Unit 2 Lesson 2-4 14-43 Second Week

EMPOWERMENT
TECHNOLOGIES
Unit 2: Online Safety, Security, Ethics and Etiquette
Lesson 2: What is Internet safety?

I think computer viruses should count as life. I think it says something about human nature that the only
form of life we have created so far is purely destructive. Weve created life in our own image.
-
Stephen Hawking
Why is it important to stay safe online?

Most of us are connected via our laptops, mobile phones, tablets or personal computer.
The potential for the internet to be a valuable and a fun resource for entertainment,
making friends, keeping in touch and learning is huge. But if you use the internet, you
could be at risk of illegal activity or abuse - be it bullying, fraud or something more serious.
Unlike seeing someone face to face, on the net, people aren't always what they first seem.
In the same way you learn about safety when you leave the house, it is important to learn
how to stay safe online. These are skills that will stay with you for life.
Some Golden Rules
Don't give out personal information such as your address or phone number.
Dont send pictures of yourself to anyone, especially indecent pictures.
Don't open emails or attachments from people you don't know.
Don't become online friends with people you don't know.
Never arrange to meet someone in person who you've met online.
If anything you see or read online worries you, tell someone about it.
Social networking
Social networking websites and apps, such as Facebook, MySpace, Instagram, Viber,
Tumblr, SnapChat, Ask.fm and Twitter have become incredibly popular in recent years.
Most users are genuine, but because it is so easy to hide your real identity, it is possible
to come into contact with people you would normally avoid.
UNIVERSITY OF SOUTHERN MINDANAO SENIOR HIGH SCHOOL
14
EMPOWERMENT
TECHNOLOGIES

The Risks (Privacy)
The internet offers you a lot of freedom and this can lead some people to behave in ways
they would not behave in public.
They might:
say things on a status update / post / tweet they would never say face to face
give out personal information about themselves or others (including photos) that
they would normally keep private
A common example
A young person tries to let their friends know about their birthday party by posting the
information about when and where on their social networking site. This means hundreds
of people end up knowing about the party and turn up uninvited. The party could turn into
chaos with people getting angry and even refusing to leave. The police would have to get
involved to turn people away.
Cyber bullying
Cyber bullying can work in the same way as bullying in the playground; the victim feels
frightened and alone, while the bully tries to hide from being caught.
Comments, images and videos about a person can be posted online causing the
victim to feel frightened and upset.
It is even possible for cyber bullies to hack into the victim's personal accounts and
harass them from within their own user profile.
Often cyber bullies feel braver because they can't be seen, but it can be the most
traceable form of bullying because there's evidence that it's happened.
But because bullies think they can cover up their identity online sometimes people
who wouldn't normally bully might do so online.
Cyber stalking
Harassment on the internet can be just as frightening as other forms of stalking.
Women and girls are usually the victims of this kind of behavior.
They might be harassed by an ex-boyfriend or girlfriend who is upset about the
end of their relationship, for example.
It can also begin when a purely online friendship turns sour.
It can even begin entirely at random, by one online stranger towards another.
15
EMPOWERMENT
TECHNOLOGIES

Identity Theft
The more information you make available online, the greater the risk of identity theft. It
can be very tempting to reply to an email or open an attachment or post information about
yourself on social networking sites, but you should never do it.
Personal information includes your:
email address
phone number
postal address
any banking information
photos of yourself
The consequences of fraud can be huge, so you should be aware of the very serious
risks. If someone steals you or your parent's identity they can:
steal a lot of money
commit crimes that could put you or your parents in danger
commit crimes that you or your parents could get into trouble for
Sexting
Sexting usually refers to sending and receiving rude messages or videos of:
naked pictures
'underwear shots'
any sexual texts, images or videos
These images or videos can be sent from a boyfriend or girlfriend or a friend or someone
you've met online. You also may have sent a sexual photo, video or text to someone else.
Sexting can happen because:
your friends are boasting about sending or having photos on their mobile phone.
you want to fit in with in with friends
youre worried about being seen as 'frigid' or 'shy'
youre pressured to prove your sexuality
youre harassed, threatened or blackmailed into sending pictures
someone keeps asking for things and you feel that it's easier just to give in
youre made to feel guilty if you dont do what they ask
you think you owe your boyfriend or girlfriend or
you feel its ok because youre in love with the person and trust them
you feel proud of your body and want to share it with other people
16
EMPOWERMENT
TECHNOLOGIES

you want to have a sexual relationship with some you have an online relationship
with
Remember:
There is no turning back once you press send.
Even if you use apps like Snapchat the person can take a screen shot
You risk being seen as someone you are not.
Inappropriate content
Beware of the sites you visit - the internet has many sites featuring sex, violence and drug
abuse - and other illegal activities.
Often anyone can access these sites, even when parental controls are in place.
You could be encouraged to view them via content shared by others on social
networking sites.
Online grooming
The internet is a highly interactive tool which can allow people to communicate with each
other very easily, through internet chat programs and social networking sites and even
mobile apps and games.
Pedophiles have been known to use this method to contact young people by disguising
themselves as another young person. This can lead to gaining the trust of an individual
and their friends. These false relationships based on lies can often pave way for exposure
to upsetting images and online content and in some cases arranging a meeting in person.
Online grooming is the term used to describe inappropriate behavior towards a young
person, putting them at risk to a sexual offence.
Even if nothing dangerous does happen, knowing you may have had contact with
somebody like this can be extremely upsetting.
Making friends
We all know it's not healthy to spend hours and hours in front of a computer screen. But
another problem with social networking is the pressure you can feel to make sure you
have lots of friends. But here are some things to remember:
Friendships made online are made by clicking a button rather than talking to people
and sharing experiences.
Being online friends with someone is much less meaningful than face to face
friendship.
You can easily fall out with an online friend because of a misunderstood comment.
It is far easier, and healthier, to sort out arguments and problems when you can
17
EMPOWERMENT
TECHNOLOGIES

talk to someone face to face.
So although you might know someone who likes to boast about how many friends they've
got on their social networking site, remember that real friendships aren't made by
computers.
Tips so you stay safe on social networking sites
Make sure you're old enough to join.

