Computing and IT in the Workplace

CT006-1

Ethical & Legal Issues Part 1

 Learning Outcomes

At the end of this section, YOU should be

able to:
• Explain and describe the common issues that arises
in the use of computing
• Explain and discuss the steps that can be taken to
ensure proper use of IT

CT024 PDT Introduction 2

 Topics we will cover
• Ethics and Society
• Unauthorized use of computers and networks
• Software theft
• Information privacy
• Code of Conduct
• Spyware and Spam

5 Points to remember from each lecture

CT024 PDT Introduction 3

 Ethics and Society

• What are Computer Ethics?

Moral guidelines that govern use of computers and
information systems

Information
Unauthorized Software theft
accuracy
use of computers
and networks Intellectual property
rights—rights to which Codes of
creators are entitled conduct
for their work
Information
privacy
CT024 PDT Introduction 4
 Unauthorized Access and Use
• What is unauthorized access and how is
it achieved?

Use of a computer or
network without permission
Hackers typically break into computer by
connecting to it and then logging in as a
legitimate user
Hacker - someone who accesses a computer or
network illegally. Cracker –
one who accesses a computer or network illegally
with the INTENTION of destroying, stealing data
CT024 PDT Introduction 5
 Unauthorized Access and Use
• How can companies protect against
hackers?
Access control defines who
Intrusion detection software can access computer and
analyzes network traffic, assesses
system vulnerabilities, and identifies
what actions they can take
intrusions and suspicious behavior

Audit trail records

access attempts
CT024 PDT Introduction 6
 Hardware Theft and Vandalism
1. Hardware theft is the act of stealing
computer equipment
 Cables used to lock equipment
 Some notebook computers use
passwords, possessed objects,
and biometrics as security
methods
 For PDAs, you can password-
protect the device
2. Hardware vandalism is the act of
defacing or destroying computer
equipment
CT024 PDT Introduction 7
 Software Theft

• What is software theft?

Software piracy
Act of STEALING or is illegal
illegally COPYING DUPLICATION
software or of copyrighted
intentionally software
ERASING
programs

CT024 PDT Introduction 8

 Software Piracy
• Software piracy - unauthorized copying
or distribution of copyrighted software. How?
• By copying, downloading, sharing, selling or
installing multiple copies onto computers.
• People don't realize that when you purchase
software, you are actually purchasing a license
to use it, not the actual software.
• That license tells you how many times you can
install the software, so it's important to read it. If
you make more copies of the software than the
license permits, you are pirating.
CT024 PDT Introduction 9
 Software Theft
• What is a license agreement?
 Right to use software
 Single-user license agreement allows user to install
software on one computer, make backup copy.

CT024 PDT Introduction 10

 Software Theft
• What are some other safeguards against
software theft?

Product activation allows user to input

product identification number online or by
phone and receive unique installation
identification number

Business Software Alliance (BSA)

promotes better understanding of software
piracy problems

CT024 PDT Introduction 11

 BSA

• The Business Software Alliance is a nonprofit

trade association to advance the goals of the
software industry and its hardware partners,
dedicated to promoting a SAFE AND LEGAL
digital world. Amongst its goals are:
• Protecting intellectual property (copyright,
patents, tech mandates)
• Opening markets to barrier-free trade
• Data security
CT024 PDT Introduction 12
 Information Theft
• What is encryption?
 Safeguards against information theft
 Process of converting plaintext (readable data) into ciphertext
(unreadable characters)
 Encryption key (formula) often uses more than one method
 To read the data, recipient must decrypt or decipher the data

CT024 PDT Introduction 13

 Information Theft

• What does an encrypted file look like?

