Information Technology Reference
In-Depth Information
Security measures, such as using passwords, identifica-
tion numbers, and data encryption, help to guard against
illegal computer access, especially when supported by effec-
tive control procedures. Encryption enables users of an unse-
cured public network such as the Internet to securely and
privately exchange data through the use of a public and a pri-
vate cryptographic key pair that is obtained and shared
through a trusted authority. The use of biometrics, involving
the measurement of a person's unique characteristics, such
as fingerprints, irises, and retinal images, is another way to
protect important data and information systems. Virus-scan-
ning software identifies and removes damaging computer
programs. Law enforcement agencies armed with new legal
tools enacted by Congress now actively pursue computer
criminals.
Although most companies use data files for legitimate,
justifiable purposes, opportunities for invasion of privacy
abound. Privacy issues are a concern with government agen-
cies, e-mail use, corporations, and the Internet. The Chil-
dren's Internet Protection Act was enacted to protect minors
using the Internet. The Privacy Act of 1974, with the support
of other federal laws, establishes straightforward and easily
understandable requirements for data collection, use, and
distribution by federal agencies; federal law also serves as a
nationwide moral guideline for privacy rights and activities by
private organizations. The USA Patriot Act, passed only five
weeks after the September 11 terrorist attacks, requires
Internet service providers and telephone companies to turn
over customer information, including numbers called, with-
out a court order, if the FBI claims that the records are
relevant to a terrorism investigation. Also, the company is
forbidden to disclose that the FBI is conducting an investiga-
tion. Only time will tell how this act will be applied in the future.
The Gramm-Leach-Bliley Act requires all financial institu-
tions to protect and secure customers' nonpublic data from
unauthorized access or use. Under terms of this act, it is
assumed that all customers approve of the financial institu-
tions collecting and storing their personal information.
A business should develop a clear and thorough policy
about privacy rights for customers, including database
access. That policy should also address the rights of employ-
ees, including electronic monitoring systems and e-mail.
Fairness in information use for privacy rights emphasizes
knowledge, control, notice, and consent for people profiled in
databases. People should know about the data that is stored
about them and be able to correct errors in corporate
database systems. If information on people is to be used for
other purposes, they should be asked to give their consent
beforehand. Each person has the right to know and the ability
to decide. Platform for Privacy Preferences (P3P) is a screen-
ing technology that shields users from Web sites that don't
provide the level of privacy protection they desire.
Principle
Jobs, equipment, and working conditions must be
designed to avoid negative health effects from
computers.
Computers have changed the makeup of the workforce and
even eliminated some jobs, but they have also expanded and
enriched employment opportunities in many ways. Jobs that
involve heavy use of computers contribute to a sedentary
lifestyle, which increases the risk of health problems. Some
critics blame computer systems for emissions of ozone and
electromagnetic radiation. Use of cell phones while driving
has been linked to increased car accidents.
The study of designing and positioning computer equip-
ment, called ergonomics, has suggested some approaches to
reducing these health problems. Ergonomic design principles
help to reduce harmful effects and increase the efficiency of
an information system. The slope of the keyboard, the posi-
tioning and design of display screens, and the placement and
design of computer tables and chairs are essential for good
health. RSI prevention includes keeping good posture, not
ignoring pain or problems, performing stretching and
strengthening exercises, and seeking proper treatment.
Although they can cause negative health consequences,
information systems can also be used to provide a wealth of
information on health topics through the Internet and other
sources.
Principle
Practitioners in many professions subscribe to a code
of ethics that states the principles and core values
that are essential to their work.
Ethics determine generally accepted and discouraged activi-
ties within a company and society at large. Ethical computer
users define acceptable practices more strictly than just
refraining from committing crimes; they also consider the
effects of their IS activities, including Internet usage, on other
people and organizations. The Association for Computing
Machinery developed guidelines and a code of ethics. Many IS
professionals join computer-related associations and agree
to abide by detailed ethical codes.