Maybe use a made up name or nickname on your profile.
Never give out personal information.
Do not make friends you don't already know personally.
Maybe use an email address that does not include your name.
Always use a strong password. That is, don't use any names or words that
someone might guess, like the name of your dog or your favorite singer. Use
random letters or numbers and change your password regularly.
Use the strongest privacy setting when you set up your profile. This means that
only your friends will be able to view your information.
Pictures and videos can be shared very easily across the internet, so make sure
you are very careful when uploading - even if you only share it with friends, it can
easily be spread much further than that.
Be very careful about sharing content online - especially if it isn't yours to share.
Illegal downloads are definitely best avoided.
Never meet up with anyone you have met online.
Make sure you know about the safety features on any networking site. Some, for
example, have a panic button which you can press if you see something that
shouldn't be there.
If anything happens online that you don't like, tell someone.
18
EMPOWERMENT
TECHNOLOGIES
Other types of internet use

E-mails, Spam &, Phishing and Viruses
Spam
Spam is usually considered to be electronic junk mail or junk newsgroup postings. Some
people define spam even more generally as any unsolicited email. However, if a long-lost
brother finds your email address and sends you a message, this could hardly be called
spam, even though it is unsolicited. Real spam is generally email advertising for some
product sent to a mailing list or newsgroup.
Why Spam is a Problem
In addition to wasting people's time with unwanted email, spam also eats up a lot of
network bandwidth. Consequently, there are many organizations, as well as individuals,
who have taken it upon themselves to fight spam with a variety of techniques. But
because the Internet is public, there is really little that can be done to prevent spam, just
as it is impossible to prevent junk mail. However, some online services have instituted
policies to prevent spammers from spamming their subscribers.
Why is it Called Spam?
There is some debate about the source of the term, but the generally accepted version is
that it comes from the Monty Python song,
"Spam spam spam spam, spam spam spam spam, lovely spam, wonderful spam".
Like the song, spam is an endless repetition of worthless text. Another school of thought
maintains that it comes from the computer group lab at the University of Southern
California who gave it the name because it has many of the same characteristics as the
lunch meat Spam:
Nobody wants it or ever asks for it.
No one ever eats it; it is the first item to be pushed to the side when eating the
entree.
Sometimes it is actually tasty, like 1% of junk mail that is really useful to some
people.
The term spam can also be used to describe any "unwanted" email from a company or
website -- typically at some point a user would have agreed to receive the email via
subscription list opt-in -- a newer term called graymail is used to describe this particular
type of spam.
19
EMPOWERMENT
TECHNOLOGIES

Phishing
The act of sending an email to a user falsely claiming to be an established legitimate
enterprise in an attempt to scam the user into surrendering private information that will be
used for identity theft.
Phishing email will typically direct the user to visit a website where they are asked to
update personal information, such as a password, credit card, social security, or bank
account numbers, that the legitimate organization already has. The website, however, is
bogus and will capture and steal any information the user enters on the page.
Examples of Phishing Scams
2003 saw the proliferation of a phishing scam in which users received emails supposedly
from eBay claiming that the user's account was about to be suspended unless he clicked
on the provided email link and updated the credit card information that the genuine eBay
already had. Because it is relatively simple to make a website look like a legitimate
organization's site by mimicking the HTML code, the scam counted on people being
tricked into thinking they were actually being contacted by eBay and were subsequently
going to eBay's site to update their account information.
How Common is Phishing Today?
A global study released by the Anti-Phishing Working Group (APWG) in 2014 suggests
that 54% of phishing emails targeted major bands including Apple, Paypal, and Chinese
marketplace Taobao, indicating that phishers update their approaches looking out for new
victims in niche industry segments. While millions of phishing URLs were reported in
2014, there were at least 123,972 unique phishing attacks worldwide in the second half
of 2014.
Why is Phishing Successful for Scammers?
Phishing emails are blindly sent to thousands, if not millions of recipients. By spamming
large groups of people, the "phisher" counts on the email being read by a percentage of
people who actually have an account with the legitimate company being spoofed in the
email and corresponding webpage.
Viruses/Adware/Malware
A computer virus is a program or piece of code that is loaded onto your computer without
your knowledge and runs against your wishes. Viruses can also replicate themselves. All
computer viruses are man-made. A simple virus that can make a copy of itself over and
over again is relatively easy to produce. Even such a simple virus is
Fast Facts
Phishing, also referred to as brand spoofing or carding, is a variation on "fishing," the idea being that bait
is thrown out with the hopes that while most will ignore the bait, some will be tempted into biting.
20
EMPOWERMENT
TECHNOLOGIES

