11 Legal Issues & Ethics - Tagged

Page 1: Introduction

  • Title: Security in Computing

  • Notable events:

    • The inventor of Autocorrect has died.

    • Legal discussions, issues, and ethics related to computing are highlighted.

Page 2: Protecting Programs and Data

  • Copyrights:

    • Protect the expression of ideas.

    • Authors have exclusive rights to copy and sell their works.

  • Patents:

    • Designed to protect inventions and processes.

    • Focus on tangible objects and scientific advancements rather than arts and literature.

  • Trade Secrets:

    • Critical for providing competitive advantages.

    • Must be closely kept secret to maintain legal protection.

Page 3: Patents

  • Novelty Requirement:

    • Inventions must not be obvious to experts in the field.

    • The patent office must be convinced of the invention’s novelty.

  • Patent Holder Responsibilities:

    • Must take action against infringement to retain rights.

  • Software Patenting:

    • Computer software and algorithms recognized as patentable since 1981.

Page 4: Patent Examples - Facebook

  • Mark Zuckerberg’s Patent:

    • First patent filed by Zuckerberg relates to privacy settings.

    • Approved in July 2012, focuses on dynamically generating privacy summaries.

Page 5: Patent Examples - Google

  • PageRank Patent:

    • Linked webpage valuation algorithm created by Larry Page.

    • Filed in 1998, crucial for improving search result quality and Google’s success.

    • Stanford University originally held rights and received stock for licensing.

Page 6: Patent Examples - Drone

  • Patent of Quadcopter Drone:

    • Edward G. Vanderlip’s 1962 patent for a helicopter drone designed for easy flying.

    • Includes engineering that maintains stability in any direction through rotors.

Page 7: Patent Software

  • Questions for Patent Eligibility:

    • Does software improve the computer or technical processes?

    • Provides examples: insulin pumps and connected cars for better accuracy or safety.

Page 8: Copyrights

  • Copyright Registration:

    • Protects the expression, not the idea.

    • Fair use allows critical usage within educational and research contexts.

    • Software code can be copyrighted, but algorithms cannot unless published.

Page 9: Photocopiers and Piracy

  • Machine Identification Code (MIC):

    • Hidden digital watermark used by color printers to trace document origins.

    • Developed by Xerox, utilized in criminal investigations from 2004.

  • Functionality:

    • Encodes printer serial numbers, printing time, and more in nearly invisible dots.

Page 10: Legal Tracking

  • Forensic Tracking Codes in Printers:

    • Assumed by many manufacturers to be present for document traceability.

Page 11: Trade Secrets

  • Legal Protections for Trade Secrets:

    • Can recover damages if obtained improperly.

    • Not infringement if discovered independently.

  • Reverse Engineering:

    • Cannot protect against software piracy.

Page 12: Comparative Analysis

Copyrights vs. Patents vs. Trade Secrets

  • Copyright: Protects expression, easy filing.

  • Patent: Protects inventions with complicated filing; public disclosure.

  • Trade Secret: Protects competitive advantage, difficult to enforce without disclosure.

Page 13: Rights of Employees/Employers

  • Patent Ownership:

    • Employers may claim rights over patents made during employment.

  • Copyright Licenses:

    • Programmers may grant licenses for a fee with defined usage rights.

  • Trade Secret Ownership:

    • Employers own confidential business information developed by employees.

Page 14: Computer Crime

  • Property Laws:

    • Recognizes data and computer services as property.

  • Evidence Challenges:

    • Authenticating computer-based evidence is difficult.

    • Chain of custody must be clearly tracked for legal proceedings.

Page 15: Legal Challenges in Prosecutions

  • Complexity in prosecuting due to:

    • Lack of understanding among courts and law enforcement.

    • Difficulty in identifying harm from cybercrimes.

    • Victim may choose not to prosecute for trust reasons.

Page 16: UK Computer Statutes

  • Key UK Laws:

    • Computer Misuse Act 1990: Outlines offenses like hacking and unauthorized access.

    • Data Protection Act 2018: Protects personal data.

    • Other relevant acts address various computer-related offenses.

Page 17: Computer Misuse Act 1990

  • CMA Overview:

    • Focus on offenses without explicitly defining ‘computer’ to accommodate tech advances.

  • Key Sections:

    • Section 1: Unauthorized access with intent.

    • Section 3: Acts to impair computer operation, includes recklessness in DDoS attacks.

Page 18: GDPR

  • General Data Protection Regulation:

    • Extends EU data laws to foreign companies handling EU data.

    • Establishes rights for EU citizens regarding personal data use in the digital economy.

Page 19: Ethical Guidelines

  • Commands for Ethical Computing:

    • Respect copyright and ownership, avoid snooping.

Page 20: Comparison of Law and Ethics

  • Law vs. Ethics:

    • Law: formal, written, universally applied.

    • Ethics: personal, unwritten principles guiding individual conduct.

Page 21: Ethical Considerations

  • Steps to analyze ethical issues:

    • Understand the situation and identify ethical principles.

