41 terms

Chapter 3 key terms

Aggregate information
created by combining pieces of non-private data—often
collected during software updates, and via cookies—that when combined may violate privacy.
Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS):
created by the World Trade Organization (WTO) and negotiated over the years 1986-
1994, introduced intellectual property rules into the multilateral trade system.
Association of Computing Machinery (ACM
(www.acm.org); a respected
professional society that was established in 1947 as ―the world's first educational and
scientific computing society.‖
Civil law:
comprises a wide variety of laws that govern a nation or state and deal with
the relationships and conflicts between organizational entities and people
Computer Fraud and Abuse Act of 1986 (CFA Act):
the cornerstone of many
computer-related federal laws and enforcement efforts.
Computer Security Act of 1987:
was one of the first attempts to protect federal
computer systems by establishing minimum acceptable security practices.
Criminal law:
addresses activities and conduct harmful to society, and is actively
enforced by the state.
Cultural mores
the fixed moral attitudes or customs of a particular group.
Department of Homeland Security (DHS):
made up of five directorates, or divisions,through which it carries out its mission of protecting the people as well as the physical and informational assets of the United States.
Digital Millennium Copyright Act (DMCA):
the American contribution to an
international effort by the World Intellectual Properties Organization (WIPO) to reduce the impact of copyright, trademark, and privacy infringement, especially when
accomplished via the removal of technological copyright protection measures.
Due care:
when an organization makes sure that every employee knows what is
acceptable or unacceptable behavior, and knows the consequences of illegal or unethical
Due diligence:
requires that an organization make a valid effort to protect others and
continually maintains this level of effort.
Economic Espionage Act in 1996:
attempts to prevent trade secrets from being
illegally shared.
Electronic Communications Privacy Act of 1986
a collection of statutes that
regulates the interception of wire, electronic, and oral communications.
define socially acceptable behaviors
Federal Privacy Act of 1974
regulates government agencies and holds them accountable if they release private information about individuals or businesses without permission.
Financial Services Modernization Act or Gramm-Leach-Bliley Act of 1999:
contains a number of provisions focusing on facilitating affiliation among banks,
securities firms, and insurance companies
Fraud and Related Activity in Connection with Identification Documents,Authentication Features, and Information (Title 18, U.S.C. § 1028)
criminalizes creation, reproduction, transfer, possession, or use of unauthorized or false identification documents or document-making equipment.
Freedom of Information Act:
allows any person to request access to federal agency
records or information not determined to be a matter of national security.
Georgia Computer Systems Protection Act
seeks to protect information, and which establishes penalties for the use of information technology to attack or exploit information systems.
Health Insurance Portability and Accountability Act Of 1996 (HIPAA)
also known
as the Kennedy-Kassebaum Act, protects the confidentiality and security of health care data by establishing and enforcing standards and by standardizing electronic data interchange.
Information Systems Audit and Control Association (ISACA)
(www.isaca.org); a
professional association that focuses on auditing, control, and security.
Information Systems Security Association (ISSA)
(www.issa.org); a nonprofit
society of information security professionals.
International Information Systems Security Certification Consortium, Inc. (ISC)2
(www. isc2.org); a nonprofit organization that focuses on the development and implementation of information security certifications and credentials.
that is, the court's right to hear a case if a wrong is committed in its
territory or involves its citizenry
are rules that mandate or prohibit certain behavior
is the legal obligation of an entity that extends beyond criminal or contract law.
Long arm jurisdiction
the long arm of the law extending across the country or around
the world to draw an accused individual into its court systems
National Information Infrastructure Protection Act of 1996
modified several
sections of the previous act and increased the penalties for selected crimes
National InfraGard Program
began as a cooperative effort between the FBI's
Cleveland Field Office and local technology professionals.
National Security Agency (NSA)
responsible for signal intelligence and information
system security.
guidelines that describe acceptable and unacceptable employee behaviors in the workplace.
Privacy of Customer Information Section
of the common carrier regulation states that any proprietary information shall be used explicitly for providing services, and not
for any marketing purposes, and that carriers cannot disclose this information except when necessary to provide their services.
Private law
encompasses family law, commercial law, and labor law, and regulates the relationship between individuals and organizations
Public law
regulates the structure and administration of government agencies and their
relationships with citizens, employees, and other governments
to compensate for wrongs committed
Security and Freedom through Encryption Act of 1999
provides guidance on the
use of encryption and provides protection from government intervention
System Administration, Networking, and Security Institute (SANS)
(www.sans.org); founded in 1989, is a professional research and education cooperative
organization with a current membership of more than 156,000 security professionals,
auditors, system administrators, and network administrators.
U.S. Secret Service
an agency within the Department of the Treasury; provides protective services for key members of the U.S. government; charged with the detection and arrest of any person committing a United States federal offense relating to computer fraud and false identification crimes
USA PATRIOT Act of 2001
provides law enforcement agencies with broader latitude in order to combat terrorism-related activities
USA PATRIOT Improvement and Reauthorization Act
made permanent fourteen
of the sixteen expanded powers of the Department of Homeland Security and the FBI in investigating terrorist activity.