dangerous because it will quickly use all available memory and bring the system to a halt.
An even more dangerous type of virus is one capable of transmitting itself across
networks and bypassing security systems.
Since 1987, when a virus infected ARPANET, a large network used by the Defense
Department and many universities, many antivirus programs have become available.
These programs periodically check your computer system for the best-known types of
viruses.
Some people distinguish between general viruses and worms. A worm is a special type
of virus that can replicate itself and use memory, but cannot attach itself to other
programs.
The history of a computer virus.
1949 A mathematician named John Von Neumann proposed the idea of a selfreplicating program which he described acting much like computer virus in real world.
But it wasnt until the 1960s when a group of programmers developed a game called Core
Wars not released till 1984. It replicates itself every single time it was ran on a computer.
In 1980s, the MS DOS was the most popular OS thats when a viruses starting to emerge.
On 1988, we had a Morris Worm for MS DOS which affected more than six (6) thousands
computers.
In early 1990s, the advent of internet and email, viruses were easier to spread. In 1999,
the famous Melissa virus W97M/Melissa executed a macro within an attached file from
an email. This in turn forwarded it to 50 people in the users outlook address book. It also
infected other word files and then emails those out as attachments. Melissa would be
followed later that year by the Chernobyl Virus, which caused widespread hard drive
damage.
In 2000, we had I love you virus, security researchers were waking up to the scale of
the problem confronting them. It all started in the Philippines many hours earlier when 24year-old Onel De Guzman released a virus that he had proposed creating as part of his
undergraduate thesis. The key part of the virus was not any technical trick but the wording
of the subject line - ILOVEYOU - and its attachment LOVE-LETTER-FOR-YOU. Few
could resist opening the attachment which kicked off the attack code that then plundered
their e-mail address list and sent itself to every name it found. In 2000, many people did
not have any security software and even those that did only updated the signatures of
known viruses once a month.
In 2001, we had the Core Red 1 and 2 viruses which infected more than 700, 000
computers globally and cost over 2 billion dollars worth of damage.
21
EMPOWERMENT
TECHNOLOGIES

What Is a Worm?
A worm is similar to a virus by design and is considered to be a sub-class of a virus.
Worms spread from computer to computer, but unlike a virus, it has the capability to travel
without any human action. A worm takes advantage of file or information transport
features on your system, which is what allows it to travel unaided.
The biggest danger with a worm is its capability to replicate itself on your system, so
rather than your computer sending out a single worm, it could send out hundreds or
thousands of copies of itself, creating a huge devastating effect. One example would be
for a worm to send a copy of itself to everyone listed in your e-mail address book. Then,
the worm replicates and sends itself out to everyone listed in each of the receiver's
address book, and the manifest continues on down the line.
Due to the copying nature of a worm and its capability to travel across networks the end
result in most cases is that the worm consumes too much system memory (or network
bandwidth), causing Web servers, network servers and individual computers to stop
responding. In recent worm attacks such as the much-talked-about Blaster Worm, the
worm has been designed to tunnel into your system and allow malicious users to control
your computer remotely.
What Is a Trojan horse?
A Trojan Horse is full of as much trickery as the mythological Trojan Horse it was named
after. The Trojan Horse, at first glance will appear to be useful software but will actually
do damage once installed or run on your computer. Those on the receiving end of a
Trojan Horse are usually tricked into opening them because they appear to be receiving
legitimate software or files from a legitimate source.
Fast Facts
Worm can replicate itself on system, does not require human action to spread.
Trojan appears useful but damages system, requires human action to run, do not self-replicate.
When a Trojan is activated on your computer, the results can vary. Some Trojans are
designed to be more annoying than malicious (like changing your desktop, adding silly
active desktop icons) or they can cause serious damage by deleting files and destroying
information on your system. Trojans are also known to create a backdoor on your
computer that gives malicious users access to your system, possibly allowing confidential
or personal information to be compromised. Unlike viruses and worms, Trojans do not
reproduce by infecting other files nor do they self-replicate.
What Is a Blended Threat?
A blended threat is a more sophisticated attack that bundles some of the worst aspects
of viruses, worms, Trojan horses and malicious code into one single threat. Blended
22
EMPOWERMENT
TECHNOLOGIES

threats can use server and Internet vulnerabilities to initiate, then transmit and also spread
an attack. Characteristics of blended threats are that they cause harm to the infected
system or network, they propagate using multiple methods, the attack can come from
multiple points, and blended threats also exploit vulnerabilities.
To be considered a blended thread, the attack would normally serve to transport multiple
attacks in one payload.
For example, it wouldn't just launch a DoS attack it would also, for example, install a
backdoor and maybe even damage a local system in one shot. Additionally, blended
threats are designed to use multiple modes of transport. So, while a worm may travel and
spread through e-mail, a single blended threat could use multiple routes including e-mail,
IRC and file-sharing sharing networks.
Lastly, rather than a specific attack on predetermined .exe files, a blended thread could
do multiple malicious acts, like modify your exe files, HTML files and registry keys at the
same time basically it can cause damage within several areas of your network at one
time.
Blended threats are considered to be the worst risk to security since the inception of
viruses, as most blended threats also require no human intervention to propagate.
Fast Facts
Sophisticated, bundles aspects of viruses, worms and Trojan horses, most require no human action.
23
EMPOWERMENT
TECHNOLOGIES
Tips to Combat Viruses, Worms and Trojan Horses on Your Computer
1. Keep The Operating System Updated

The first step in protecting your computer from any malicious there is to ensure that your operating
system (OS) is up-to-date. This is essential if you are running a Microsoft Windows OS. Secondly,
you need to have anti-virus software installed on your system and ensure you download updates
frequently to ensure your software has the latest fixes for new viruses, worms, and Trojan horses.
Additionally, you want to make sure your anti-virus program has the capability to scan e-mail and
files as they are downloaded from the Internet, and you also need to run full disk scans periodically.
This will help prevent malicious programs from even reaching your computer.
2. Use a Firewall
You should also install a firewall. A firewall is a system that prevents unauthorized use and access
to your computer. A firewall can be either hardware or software. Hardware firewalls provide a strong
degree of protection from most forms of attack coming from the outside world and can be purchased
as a stand-alone product or in broadband routers. Unfortunately, when battling viruses, worms and
Trojans, a hardware firewall may be less effective than a software firewall, as it could possibly ignore
embedded worms in outgoing e-mails and see this as regular network traffic.
For individual home users, the most popular firewall choice is a software firewall. A good software
firewall will protect your computer from outside attempts to control or gain access your computer, and
usually provides additional protection against the most common Trojan programs or e-mail
worms. The downside to software firewalls is that they will only protect the computer they are installed
on, not a network.
It is important to remember that on its own a firewall is not going to rid you of your computer virus
problems, but when used in conjunction with regular operating system updates and a good anti-virus
scanning software, it will add some extra security and protection for your computer or network.
Fast Facts
Did You Know... CodeRed, a blended threat, launched DoS attacks, defaced Web servers, and its variant,
CodeRed II, left Trojan horses behind for later execution. CodeRed was processed in memory not on
a hard disk allowing it to slip past some anti-virus products. Computer Economics has estimated the
worldwide cost of CodeRed at $2.62 billion dollars. [Source: Symantec Web site]
24
EMPOWERMENT
TECHNOLOGIES

