Oregon State University

CS 391: Social and Ethical Issues in Computer Science

Oregon State University, College of Engineering

Chapter 4 ~ Rights, Privacy,
and Cybersecurity

In this chapter you'll explore rights, privacy, and security topics such as intellectual property, fair use, coders' rights, international and national privacy laws, types of threats, and threat legislation.

In addition, an expert will discuss how professionals tackle cybersecurity problems.

Then, you'll examine a case where privacy or security failed and analyze the major player(s) in relation to an ethical theory.

⬆ Shiftrefresh Shift-Refresh this page to see the most up-to-date instructions.

Explore Topics: Rights, Privacy, Security

4.1 Introductions: Rights

Property Rights include real/physical and intellectual private ownership, public open access, public closed access, and government ownership. Real/Physical property includes land, homes, and physical items (Article V, Bill of Rights). Laws about search and seizure of physical and digital property change periodically and may affect your interactions with police at national borders.

Intellectual Property (IP) refers to creations of the mind, such as inventions (patents), works of art and writing (copyrights), trade secrets, and commercial symbols and imagery (trademarks). IP also allows Fair Use of a copyrighted work for certain situations. Brief excerpts of copyright material may, under certain circumstances, be quoted verbatim for purposes such as criticism, news reporting, teaching, and research, without the need for permission from or payment to the copyright holder. Some IP laws are internationally accepted and some are not.

Personal data in a database may or may not remain a person's property if they sign away their rights in a Terms of Service Agreement.

Software/data developers may have special rights or a lack of rights when it comes to their work. Accepting contracts with employers may require a lawyer's input to ensure both parties retain adequate rights to their creative works.

Explore these key concepts by reading one or more of the following:

Reading List

Refer to writing instructions under each page of the template provided in step 4.5. Open articles in new tabs and add them to your bibliography tool.

  1. Electronic Frontier Foundation (EFF): Know Your Rights regarding digital devices.
  2. Copyright sections of Intellectual Property law (USA).
  3. Patents (USA). See also, how to Protect Yourself Against Invention Promotion Scams.
  4. Trademarks (USA).
  5. Measuring Fair Use: The Four Factors article.
  6. The 'Fair Use' Rule: When Use of Copyrighted Material Is Acceptable. Mashups, remixes, quotations, parody, video/sound clips, and thumbnail images are also acceptable under fair use rules.
  7. Report on Legal Protection for Databases
  8. EFF's Coders' Rights Project section.

4.2 Electronic privacy.

Privacy is freedom from observation by other people, tracking by computers, or monitoring by companies and governments. Many country's laws include guidelines for maintaining, allowing, and prosecuting breaches of personal privacy, especially in specific settings such as (USA). Explore this key concept by reading one or more of the following:

Reading List

Refer to writing instructions under each page of the template provided in step 4.5. Open articles in new tabs and add them to your bibliography tool.

  1. Privacy’s not an abstraction: An experiment in privacy–and the discussion that ensued–offer unexpected lessons in who gets watched, and how.
  2. EFF's International Privacy Standards section.
  3. Educational privacy (FERPA) Student data is private from parents, businesses, and school staff except for instructors and advisors. PDF.
  4. Medical privacy (HIPAA) A patient's data is private until insurance companies, family, employees and other health works are granted permission.
  5. Business privacy (ECPA) Third parties cannot disclose or intercept personal data without consent.
  6. Finance privacy (Gramm-Leach-Bliley Act) Bankers must provide security and confidentiality of customer data.
  7. Government privacy (The Privacy Act of 1974) The act has loopholes and needs overhauling. The Clarifying Overseas Use of Data (CLOUD) The USA Department of Justice explains American and foreign law enforcement’s ability to target and access people’s data across international borders in two ways.
  8. Electronic Frontier Foundation (EFF)'s Mandatory Data Retention section.
  9. PATRIOT Act's loose rules about wiretapping and electronic surveillance.
  10. In tech, workers fight for transparency.

4.3 Cybersecurity.

Kaspersky and other security companies maintain a network of more than 8 million sensors that emulate over 6,000 applications which gather data on cyber attacks. See which countries have the most cyber threats on their interactive Kaspersky Lab Cyberthreat Real-time Map: .

To understand cybersecurity and hackers, view these informative videos from Crash Course: Cybersecurity: Crash Course #31.

Hackers and Cyber Attacks: Crash Course Computer Science #32.

