D333 Ethics In Technology Glossary Terms

AUP

acceptable use policy

A document that stipulates restrictions and practices that a user must agree in order to use organizational computing and network resources.

APT

advanced persistent threat

A network attack in which an intruder gains access to a network and stays there—undetected— with the intention of stealing data over a long period of time (weeks or even months).

TRIPS

Trade-Related Aspects of Intellectual Property Rights (TRIPS)

An agreement of the World Trade Organization that requires member governments to ensure that intellectual property rights can be enforced under their laws and that penalties for infringement are tough enough to deter further violations.

anonymous expression

The expression of opinions by people who do not reveal their identity.

anonymous remailer service

A service that allows anonymity on the internet by using a computer program that strips the originating header and/or IP address from the message and then forwards the message to its intended recipient.

anti-SLAPP

(strategic lawsuit against public participation [SLAPP]

anti-SLAPP laws

Laws designed to reduce frivolous SLAPPs which is a lawsuit filed by corporations, government officials, and others against citizens and community groups who oppose them on matters of concern).

strategic lawsuit against public participation (SLAPP)

A lawsuit filed by corporations, government officials, and others against citizens and community groups who oppose them on matters of concern. The lawsuit is typically without merit and is used to intimidate critics out of fear of the cost and effort associated with a major legal battle.

antivirus software

Software that scans for a specific sequence of bytes, known as a virus signature, that indicates the presence of a specific virus.

artificial intelligence systems

The people, procedures, hardware, software, data, and knowledge needed to develop computer systems and machines that can simulate human intelligence processes, including learning (the acquisition of information and rules for using the information), reasoning (using rules to reach conclusions), and self-correction (using the outcome from one scenario to improve its performance on future scenarios).

audit committee

A group that provides assistance to the board of directors in fulfilling its responsibilities with respect to the oversight of the quality and integrity of the organization's accounting and reporting practices and controls, including financial statements and reports; the organization's compliance with legal and regulatory requirements; the qualifications, independence, and performance of the company's independent auditor; and the performance of the company's internal audit team.

Bathsheba syndrome

The moral corruption of people in power, which is often facilitated by a tendency for people to look the other way when their leaders act inappropriately.

blended threat

A sophisticated threat that combines the features of a virus, worm, Trojan horse, and other malicious code into a single payload.

body of knowledge

An agreed-upon sets of skills and abilities that all licensed professionals must possess.

botnet

A large group of computers, which are controlled from one or more remote locations by hackers, without the knowledge or consent of their owners.

breach of contract

The failure of one party to meet the terms of a contract.

breach of the duty of care

The failure to act as a reasonable person would act.

bribery

The act of providing money, property, or favors to someone in business or government in order to obtain a business advantage.

BYOD

bring your own device (BYOD)

A business policy that permits, and in some cases, encourages employees to use their own mobile devices (smartphones, tablets, or laptops) to access company computing resources and applications, including email, corporate databases, the corporate intranet, and the Internet.

BSA | The Software Alliance (BSA)

A trade group that represent the world's largest software and hardware manufacturers.

business continuity plan

A risk-based strategy that includes an occupant emergency evacuation plan, a continuity of operations plan, and an incident management plan with an active governance process to minimize the potential impact of any security incident and to ensure business continuity in the event of a cyberattack or some form of disaster.

CAPTCHA

(Completely Automated Public Turing Test to Tell Computers and Humans Apart)

Software that generates and grades tests that humans can pass and all but the most sophisticated computer programs cannot.

certification

Indicates that a professional possesses a particular set of skills, knowledge, or abilities, in the opinion of the certifying organization. Certification can also apply to products (e.g., the Wi-Fi CERTIFIED logo assures that the product has met rigorous interoperability testing to ensure that it will work with other Wi-Fi-certified products) and is generally voluntary.

COPA

Child Online Protection Act

An act signed into law in 1998 with the aim of prohibiting the making of harmful material available to minors via the internet; the law was ultimately ruled largely unconstitutional.