Adware
Adware is the common name used to describe software that is given to the user with
advertisements embedded in the application. Adware is considered a legitimate
alternative offered to consumers who do not wish to pay for software. There are many adsupported programs, games or utilities that are distributed as adware (or
freeware). Today we have a growing number of software developers who offer their
goods as "sponsored" freeware (adware) until you pay to register. If you're using
legitimate adware, when you stop running the software, the ads should disappear, and
you always have the option of disabling the ads by purchasing a registration key.
Another use of the phrase adware is to describe a form of spyware that collects
information about the user in order to display advertisements in the Web browser.
Unfortunately, some applications that contain adware track your Internet surfing habits in
order to serve ads related to you. When the adware becomes intrusive like this, then we
move it into the spyware category and it then becomes something you should avoid for
privacy and security reasons.
MALWARE
Short for malicious software, malware refers to software designed specifically to damage
or disrupt a system, such as a virus or a Trojan horse.
Types of Malware
As the phrase malware includes any type of malicious code, there are many different
types of malware,
Spyware
Key loggers
Computer viruses or worms.
Financial malware - which is designed to scan a computer system for information
related to financial transactions, are more common than other types. One example
is Cridex, a sophisticated strain of banking malware.
Protection Against Malware

The standard protection from malware is anti-malware software tools and programs
designed to identify, remove and prevent malicious software from infecting computer
systems or electronic devices.
If you have an e-address, at some point you might receive a message from someone you
don't know. They could be:
selling something (this is called a spam email)
sending you a virus
25
EMPOWERMENT
TECHNOLOGIES

sending you an attachment (in most cases contain a virus, adware or malware)
sending abusive or explicit content
The golden rule is, if the email is from someone you don't know, delete it.
If it is spam, you might get ripped off.
If it is a virus, your computer might get damaged.
If it is an attachment, it might contain a virus, or it might be something you don't
want to see. You will have to pay to remove it from your computer
If it is abusive or explicit, it might upset you or even get you into trouble.
You can avoid unwanted emails by getting the right software. This is something for an
adult to sort out, but you might know more about it than them already, so help them out.
26
EMPOWERMENT
TECHNOLOGIES
Lesson 3: Computer Ethics

Ethics is not definable, not implementable, because it is not conscious; it involves not
only our thinking, but also our feeling.
-
Valdemar W Setzer
A brief History
Foundation of Computer Ethics
MIT professor Norbert Wiener during the World War Two (2), an anti-aircraft cannon
tracking system involving a feedback (nervous) system. In his 1948 book on
Cybernetics he wrote:
It has long been clear to me that the modern ultra-rapid computing machine was
in principle an ideal central nervous system to an apparatus for automatic control; and
that its input and output need not be in the form of numbers or diagrams but might very
well be, respectively, the readings of artificial sense organs, such as photoelectric cells
or thermometers, and the performance of motors or solenoids we are already in a
position to construct artificial machines of almost any degree of elaborateness of
performance. Long before Nagasaki and the public awareness of the atomic bomb, it
had occurred to me that we were here in the presence of another social potentiality of
unheard-of importance for good and for evil.
60s & 70s: Computer crime, ACM code of ethics, Weizenbaums ELIZA
New branch of applied ethics: Walter Maner teaching a medical ethics
course in 1976 came up with the term computer ethics
Wiener-Maner-Gorniak hypothesis:
Computer ethics will become a new universal, global ethics, and so will become the
ordinary ethics.
Johnsons hypothesis:
Computer ethics are new species of generic moral problems, and will continue to
presuppose existing ethical theories.
ETHICS IN GENERAL
A guideline is needed to stop the current technology products from being exploited for
example replicating original CDs and selling them as pirated software, this unethical
behavior can be controlled by the code of conducts.
27
EMPOWERMENT
TECHNOLOGIES

Unethical refers to any code of conducts that are not conforming to approved standards
of social or professional behavior. Computer ethics is a system of moral standards or
values used as a guideline for computer users.
LAW IN GENERAL
Law is a legal system comprising of rules and principles that govern the affairs of a
community and controlled by a political authority. Law differs from one country to another.
In the era of technology, computer law is needed to clarify goods or actions that fall under
the computer law. Computer law refers to all areas in law that requires an understanding
of computer technology such as hardware, software and Internet.
WHY DO WE NEED ETHICS AND LAW IN COMPUTING?
Respecting Ownership
Respecting Privacy
Respecting Property
RESPECTING OWNERSHIP
We must respect ownership by not stealing other peoples work either by duplicating or
distributing it. Duplicating and distributing copies of audio tapes, video tapes and
computer programs without permission and authorization from the individual or company
that created the program are immoral and illegal.
RESPECTING PRIVACY AND CONFIDENTIALITY
We should respect other people's privacy and confidentiality by refraining ourselves from
reading their mails or files without their permission. If we do so, it is considered as violating
an individuals rights to privacy and confidentiality.
RESPECTING PROPERTY
Property here means ownership. Since an individual data and information are
considered as property, therefore, an act of tampering and changing electronic
information is considered as vandalism and disrespect for other peoples property.
28
EMPOWERMENT
TECHNOLOGIES