    • Weigh principles and make justified decisions.

Page 22: Ethical Theories

  • Ethical Reasoning Frameworks:

    • Teleological: Actions based on consequences (perceived good vs bad).

    • Deontological: Adherence to established moral rules and responsibilities.

Page 23: The Classic Trolley Problem

  • Scenario: Trolley dilemma involving a decision on whether to save five lives or one.

Page 24: Ethical Frameworks in Trolley Problem

  • Utilitarianism: Favorable towards actions that save more lives regardless of direct consequences.

  • Deontological Perspective: Opposes actions leading directly to death, regardless of overall outcomes.

Page 25: Alternative Trolley Problem

  • The Fat Man Variation: Highlights moral complexities of active vs. passive choices in difficult situations.

  • Applications of the ethical dilemmas in various domains (medical, AI, etc.).

Page 26: Video Reference

  • External Video Link:

    • https://youtu.be/TmlgmOx5vn

Page 27: Computer Use Ethics

  • Dave’s Scenario:

    • Examines the ethics of personal use of company resources for stock management.

Page 28: Ethical Evaluation of Dave's Actions

  • Utilitarian Approach: Balances good vs. bad; minimal system drain.

  • Universalism Principle: Considers the potential for degraded service if universally applied.

Page 29: Privacy Rights Case Study

  • Situation with Donald:

    • Access to tax records and requests for retrieving private names and addresses.

Page 30: Privacy Rights Evaluation

  • Rule-Deontologist Perspective: Upholds the principle of privacy as an inherent good.

Page 31: Fraud Case Study

  • Scenario with Alicia:

    • Tasked to create a program to manipulate company accounting data.

Page 32: Ethical Analysis of Alicia's Dilemma

  • Truth vs. Deception: Evaluates whether the software's purpose is to mislead.

  • Assess ramifications of both actions:

    • Consequences for the company and personal fallout for Alicia.

Page 33: Therac-25 Case

  • Overview:

    • Software failures leading to patient overdoses in radiation therapy, emphasizing software oversight failures.

Page 34: Facebook Mood Manipulation Study

  • Overview of Experiment:

    • Facebook's manipulation of user feeds to study emotional responses, leading to public backlash.

Page 35: The Monster Study

  • Controversial Experiment:

    • Orphans tested with negative speech therapy leading to lifelong speech issues.

Page 36: Ethical Concerns of Autonomous Machines

  • Killer Robots Discussion:

    • Impact of delegating moral decisions to machines and issues of accountability.

Page 37: Security Best Practices Overview

Page 38: Best Practices Details

  • Software Maintenance: Keep software updated to guard against threats.

  • Password Management: Use unique passwords and consider password managers.

  • Ad Blockers: Aid in preventing malicious ads and enhancing browsing speed.

Page 39: Additional Best Practices

  • Monitoring Compromises: Register with haveibeenpwned.com to track data breaches.

  • Two-step Authentication: Adds a robust layer of security on accounts.

  • Changing Default Passwords: Important for IoT devices to enhance security.

Page 40: Cybersecurity Wisdom

  • General advice: Avoid unexplored installations, keep software updated, and remove unnecessary programs.

Page 41: Cybersecurity Certifications Overview

  • Key Certifications to Consider:

    • CISSP, CompTIA Security+, CISM, CISA, SSCP, GSEC, CCSP, CRISC.

Page 42: CompTIA Security+ Details

  • Validates core skills in cybersecurity.

  • Typical salary ranges based on role.

Page 43: CISSP Certification Overview

  • Advanced certification, demonstrating experience and proficiency in security program design and management.

Page 44: Certified Ethical Hacker Certification

  • Focuses on identifying vulnerabilities legally to avert malicious activities.

Page 45: Certified Information Systems Auditor

  • Emphasizes audit competence, security controls, and compliance.

Page 46: Certified Information Security Manager

  • Management-focused certifications, relevant for cybersecurity strategy and governance.

Page 47: GIAC Certified Incident Handler

  • Validates incident handling skills, focusing on response and detection strategies.

Page 48: SSCP Certification

  • Intermediate credential showing hands-on security system management skills.

Page 49: GIAC Security Essentials Certification

  • Entry-level certification, establishing foundational knowledge in security tasks.

Page 50: Google Cybersecurity Certifications

  • Google's Programs: Hands-on experience with cybersecurity tools, both general and cloud computing focused.

Page 51: Blue/Red Team Cybersecurity Certifications

  • Overview of certifications for different focus areas in cybersecurity (blue team defenders vs. red team attackers).

Page 52: RSA Decryption Lab Task

  • Structured steps to practice decryption and message recovery using RSA.

    • Tasks involving factorization, totients, keys, and decryption methodology.

Page 53: Today's Lab Activities

  • Instructions to complete tasks related to Windows fundamentals and active directory.

Page 54: Summary of Key Points

  • Integration of copyright, patent, and trade secret laws in software protection.

  • Interpersonal ethical considerations alongside legal statutes regarding computer crime.

  • Importance of cybersecurity certifications in the job market.