CIPA

Children's Internet Protection Act

An act passed in 2000; it required federally financed schools and libraries to use some form of technological protection (such as an internet filter) to block computer access to obscene material, pornography, and anything else considered harmful to minors.

CIA security triad

Refers to confidentiality, integrity, and availability.

CDS

clinical decision support

A process and a set of tools designed to enhance healthcare-related decision making through the use of clinical knowledge and patient-specific information to improve healthcare delivery.

code of ethics

A statement that highlights an organization's key ethical issues and identifies the overarching values and principles that are important to the organization and its decision-making.

CDA

Communications Decency Act

Title V of the Telecommunications Act, it aimed at protecting children from pornography, including imposing $250,000 fines and prison terms of up to two years for the transmission of "indecent" material over the internet.

compliance

To be in accordance with established policies, guidelines, specifications, or legislation.

computer forensics

A discipline that combines elements of law and computer science to identify, collect, examine, and preserve data from computer systems, networks, and storage devices in a manner that preserves the integrity of the data gathered so that it is admissible as evidence in a court of law.

CPOE system

computerized provider order entry

A system that enables physicians to place orders (for drugs, laboratory tests, radiology, physical therapy) electronically, with the orders transmitted directly to the recipient.

conflict of interest

A conflict between a person's (or firm's) self-interest and the interests of a client.

contingent work

A job situation in which an individual does not have an explicit or implicit contract for long-term employment.

CAN-SPAM

Controlling the Assault of Non-Solicited Pornography and Marketing

A law that specifies that it is legal to spam, provided the messages meet a few basic requirements—spammers cannot disguise their identity by using a false return address, the email must include a label specifying that it is an ad or a solicitation, and the email must include a way for recipients to indicate that they do not want future mass mailings.

copyright

The exclusive right to distribute, display, perform, or reproduce an original work in copies or to prepare derivative works based on the work; granted to creators of original works of authorship.

copyright infringement

A violation of the rights secured by the owner of a copyright; occurs when someone copies a substantial and material part of another's copyrighted work without permission.

corporate compliance officer

AKA corporate ethics officer - A senior-level manager who provides an organization with vision and leadership in the area of business conduct.

corporate ethics officer

A senior-level manager who provides an organization with vision and leadership in the area of business conduct.

CSR

corporate social responsibility

The concept that an organization should act ethically by taking responsibility for the impact of its actions on its shareholders, consumers, employees, community, environment, and suppliers.

CPC

cost per click

One of the two common methods of charging for paid media, where ads are paid for only when someone actually clicks on them.

CPM

cost per thousand impressions

One of the two common methods of charging for paid media, where ads are billed at a flat rate per 1,000 impressions, which is a measure of the number of times an ad is displayed whether it was actually clicked on or not.

cyberabuse

Any form of mistreatment or lack of care, both physical and mental, based on the use of an electronic communications device that causes harm and distress to others.

cyberespionage

The deployment of malware that secretly steals data in the computer systems of organizations, such as government agencies, military contractors, political organizations, and manufacturing firms.

cyberharassment

A form of cyberabuse in which the abusive behavior, which involves the use of an electronic communications device, is degrading, humiliating, hurtful, insulting, intimidating, malicious, or otherwise offensive to an individual or group of individuals causing substantial emotional distress.

cybersquatter

A person or company that registers domain names for famous trademarks or company names to which they have no connection, with the hope that the trademark's owner will buy the domain name for a large sum of money.

cyberstalking

Threatening behavior or unwanted advances directed at an adult using the Internet or other forms of online and electronic communications; the adult version of cyberbullying.

cyberterrorism

The intimidation of government or civilian population by using information technology to disable critical national infrastructure (e.g., energy, transportation, financial, law enforcement, and emergency response) to achieve political, religious, or ideological goals.

