Professional Practice in IT: Data Breach and Ethical Analysis Report

Verified

Added on 2021/11/20

AI Summary

This report delves into the critical aspects of data security and ethical considerations within IT professional practice. It begins by examining the 'Internet of Me' concept, weighing its benefits against privacy risks in a scenario involving a bank data breach. The report then explores communication models, specifically contrasting the transmission and transactional models, and identifies barriers to effective communication. It emphasizes the importance of good technical communication and media richness. Furthermore, the report addresses privacy threats, social policy implications (including Netflix's security policy), and the application of ethical frameworks such as deontology and utilitarianism. Finally, it covers intellectual property, differentiating between copyright, trademarks, and patents, and briefly touches upon fair use and first use policies. The report concludes with an analysis of ethical stances based on the frameworks discussed.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

0 | P a g e
Professional Practice in IT

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1 | P a g e
Table of Contents
Introduction...............................................................................................................................3
Part A..........................................................................................................................................3
Q. a): Internet of Me information..........................................................................................3
Q. b): Arguments....................................................................................................................3
Q. c): Justification...................................................................................................................4
Part B..........................................................................................................................................4
Q. a): Transmission and Transaction model of communication............................................4
Q. b): Barriers to communication..........................................................................................5
Q. c): Good technical communication....................................................................................5
Q. d): Media Richness............................................................................................................5
Q. e): Cultural body language communication......................................................................6
Part C..........................................................................................................................................6
Q. a): Privacy threats..............................................................................................................6
Q. b): Social Policy..................................................................................................................6
Part D..........................................................................................................................................7
Q. a): Deontology ethical framework.....................................................................................7
Q. b): Utilitarian ethical framework.......................................................................................7
Q. c): Ethical stand.................................................................................................................8
Part E..........................................................................................................................................8
Q. a): Intellectual Property.....................................................................................................8
Q. b): Difference between copyright, trademarks and patents.............................................8
Q. c): Fair Use policy...............................................................................................................9
Q. d): First Use policy.............................................................................................................9
Conclusion..................................................................................................................................9

2 | P a g e

3 | P a g e
Introduction
The importance of ensuring data security has enhanced as the number of cases
involving data breach has increased across the globe. The Australian government has
implemented Notifiable Data Beaches Scheme (NDB) which enforces corporations to make
mandatory disclosure even if they simply believe that a data breach has occurred. In case
appropriate actions are not taken by corporations, then they could face serious financial
consequences due to violation of their data. This report will evaluate various questions
relating to the scenario to provide answers for them to understand the issues arise in the
scenario. The scope of this report will be divided into five parts each of which contains
different factors to focus on the importance of data security.
Part A
Q. a): Internet of Me information
New technologies are getting more personal because corporations are rapidly
moving forward to connect and analyse the movements of people’s health, brains and
everyday devices. The Internet of Me is referred to these technologies which connect a
person’s mind, brain and other personal devices to the internet into to collect their personal
data to show more personal results. The moral stance for the Internet of Me is that it
enables a ubiquitous network in which people can access their information or data from
anywhere. Another benefit is that it provides individuals more personal recommendations
which make their everyday life easier. The moral stance against this technology is that it
breaches privacy of individuals because anything they do is recorded or monitored by smart
devices. Moreover, the use of this technology makes it easier for cyber criminals to violate
the privacy of people by gaining unauthorised access to their personal data and use them
for unfair advantage. In this scenario, the breach of customer security through the malware
shows that the bank should not use the Internet of Me information.
Q. b): Arguments
Although there are many benefits relating to the use of the Internet of Me
technology such as improved healthcare, social connection, personalised consumer devices

