Crime and the Internet - Research Proposal Example

Introduction The need for advanced information technology by our society is increasing at a high speed each day. Examples are in banks, by insurance entities, in hospitals as well as in other business ventures, while providing services. Today, the internet is the main from of communication as well as the way of doing business. However, threat to customers/suppliers financial information is high over the internet. Such information held by businessmen in databanks is at risk from illegal users (hackers) who collect and use, collect and spread or manipulate such information to other parties. In this paper, the ethical issues involved in information loss by a venture due to internet crime will be dealt with. Further, security applications in use to prevent loss through internet crime will be reviewed. Literature Review According to Paul, A. (2002), the future of e-commerce is dependent on the security of customer information held in databanks (p.258). Financial data held by business ventures; insurance entities, by hospitals, by banks etc, are under threat and is being accessed day by day. Computer viruses, on-line manipulation and re-distribution as well as malicious use of the information gained illegally are some of the attacks leading to much loss through the internet. To Paul, A. (2002), customer perception on internet security matters has been dwindling and many of them admit to not giving out their details due to the fear of losing them which translates to loosing financially (p.258). Most of the targeted information includes; credit card data, identity card number, social security card numbers among other forms. Many ventures have resulted to using World Wide Web (WWW) to design their own websites were they can reach customers at ease and conduct their businesses since the web is a sure way of reaching them within less than 12 hours (Elizabeth, T. et al, 2002, p.238). In such cases, details of transactions can be accessed from any computer inside the organization’s premises as well as online by the customers or the illegal users. In this regards, fake websites have been designed mainly to dupe people that they are a certain organization’s genuine site but they exist for fraudulent reasons. According to Elizabeth, the maiden goal of every commercial service is to give the right information to the right parties while maintaining the others at bay. Organizations have been loosing information to hackers who have continued to perfect their skills in the illegal business (Ya-Ching, L. 2003). Actions of this magnitude have led to the big question of how secure information held by organizations is. According to experts, loosing such information is dangerous to any business objectives since its future depends entirely on security. According to Sushil, K. and Jatinder N. (2002), data loss amounts to time and money wasted by an organization. Due to this, organizations which have huge customer information databases are facing a tough challenge aimed at safeguard the information for their benefit and that of their customers/suppliers. To Sushil, K. and Jatinder N. (2002), the existing systems of safety are aimed at correcting mistakes which have already happened and have very little regarding prevention of future happenings. To lessen the burden of internet crime, organizations have come up with tangible mechanism to contain the menace. The aspect of sensitizing people (customers) to hide their details as much as possible from external sources (illegal users) is one of the aspects in use. This has gone further since all commercial ventures dealing with customers over the website have issued security warnings on their sites to alert their customers/suppliers of the danger of devolving information with little regard of who will access it (Elizabeth, T. et al 2002, p.238). To Kostas, M. (2004), sensitization policies have proved to be an important aspect in controlling and use of sensitive information held by organizations. According to Paul, A. (2002), consumers/suppliers have much trust if transactions occur according to expectations; to them, credibility and security of privacy is priority. However, sensitization is not the best since most of the illegal accesses are perpetrated from within the organization’s premises. This means that, not all do as per sensitization and that, regardless of the policies, organizations continues to suffer a great deal from external attacks as compared to internal ones. Internet crime has been an inconvenience to many people in that, people struggle not to give information yet they need services. This is traumatizing to people as they are held hostage at times while they are in dire need for services from banks, hospitals and in other demanding places. Taking for example when a bank looses customer’s information when the databases are hacked, they are forced to cut services to deserving customers who have got nothing to do with the act of data loss. Comprehensive security measures are also in use by many organizations as they are effective due to the fact that they solve the problem of information loss without complex procedures (Dimitris, A.G. 2004). One of the measures in use has been intrusion detection which generates an alert signal when the database is being probed from outside by a hacker or by illegal internal users (Sushil, K. and Jatinder, N. 2002). Also in use is the encryption of data to restrict its readability by hackers since encrypted data is only readable if one has the codes; it is one of the effective measures used to curb internet crime which is evolving day by day. In the case of an organization database, user passwords have been developed to make sure that only the concerned have access to it. To Dimitris, A.G. (2004), blind signatures capable of hiding the true identity of the sender of any piece of information are in use. These signatures make sure that, when a customer/supplier sends his/her details, they cannot be intercepted during transmission (p.10). Also, IT departments involved in all issues concerning the organizations computer security have been prioritized. Internet crime has led to