Case Study: Legal Aspects of IT Security, Privacy, and Investigations

Verified

Added on 2023/04/23

AI Summary

This case study analyzes two scenarios involving breaches of IT security principles. In the first case, a real estate agent violated Principle 3 by sending a newsletter without consent, leading to a breach of information provision laws. The second case details a violation of Principles 4 and 5, where the agent shared confidential information about a new house purchase, compromising data security. The assignment identifies the non-compliance with laws, specifically regarding the handling of personal information and data security, referencing relevant principles and highlighting the importance of obtaining consent and securing sensitive data. The study emphasizes the need for adherence to data protection regulations and the consequences of failing to protect client information.

Running head: LEGAL ASPECTS IN IT SECURITY
Legal Aspects in IT Security
Name of the Student
Name of the University
Author’s Note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1
LEGAL ASPECTS IN IT SECURITY
1. In case 1, the real estate agent sent a Newsletter to all the mailing list broadcasting. As per
this message, auction was held on site and several people attended the auction with five
registered buyers. The client did not have any idea regarding this and it was done for creating
issues for her.
In the above case, Principle 3 is breached. As per this principle, the agent should
have collected the personal information from the specific individual. It is required to
undertake permission from client; however, this agent did not take permission from her and
hence this principle was not followed. According to Principle 3.5, the law that is governing
information provision of client was being breached. Moreover, complying with the mentioned
principle was not reasonably practical in this scenario and the agent has done this purposely
for information breaching.
2. In case 3, this agent had shared to the other purchasers that they had currently purchased a
new house and the respective amount paid for it. This was not supposed to be shared without
taking permission from the client; however, the real estate agent did this activity illegally.
In the above case, Principle 4 and Principle 5 are breached. According to Principle
4, the real estate agent should have collected the information of new house purchase by
unlawful means. He gave these details to other agents hence information authenticity was
lost. As per principle 5, “any personal information should be stored and secured”; however,
the agent has not secured the information. This real estate agent should have ensured that
there should had been reasonably safe guards against disclosure, misuse and loss. The data
security of client was hence lost.

2
LEGAL ASPECTS IN IT SECURITY
Bibliography
Herath, H. S., & Herath, T. C. (2014). IT security auditing: A performance evaluation
decision model. Decision Support Systems, 57, 54-63.
Sawik, T. (2013). Selection of optimal countermeasure portfolio in IT security
planning. Decision Support Systems, 55(1), 156-164.