CT024 PDT Introduction 14

 IT Code of Conduct
• What is an IT code of conduct?
 Written guidelines that determine if computer action
is ethical
 Employers can distribute to employees
IT CODE OF CONDUCT

CT024 PDT Introduction 15

 Information Privacy
• What is information privacy?
Right of individuals and
companies to restrict collection
and use of information about them

Difficult to maintain today

because data is stored online
Employee monitoring is using
computers to observe employee
computer use

Legal for employers to use

monitoring software programs
CT024 PDT Introduction 16
Information Privacy
Some ways to safeguard personal information
Install a cookie manager
Sign up for e-mail
Fill in necessary information to filter cookies filtering through your
on rebate, warranty, and Internet service provider or
registration forms use an antispam program,
Clear your history file when
you are finished browsing such as Brightmail
Avoid shopping club
and buyers cards Set up a free e-mail
account; Do not reply to spam
Inform merchants that you use this e-mail address for for any reason
do not want them to distribute merchant forms
your personal information Turn off file and print
sharing Surf the Web anonymously
on your Internet connection with a program such as
Limit the amount of Freedom Web Secure or
information through an anonymous
you provide to Web sites; fill Install a personal Web site such as
in only required information firewall Anonymizer.com
CT024 PDT Introduction 17
 What is Anonymizer.com
• Is a proxy server that makes Internet
activity untraceable. It protects personally
identifying information by hiding private
information on the user's behalf
• When users anonymize their personal
information it can enable:
1. Risk minimization
2. Taboo electronic communications
3. Identity theft prevention
4. Protection of search history
CT024 PDT Introduction 18
 Information Privacy
• What is an electronic profile?
 Data collected when you fill out form on Web
 Merchants sell
your electronic
profile
 Often you can
specify whether
you want
personal
information
distributed

CT024 PDT Introduction 19

 Information Privacy
• What is a cookie?

Small file on Set browser to

your computer Some Web
sites sell or accept cookies,
that contains prompt you to
data about you trade
information accept cookies,
User or disable
stored in your
preferences cookies
cookies
How
regularly Interests
you visit and
Web sites browsing
habits
CT024 PDT Introduction 20
 Information Privacy
• How do cookies work?
Step 1. When you type a
Web address of a Web site
Step 2. If the
in your browser window, browser finds a
the browser program cookie, it sends the
searches your hard disk
for a cookie associated
information in
with the Web site. cookie file to the
Step 3. If the Web site does not Web site.
receive the cookie info and is
expecting it, the Web site creates
an identification number for you
Web server for
in its database and sends that www.company.c
number to your browser. Browser om

in turn creates a cookie file based

on that number and stores cookie
file on your hard disk. The Web
site now can update info in cookie
files whenever you access the site.
CT024 PDT Introduction 21
Information Privacy

• What is a cookie
manager?

 Software
program
that
selectively
blocks
cookies

CT024 PDT Introduction 22

 Information Privacy
1. Spyware is program
placed on computer
without user’s
knowledge
 Secretly collects
information
about the user
2. Spam is unsolicited
e-mail message sent
to many recipients

CT024 PDT Introduction 23

 What is Spyware
• General term to describe software
that performs certain behaviors without obtaining
consent, such as:
a) Advertising & Collecting personal information
b) Changing the configuration of your computer
• Often associated with software that displays
advertisements (called adware) or software that
tracks personal or sensitive information.
• It can change your computer, causing it to slow
down/crash; change your web browser's
home/search page
CT024 PDT Introduction 24
 Information Privacy

• How can you control spam?

Collects spam in
Service that
blocks e-mail E-mail filtering central location
that you can
messages from
view any time
designated
sources

Anti-spam program
Attempts to Sometimes
remove spam removes valid
e-mail messages
CT024 PDT Introduction 25
 Privacy Law
• What privacy laws have been enacted?

CT024 PDT Introduction 26

 Privacy Law
• What privacy laws have been enacted? (cont’d)

CT024 PDT Introduction 27

 Content Filtering
 Process of restricting access to certain material
Internet Content
Rating
Association
(ICRA) provides
rating system of
Web content

Web filtering
software
restricts access
to specified sites

CT024 PDT Introduction 28

 Review Questions

 What are the issues surrounding

information privacy?
 Explain the process of encryption and
discuss on why this process is needed.
 How to prevent unauthorized computer
access and discuss the implications
based on the case study given.

CT024 PDT Introduction 29

 Question and Answer Session

Q&A

CT024 PDT Introduction 30

What we will cover next

Topic and Structure of next session

Ethical and Legal Issues Part 2

CT024 PDT Introduction 31