Legal and Ethical
a) Law
§ Law is not always the appropriate way to deal with issue of human behavior.
§ Impossible or impractical to develop laws to describe and enforce all form or behavior acceptable to society.
§ Society relies on ethics or morals to prescribe generally accepted standards of proper behavior.
b) Ethics
§ An ethic is an objective defined standard of right and wrong.
§ Ethical standard are often idealistic principles.
§ Each person is responsible for deciding what to do in a specific situation, hence defines a personal set of ethical practices.
Differences between Laws And Ethics
Law
- Formal, documented
- Interpreted by courts
- Established by legislature representing everyone
- Applicable to everyone
- Priority determined by courts if two laws conflict
- Enforceable by police and courts
Ethic
- Described by unwritten principles
- Interpreted by individuals
- Presented by philosophers, religions, professional group
- Personal choice
- Priority determined by individual if two principles conflict
Ethic Concept in Information Security
- Ethical Differences Across Cultures
- Software License Infringement
- Illicit use
- Misuse of Corporate Resources
- Ethics and Education
- Deterrence
Protecting Program And Data
a) Copyright
§ Are designed to protect the expression of idea.
§ Must apply to an original work and it must be in some tangible medium of expression. Example printed, recorded, or mode concrete in some other way.
§ must apply to an original work and it must be in some tangible medium of expression
b) Patents
§ Designed to protect the device pr process for carrying out an idea, not the idea itself.
§ Can valid only for something that is truly novel or unique.
§ The invention to be patented must not been previously patented.
§ Patented object may be marked with a patent number to warn others that the technology is patent.
c) Trade Secret
§ must be kept a secret
§ the owner must protect the secret by any means, such as by storing it in a safe, encrypting it and by making employees sign a statement that they will not disclose the secret
§ trade secret protection can also vanish through reverse engineering
Information and The Law
Information is valuable in that it is used in businesses and everyday life. Businesses pay for credit reports and client list. We also want inside information about competitors. Information does not fit other familiar commercial paradigms.
Features of information as an object :
§ It can be replicated
§ It has a minimal marginal cost
§ It's value if often timely
§ It is often transferred intangibly
Right of Employees and Employers
- Ownership of a Patent
- Ownership of copyright
- Work for Hire
- Licenses
- Trade Secret Protection
- Employment Contracts
Computer Crimes
A separate category for computer crime is needed because of the following reason:
- Rules of properties
- Rules of Evidence
- Threats to Integrity and Confidentiality
- Value of Data
- Acceptance of Computer Terminology
Privacy
Some ethical issue in security seem to be in the domain of individual's right to privacy verses to greater good of a larger entity. Example: tracking employee computer use, crowd surveillance and etc.
There are four ethical issues of information age:
- Privacy
- Accuracy
- Property
- Accessibility
Control Protecting Privacy
Some controls methods can be used to protect privacy:
- Authentication
- Anonymity
- Computer Voting
- Pseudonymity
- Legal Control
Ethical Issues in Computer Security
- Ethics and Religion
- Ethics is not universal
- Ethics Does Not Provide Answers
- Ethical Reasoning
Examining a Case for Ethical Issue
- Understand the situation
- Know several theories of ethical reasoning.
- List the ethical principles involved
- Determine which principles outweigh others.
