Illegal Use of Sensitive Information Between the Consumers and the Online Vendors - Research Paper Example

There are a myriad of computer laws that are being followed in my country (Canada). To name a few, there are: 1984 Computer Fraud and Abuse Act (CFAA), Electronic Communications Privacy Act (ECPA), Children’s Online Privacy Protection Act (COPPA), and Health Insurance Portability and Accountability Act (HIPAA). CFAA deals with penalties for the intruders who gain access to sensitive information stored in a computer without authorized access. Computers have to be protected when the consumers carry out commercial activities, engage in cross-border e-commerce, and make online business transactions and email communications with online traders. The Act applies penalties upon the identity thieves, starting from 10 years to 20 years of imprisonment. ECPA was designed in the 1980s. It applies penalties upon the persons who gain access to and make illegal use of the sensitive information that has been exchanged between the consumers and the online vendors through electronic communication techniques such as electronic mails, text messages, video conferences, chatting, and etcetera. COPPA was designed in 1998 and became effective on April 2000. COPPA put forward rules and regulations that are to be applied on the commercial website owners and internet service providers who know which websites are being used by children and collect personal information from them with or without their parents’ consent. The Canadian province, British Columbia, presented in the 2008 Legislative Session: 4th Session, 38th Parliament, the legislation about e-Health and its services so that the consumers could benefit from e-Health’s secure and steadfast solutions right from the comfort of their homes. This legislation is named as E-Health (Personal Health Information Access and Protection of Privacy) Act that is basically about the security issue of the EHRs. The law clearly states that anybody, who is accessing the data stored in these electronic records either with the idea of adding information or retrieving information for any purpose, must have proper authorization. Moreover, the patients have access to the health information banks and retain the power of disclosing or not disclosing their personal information. The disclosure of information, such as for research purposes, would be the responsibility of the data stewardship committee specially designed for this purpose. The Canadian Press (cited in Swartz 2008) states that any person or organization violating the law will be fined $200,000 (Cdn.). One case that has been tried with the Canadian PIPEDA law (Personal Information Protection and Electronic Documents Act) is that of Nicole Landry v. Royal Bank of Canada, 2011 FC 687 (CanLII), in which the applicant complained to the Office of the Privacy Commissioner of Canada that the Royal Bank of Canada had disclosed her personal bank records to her spouse. She sought $75,000 in damages. The applicant was awarded the money as a compensation for the dishonor that she suffered at the hands of the bank (Feather 2011), although she had hidden certain bank records during the bank proceedings. But since the PIPEDA law requires the court to award the damages if the law is violated, Landry was compensated even when she had concealed important records. References Feather, T., 2011. Federal Court Awards Damages for Breach of Privacy. [Online] Available at [Accessed 8 September 2012] Swartz, N., 2008. B.C. law secures e-health records. Information Management Journal. [Online] Available at [Accessed 8 September 2012] Week 1 DQ 2: Ethics, Laws, and Motives The main issue is “What makes an act right” in thinking about ethical theories, so that we know the implications of our acts upon the society. The strongest contributing factor in deciding what is right, and what is not, is our moral upbringing, which imparts in our personalities that conscientiousness, self-esteem, and integrity, that is necessary for deciding between right and wrong. Kantian ethics describe that those acts should be considered as right which seek our good will. The limitation of this approach is that this good will lies in the motive of the act, and not in the consequences. In the field of information technology, special consideration should be given to social and legal issues. For example, to escape identity theft in the cyber world, it is important to educate the users of internet and computer systems about “intellectual property rights issues, privacy/ surveillance issues, access to data issues and issues of human-computer interaction” (Stahl, Carroll-Mayer & Norris 2006:298). They should be able to relate principled reasoning to ethical cases. They should know that the other person’s identity is something that is his own property and not theirs; that they have no right upon others’ personal information, and they cannot use or disclose it without the owner’s permission. A virtual world businessman should respect his employees’ and clients’ personal identification data and should take measures to lock and protect the databases and data warehouses from unauthorized access. Even at very personal level, an internet user must know that he is supposed to protect and defend the second person’s identification information and at the same time, he should be aware of security breaches proposed by the World Wide Web so the he is able to protect his own identity (Weber 2008). Legal issues involve the implementation of identity theft related laws, rules, and regulations. Similarly, in case of forensic computing, for example, there are many ethical considerations, like the security professionals should be familiar with laws and legislation that have been passed in order to make sure that internet frauds like identity theft do not take place. They should be aware of privacy rights and ethical and moral clauses found in these laws so that they may be able to better solve the case. They must know what legal issues are involved in handling a standalone computer system. There is difference between an unethical act and an illegal act. An unethical act is only against the moral standards. The society does not accept it, but there are no laws for the regulation of unethical acts. Contrarily, an illegal act is banned by the country’s laws, as well as not being accepted by the society. For example, it is unethical for the authorities not to educate the e-consumers on their right of privacy; whereas, it is illegal not to follow privacy protection acts and laws. Hence the difference is in the criminal motive, which in case of unethical acts is simply against the values, and in case of illegal acts, means to violate the law. References Stahl, B., Carroll-Mayer, M., & Norris, P., 2006. Legal, professional, and ethical content. Forensic Computing: The Problem of Developing a Multidisciplinary University Course. [Online] Available at [Accessed 7 September 2012] Weber, E., 2008. Ethics and identity theft: who can you trust? Everyday Ethics. [Online] Available at < http://everyday-ethics.org/2008/08/ethics-and-identity-theft-who-can-you-trust/ > [Accessed 8 September 2012] Read More