Reading List

Nearly every day we must contend with a new kind of malicious online act. These acts are dubbed with interesting names, which would take hours and hours to understand! Choose one to research. Refer to writing instructions under each page of the template provided in step 4.5. Open articles in new tabs and add them to your bibliography tool.

  • Adware, Click Bait, Engagement Bait
  • Backdoor
  • Browser Hijack
  • Brute Force
  • Cryptojacking
  • Cross-site Scripting
  • Cyberflashing
  • Cyberwarfare
  • Deep Fake
  • Dedicated Denial of Service Attack (DDoS)
  • Drive-by downloads
  • Injection Attack
  • Keylogging
  • Man-in-the-Middle attacks
  • NAND Mirroring
  • Ransomware
  • Robocall
  • Pharming
  • Phishing and Spear Phishing
  • Rootkit
  • Spoofing, watering hole
  • Spyware, Stalkerware, and Snooping (sound, video, webcam)
  • Super-cookies, Evercookies, Zombie Cookies, Sidejacking
  • Social Engineering, Pretexting
  • Trojan Horses
  • Worms
  • Zombie computer

Did you discover a term that is not on the list? Share it in the Bug Bounty forum to earn extra credit.

4.4 Cybersecurity laws and organizational guidelines.

Besides devising ethical frameworks, computer scientists are working hard to devise solutions technical guidelines and laws to deter malicious acts as well as punish the bad actors. Do you think our current laws are doing the job? Explore laws by reading one or more of the following:

Reading List

Refer to writing instructions under each page of the template provided in step 4.5. Open articles in new tabs and add them to your bibliography tool.

  1. EFF's Computer Fraud And Abuse Act Reform section.
  2. EFF's Cyber Security Legislation section.
  3. National Institute of Standards and Technology (NIST) Cybersecurity Framework
  4. SANS Programs to mitigate cybersecurity problems.
  5. (ISC)² Certified Information Systems Security Professional (CISSP)
  6. Map of Data Protection and Privacy Legislation Worldwide from the United Nations Conference on Trade and Development (UNCTAD)
  7. The ICLG to: Data Protection Laws and Regulations (USA)

4.5 Set up the Template and Reading List.

Use the following template link to complete this research and writing assignment.

  1. Login to your OSU Google Account.
  2. Launch this chapter's Explore Topics Template.
  3. Do not request permission to use the file. Login to your OSU Google Account.
  4. Once you have the file open:
    1. FileMake a copy.
    2. Rename the new file so it includes your "First and Last name" in place of "Template".
    3. Move the file into a folder for this course.
  5. Add your name to the cover page.
  6. Read instructions on the cover page. When in doubt about how to write in the templates, refer back to this page for clarification.
  7. Refer to the green instructions below each page to understand what is required.
  8. The last page requires a bibliography.

4.6 Edit, download, and submit the file.

  1. Ctrlc or c Copy the bibliographic entries you made during the Explore Topics reading and research. On the last page of the template, Ctrlv or v paste in the bibliographic entries. Select the list and apply the bullet or numbered list icon. Update the font size to 14 if necessary. Add more pages if necessary.
  2. Check and correct grammar and spelling using the built-in functions.
  3. From the File menu, choose Download as PDF.
  4. Check to confirm that hyperlinks work in the new PDF file. If they do not work, then in the Assignment Commenting Box, leave a note stating which platform, operating system, and browser you used to print or download the PDF file.
  5. Copy of the file to a backup folder on your hard drive.
  6. Submit the PDF file by uploading it in the Canvas Assignment screen.
  7. Confirm that your file has uploaded by looking for the document icon in the Grades area.

Examine a Case Discussion: Rights, Privacy, or Security Failure

Examine a case where patents, copyrights, privacy, or security failed. Write/discuss from a factual and critical perspective. Analyze the major player(s) in relation to an ethical theory. Counter another student's analysis with more research.