SIMILARITIES BETWEEN ETHICS AND LAW
Both ethics and law are complimentary to each other and are made:
to guide user from misusing computers
to create a healthy computer society, so that computers are used to contribute to a better
life
to prevent any crime
DIFFERENCES BETWEEN ETHICS AND LAWS
Ethics
Guideline
As a guideline to computer users.
Moral Standards
Ethical behavior is judged by moral

standards.
Free to Follow
Computer users are free to follow or

ignore the code of ethics.
No Punishments
No punishment for anyone who violates

ethics.
Universal
Universal, can be applied anywhere, all

over the world.
Produce ethical computer users
To produce ethical computer users.
Immoral
Not honoring computer ethics means

ignoring the moral elements (immoral).
Law
Control
As a rule, to control computer users.
Judicial Standards
Law is judged by judicial standards.
Must Follow
Computer users must follow the

regulations and law.
Penalties, imprisonments and other

punishments
Penalties, imprisonments and other

punishments for those who break the law.
Depends on the Country
Depends on country and state where the
29
EMPOWERMENT
TECHNOLOGIES

crime is committed.
Prevent misusing of computers
To prevent misuse of computers.
Crime
Not honoring the law means committing a

crime.
THE TEN COMMANDMENTS OF COMPUTER ETHICS

The United States Institute of Computer Ethics has come out with the Ten
Commandments of Computer Ethics. These principles consider the effective code of
conducts for the proper use of information technology.
The Ten commandments of computer ethics are:
1. You shall not use a computer to harm other people.
2. You shall not interfere with other people's computer work.
3. You shall not snoop around in other people's computer files.
4. You shall not use a computer to steal.
5. You shall not use a computer to bear false witness.
6. You shall not copy or use proprietary software for which you have not paid.
7. You shall not use other people's computer resources without authorization or proper
compensation.
8. You shall not appropriate other people's intellectual output.
9. You shall think about the social consequences of the program you are writing or the
system you are designing.
10. You shall always use a computer in ways that ensure consideration and respect for
your fellow humans.
UNETHICAL COMPUTER CODE OF CONDUCTS
With the advancement of ICT, it is easy for anyone to retrieve your information from the
Internet. You may not realize that when you fill a form on the Internet, your information
may be exposed and stolen.
Examples of unethical computer code of conducts include:
modifying certain information on the Internet, affecting the accuracy of the information
selling information to other parties without the owners permission
using information without authorization
involvement in stealing software
invasion of privacy
30
EMPOWERMENT
TECHNOLOGIES

Intellectual property refers to any product of human intellect that is unique and has
value in the market place. This covers ideas, inventions, unique name, computer
program codes and many more.
ETHICAL COMPUTER CODE OF CONDUCTS
Examples of ethical computer code of conducts include:
sending warning about viruses to other computer users
asking permission before sending any business advertisements to others
using information with authorization
31
EMPOWERMENT
TECHNOLOGIES
Lesson 4: Cyber Law

A Cyber Security Policy Would Have Defined the Roles of All the Stakeholders in The Crisis, He Said. At
Present, There Was a Complete Lack of Coordination
-
Pavan Duggal
Cyber law is the area of law that deals with the Internet's relationship to technological
and electronic elements, including
Computers,
Software,
Hardware and
Information systems (IS).
Cyber law is also known as Cyber Law or Internet Law.

Cyber laws prevent or reduce large scale damage from cybercriminal activities by
protecting
Information access,
Privacy,
Communications,
Intellectual property (IP)
And freedom of speech
related to the use of the
Internet
Websites
Email
Computers
Cell phones
Software
And hardware, such as data storage devices.
The increase in Internet traffic has led to a higher proportion of legal issues worldwide.
Because cyber laws vary by jurisdiction and country, enforcement is challenging, and
restitution ranges from fines to imprisonment.
32
EMPOWERMENT
TECHNOLOGIES

Needs for Cyber Law
In the recent years, many concerns and issues were raised on the integrity and security
of information, legal status of online transactions, privacy and confidentiality of
information, intellectual property rights and security of government data placed on the
Internet.
The Cyber Law acts of the Philippines
Republic Act 10175 Cybercrime Prevention Act was signed into law last September
12, 2012. This law is already in effect as the Supreme Court uphold its
constitutionality (February 18, 2014). Although some provisions were deemed as
unconstitutional (struck down) particularly Sections 4(c)(3), 7, 12, and 19.
It is a law considered to be
11 years in the making as
various
groups,
organizations,
and
personalities lobbied for its
passage. It took a while for
the law to be passed as
legislators
and
various
stakeholders
need
to
understand the magnitude of
cybercrime and whether the
penalty provisions indicated
in the E-Commerce Law
Republic Act 8792 is
sufficient or not.
Department of Justice Assistant Secretary Geronimo Sy explained that laws on
cybercrime are considered as the 3rd building block of legislations necessary to protect
the people from crimes committed in cyberspace and use of ICT. It will always look at
cybercrime as something under the 2nd block or special penal laws. Although it seems
there is now a set of laws in place that are already in that 3rd block and increasing further
(which may already include the E-Commerce Law as it is the first policy in place against
hacking and online piracy). As we use and integrate ICT and Internet in our lives, perhaps
it is possible that new forms of crimes can happen online and where broader or special
legislation will have to be created (that provides mandate for resource allotment too).
Nevertheless, that perspective, whether agreeable or not, brings the importance of having
more organized groups of netizens who can interact with policy makers proactively on
Internet / ICT related policies and do its share of stakeholder consultation.
33
EMPOWERMENT
TECHNOLOGIES
1. The law Penalizes (section 8) sixteen types of cybercrime (Section 4). They
are:
Types of Cybercrime
Penalty
Illegal access
Unauthorized access (without right) to a
computer system or application
Prison mayor (imprisonment of six years

