Miller 425 U.S. 435 (1976) that financial records are the property of the
financial institution with which they are held, rather than the property of the
customer. The Act prescribes statutory damages of $100 per violation, and a
number of different violations can be aggregated in a class action.

7
Under the RFPA, the FBI could obtain records with a national security letter (NSL)
only if the FBI could first demonstrate the person was a foreign power or an agent of
a foreign power. Compliance by the recipient of the NSL was voluntary, and states'
consumer privacy laws often allowed financial institutions to decline the requests.
[2]
In 1986, Congress amended RFPA to allow the government to compel disclosure
of the requested information. The USA PATRIOT Act of 2001 amended the RFPA.

ACM Code of Ethics and Professional Conduct

Preamble
Commitment to ethical professional conduct is expected of every member (voting
members, associate members, and student members) of the Association for
Computing Machinery (ACM).
This Code, consisting of 24 imperatives formulated as statements of personal
responsibility, identifies the elements of such a commitment. It contains many, but
not all, issues professionals are likely to face. Section 1 outlines fundamental ethical
considerations, while Section 2 addresses additional, more specific considerations of
professional conduct. Statements in Section 3 pertain more specifically to
individuals who have a leadership role, whether in the workplace or in a volunteer
capacity such as with organizations like ACM. Principles involving compliance with
this Code are given in Section 4.
The Code shall be supplemented by a set of Guidelines, which provide explanation
to assist members in dealing with the various issues contained in the Code. It is
expected that the Guidelines will be changed more frequently than the Code.

Four Imperatives
General Moral Imperatives

Contribute to society and human well-being.

Avoid harm to others.
Be honest and trustworthy.
Be fair and take action not to discriminate.
Honor property rights including copyrights and patent.
Give proper credit for intellectual property.
Respect the privacy of others.
Honor confidentiality.

8
More Specific Professional Responsibilites

Strive to achieve the highest quality, effectiveness and dignity in both the
process and products of professional work.
Acquire and maintain professional competence.
Know and respect existing laws pertaining to professional work.
Accept and provide appropriate professional review.
Give comprehensive and thorough evaluations of computer systems and their
impacts, including analysis of possible risks.
Honor contracts, agreements, and assigned responsibilities.
Improve public understanding of computing and its consequences.
Access computing and communication resources only when authorized to do
so.

Organiztional Leadership Imperatives

Articulate social responsibilities of members of an organizational unit and
encourage full acceptance of those responsibilities.
Manage personnel and resources to design and build information systems
that enhance the quality of working life.
Acknowledge and support proper and authorized uses of an organization's
computing and communication resources.
Ensure that users and those who will be affected by a system have their
needs clearly articulated during the assessment and design of requirements;
later the system must be validated to meet requirements.
Articulate and support policies that protect the dignity of users and others
affected by a computing system.
Create opportunities for members of the organization to learn the principles
and limitations of computer systems.

Compliance with the Code

Uphold and promote the principles of this Code.

Treat violations of this code as inconsistent with membership in the
ACM.

of the personal information contained in the files of the credit reporting agencies. It
requires that any person or entity requesting your report must demonstrate a
permissible purpose for the information before it is released. It also designates
the Federal Trade Commission (FTC) as the enforcement authority for the provisions
of the act.

Freedom of information Act (United States)

9
is a federal freedom of information law that allows for the full or partial disclosure of
previously unreleased information and documents controlled by the United States
government. The Act defines agency records subject to disclosure, outlines
mandatory disclosure procedures and grants nine exemptions to the statute. [1]
[2]
This amendment was signed into law by President Lyndon B. Johnson.

Background

With the ongoing stress on both constitutional and inherent rights of American
citizens and the added assertion of government subservience to the individual,
some, particularly representative John Moss, thought it was necessary for
government information to be available to the public. This push built on existing
principles and protocols of government administration already in place.

Others, thoughmost notably President Lyndon B. Johnsonbelieved that certain

types of unclassified government information should nonetheless remain secret.
Notwithstanding the White House's opposition, Congress expanded Section 3 of the
Administrative Procedure Act as a standalone measure in 1966 to further
standardize the publication of government records, consistent with the belief that
the people have the "right to know" about them. The Privacy Act of 1974 was
passed as a countervailing measure to ensure the security of government
documents increasingly kept on private citizens.

