1.4 Discussion: Information and the Internet—Laws and Regulation
1. Conduct a critical analysis and, in at least 150 words, respond to at least two of your classmates’ postings, as well as any follow-up instructor questions directed to you, by the end of the workshop.
2. Each response to your classmate should be at least 150 words in length and include one credible information source citation. The response citation should follow APA formatting.
Peer Review 1:
Privacy issues surrounding sharing of personally identifiable information cannot be ignored. Increasing scale on use of personal data in information systems introduces business risks that, if not carefully handled, can lead to reputational damage or bankruptcy of the organization. Bring your device policies, and an increasing number of IoT devices complicate how data should be managed at the workplace.
Securing data is a very costly exercise, but also failed to comply with data protection regulations can be even more expensive in case of an information privacy breach (Jain, 2019). There should be a balance on pressing requirements for security, compliance, and privacy of information collected, bearing in mind the business’s risk by storing vast amounts of personal data. Existing laws on data protection include HIPAA, Homeland security act, FISMA and CFAA prescribe mechanisms for prosecuting cyber-crimes for both civil and criminal penalties. Internet being stateless presents a very challenging aspect in cyber-crime investigations. Lack of cooperation and absence of cyber laws in some of these countries affect law enforcement. This results in investigations being discontinued or delayed.
Cyber-criminals usually operate anonymously, and therefore locating their physical location to extract electronic evidence is a challenge (Tripathi, 2020). To overcome these obstacles, deliberate international cooperation in fighting cyber-crime remains the only way out in mitigating cyber-crimes. In the context of net neutrality, cyber laws ought to be enhanced to prevent internet service providers from blocking or slowing down network traffic according to their wishes.
Net neutrality enhances the freedom of information exchange (Vogelsang, 2018). However, this may be abused by cyber-criminals who are involved in hacktivism to promote their anti-social campaigns. Terms of service and net neutrality policies between ISP and users should instead protect consumers from harmful content shared over the communication networks. Internet should be made more accessible, and therefore, countries should enact laws to standardize requirements for net neutrality.
Peer Review 2:
In the current internet era, we can see that people are facing several privacy concerns as Internet companies collect and share the data about us. They offer private data exchanges which are not in accordance with our wishes or concerns. Both users and companies are actively looking at ways to improve the situation. They are looking to improve the legal and regulatory compliance policies of Internet companies, as we are the ones that gave their permission. The present legal and regulatory regulations of each ISP are currently in accordance with the wishes of the users.
They are also evolving in response to the changes in the user’s habits (Peng, 2015). The US government has created several cybersecurity laws that could protect users from privacy issues and protect online companies from the risks of data breaches. As you can see the current laws have been successfully implemented around the world and are already influencing the way Internet companies operate.
One of the most influential cybersecurity laws is the General Data Protection Regulation (GDPR), which protects users against data breaches that can have negative effects on the users. It has also been implemented in the UK and several countries around the world. Although the US does not have a federal level cybersecurity law, the states have their own laws like the New York SHEILD Act. The SHEILD Act states that individuals must have the ability to file a lawsuit for damages caused by violations of data protection law to be protected from discrimination, liability, and retaliation (Li et al., 2019).
These are two laws that protect the interests of the internet companies. There are several other similar laws for corporations and individual citizens. This has been implemented by many governments around the world. Although the current laws are competent, they have their drawbacks. There is room for improvement as the laws should evolve to protect users more effectively. The government should focus on regulation and not on the current laws as they can have severe problems which will affect online companies or users. This will occur if data is collected from individuals and organizations without the relevant consent of the individuals (Li et al., 2019).
2.1 Assignment: Devotional
1. Review the material in the “Getting Started” section above, and read Luke 12:2–3 and Proverbs 18:10–12.
2. Be sure to address the following prompts in your paper:
a. Why do you think the Bible promises us that all will be revealed?
b. Based on the Bible, how do you think we can trust God as our protector?
3. Your paper should be at least 250 words in length.
2.2 Discussion: Textbook Reading
1. Read Chapter 14 in Principles of Information Systems and Chapter 25 in Principles of Computer Security: CompTIA Security+ and Beyond.
2. In the discussion link below, respond to the following questions:
a. What was the most useful takeaway from this workshop’s reading?
b. What concept from the reading is the most applicable to you now in your profession, and how might you implement it?
2.3 Discussion:
Privacy and Information Security
1. Review Chapter 14 in Principles of Information Systems and Chapter 25 in Principles of Computer Security: CompTIA Security+ and Beyond.
2. In the discussion linked below, respond to the following prompts:
a. From the textbook reading, what concerns are apparent in the use of technology and the internet and one’s expectation of privacy? Of the concerns described, which is most relevant to you? Consider why this is important to you. How does this affect your personal life?
b. What are the most significant laws and regulations in place to protect people and organizations? After thinking about the current legal environment, what do you believe still needs to be addressed regarding the personal privacy of a user’s information?
c. As you think about current and emerging technologies (artificial intelligence, for example), what privacy issues will require some kind of remediation?
3. Your initial post should be a minimum of 300 words and is due by the fourth day of the workshop week.
2.4 Assignment: Research Paper—Phase 1 of Final Project
1. Phase 1 of Final Project: Summary and Outline
2. For this assignment, the following items will need to be prepared:
a. A short summary of the organization you have selected for the project. Write a paragraph summarizing the organization.
b. An outline of the paper based on the selected organization and the compliance and governance issues you will cover in the final paper.
i. For more guidance on compliance and governance planning, review the following resources:
1. Operational IT governance
2. IT Governance
3. Governance Framework
4. University-Wide IT Governance Framework
3. Your submission should be approximately one to one and a half pages in length.
4. Make sure to provide any references used. One of the references should be to the source of your information (organization’s website). If the organization is one that you currently or previously worked for, please provide a website link to your company.
5. The paper should be in APA format