Monday, December 19, 2005

Related Laws in Computing

The link contains the whole provisions of the 2 Republic Acts. As an alternative, I am providing an abridged handout version that includes only important provisions relevant to computing.

The Intellectual Property Code of the Philippines
(Republic Act Number 8293)

E-Commerce Law of the Philippines
(Republic Act Number 8792)

Wednesday, December 14, 2005

Module 12 - Computer Crimes

When a country institutes laws against computer abuses, a computer abuse becomes a computer crime. Not all abuses, however, constitute a crime. For example, consider a hacker who breaks into someone's computer system without permission. If the hacker steals confidential data from the system, this is considered a crime in some countries. A hacker who simply gets into the system to explore it—that is, to see how it works and what files it contains, may have breached privacy but has not necessarily committed a crime. Both acts, however, are unethical. Below we show actual examples of computer crimes. These cases happened in the US where computer crime laws are well established.At the end of this module, it is expected that you will be able to determine when a computer abuse counts as a computer crime.

Credit Card Fraud

A person in the US was sentenced to a term of 27 months in prison after being found guilty of defrauding Priceline.com and others with credit card information unlawfully obtained from a credit union employee. The person was also ordered to pay restitution in the amount of $116,869.30 and serve a three-year term of supervised release following his incarceration.
On March 1, 2002, the person pled guilty to three felony counts, including wire fraud, conspiracy to obtain unauthorized computer access to customer account information from a financial institution, and credit card fraud. He admitted to masterminding a scheme to defraud Priceline.com, Southwest Airlines, the Hotel Reservations Network, Inc., a credit union, and the credit union's credit card holders, by making fraudulent Internet credit card charges for hotel and airline reservations, totaling more than $116,000. He obtained the confidential customer account and credit card information from a credit union employee, who was subsequently terminated and convicted. He then used the credit card information to make hotel and airline reservations on the Internet and telephone. Most of the reservations were made with Priceline.com, Southwest Airlines, and the Hotel Reservations Network, Inc.After making a reservation with the credit card information, he would enlist another person to check into the hotel room using the reservation and credit card information he supplied, and to return the hotel room keys to him. He then obtained full use of the hotel rooms.[U.S. v, Luckey (E.D. Cal.) May 17, 2002]

Creating a Virus and Unleashing It To a Network

A man accused of unleashing the "Melissa" computer virus in 1999, caus ing millions of dollars in damage and infecting untold numbers of computers and computer networks, was sentenced to 20 months in feden prison. He was also ordered to serve three years of supervised releas after completion of his prison sentence and was fined $5,000. He we further ordered, upon release, to keep away from computer network the Internet, and Internet bulletin boards, unless authorized by the Court. At the plea hearings, the virus creator admitted that he created the Melissa virus and disseminated it from his home computer. He said that he constructed the virus to evade anti-virus software and to infect cor puters using the Windows 95, Windows 98, and Windows NT operating systems and the Microsoft Word 97 and Word 2000 word processing programs.

The Melissa virus appeared on thousands of email systems on March 26, 1999, disguised as an important message from a colleague or friend. The virus was designed to send an infected email to the first 50 email addresses on the users' mailing lists. Such emails would be sent only if the computers used Microsoft Outlook as its email program.

Because each infected computer could infect 50 additional computers, which in turn could infect another 50 computers, the virus proliferated rapidly and exponentially, resulting in substantial interruption or impairment of public communications and services. According to reports from business and government following the spread of the virus, its rapid distribution disrupted computer networks by overloading email servers, resulting in the shutdown of networks and significant costs for repairing computer systems.The virus creator described in state and federal court how, using a stolen America Online account and his own account with a local Internet service provider, he posted an infected document on the Internet newsgroup "Alt.Sex." The posting contained a message enticing readers to download and open the document with the hope of finding passwords to adult-content websites. Opening and downloading the message caused the Melissa virus to infect victim computers. The virus altered Microsoft word processing programs such that any document created using the programs would then be infected with the Melissa virus. The virus also lowered macro security settings in the word processing programs. The virus then proliferated via the Microsoft Outlook program, causing computers to send electronic email to the first 50 addresses in the computer user's address book.[U.S. v. Smith (D. NJ) May 2, 2002]