DSS

decision support system (DSS)

A type of business information system used to improve decision making in a variety of industries.

defamation

Making either an oral or a written statement of alleged fact that is false and that harms another person.

Defend Trade Secrets Act of 2016

An act passed in 2016 that amended the Economic Espionage Act to create a federal civil remedy for trade secret misappropriation.

DHS

Department of Homeland Security (DHS)

A large federal agency with more than 240,000 employees and a budget of almost $65 billion whose goal is to provide for a "safer, more secure America, which is resilient against terrorism and other potential threats."

design patent

A type of patent that permits its owner to exclude others from making, using, or selling the design in question.

DMCA

Digital Millennium Copyright Act (DMCA)

Signed into law in 1998, the act addresses a number of copyright-related issues, with Title II of the act providing limitations on the liability of an Internet service provider for copyright infringement.

disaster recovery plan

A documented process for recovering an organization's business information system assets—including hardware, software, data, networks, and facilities— in the event of a disaster.

DDoS

distributed denial-of-service (DDoS) attack

An attack in which a malicious hacker takes over computers via the Internet and causes them to flood a target site with demands for data and other small tasks.

doxing

Doing research on the internet to obtain someone's private personal information—such as home address, email address, phone numbers, and place of employment—and even private electronic documents, such as photographs, and then posting that information online without permission.

duty of care

The obligation to protect people against any unreasonable harm or risk.

earned media

Media exposure an organization gets through press and social media mentions, positive online ratings, reviews, tweets and retweets, reposts (or "shares"), recommendations, and so on.

EEA of 1996

Economic Espionage Act (EEA)

An act passed in 1996 to help law enforcement agencies pursue economic espionage. It imposes penalties of up to $10 million and 15 years in prison for the theft of trade secrets.

EHR

electronic health record (EHR)

A comprehensive view of the patient's complete medical history designed to be shared with authorized providers and staff from more than one organization.

EMR

electronic medical record (EMR)

A collection of health-related information on an individual that is created, managed, and consulted by authorized clinicians and staff within a single healthcare organization.

EPEAT

Electronic Product Environmental Assessment Tool (EPEAT)

A system that enables purchasers to evaluate, compare, and select electronic products based on a total of 51 environmental criteria.

employee leasing

A business arrangement in which an organization (called the subscribing firm) transfers all or part of its workforce to another firm (called the leasing firm), which handles all human resource related activities and costs, such as payroll, training, and the administration of employee benefits. The subscribing firm leases these workers to an organization, but they remain employees of the leasing firm.

encryption

The process of scrambling messages or data in such a way that only authorized parties can read it.

encryption key

A value that is applied (using an algorithm) to a set of unencrypted text (plaintext) to produce encrypted text that appears as a series of seemingly random characters (ciphertext) that is unreadable by those without the encryption key needed to decipher it.

ethics

A code of behavior that is defined by the group to which an individual belongs.

exploit

An attack on an information system that takes advantage of a particular system vulnerability.

fair use doctrine

A legal doctrine that allows portions of copyrighted materials to be used without permission under certain circumstances. Title 17, section 107, of the U.S. Code established the following four factors that courts should consider when deciding whether a particular use of copyrighted property is fair and can be allowed without penalty: 1) the purpose and character of the use (such as commercial use or nonprofit, educational purposes), 2) the nature of the copyrighted work, 3) the portion of the copyrighted work used in relation to the work as a whole, and 4) the effect of the use on the value of the copyrighted work.

False Claims Act

A law enacted during the U.S. Civil War to combat fraud by companies that sold supplies to the Union Army; also known as the Lincoln Law. See also qui tam.

firewall

Hardware or software (or a combination of both) that serves as the first line of defense between an organization's network and the Internet; a firewall also limits access to the company's network based on the organization's internet-usage policy.

First Amendment

The first amendment in the U.S. Constitution that protects Americans' rights to freedom of religion, freedom of expression, and freedom to assemble peaceably.