and 1 day up to 12 years) or a fine of at
least Two hundred thousand pesos
(P200,000) up to a maximum amount
commensurate to the damage incurred or
BOTH. If committed against critical
infrastructure: Reclusion temporal
(imprisonment for twelve years and one
day up to twenty years) or a fine of at
least Five hundred thousand pesos
BOTH.
Illegal interception
Unauthorized interception of any nonpublic transmission of computer data to,
from, or within a computer system.
Data Interference
Unauthorized alteration, damaging,
34
EMPOWERMENT
TECHNOLOGIES

deletion or deterioration of computer data,
electronic document, or electronic data
message, and including the introduction
or transmission of viruses. Authorized
action can also be covered by this
provision if the action of the person went
beyond agreed scope resulting to
damages stated in this provision.
System Interference
Unauthorized hindering or interference
with the functioning of a computer or
computer network by inputting,
transmitting, damaging, deleting,
deteriorating, altering or suppressing
computer data or program, electronic
document, or electronic data messages,
and including the introduction or
transmission of viruses. Authorized action
can also be covered by this provision if
the action of the person went beyond
agreed scope resulting to damages
stated in this provision.
Misuse of devices
The unauthorized use, possession,
production, sale, procurement,
importation, distribution, or otherwise
making available, of devices, computer
program designed or adapted for the
purpose of committing any of the offenses
stated in Republic Act
10175.Unauthorized use of computer
password, access code, or similar data by
which the whole or any part of a computer
system is capable of being accessed with
intent that it be used for the purpose of
committing any of the offenses under
Republic Act 10175.
35
EMPOWERMENT
TECHNOLOGIES

Cyber-squatting
Acquisition of domain name over the
Internet in bad faith to profit, mislead,
destroy reputation, and deprive others
from the registering the same. This
includes those existing trademark at the
time of registration; names of persons
other than the registrant; and acquired
with intellectual property interests in it.
Those who get domain names of
prominent brands and individuals which in
turn is used to damage their reputation
can be sued under this provision. Note
that freedom of expression and
infringement on trademarks or names of
person are usually treated separately. A
party can exercise freedom of expression
without necessarily violating the
trademarks of a brand or names of
persons.
Computer-related Forgery
Unauthorized input, alteration, or deletion
of computer data resulting to inauthentic
data with the intent that it be considered
or acted upon for legal purposes as if it
were authentic, regardless whether or not
the data is directly readable and
intelligible; or The act of knowingly using
computer data which is the product of
computer-related forgery as defined here,
for the purpose of perpetuating a
fraudulent or dishonest design.
Prision mayor (imprisonment of six years

BOTH.
Computer-related Fraud
Unauthorized input, alteration, or deletion
of computer data or program or
interference in the functioning of a
computer system, causing damage
36
EMPOWERMENT
TECHNOLOGIES

thereby with fraudulent intent.
Computer-related Identity Theft
Unauthorized acquisition, use, misuse,
transfer, possession, alteration or deletion
of identifying information belonging to
another, whether natural or juridical.
Cybersex
Willful engagement, maintenance,
control, or operation, directly or indirectly,
of any lascivious exhibition of sexual
organs or sexual activity, with the aid of a
computer system, for favor or
consideration. There is a discussion on
this matter if it involves couples or
people in relationship who engage in
cybersex. For as long it is not done for
favor or consideration, I dont think it will
be covered. However, if one party (in a
couple or relationship) sues claiming to
be forced to do cybersex, then it can be
covered.
Prision mayor (imprisonment of six years

(P200,000) but not exceeding One million
pesos (P1,000,000) or BOTH.
Child Pornography
Unlawful or prohibited acts defined and
punishable by Republic Act No. 9775 or
the Anti-Child Pornography Act of
2009, committed through a computer
system.
Penalty to be imposed shall be one (1)

degree higher than that provided for in
Republic Act 9775, if committed through a
computer system.
Unsolicited Commercial
Communications (SPAMMING)
THIS PROVISION WAS STRUCK
DOWN BY THE SUPREME COURT AS
UNCONSTITUTIONAL.
Libel
Unlawful or prohibited acts of libel as
defined in Article 355 of the Revised
Penal Code, as amended committed
through a computer system or any other

degree higher than that provided for by
the Revised Penal Code, as amended,
and special laws, as the case may be.
37
EMPOWERMENT
TECHNOLOGIES

similar means which may be devised in
the future. Revised Penal Code Art. 355
states Libel means by writings or similar
means. A libel committed by means of
writing, printing, lithography, engraving,
radio, phonograph, painting, theatrical
exhibition, cinematographic exhibition, or
any similar means, shall be punished by
prison correctional in its minimum and
medium periods or a fine ranging from
200 to 6,000 pesos, or both, in addition to
the civil action which may be brought by
the offended party. The Cybercrime
Prevention Act strengthened libel in terms
of penalty provisions.
The electronic counterpart of libel has
been recognized since the year 2000
when the E-Commerce Law was passed.
The E-Commerce Law empowered all
existing laws to recognize its electronic
counterpart whether commercial or not in
nature.
Aiding or Abetting in the commission
of cybercrime Any person who willfully
abets or aids in the commission of any of
the offenses enumerated in this Act shall
be held liable.
Imprisonment of one (1) degree lower

than that of the prescribed penalty for the
offense or a fine of at least One hundred
thousand pesos (P100,000) but not
exceeding Five hundred thousand pesos
(P500,000) or both.
Attempt in the commission of

cybercrime Any person who willfully
attempts to commit any of the offenses
enumerated in this Act shall be held
liable.
All crimes defined and penalized by the
Revised Penal Code, as amended, and
special laws, if committed by, through and
with the use of information and
communications technologies shall be
covered by the relevant provisions of this
Act.

degree higher than that provided for by
the Revised Penal Code, as amended,
and special laws, as the case may be
38
EMPOWERMENT
TECHNOLOGIES

