Professional Documents
Culture Documents
Principles of Information Security, Fourth Edition: Professional, Legal, and Ethical Issues in Information Security
Principles of Information Security, Fourth Edition: Professional, Legal, and Ethical Issues in Information Security
Security,
Fourth Edition
Chapter 3
Professional, Legal, and Ethical Issues
in Information Security
Learning Objectives
• US Regulations
– Privacy of Customer Information Section of the
common carrier regulation
– Federal Privacy Act of 1974
– Electronic Communications Privacy Act of 1986
– Health Insurance Portability and Accountability Act
of 1996 (HIPAA), aka Kennedy-Kassebaum Act
– Financial Services Modernization Act, or Gramm-
Leach-Bliley Act of 1999
• Identity Theft
– Federal Trade Commission: “occurring when
someone uses your personally identifying
information, like your name, Social Security number,
or credit card number, without your permission, to
commit fraud or other crimes”
– Fraud And Related Activity In Connection With
Identification Documents, Authentication Features,
And Information (Title 18, U.S.C. § 1028)