many losses to organizations and individuals. When an organization looses information of a customer/supplier, it looses financially in that, first the customers will not be able to transact a business meaning no profit accruals. Further, it means that the organization will have to dig deeper for more finances so as to make the system secure to the state it was before the intrusion and if possible to make it secure to avoid such attacks in the future. According to Elizabeth, T. et al (2002), loss of such information may render the organization problems while trying to recover it. She cites an example where a bank looses credit card information of its customers to a hacker. For the sake of security, affected services are cut off loosing compared to if the customers/suppliers were still transacting business. To her further, in some instances, hackers alter information e.g. bank balance, making the bank to pay more; this is a loss. Such instances have made organization’s to loose market niche. Organized internet crime safeguards prevent loss of reputation, customers and suppliers (Elizabeth, T. et al. 2002). To her, reputation is an asset which many yearn for and which takes years (decades) to build but information loss can do away with all such gains. When a customer looses his/her information say; email address, then ethically this is annoying and leads to an organization loosing its credibility. If e-mail addresses are stolen, the customer will be pestered marketing messages which are probing and deceitful. Methodology The study will involve both individuals and organizations. Design of the study The study took part in a period of two weeks. The participants (both organizations and individuals) will be given questionnaires fill. The questionnaires for the individuals will be different from the questionnaires of the individuals in that, individuals do not have databases. The individual questionnaire will have a part on; Job experience, Years one had spend in education, The gender, The times one uses internet in a week, His/her age, Whether he/she has ever lost information over the internet, One’s race , The kind of job he/she does, Whether any of their friends has ever been a victim, What he/she feels in case of probing e-mail messages, Why people engage in internet crime, The security measures he/she takes to avoid internet crime, and Ones opinion on what should be done to curb internet crime. The organizations questionnaire will have parts on; Whether the organization has a database, Whether they have ever lost information, The security preparedness of the organization among many other aspects The job experience will tell if one has been using internet in the day to day operations or not incase the frequency of use of internet will not to be answered. Both questionnaires will be well structured in terms of instruction and questions. A panel of experts will be convened to panel-beat the questionnaires before they can be rolled out so as to ensure that hallo as well as ambiguity is done away with. Before administering them, they will be test-retested to make sure that, the data which will be collected from them will attain the required scientific research rigor. Sample determination A population of 500 will be selected for the study. The sample will be collected using simple random sampling so that un-biasness can be attained. In the sample, males and females will be equal in number (250 males and 250 females). Ethical considerations Since the study will involve human beings, ethical considerations will be a high priority. The participants (both individuals and organization representatives) will be guaranteed of their personal security and that of the information they give; confidentiality will at the highest level. Further, they will be assured that the collected data will be used for the sole purpose of the study as it is indicated. In any scientific research study, females are regarded as vulnerable groups which need protection according rules concerning the protected populations as stipulated by international rules. In this case, the same will be applied; all participants will be given the highest protection as possible. Before the start of the research study, all the participants will be allowed to sign a consent form with all the stipulated rules of the study. They will be allowed to make their informed consent about participation in the research study. In case one wants to pull out, such allowance will be guaranteed to all of them. Data Analysis The data collected using the tool discussed above will be analyzed using SPSS. Tables and graphs will be used mostly since this produce a bird’s eye view and are easy to comprehend even to non-statisticians. Schedule of activities 8 References Dimitris, A.G. (2004). Embedding privacy in IT applications development. Information Management & Computer Security, 12 (1), pp. 8-16 [Online] Available from: Emerald. www.emeraldinsight.com/0968-5227.htm [Accessed 26 July 2008] Elizabeth, T. et al. (2002). Security of personal data across national borders. Information Management & Computer Security, 10 (5), pp. 237-241 [Online] Available from: Emerald. http://www.emeraldinsight.com/0968-5227.htm [Accessed 28 July 2008] Kostas, M. (2004). Towards secure sealing of privacy policies. Information management & computer security, 12 (4), [Online] Available from: Emerald. http://www.emeraldinsight.com/0968-5227.htm [Accessed 27 July 2008]  Paul, A. (2002). Perceived information security, financial liability and consumer trust in electronic commerce transactions. Logistics Information Management, 15(6), p. 258 [Online] Available from: Emerald. http://www.emeraldinsight.com/0957-6053 [Accessed 28 July 2008]  Sushil, K. and Jatinder N. (2002) Securing information infrastructure from information warfare. Logistics Information Management. 15 (6), [Online] Available from: Emerald. http://www.emeraldinsight.com/0957-6053.htm [Accessed 27 July 2008]  Ya-Ching, L. (2003). Will self-regulation work in protecting online privacy? Online Information Review, 27 (4) [Online] Available from: Emerald. http://www.emeraldinsight.com/1468-4527.htm [Accessed 28 July 2008]  Read More