Hacking

A Boston man was charged with using his home computer to illegally gain access to a number of computers, including those controlled by NASA and an agency of the U.S. Department of Defense, where, among other things, he intercepted login names and passwords and intentionally caused delays and damage in communications. In April 1999, the hacker obtained unauthorized access to a corporate Internet account, which he then used to illegally access a computer controlled and operated by the U.S. Defense Logistics Agency. He then concealed his actual computer address through a service known as "telnet proxy" which made it seem like his address was that of the government's computer. Once "hidden", he accessed, without authorization, the web site of Internet service provider ZMOS, and recklessly caused damage to the ZMOS computer located in the State of Washington. As a result, ZMOS, which hosts corporate web pages and provides Internet service to corporate customers, suffered a significant loss of business.

Beginning in May 1999 and continuing until August 1999, the hacker obtained unauthorized access to the same corporate Internet account, this time using it to access the NASA computer research project web server located in Maryland. He seized control of the NASA computer, allowing him to read, delete, or modify any files on the system. He then installed a "sniffer" program onto the system to intercept and save login names and passwords of users that were transferred over the NASA system for his own later use. The compromised NASA web server did not contain classified or sensitive information and was not involved in any way with satellite command or control.The hacker also used the NASA computer as a platform to launch attacks on other computer systems, such as an attack on the U.S. Department of the Interior's web server, where he defaced web pages with hacker graphics.The hacker also allegedly accessed various computers operated by Northeastern University, from which he illegally copied a file containing the names, dates of birth, addresses and social security numbers of numerous men and women affiliated with the University, either as students, faculty, administration, or alumni. Investigators however are not aware of any use or dissemination of this information. Northeastern University cooperated fully with investigators on this matter.If convicted, the hacker faces a maximum penalty of 10 years incarceration and a fine of $250,000.[U.S. v. Iffik (D. Mass.) February 23, 2000]

Stock Fraud

Two former Cisco Systems, Inc. accountants were each sentenced to 34 months in prison for exceeding their authorized access to the computer systems of Cisco Systems in order to illegally issue almost $8 million in Cisco stock to themselves.In pleading guilty, both accountants admitted that between October 2000 and March 27, 2001, they participated together in a scheme to defraud Cisco Systems in order to obtain Cisco stock that they were not authorized to obtain. As part of the scheme, they exceeded their authorized access to computer systems at Cisco in order to access a computer system used by the company to manage stock option disbursals; used that access to identify control numbers to track authorized stock option disbursals; created forged forms purporting to authorize disbursals of stock; faxed the forged requests to the company responsible for controlling and issuing shares of Cisco Systems stock; and directed that stock be placed in their personal brokerage accounts. The two defendants admitted that the first time that they did this, in December 2000, they caused 97,750 shares of Cisco stock to be placed in two separate Merrill Lynch accounts, with 58,250 of the shares deposited in an account set up by one of them and 39,500 shares deposited in an account set up by the other accountant. In February 2001, they caused two additional transfers of stock, in amounts of 67,500 shares and 65,300 shares, to be transferred to brokerage accounts in their names. The total value of the Cisco stock that they took on these three occasions (at the time that they transferred the stock) was approximately $7,868,637,[U.S. v. Osowski (N.D. Cal) November 26, 2001]

Spamming

In a 1998 lawsuit brought by America Online against an unsolicited commercial e-mail sender, the judge awarded AOL compensatory and punitive damages and permanently barred the commercial e-mail sender from sending bulk unsolicited commercial e-mail to AOL members or through AOL services.[America Online Inc. v. Prime Data Systems Inc., 1998 U.S. Dist. LEXIS 20226 (E.U Va. Nov. 20, 1998).]In another lawsuit, Hotmail sued a company for allegedly providing false e-mail header information in unsolicited commercial e-mail which made it appear that the messages originated from Hotmail accounts. In that lawsuit, a federal court in California found that Hotmail established a likelihood of success of establishing false designation or origin, unfair competition, dilution, violations of the Computer Fraud and Abuse Act, breach of contract, fraud, misrepresentation, and trespass to chattel. The court then issued a preliminarily injunction enjoining the defendant company from falsely designating Hotmail addresses as the point of origin of their commercial e-mail messages,[Hotmail Corp. v. Van Money Pie Inc., No. C98-20064,1998 U.S. Dist. LEXIS 10729 (N.D. Cal, Apr. 16, 1998)].