FCPA

Foreign Corrupt Practices Act (FCPA)

An act that makes it a crime to bribe a foreign official, a foreign political party official, or a candidate for foreign political office.

fraud

The crime of obtaining goods, services, or property through deception or trickery.

gig economy

A work environment in which temporary positions are common and organizations contract with independent workers for short-term engagements.

government license

A government-issued permission to engage in an activity or to operate a business.

green computing

Efforts directed toward the efficient design, manufacture, operation, and disposal of IT-related products, including personal computers, laptops, servers, printers, and printer supplies.

H-1B visa

A temporary work visa granted by the U.S. Citizenship and Immigration Services (USGIS) for people who work in specialty occupations jobs that require a four-year bachelor's degree in a specific field, or equivalent experience.

hate speech

Persistent or malicious harassment aimed at a specific person that can be prosecuted under the law.

HIE

health information exchange (HIE)

The process of sharing patient-level electronic health information between different organizations.

HITECH Act

Health Information Technology for Economic and Clinical Health Act

A program to incentivize physicians and hospitals to implement such systems. Under this act, increased Medicaid and Medicare reimbursements are made to doctors and hospitals that demonstrate "meaningful use" of electronic health record (EHR) technology.

high-quality software systems

Systems that are easy to learn and use because they perform quickly and efficiently; they meet their users' needs; and they operate safely and reliably so that system downtime is kept to a minimum.

independent contractor

An individual who provides services to another individual or organization according to terms defined in a written contract or within a verbal agreement.

industrial espionage

The use of illegal means to obtain business information not available to the general public.

information security (infosec) group

A group within an organization managing the processes, tools, and policies necessary to prevent, detect, document, and counter threats to digital and nondigital information, whether it is in transit, being processed, or at rest in storage.

integrity

Adherence to a personal code of principles.

intellectual property

Works of the mind—such as art, books, films, formulas, inventions, music, and processes—that are distinct and owned or created by a single person or group. Intellectual property is protected through copyright, patent, trade secret, and trademark laws.

internal control

The process established by an organization's board of directors, managers, and IT systems people to provide reasonable assurance for the effectiveness and efficiency of operations, the reliability of financial reporting, and compliance with applicable laws and regulations.

Internet censorship

The control or suppression of the publishing or accessing of information on the internet.

Internet filter

Software that can be used to block access to certain websites that contain material deemed inappropriate or offensive.

IDS

intrusion detection system (IDS)

Software and/or hardware that monitors system and network resources and activities and notifies network security personnel when it detects network traffic that attempts to circumvent the security measures of a networked computer environment.

ISAE No. 3402

Developed to provide an international assurance standard for allowing public accountants to issue a report for use by user organizations and their auditors (user auditors) on the controls at a service organization that are likely to impact or be a part of the user organization's system of internal control over financial reporting. The international counterpart to SSAE No. 16. See also SSAE No. 16 audit report.

ISO 9001 family of standards

A set of standards written to serve as a guide to quality products, services, and management. It provides a set of standardized requirements for a quality management system.

IT user

A person who uses a hardware or software product; the term distinguishes end users from the IT workers who develop, install, service, and support the product. IT users need the product to deliver organizational benefits or to increase their productivity.

John Doe lawsuit

A type of lawsuit that organizations may file in order to gain subpoena power in an effort to learn the identity of anonymous internet users who they believe have caused some form of harm to the organization through their postings.

labor productivity

A measure of economic performance that compares the amount of goods and services produced (output) with the number of labor hours used in producing those goods and services.

law

A system of rules that tells us what we can and cannot do.

Leahy-Smith America Invents Act

An act that changed the U.S. patent system so that the first person to file with the U.S. Patent and Trademark Office will receive the patent, not necessarily the person who actually invented the item first.

libel

A written defamatory statement.

live telemedicine

A form of telemedicine in which patients and healthcare providers are present at different sites at the same time; often involves a videoconference link between the two sites.