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4 | P a g e
and others, however, its risks overshadows these benefits. The technology is not competent
enough to ensure that the security of data is maintained by even large corporations which
have appropriate resources to use world-class security devices. Therefore, this is not the
right time for the bank to use the Internet of Me information which is available online
because it increases the risk of data breach and violation of people’s privacy.
Q. c): Justification
In Australia, after introduction of NDB scheme, 242 notifications were made in the
first quarter which raises the number of data breach attacks to 305. It shows that the
organisations and technologies are not competent enough to ensure the data security and
protect the information from cyber criminals. If corporations are not able to protect the
private data of their users, then it resulted in adversely affecting a large number of people,
and it also increases challenges for companies since they face legal consequences for failing
to ensure the security of their data. Therefore, the bank in the scenario should not use the
Internet of Me information available online.
Part B
Q. a): Transmission and Transaction model of communication
The transmission model of communication was developed in 1949 by Shannon and
Weaver which consider mathematical interpretation of how communication occurred
between parties. In this method, the source of message is responsible for encoding and
sending the accurate information by choosing the transmission channel. This model initially
leads the argumentative environment and present in front of an audience and the sender
follow continuum of argumentative certainty. In the transaction model of communication,
the messages are exchanged between sender and receiver where they take turn to send and
receive messages. In the given scenario, transactional model of communication is used. The
transmission model did not apply in the scenario because an audience was not available and
no arguments were made between parties. The transactional model of communication
applies in this scenario because the conversation occurred between the team leader and the
CIO of the company who exchanges messages with each other rather than engaging with an
audience to evaluate arguments to decide the issue.

5 | P a g e
Q. b): Barriers to communication
The first barrier in the given scenario is lack of attention, internet, distractions and
irrelevance to the receiver. The CIO did not pay attention to the magnitude of data security
threat in this scenario. He was not interested in understanding the issue, and he was too
distracted in his work to take any action to resolve this issue. Another barrier in the
communication is difference in the perception of both parties which result in expectation
which lead to false assumptions. The CIO did not perceive the issue as same as the team
leader which lead to false assumptions that it is not a major threat.
Q. c): Good technical communication
Good technical communication must be clear, and the sender must be clear about
his/her goal or message. The purpose of the communication must be clear, and no
ambiguity should exist while communicating the idea. For example, in this scenario, the
team leader was not clear about the purpose of the message because the malware has the
potential to breach the privacy of 2.5 million customers. Good technical communication
must be accurate and error-free. The sender must take into consideration audience’s level
of education or knowledge, and the sender must check whether any error exists in the
message. For example, the operations manager did not have appropriate knowledge about
the issue; therefore, the team leader should explain the issue to him accurately in order to
take appropriate actions. Good technical communication must be concise, and the parties
must stick to the point and avoid filler words or unnecessary sentences. For example, the
team leader should avoid technical jargon and explain the issue in simple words.
Q. d): Media Richness
Media Richness is referred to a theoretical framework which is used for describing
the ability of a communication medium to reproduce the information sent over it. This
framework evaluates the qualification of communication with respect to social cues. The
three media channels that could be employed in a communication include emails, social
media sites and television. The Media Richness theory (MRT) is important in circumstances
in which the party wanted to clearly communicate the message to a wider audience to
ensure that they clearly understood the message. For instance, while notifying the public
regarding a potential data breach, the company can rely on MRT to ensure that the message

6 | P a g e
clearly conveyed to them without any ambiguity and the audience must understand the
impact of such breach. It also assists corporations in avoiding bad publicity by making sure
that the audience is not misinterpreting their message.
Q. e): Cultural body language communication
Understanding the aspects of cultural body language is important during a
communication to avoid offending the party who is from another culture. The first aspect is
that not all signs mean same across the globe. For example, thumbs-up is a positive sign in
most countries; however, it is considered a rude gesture in New Zealand. Another aspect is
greeting because each culture has different ways to greet each other during a
communication. For example, a quick firm handshake is considered as normal in western
countries, but it is considered a rude in Turkey and in Islamic countries, men did not shake
hands with women outside the family. In this scenario, the team leadership should evaluate
cultural factors while explaining the issue to the operations manager.
Part C
Q. a): Privacy threats
People share a substantial amount of personal information on these sites which
made them potential target of cyber criminals. In the present scenario, the passwords of
bank users can be collected by cyber criminals, and they can post this information on social
media sites to adversely affect bank users. The private financial data of all 2.5 million bank
users can be leaked by the malware which raised private threats relating to data use.
Q. b): Social Policy
Netflix is an American media-services provider company which operates in
entertainment industry, and it provides subscription-based streaming media content to its
customers. The company rely on social media sites to increase awareness about its new
services and media, and it interacts with its customers to build a strong relationship with
them. Following elements should be added by the company in its security policy. Netflix
should set security accountability by defining roles and responsibilities of the management
and employees to create them accountable which will help them in understanding and

