WGU Ethics in Technology D333

Ethics in Technology D333 5.0 (1 review) Students also studied Terms in this set (50) Western Governors UniversityD 333 Save WGU D333 Ethics in Technology - W...332 terms DrkintrudrPreview C839v5/D334 Additional Practice Teacher 165 terms ShawnD_Preview D278 Exam Prep 53 terms Sergeantsavage1 Preview WGU - 85 terms Pon EthicsA code of behavior that is defined by the group to which an individual belongs MoralsThe personal principles upon which an individual bases his or her decisions about what is right and wrong Foreign Corrupt Practices Act (FCPA)Makes it a crime to bribe a foreign official, a foreign political party official, or a candidate for foreign political office US-CERTA partnership between DHS and the public and private sectors that was established to protect the nation's Internet infrastructure against cyberattacks by serving as a clearinghouse for information on new viruses, worms, and other computer security topics Internal Controlthe process established by an organization's board of directors, managers, and IT group to provide reasonable assurance for the effectiveness and efficiency of operations, the reliability of financial reporting, and compliance with applicable laws and regulations.Best achieved through separation of duties Gramm-Leach-Bliley Act (GLBA)Established mandatory guidelines for the collection and disclosure of personal financial information by financial institutions; requires financial institutions to document their data security plans; and encourages institutions to implement safeguards against pretexting The Fair and Accurate Credit Transaction ActAllows consumers to request and obtain a free credit report each year Family Educational Rights and Privacy Act (FERPA) Provides students and their parents with specific rights regarding the release of student records

Executive Order 12333Defines the various government intelligence-gathering agencies and defines what information can be collected, retained, and disseminated by the agencies. It allows for the tangential collection of U.S. citizen data—even when those citizens are not specifically targeted Electronic Communication Privacy Act (ECPA)1) Protection of communication while in transfer from sender to receiver 2) Protection of communications held in electronic storage 3) Prohibition of devices from recording, dialing, routing, addressing, and signaling information without a search warrant -Passed as an amendment to Wiretap Act Title III of the Omnibus Crime Control and Safe Streets Act / Wiretap Act Regulates interception of wire/telephone and oral communication. A warrant must be obtained from a judge to conduct a wiretap, who can approve the warrant only if there is probable cause Communications Assistance for Law Enforcement Act

(CALEA)

Requires the telecommunications industry to build tools into its products that federal investigators can use—after gaining a court order—to eavesdrop on conversations and intercept electronic communications USA Patriot ActModified 15 existing statutes and gave sweeping new powers both to domestic law enforcement and to international intelligence agencies, including increasing the ability of law enforcement agencies to eavesdrop on telephone communication, intercept email messages, and search medical, financial, and other records; the act also eased restrictions on foreign intelligence gathering in the United States USA Freedom ActTerminated the bulk collection of telephone metadata by the NSA instead requiring telecommunications carriers to hold the data and respond to NSA queries for data. The act also restored authorization for roving wiretaps and the tracking of lone wolf terrorists Organization for Economic Co-operation and Development for the Protection of Privacy and Transborder Flows of Personal Data (OECD) Created a set of fair information practices that are often held up as the model for organizations to adopt for the ethical treatment of consumer data. International organization consisting of 35 countries European Union Data Protection DirectiveRequires member countries to ensure that data transferred to non-EU countries is protected. It also bars the export of data to countries that do not have data privacy protection standards comparable to those of the EU, included stopgap measure between EU and US General Data Protection Regulation (GDPR)Addresses the export of personal data outside the EU enabling citizens to see and correct their personal data, standardizing data privacy regulations within the EU, and establishing substantial penalties for violation of its guidelines Freedom of Information Act (FOIA)Grants citizens the right to access certain information and records of the federal government upon request Privacy ActProhibits U.S. government agencies from concealing the existence of any personal data record-keeping system