4.7 Participate in the Group Discussion.

  1. Pick a case to study from the list below (scroll through the many choices). Or, scroll through the TECH tab of the SmartNews app on your phone/tablet to locate newer rights, privacy, or security failure. OR
    Filter sectors, methods, and years of data breaches to find a jumping-off point for further research using the World's Biggest Data Breaches & Hacks interactive infographic.
    2009 to present visualization of data breaches
  2. Four days before the Due date, start writing in a word processing document to synthesize what you learned about the case. Use research, including what you find in the SmartNews feed, library journals, broadcast news, etc.
    • In paragraph 1, describe and cite one of the major players in the case. Who did what when, how, and why?
    • In paragraph 2, name, cite, and describe at least one law or regulation that was broken in the case.
    • In paragraph 3, describe and cite the positive and negative consequences of that person's actions in relationship to historical, political, and economic perspectives.
    • In paragraph 4, analyze the person's actions citing one of the ethical theories or approaches ...were they morally and ethically justified or not? Cite the theory/approach.
    • Check the word count (150+ per paragraph, not counting the author names or article titles).
    • Check the hyperlinks (they must be in article titles, law names, or theory/approach names).
    • Spellcheck, fix grammar, then Ctrlc or c to copy the paragraphs.
    • Click the Chapter 4 Examine a Case Discussion in Canvas.
    • Ctrlv or v to paste the copied text into a Reply thread (click the Reply field to activate the editing box).
    • Save your thread.
  3. Before the Due date, reply to at least one person in your group.
    • In paragraph 1, discuss a counter-argument related to their analysis of the case. Describe and cite an article that supports your argument.
    • Check the word count (150+ not counting the author names or article titles).
    • Save your thread.

Need Help?

Share a Google Slides file with the Instructor.

If you have questions about using the template, the research prompts, or writing conventions, you can share your file with the instructor.

  1. With your file, open, click the Sharing button at the top right of the screen.
  2. Change the settings so that only people at OSU can view the file.
  3. Copy the resulting URL/address.
    Right-click to change sharing settings.
    Change settings so that only OSU people can view. Copy the link.
  4. Paste the resulting URL into a Canvas Inbox message to the instructor (or if you have already submitted your file, provide it in the Assignment Commenting box).

Work offline without Wi-fi

If you will be out of wi-fi range, feel free to work on your files offline.

  1. Click the blue Docs icon (or orange Slides or green Sheets icon).
  2. Select the file(s) to use offline.
  3. Select the 3-dot More menu
  4. Toggle on the Available Until button.
  5. Look at the list of files to view the new Available Offline icon next to the file name.

Writing Tutors

Consult one or more of these resource for a review of the structure of your writing, grammar, and spelling. Provide the tutor with a link to the instructions as well as your project online.

NetTutor's Paper Center
Access online tutoring via Canvas. 48-hour turnaround.
OSU Online Writing Suite
Electronic feedback from home, asynchronous email consultation, or synchronous Skype consultation.
OSU Undergrad Research & Writing Studio
Drop in writing help with no wait times. Standard hours are:
Monday to Thursday → 10:00am to 10:00pm
Friday → 10:00am to 5:00pm, and
Sunday → 2:00pm to 7:00pm.
OSU Academic Integrity Tutorials
Citing sources and using TurnItIn.

Use the Service Desk if you have computer, ONID, or Canvas problems.

But first:

  1. Logout.
  2. Close the browser and relaunch it.
  3. Login to OSU.
  4. Still have problems? Contact Service Desk.

Scoring Criteria

If you have questions about how to use any of the required technologies for this lesson or what these criteria mean, please reread the relevant lessons, then ask the Instructor via the Canvas Inbox.

Check Canvas Home, Assignments, and Calendar for the most current Due date and time. The Available Until date and time constitutes a grace period, which can be used in an emergency or if you are ill.

By the end of chapter 4, these items must be included in the assignments to earn full points:

Explore Topics

  1. Physical, Digital and Intellectual Property Rights page includes enough detail and is properly cited.
  2. Electronic Privacy page includes enough detail and is properly cited.
  3. Cybersecurity page includes enough detail and is properly cited.
  4. Cybersecurity Laws and Organizational Guidelines page includes enough detail and is properly cited.
  5. Illustration or movie explaining a critical rights, privacy, or security concept is included with a detailed description and is properly cited with a copyright statement.
  6. Bibliography page includes a list of references (4 or more expected).
  7. Writing is free of plagiarism.
  8. Writing is free of grammar and spelling errors.

Examine a Case Discussion

  1. Discussion thread describes and cites one major player's actions (who did what when, how, and why) in one case.
  2. Discussion thread names, describes, and cites a law or regulation that was broken in the case.
  3. Discussion thread describes and cites the positive and negative consequences of that person's actions in relation to historical, political, and economic perspectives.
  4. Discussion thread analyzes the person's actions citing one of the ethical theories or approaches.
  5. Discussion includes a reply to another student's thread which counters their analysis and cites a supporting article.