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7 | P a g e
managing its security policies. The company should use encryption while using social media
sites to avoid violation of data during transmission. The company should improve Network
service policies by ensuring security of IP address, router, and access list (ACL) stipulations.
The corporation should establish incident handling and response team to quickly handle the
cyber-attacks in order to minimise their impact. The security policy should include provisions
regarding security training to ensure that employees and the management are competent
to sustain security policy and key staff members updated on latest security techniques.
These policies can apply in the given scenario which will assist the bank in improving its
security.
Part D
Q. a): Deontology ethical framework
The Deontology ethical framework judges the morality of a situation based on the
fact whether the parties have breached any duty or not. It states that an ethical evaluation
must solely depend on basic moral duties or code of conduct. The leak of Panama Papers
assisted in reducing money laundering methods which were used by corporations and
individuals for illegal purposes such as arms deals, hide assets, evade taxes or others. As per
deontology ethical theory, the actions of Mossack Fonseca were unethical because the
company was allowing its clients to use its services for illegal purposes. The actions of John
Doe were unethical as well because he breached his duties. In the present scenario, the
actions of the CIO are unethical because he did not comply with his duty to make
notifications regarding the data breach under NDB scheme even if the company simply
believe that their data has been compromised.
Q. b): Utilitarian ethical framework
The Utilitarianism ethical framework judges the morality of a scenario based on its
consequences rather than actions of the parties. If the consequences are beneficial for the
happiness of a large number of people, then illegal actions of parties are justified as per this
theory. The leak of Panama Papers is ethical as per this theory because they resulted in
leaking information about money laundering scheme which were used by organisations and
individuals across the globe to launder their money, evade taxes, conduct arms deals, hide

8 | P a g e
assets or others. This leak benefited a large number of individuals by terminating money
laundering process due to which this leak was ethical. As per the Utilitarianism ethical
theory, the actions taken by parties in the present scenario are unethical. The malware has
the potential to breach the privacy of all 2.5 million bank users; however, no action was
taken by the CIO to fix this issue which is unethical.
Q. c): Ethical stand
As per above arguments, the arguments made in Utilitarianism theory are superior
to compared to the Deontology ethical theory. The Utilitarianism theory focuses on
happiness of a large number of individuals and the actions which are taken while
considering this theory are in the benefit of a greater number of people. It also enforces
parties to take precautionary measure to avoid negative consequences, therefore, this
theory superior in this scenario.
Part E
Q. a): Intellectual Property
Intellectual Property (IP) is referred to creation of the mind, such as inventions;
designs, symbols, literary and artistic works, name and images which are used in commerce.
It is type of property or asset which is just as valuable as physical or real property even
though it is intangible. IPs such as trademarks, patents and copyrights are protected by the
law which enables people to earn recognition or financial benefits from their creations.
Q. b): Difference between copyright, trademarks and patents
Copyrights protect the original textual work, artistic expression or visual work of
parties. Copyrights are automatic; therefore, parties do not need to register them because
creators are entitled to their original work. The copyrights protect the work of an author or
creator for 70 years. Trademarks protect source identification which includes designs,
slogans, logos, brands and others. The trademarks are registered in 10 yearly blocks, but
parties can continue to renew this trademark to extend perpetually. Patents protect non-
obvious, useful and new inventions or ideas of parties. A patent is issued for invention of

9 | P a g e
device, process, machine, structure or others. A patent allows its owner to prevent other
parties from using, making or selling his/her invention for a period of 20 years.
Q. c): Fair Use policy
As per the copyright law in Australia, the Fair Use policy allows the use of
copyrighted material for a limited and transformative purpose. This use can be done by
parties without getting permission from the copyright owner. This is referred to a defence
against a claim of copyright infringement. The three uses where Fair Use is allowed includes
criticise, parody or comment upon the copyrighted work.
Q. d): First Use policy
The First Use policy in Australia is given regarding protection of trademarks. In the
trademark protection policies in Australia, a party have right under the common law to
make a claim over already registered trademark if the party proves that he/she has been
using the trademark in the past. The three example of application of First Use in life includes
applying for trademark for own business, company’s business and business of friends and
family.
Conclusion
In conclusion, the importance of cyber security has increased across the globe
because the threat of data violation has become more significant. The Internet of Me
information available online should not be used by the bank because it did not have
appropriate technologies to ensure the security of the data. The models of communication
are discussed in this report along with barriers which hinder effective communication in the
scenario. A security policy for Netflix is given in this report along with ethical analysis of the
leak of Panama Papers and the given scenario. Lastly, the elements of IP rights are discussed
in this report to understand difference between copyrights, patents and trademarks.