Hate and Vengeance Case

A former employee in the Human Resources department at Marsh Inc., an insurance company located in Manhattan, was sentenced in a Manhattan federal court to 18 months in prison for illegally accessing and deleting hundreds of computer records at Marsh. On October 31, 2001, the hacker pled guilty to a one-count indictment charging him with accessing a protected computer without authorization and deleting approximately 950 files relating to employee compensation.A female employee at Marsh had complained that the hacker was harassing her because she rebuffed his romantic advances. He was later terminated from Marsh and obtained employment at Viacom, Inc. In January 2001, he used a password belonging to another employee at Marsh to obtain unauthorized access to Marsh's computer database and deleted approximately 800 files relating to the compensation of Managing Directors at Marsh and approximately 150 files relating to compensation of other Marsh employees. He also altered the female employee's compensation record to reflect a $40,000 increase in her salary and a $100,000 bonus. In February and March 2001, senior managers at Marsh received an email attached to which was a file containing information from the deleted salary files. The email appeared to have been originally sent from an e-mail account established at Hotmail.com. The user ID of that account contained the female employee's last name. The female employee denies having established that account. A forensic image of hacker's computer at Viacom revealed that the e-mails to the senior managers at Marsh were sent from that computer.[U.S. v. Leung (S.D. N.Y.) March 27, 2002]

Module 11 - Intellectual Property Rights

Most countries, including the Philippines, enforce laws that penalize copying or imitation of inventions, identifying symbols/ and creative expressions. These laws encompass four separate and distinct types of intangible property, namely, patents, trademarks, copyrights, and trade secrets, which collectively are referred to as "intellectual property". Intellectual property shares many of the characteristics associated with real and personal property. For example, intellectual property is an asset, and as such it can be bought, sold, licensed, exchanged, or gratuitously given away like any other form of property. Furthermore, the intellectual property owner has the right to prevent the unauthorized use or sale of the property. The most noticeable difference between intellectual property and other forms of property, however, is that intellectual property is intangible; that is, it cannot be defined or identified by physical parameters.

In computing, an algorithm can be patented (like the Rivest, Shamir and Adelman Algorithm for Encryption and Digital Signatures); a program or an online textbook is copyrightable; and domain names could be considered trademarks.

Software piracy

Software piracy is the act of using software without paying the appropriate license. Doing this is the same as stealing from the software developer. The ethical implication is of course is quite obvious: since stealing is bad, piracy is also bad.

Software is one of the most valuable technologies of the Information Age, running everything from personal computers to the Internet. Unfortunately, because software is so valuable, and because computers make it easy to create an exact copy of a program in seconds, software piracy is widespread. It involves individual computer users as well as professionals who deal wholesale in stolen software; it exists in homes, schools, businesses, and government. Software pirates not only steal from the companies that make the software; their acts also redound to less money for research and development of new software. Thus, all users are hurt by software piracy.

There are several types of software piracy. Three of them are as follows:

1. End user piracy — Using multiple copies of a single software package on several different systems or distributing copies of software to others.

2. Reseller piracy — Reseller piracy occurs when an unscrupulous reseller distributes multiple copies of a single software package to different customers; this includes preloading systems with software without providing original manuals and diskettes. Reseller piracy also occurs when resellers knowingly sell counterfeit versions of software to unsuspecting customers. Indications of reseller piracy are multiple users with the same serial number, lack of original documentation or an incomplete set, and non-matching documentation.