Corporate Liability. (Section 9)
When any of the punishable acts herein
defined are knowingly committed on
behalf of or for the benefit of a juridical
person, by a natural person acting either
individually or as part of an organ of the
juridical person, who has a leading
position within, based on:(a) a power of
representation of the juridical person
provided the act committed falls within the
scope of such authority;(b) an authority to
take decisions on behalf of the juridical
person. Provided, That the act committed
falls within the scope of such authority;
or(c) an authority to exercise control
within the juridical person, it also includes
commission of any of the punishable acts
made possible due to the lack of
supervision or control.
For sanctioned actions, Juridical person

shall be held liable for a fine equivalent to
at least double the fines imposable in
Section 7 up to a maximum of Ten million
pesos (P10,000,000).For neglect such as
misuse of computer resources that
resulted to cybercrime committed in
organization physical or virtual premises
or resources, juridical person shall be
held liable for a fine equivalent to at least
double the fines imposable in Section
7 up to a maximum of Five million pesos
(P5,000,000).Criminal liability may still
apply to the natural person.
2. Liability on other laws

Section 7 was struck down by Supreme Court as it violated the provision
on double jeopardy.
3. Jurisdiction
(a) The Regional Trial Court designated special cybercrime courts shall have
jurisdiction over any violation of the provisions of this Act including any violation
committed by a Filipino national regardless of the place of commission.
Jurisdiction shall lie if any of the elements was committed within the Philippines
or committed with the use of any computer system wholly or partly situation in
the country, or when by such commission any damage is caused to a natural
or juridical person who, at the time the offense was committed, was in the
Philippines. (section 21)
(b) For international and trans-national cybercrime investigation and
prosecution, all relevant international instruments on international cooperation
in criminal matters, arrangements agreed on the basis of uniform or reciprocal
legislation, and domestic laws, to the widest extent possible for the purposes
39
EMPOWERMENT
TECHNOLOGIES

of investigations or proceedings concerning criminal offenses related to
computer systems and data, or for the collection of evidence in electronic form
of a criminal offense shall be given full force and effect. (section 21)
This gives the Philippines the ability to participate in treaties and of mutual
cooperation with countries that have counterpart legislation effectively
especially on cybercrime cases that have team members or victims residing
in the Philippines.
4. Responsibilities of the Philippine National Police (PNP) and National

Bureau of Investigation (NBI)
The law gave police authorities the mandate it needs to initiate investigation to
process the various complaints / report it gets from citizens. There are
instances of online attacks, done anonymously, where victims approach police
authorities for help. They often find themselves lost in getting investigation
assistance as police authorities cant effectively initiate an investigation (only
do special request) as their legal authority to request for logs or data does
not exist at all unless a case is already filed. (which in case of anonymously
done will be hard to initiate)
The PNP and NBI shall be responsible for the enforcement of this law. This
includes:
(a) The PNP and NBI are mandated to organize a cybercrime unit or center
manned by special investigators to exclusively handle cases involving
violations of this Act. (Section 10).
(b) The PNP and NBI are required to submit timely and regular reports
including pre-operation, post operation, and investigation results and such
other documents as may be required to the Department of Justice for review
and monitoring. (Section 11)
(c) THE SUPREME COURT STRUCK DOWN SECTION 12 THAT IS
SUPPOSED TO authorize law enforcement authorities, without court
warrant, to collect or record by technical or electronic means traffic data
in real time associated with specified communications transmitted by means of
a computer system. (Section 12) Getting a COURT WARRANT is a must.
(d) May order a one-time extension of another six (6) months on computer
data requested for preservation. Provided, that once computer data preserved,
transmitted or stored by service provider is used as evidence in a case, the
mere furnishing to such service provider of the transmittal document to the
40
EMPOWERMENT
TECHNOLOGIES

Office of the Prosecutor shall be deemed a notification to preserve the
computer data until the termination of the case. (Section 13)
(e) Carry out search and seizure warrants on computer data. (section 15)
Once done, turn-over custody in a sealed manner to courts within 48 hours
(section 16) unless extension for no more than 30 days was given by the courts
(section 15).
(f) Upon expiration of time required to preserve data, police authorities shall
immediately and completely destroy the computer data subject of a
preservation and examination. (section 17)
5. Responsibility of service providers (SP)
Service provider refers any public or private entity that provides to users of its
service the ability to communicate by means of a computer system,
and processes or stores computer data on behalf of such communication
service or users of such service. (Section 3(n).
(a) SP upon receipt of a court warrant from police authorities to disclose or
submit subscribers information, traffic data or relevant data in its possession
or control shall comply within seventy-two (72) hours from receipt of the order
in relation to a valid complaint officially docketed and assigned for investigation
and the disclosure is necessary and relevant for the purpose of investigation.
(section 14)
(b) The integrity of traffic data and subscriber information relating to
communication services provided by a service provider shall be preserved for
a minimum of six (6) months period from the date of the transaction. Content
data shall be similarly preserved for six (6) months from the date of receipt of
the order from law enforcement authorities requiring its preservation. (Section
13)
(c) Once computer data preserved, transmitted or stored by service provider is
used as evidence in a case, the mere furnishing to such service provider of the
transmittal document to the Office of the Prosecutor shall be deemed a
notification to preserve the computer data until the termination of the case.
(Section 13)
(d) Upon expiration of time required to preserve data, SP shall immediately and
completely destroy the computer data subject of a preservation and
examination. (section 17)
(e) Failure to comply with the provisions of Chapter IV specifically the orders
41
EMPOWERMENT
TECHNOLOGIES