Scope

The act explicitly applies only to executive branch government agencies. These
agencies are under several mandates to comply with public solicitation of
information. Along with making public and accessible all bureaucratic and technical
procedures for applying for documents from that agency, agencies are also subject
to penalties for hindering the process of a petition for information.

History

The law came about because of the determination of Congressman John E. Moss of
California. Moss was the chairman of the Government Information Subcommittee. It
took Moss 12 years to get the Freedom of Information Act through Congress
successfully. Much of the desire for government transparency stemmed from the
Department of Defense and Congressional committees evaluation of the nation's
classification system in the late 1950s. They determined that the misuse of
government classification of documents was causing insiders to leak documents

10
that were marked "confidential." The committee also determined that the lowest
rung of the confidentiality ladder "confidential" should be removed. They deemed
that "secret" and "top secret" covered National security adequately. The Moss
Committee took it upon itself to reform confidentiality policy and implement
punishments for the overuse of classification by officials and departments.

CIPS Code of Conduct

Your commitment to the profession

The purpose of this code of conduct is to define behaviors and actions which CIPS
members must commit to maintain as long as they are members of CIPS.

Use of the code

Members of CIPS worldwide are required to uphold this code and to seek
commitment to it by all the parties they engage within their professional practice.

Members should encourage their organization to adopt an ethical procurement and

supply policy based on the principles of this code and raises any matter of concern
relating to business ethics at an appropriate level within their organization.

Members conduct will be judged against the code and any breach may lead to
action under the disciplinary rules set out in the Institutes Royal Charter. Members
are expected to assist any investigation by CIPS in the event of a complaint being
made against them. Find out more about the complaints and disciplinary procedure.

Code of Conduct

Enhance and protect the standing of the profession by:

never engaging in conduct, either professional or personal, which would bring

the profession or the Chartered Institute of Procurement & Supply into
disrepute
not accepting inducements or gifts (other than any declared gifts of nominal
value which have been sanctioned by my employer)
not allowing offers of hospitality or those with vested interests to influence, or
be perceived to influence, my business decisions
being aware that my behavior outside my professional life may have an effect
on how I am perceived as a professional

11
Maintain the highest standard of integrity in all business
relationship by:

rejecting any business practice which might reasonably be deemed improper

never using my authority or position for my own financial gain
declaring to my line manager any personal interest that might affect, or be
seen by others to affect, my impartiality in decision making
ensuring that the information I give in the course of my work is accurate and
not misleading
never breaching the confidentiality of information I receive in a professional
capacity
striving for genuine, fair and transparent competition

Promote the eradication of unethical business practices by:

fostering awareness of human rights, fraud and corruption issues in all my

business relationships
responsibly managing any business relationships where unethical practices
may come to light, and taking appropriate action to report and remedy them
undertaking due diligence on appropriate supplier relationships in relation to
forced labor (modern slavery) and other human rights abuses, fraud and
corruption
continually developing my knowledge of forced labor (modern slavery),
human rights, fraud and corruption issues, and applying this in my
professional life.

Enchance the proficiency and stature of the profession by:

continually developing and applying knowledge to increase my personal skills

and those of the organization I work for
being truthful about my skills, experience and qualifications
fostering the highest standards of professional competence amongst those
for whom I am responsible
optimizing the responsible use of resources which I have influence over for
the benefit of my organization

Ensure full compliance with laws and regulations by:

adhering to the laws of the countries in which I practice, and in countries

where there is no relevant law in place I will apply the standards inherent in
this Code
fulfilling agreed contractual obligations
following CIPS guidance on professional practice

12
Recommendation

The act of saying that someone or something is good and deserves to be

chosen.
The act of recommending
something (such as a procedure) recommended
something that recommends or expresses commendation.

A unified code of ethics

A social contract is an agreement among members of a society to cooperate for

social benefits. The most prominent example, around which Rousseau first
described the social contract in 1762,1 is democratic governance, in which free
citizens exchange some individual freedom for shared state protections. In
democracies, a number of different structures and documents, such as laws and
regulations, make the social contract tangibleand keep it open to debate and
evolution.

A Transdisciplinary Code of Ethics

First, a new social contract should be articulated in a code of ethics that does not
focus on the roles and obligations of just 1 subset of health professionals. The
traditional approach to professionalism in health care has separated health
professionals according to education and credentialing, with each group seeking to
establish its own social contract.

13
14