3. BBS/Internet piracy — BBS/ Internet piracy occurs when there is an electronic transfer of copyrighted software. That is, system operators and/or users upload or download copyrighted software and materials onto or from bulletin boards or the Internet for others to copy and
use without the proper license.

Plagiarism

Plagiarism is a difficult concept to define. Considered a form of fraud and/or theft, plagiarism occurs anytime that a person copies any written work and claims it as his/her own. It includes a range of actions from failure to use proper citation to wholesale cheating. A student who plagiarizes may do so unintentionally or with deliberation. With the advent of the Internet, plagiarism has become rampant. The most common type of plagiarism is the cut-and-paste plagiarism. When preparing a term paper, for example, a student could simply copy from the Internet text relevant to his topic. The worst type of plagiarism is when the student simply downloads a term paper from the Internet and submit this as her own. There are many sites in the Internet where term papers are downloadable for free.

Software and Copyright Law of the US

For us to understand what is copyrightable in a software, let us consider several cases in the US that deals with software and copyright law.

The first case is the Whelan vs. Jaslow case. In 1985, Jaslow Dental Laboratory sued Whelan Associates, Inc. on the ground that Whelan's Dentcom program infringed Jaslow's copyright on its Dentalab program even though both were written using different programming languages. The court ruled in favor of Jaslow on the basis of the argument that the structure (sequence and organization) of a computer program is protectable by copyright. The court found that the coding part is a comparatively small part of programming and that Ms. Whelan spent a tremendous amount of time studying Jaslow's Dentalab program. The court's verdict on this case tells us that copyright protection of programs may extend beyond the code to their structure, sequence, and organization.

The second case is Computer Associates vs. Altai. The court decided that Altai's program did not infringe a program by Computer Associates. The first version of Altai's program had been written by an ex-programmer of Computer Associates who, unknown to Altai, copied 30% of the code from a similar program of Computer Associates. Discovering this, Altai then wrote a second version, using programmers not familiar with the Computer Associates program. Computer Associates nonetheless argued that Altai had copied the structure of the program. The court in this case concluded that the decision in Whelan vs. Jaslow was based on a somewhat outdated appreciation of computer science. This case therefore went against the idea that program structure, sequence, and organization are copyrightable.

The third case is Apple vs. Microsoft. In 1989, Apple sued Microsoft and HP, claiming that the Windows graphical user interface (Windows 2.03 and HP's New Wave) infringed Apple's copyright on the look and feel of the Macintosh deskstop. Apple lost the case. The court had to decide whether the two GUI presentations were virtually identical. Apple argued substantial similarity.

Finally, a related case is the Lotus look and feel suit. At issue was whether the menu structure or the arrangement of commands in the menu hierarchy in Lotus 1-2-3 is copyrightable. Lotus sued Paperback Software and Mosaic Software, which had produced spreadsheets that had the same interface as 1-2-3. There was no copying of code, but Lotus claimed that copying the interface itself constituted copyright infringement. Lotus won the case and Paperback and Mosaic went out of business.

Lotus then sued Borland over Quattro. Even though Quattro's user interface is different from Lotus 1-2-3, Quattro followed the Lotus menu hierarchy and Lotus accused Quattro of copyright infringement. Lotus won at the District court, but Borland appealed and won in the US First Circuit court. This case was elevated to the US Supreme Court, but the highest court was split and thus no decision was made on this case.

Tuesday, December 06, 2005

digital divide for the Disabled

Monday, December 5, 2005 - CNN reports

Technology helping blind, deaf enjoy movies

Module 10 - Free Speech Issues


This module deals withspecificissue in the following categories:

a. Pornography
b. Hate speech
c. Extreme/Political views
d. Internet filters

The freedom if expression is one of the constitutionalrights guaranteed by the supreme law of the land. Hence, it is constantly advocated by those who do not want to be subjected to restrictions in their expressioin or articulation of their thoughts

Pornography / Cyberporn
- Advocates of pornography in the internet invoke their freedom of speech and expression. Pornography on the other hand threatens families everywhere, expecially children. Which should take precedence? At this point you might wish to refer back to the ethical standpoints presented previously. One standpoint is that the exercise of individual rights is not boundless. One should be responsible enough to realize that one's acts are subject to certain ethical norms that forbid abuse and misuse. The question of whether pornography is harmful is one main motivator for censorship of the Internet in regards to cyber-porn. In using the word 'harmful', it is understood that this is not necessarily physical damage but more of a mental harm to moral, religions, and ethical values. (Should the Internet Be CensoredBy: J-Sin) .