from law enforcement authorities shall be punished as a violation of
Presidential Decree No. 1829 with imprisonment of prision correccional in its
maximum period or a fine of One hundred thousand pesos (P100,000) or both
for each and every non-compliance with an order issued by law enforcement
authorities.
Service Provider protection insofar as liability is concern is already covered
under the E-Commerce Law.
6. Responsibility of individuals
(a) Individuals upon receipt of a court warrant being required to disclose or
submit subscribers information, traffic data or relevant data in his possession
or control shall comply within seventy-two (72) hours from receipt of the order
in relation to a valid complaint officially docketed and assigned for investigation
and the disclosure is necessary and relevant for the purpose of investigation.
(b) Failure to comply with the provisions of Chapter IV specifically the orders
from law enforcement authorities shall be punished as a violation of
Presidential Decree No. 1829 with imprisonment of prision correccional in its
maximum period or a fine of One hundred thousand pesos (P100,000) or both
for each and every non-compliance with an order issued by law enforcement
authorities.
7. Inadmissible evidence
(a) Any evidence procured without a valid warrant or beyond the authority of
the same shall be inadmissible for any proceeding before any court or tribunal.
(section 18)
8. Access limitation
The Supreme Court struck down Section 19 of the law that gives the
Department of Justice powers to order the blocking of access to a site provided
there is prima facie evidence supporting it.
9. Cybercrime new authorities
(a) Office of Cybercrime within the DOJ designated as the central authority in
all matters relating to international mutual assistance and extradition. (section
23)
(b) Cybercrime Investigation and Coordinating Center (CICC) an inter-agency
body to be created under the administrative supervision of the Office of the
President, for policy coordination among concerned agencies and for the
42
EMPOWERMENT
TECHNOLOGIES

formulation and enforcement of the national cybersecurity plan. (section 24)
CICC will be headed by the Executive Director of the Information and
Communications Technology Office under the Department of Science and
Technology as Chairperson with the Director of the NBI as Vice Chairperson;
the Chief of the PNP, Head of the DOJ Office of Cybercrime; and one (1)
representative from the private sector and academe, as members. (section 25)
The CICC is the cybercrime czar tasked to ensure this law is effectively
implemented. (section 26)
43

Unit 2 Lesson 2-4 14-43 Second Week

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Unit 2 Lesson 2-4 14-43 Second Week

Hochgeladen von

Copyright:

Verfügbare Formate

EMPOWERMENT

Unit 2: Online Safety, Security, Ethics and Etiquette

Lesson 2: What is Internet safety?

Why is it important to stay safe online?

UNIVERSITY OF SOUTHERN MINDANAO SENIOR HIGH SCHOOL

Unit 2: Online Safety, Security, Ethics and Etiquette

UNIVERSITY OF SOUTHERN MINDANAO SENIOR HIGH SCHOOL

Unit 2: Online Safety, Security, Ethics and Etiquette

UNIVERSITY OF SOUTHERN MINDANAO SENIOR HIGH SCHOOL

Unit 2: Online Safety, Security, Ethics and Etiquette

UNIVERSITY OF SOUTHERN MINDANAO SENIOR HIGH SCHOOL

Unit 2: Online Safety, Security, Ethics and Etiquette

Make sure you're old enough to join.

UNIVERSITY OF SOUTHERN MINDANAO SENIOR HIGH SCHOOL

Unit 2: Online Safety, Security, Ethics and Etiquette

Other types of internet use

UNIVERSITY OF SOUTHERN MINDANAO SENIOR HIGH SCHOOL

Unit 2: Online Safety, Security, Ethics and Etiquette

UNIVERSITY OF SOUTHERN MINDANAO SENIOR HIGH SCHOOL

Unit 2: Online Safety, Security, Ethics and Etiquette

UNIVERSITY OF SOUTHERN MINDANAO SENIOR HIGH SCHOOL

Unit 2: Online Safety, Security, Ethics and Etiquette

UNIVERSITY OF SOUTHERN MINDANAO SENIOR HIGH SCHOOL

Unit 2: Online Safety, Security, Ethics and Etiquette

UNIVERSITY OF SOUTHERN MINDANAO SENIOR HIGH SCHOOL

Unit 2: Online Safety, Security, Ethics and Etiquette

Tips to Combat Viruses, Worms and Trojan Horses on Your Computer

1. Keep The Operating System Updated

UNIVERSITY OF SOUTHERN MINDANAO SENIOR HIGH SCHOOL

Unit 2: Online Safety, Security, Ethics and Etiquette

Protection Against Malware

UNIVERSITY OF SOUTHERN MINDANAO SENIOR HIGH SCHOOL

Unit 2: Online Safety, Security, Ethics and Etiquette

UNIVERSITY OF SOUTHERN MINDANAO SENIOR HIGH SCHOOL

Unit 2: Online Safety, Security, Ethics and Etiquette

Lesson 3: Computer Ethics

UNIVERSITY OF SOUTHERN MINDANAO SENIOR HIGH SCHOOL

Unit 2: Online Safety, Security, Ethics and Etiquette

UNIVERSITY OF SOUTHERN MINDANAO SENIOR HIGH SCHOOL

Unit 2: Online Safety, Security, Ethics and Etiquette

As a guideline to computer users.

Ethical behavior is judged by moral

Computer users are free to follow or

No punishment for anyone who violates

Universal, can be applied anywhere, all

Produce ethical computer users

To produce ethical computer users.

Not honoring computer ethics means

As a rule, to control computer users.

Law is judged by judicial standards.

Computer users must follow the

Penalties, imprisonments and other

Penalties, imprisonments and other

Depends on the Country

Depends on country and state where the

UNIVERSITY OF SOUTHERN MINDANAO SENIOR HIGH SCHOOL

Unit 2: Online Safety, Security, Ethics and Etiquette

To prevent misuse of computers.

Not honoring the law means committing a

THE TEN COMMANDMENTS OF COMPUTER ETHICS

UNIVERSITY OF SOUTHERN MINDANAO SENIOR HIGH SCHOOL

Unit 2: Online Safety, Security, Ethics and Etiquette

UNIVERSITY OF SOUTHERN MINDANAO SENIOR HIGH SCHOOL