False Claims Act / Lincoln LawAllows a private citizen to file a suit in the name of the US government, charging fraud by government contractors and other entities who receive or use government funds. Provides protections for whistleblowers E-DiscoveryThe collection, preparation, review, and production of electronically stored information for use in criminal and civil actions and proceedings Predictive CodingA process that couples human intelligence with computer-driven concept searching in order to "train" document review software to recognize relevant documents within a document universe Communications Decency Act (CDA)Intended to protect children from child pornography, but that part was ruled unconstitutional. The part that remained was Section 230, which stated that ISP are immune from defamation charges from published user-generated content Children's Internet Protection Act (CIPA)Requires federally financed schools and libraries to use filters to block computer access to any material considered harmful to minors Digital Millennium Copyright Act (DMCA)Addresses a number of copyright-related issues, with Title II of the act providing limitations on the liability of an ISP for copyright infringement.Also limits liability of ISPs for copyright infringement by subscribers/customers John Doe LawEnable companies to gain subpoena power in an effort to learn the identity of anonymous Internet users who they believe have caused some form of harm to the organization through their postings Controlling the Assault of Non Solicited Pornography and Marketing Act (CAN-SPAM) Specifies requirements that commercial emailers must follow when sending out messages that advertise a commercial product or service Intellectual PropertyUsed to describe works of the mind—such as art, books, films, formulas, inventions, music, and processes—that are distinct and owned or created by a single person or group CopyrightThe exclusive right to distribute, display, perform, or reproduce an original work in copies or to prepare derivative works based on the work Provides less protection for software than patents Fair Use DoctrineDeveloped to help maintain a balance between an author's rights and enabling public access to copyrighted works

Four facets to consider:

(1) the purpose and character of the use (2) the nature of the copyrighted work (3) the portion of the copyrighted work used (4) the effect of the use on the value of the copyrighted work Agreement on Trade-Related Aspects of Intellectual Property Rights / TRIPS Agreement Establishes minimum levels of protection that each government must provide to the intellectual property of all WTO members

PatentA grant of a property right issued by the US Patent and Trademark Office to an inventor (1) It must be useful, (2) It must be novel (3) It must not be obvious to a person having ordinary skill in the same field The Leahy-Smith America Invents ActChanged the U.S. patent system from a "first-to-invent" to a "first-inventor-to file" system and expanded the definition of prior art, which is used to determine the novelty of an invention and whether it can be patented. The act made it more difficult to obtain a patent in the United States Trade Secretinformation must have economic value and must not be readily ascertainable. In addition, the trade secret's owner must have taken steps to maintain its secrecy.

Three key advantages over the use of patents and copyrights:

(1) There are no time limitations on the protection of trade secrets, unlike patents and copyrights (2) there is no need to file any application or otherwise disclose a trade secret to outsiders to gain protection (3) there is no risk that a trade TrademarkA logo, package design, phrase, sound, or word that enables a consumer to differentiate one company's products from another's Strict LiabilityThe defendant is held responsible for injuring another person regardless of negligence or intent Capability Maturity Model Integration (CMMI) Models Collections of best practices that help organizations improve their processes. A best practice is a method or technique that has consistently shown results superior to those achieved with other means, and that is used as a benchmark within a particular industry. ______Development is frequently used to assess and improve software development practices

Five Stages: Initial, Managed, Defined, Quantitatively, Managed, and Optimizing

Annualized Rate of Occurrence (ARO), Single Loss Expectancy (SLE), and Annualized Loss Expectancy (ALE) ARO: An estimate of the probability that an event will occur over the course of a year

SLE: The estimated loss that would be incurred if the event happens

ALE: Estimated loss from this risk over the course of a year, calculated by ARO x

SLE = ALE

International Organization for Standardization (ISO) 9000 Business management standards that require organizations to develop formal quality management systems that focus on identifying and meeting the needs, desires, and expectations of their customers Failure Mode and Effects Analysis (FMEA)An important technique used to develop ISO 9001- compliant quality systems. Is used to evaluate reliability and determine the effects of system and equipment failures.