Hate Speech
Still the issue of free speech, is it all right to publish hate and libelous speeches against Islamic fundamentalist and disseminate these over the internet? Is it Ok to write hate speeches against a certain person and then post this on the internet? Is it moral to set up web sites exclusively for hate materials, racist or propaganda. Again these issues must be resolved and determined on the basis of whether they fall under computer ethics. Hate speeches will vary in genre such as: hate against Islamic fundamentalists, against homosexuality, against religous order and the like.

Extreme/Political Views
The proliferation of the site with violent contents such as beheading videos, bizarre and voyeuristic images posted freely on the net poses a great threat on society’s general welfare particularly the young. In a journal report by Russell, Sabin - San Francisco Chronicles, A significant number of visitors accessed freely the video of E. Armstrong’s beheading . What is frightening here is that nobody had any idea about the profiles of this individuals who accessed these violent site. Nobody knew if such sites were accessed by minors particularly children who, at their very young age would definitely have difficulties comprehending the horror of such reality. The report also added that such traumatic experience triggers a terrible reenactment of the worst moments of one’s life. It is an experience the lurks into the subconscious mind more especially in children who might have the natural tendency to perceive violent real-life incidents such beheading and human being in cold blood as normal and tolerable act. Again this are issue that still hanging in vague whether not freedom of expression such as these falls under the reign of computer ethics

Internet Filters
Some network employ the use of internet filters to block access to sites considered pornographic, for example. Some people consider this as censorship. Is it ethical for moralists to cause the blocking of access to sites that they consider as indecent and destructive?

The US passed in December 2000 the Children's Internet Protection Act(CIPA) that requires all schools and libraries receivinge-rate discounts or other federal assistance for Internet access to install filters on all computers used by adults as well as minors. The Clinton administration encouraged filtering as a response to the Supreme Court's 1997 decision striking down the Communications Decency Act (CDA), which is an attempt to block minors form Internet pronography, criminalized virtually all "indecent" or "patently offensive" communications online.

Addressing the digital divide

The World Summit on the Information Society (WSIS) was held in two phases, with participation of 175 countries. The first phase took place in Geneva hosted by the Government of Switzerland from 10 to 12 December 2003, and the second phase took place in Tunis hosted by the Government of Tunisia, from 16 to 18 November 2005.

The link below presents the Plan of Action that would address the digital divide in ICT on the worldwide scale

http://www.itu.int/wsis/docs/geneva/official/poa.html

Module 9 - Social Justice Issues

According to Justice Jose P. Laurel

Social justice is neither communism, nor depotism, nor atomism, nor anarchy, but the humanization of laws and the organization of social and economic forces by the State so that justice in its rational and objectively secular conception may at least be approximated. Social justice means the promotion of the welfare of thepeople, the adoption by the government of measures calculated toinsure economic stability of all the elements of society, through the maintenance of a proper economic and social equilibrium in the interrelations of the members of the community, constitutionally, through the adoption of measures legally justifiable, or extra-constitutionally through the exercise of powers underlying the existence of all governments on the time-honored principle of salus populi est suprema lex. (from the case Calalang vs. William; reference: p. 335, Political Law Reviewer, first edition, Judge Ed Vincent V. Albano)

Social justice is concerned with the promotion of the welfare of the people. This is further reinforced by the Latin maxim, "salus populi est suprema lex," which means that the welfare of the people is the supreme law. In upholding this constitutional dictum, the government as "parent of the people" must maintain proper economic and social stability that would ensure the promotion of the people's welfare.

