Week 12 Flashcards
(42 cards)
What are the four major categories of issues because of the internet?
– Information rights – your personal info
– Property rights – how can it be enforced
– Governance –is internet subject to public law?
– Public safety and welfare; gambling, porn, child safety, bullying
why when dealing with IT must there be legal protections?
Information technology is designed to transmit and associate data.
Define privacy
Moral right of individuals to be left alone, free from
surveillance or interference from other individuals or organizations
What is information privacy
Subset of privacy
The claim that certain information should not be collected at all
The claim of individuals to control the use of whatever information is collected about them
What is a web cookie?
A web cookie is a small piece of data stored on the user’s computer by the web browser while browsing a website.
Cookies can also be used to remember
pieces of information that the user previously entered such as names,
addresses, passwords, phone numbers, etc. While cookies offer convenience for users, they also facilitate tracking of users and so have data protection implications
What does GDPR say about cookies
GDPR does not prohibit cookies, but requires users to give permission to use them when they first visit a website.
What sort of data is collected at e commerce sites
Personally identifitable information
– Name, address, phone, e-mail, social security
– Bank & credit accounts, gender, age, occupation,
education
– Preference data (from your browsing habits), transaction data, clickstream
data, browser type
What effect does social networks have on a persons privacy
Encourages sharing personal details
Poses unique challenge to maintaining privacy.
Social networks mean that people post information about themselves and this
information may not be restricted to a limited group.
What is profiling
Creation of digital images that characterize online individual and group behavior
How do advertising networks work on the internet and give an example
– Track consumer and browsing behavior on Web
– Dynamically adjust what user sees on screen
– Build and refresh profiles of consumers
Google Adwords - Businesses pay to get their advertisements ranked at the top of the search results page, based on the keywords that want to target
What are some top adwords
Insurance
Loan
Mortgage
Attorney
Credit
Lawyer
Donate
What is cyberlaw
Laws intended to regulate activities over the internet
– Intellectual property
– Privacy
– Freedom of expression
– Jurisdiction
What are the issues with cyberlaw
Identifying the jurisdiction - usually law is national.
Technology changes very quickly.
What does the data protection act state about collecting data
Obtain and process data fairly
* Specified purpose
* Disclose only if compatible with purpose
* Keep safe and secure
* Accurate, complete and up to date
* Relevant and not excessive
* Retain only as long as necessary
* Comply with access request
What must those holding personal information do?
– Give individuals access to their personal data
– Allow individuals to correct or delete any information that’s incorrect/irrelevant
– Obtain information fairly, openly and transparently
– Use it only for purpose for
which it was originally collected
– Secure it against unauthorised access or loss
– Ensure that it is kept accurate and up to date
- Must not further process data or retain it longer for which it was given
Why can adhering to the data protection act be difficult and give an example
– Conflicts with other legislation
– Lack of clear guidelines
E.G retention of data may be desirable for any possible future criminal
investigation, but this may conflict with data protection law
Explain opt-in and opt- out policies and where they are used
Opt in is the EU standard -You must give your explicit consent to
have data compiled
about you
Opt out is the US standard - Data can be compiled about you unless you
specifically request
otherwise
What regulates government agencies in the US in relation to information systems security
Federal Information Security Management Act of 2002 in the US updated in 2014
by the Federal Information Security Modernization Act and also in 2022 regulates
government agencies in the USA.
Explain informed consent int he US
U.S. firms can gather and redistribute transaction
information without individual’s informed consent – Illegal in Europe
– Opt-in (EU)
– Opt-out (US)
–Many U.S. e-commerce firms merely publish
information practices as part of privacy policy
without providing for any form of informed consent
Explain the European data protection in place
Rules data controllers must adhere to
– Your rights as a data subject
– What can you do if your rights are violated
* Regulates data transfers to non-EU countries - there are some approved countires automatically
What does GDPR stand for
General Data Protection
Regulation
What is Pseudoanonymisation
Preventing processing personal data being attributed to an individual, without extra information.
EX: Replacing a name with a random code (e.g., “John Smith” → “ID12345”)
What is the jurisdiction of the GDPR law and what are fines
International scope
– All organisations providing service in EU whether paid or not. Fine are 4% of annual global turnover or €20 million
What does personal data mean in GDPR
personal data’ means any information, including data that can be combined with other information, relating to an identified or identifiable natural person (‘data subject’)