In computing, social justice would pertain to the promotion of the welfare of computer users and professionals. More specifically, social justice in computing is primarily concerned with equity of access. Digital divide is the term used for "the division of the world into people who have access to ICTs [information and communication technologies, including computers] and those who do not have access to these technologies."

(Soriano, 2003, p. 23) To quote Soriano further: A digital divide can exist between urban dwellers and rural folk, between the educated and the uneducated, between socio-economic classes, between ethnic groups, between men and women. The digital divide also exists between countries and geographical regions. Specifically, in terms of Internet backbones, the US, Canada and European countries are well connected whereas Asia, the Pacific region, Latin America and the Carribean still have to improve their Internet backbones.

The discussion that follows is taken from Soriano's Nets, Webs and the Information Infrastructure, one of a series of primers on the Information Economy, Society and Polity published in May 2003 by the e-ASEAN Task Force and the United Nations Development Program Asia Pacific Development Information Programme (UNDP-APDIP).

Are women more disadvantaged in the Information Age?

In a research paper titled "Gender, Information Technology, and Developing Countries: An Analytic Study," Nancy Hafkin and Nancy Taggart argue that "Women within developing countries are in the deepest part of the (digital) divide, further removed from the information age than are the men whose poverty they share." Among the obstacles cited to greater women's access to ICTs are literacy and education, language, time, geographical location, and social and cultural norms. Literacy and education are prerequisites in the use of information technologies. However, especially in the developing countries, girls and women are less likely than men to earn the basic education needed to use information technologies. Similarly, women and other marginalized groups are less likely to learn an international language such as English, which limits them to resources written in their native tongue.

Internet Access for those with physical disabilities

Korea is a leader in the effort to build an information environment that encourages persons with disabilities. In December 2000, Korea passed the "Digital Divide Law" to help ensure universal, unlimited access to the telecommunications networks and use of the telecommunications services for low-income earners, rural residents, the disables, the ages, women, etc. who have difficulities in accessing or using the telecommunicatios services for economic, regional, physical or social reasons... [to] improve the quality of living for these people and thereby contibute to the balances browth of the national economy."

The law set accessibility guidelines for telecommunications services to help the poor. Other provisions would subsidize PC purchases of poor and disabled people; support the development of access technologies for the disabled; and support information providers for the disabled, the elderly, the poor, and the fishing and farming industry.

Are people unable to accesas the Net because of language?


The digital divide is seen in the languages used on the internet. English is the dominant language used on the internet: 68% of the Web content is written in English and 40.2% of internet users accesss the Internet in English. But non-english speaking users outnumber English-speaking users of the Internet. The most widely spoken language worldwide is Chinese, with more than 1.2billion speakers(as of 2000). But only 3.9% of Internet users acces the internet in Chinese.

Japanese is only the tenth most widely spoken language(126 million people) but Japanese is the second most important language (in terms of content) on the Web. Hindi, Arabic Bengali and Malay are all in the top 9 most widely spolen languages but these langugages do not have significant share of web content.

Are the foregoing ethical issues? Opinions will differ. What is clear is that they are development issues. As Soriano asserts, because computers and the Internet are “the enabling technologies in the Information Age, the digital divide is an important concern of the 21 century.”

Other social justice issues relevant in computing

Electronic Monitoring is the system for tracking employee activitities in the office. For example, in some software development companies, the user account of their programmers are logged to trace what they have done while in the office. The question, is is this ethical? In come countries this is considered as eethical and legal. In others, however, it is considered unethical and illegal

Repetitive Strain injuries are almost synonymous to back injuries. It is injury you get if you continuously sit in front of your computer during office hours. The issue is whether you are entitled to compensation for this.

Electromagnetic Radiation is a old issue. There is belief that radiation emitted by computer monitors is harmful health. But this has not been proven medically yet.

Occupational Hazards - These are ussues in the workplace such as sickness acquired at work are compensable under the law. Hence if a clerk succumbs to an illness that is proven to have been acquired because of prolonged exposure to computer and photocopying machines, she will be compensated.