Module Code & Module Title

CC5052NI Professional Issues, Ethics and Computer Law

Assessment Weightage & Type

60% Individual Coursework

Year and Semester

2021 -22 Spring Semester

Student Name: Rewanta Adhikari

London Met ID: 20049258

College ID: NP01NT4S210055

Assignment Due Date: 12th May 2022
Assignment Submission Date: 12th May 2022
Word Count (Where required): 3216

I confirm that I understand my coursework needs to be submitted online via Google Classroom under the relevant
module page before the deadline for my assignment to be accepted and marked. I am fully aware that late
submissions will be treated as non-submission and a mark of zero will be awarded.

20049258
 Acknowledgement
I had to enlist the assistance and counsel of a few well-respected individuals to complete
the goals of this study, and they deserve my heartfelt appreciation.
First and foremost, I'd want to express my gratitude to Islington College and London
Metropolitan University for offering a conducive learning atmosphere and course
materials.
Ms. Yunisha Bajracharya, my module leader and Mr. Sandesh Gurung, my tutor deserves
special thanks for his advice and continual monitoring, as well as his help in finishing this
case study report.
I'd want to thank my parents for their unwavering support, collaboration, and
encouragement.
My gratitude and thanks also go to my friends especially my friends who have volunteered
to assist me with their skills.

20049258
Table of Contents
1) Introduction .............................................................................................................. 1

1.1 Background ........................................................................................................ 3

2) Legal Issues ............................................................................................................. 5

2.1 Lawsuits by dissatisfied customers ........................................................................ 5

2.2 Consumer protection and data privacy violation .................................................... 6

3) Social Issues ............................................................................................................ 7

3.1 Identity theft: .......................................................................................................... 7

3.2 Privacy ................................................................................................................... 8

4) Ethical Issues ........................................................................................................... 9

4.1 Informed consent ................................................................................................... 9

4.2 Whistleblowing or Social media rant ...................................................................... 9

4.3 Confidentiality & Privacy ...................................................................................... 10

5) Professional Issues ................................................................................................ 11

6) Conclusion ............................................................................................................. 13

7) References............................................................................................................. 15

20049258
Table of Figures:
Figure 1: A very small portion of the redacted user data leaked by the server. (Cimpanu,
2019) ............................................................................................................................... 1
Figure 2: A very small portion of the redacted transaction data leaked by the server.
(Cimpanu, 2019).............................................................................................................. 2
Figure 3: Leaky server..................................................................................................... 3

20049258
 Abstracts
The current paper aimed to provide an overview of the research to date as well as
highlight new and interesting findings relevant to Internet gambling and online casino with
different issues including legal, ethical, social, professional of the data breach of online
casino group leaking information on 108 million bets, including user details. The
expanded availability of Internet gambling (online casino) has been one of the most
important developments to the gaming landscape in the last 15 years. Internet gambling,
including mobile gaming, is the fastest growing kind of gambling, and it is altering the way
gamblers engage in this activity. Concerns have been stated that Internet gambling may
increase rates of disordered gambling due to its high degree of accessibility, immersive
interface, and simplicity with which money may be spent. The purpose of this study was
to present an overview of previous research as well as to highlight fresh and noteworthy
discoveries related to Internet gambling addiction. This paper presents research to help
us gain a better understanding of adult Internet gambling participation, features of this
interface that may impact problem severity, the relationship between Internet gambling
and related problems, as well as the role of the broader spectrum of gambling behaviours
and relevant individual factors that moderate this relationship.

20049258
CS5052NI Professional Issues, Ethics and Computer Law

1) Introduction

An online casino group has leaked information of over 108 million bets, including details
about customer’s personal information, deposits, and withdrawals, ZDNet has learned.

ElasticSearch is a portable, high-quality search engine that businesses deploy to improve

the data indexing and search capabilities of their online apps. Because they manage a
company's most sensitive information, such servers are often put on internal networks
and should not be left accessible online. (Cyware Hacker News, 2019)

Figure 1: A very small portion of the redacted user data leaked by the server. (Cimpanu, 2019)

Pane and ZDNet collaborated on a study of the URLs discovered in the server's data and
discovered that all web domains were hosting online casinos. URLs discovered in open
server data included kahunacasino.com, azur-casino.com, easybet.com,
viproomcasino.net, and others. Following further analysis, the researcher discovered that
some of the domains were registered by the same firm, while others were owned by
companies that shared a building or operated under the same eGaming license number.

20049258
1
CS5052NI Professional Issues, Ethics and Computer Law

This proved that all the web domains were managed by the same company. Pane also
discovered that the leaking ElasticSearch server exposed about 108 million records
comprising data such as bets, winnings, deposits, withdrawals, and credit card
information. However, credit card information was partially hidden, and consumers' entire
financial information was not disclosed. The leaking server has been taken down.
(Cyware Hacker News, 2019)

Figure 2: A very small portion of the redacted transaction data leaked by the server. (Cimpanu,
2019)

20049258
2
CS5052NI Professional Issues, Ethics and Computer Law

1.1 Background

An online gambling group's ElasticSearch server was left open to the public, with no
password. Names, addresses, phone numbers, email addresses, dates of birth,
usernames, account balances, IP addresses, a record of played games, last login
information, browser information, and OS data were all stored on the hacked server.
According to Justin Paine, the security researcher who found the server, the data spilled
from an ElasticSearch server that was left accessible online without a password. An
online gambling group's ElasticSearch server was left publicly exposed without a
password, making it accessible to everyone. Personal information such as names,
addresses, phone numbers, email addresses, dates of birth, usernames, account
balances, IP addresses, list of played games, last login information, browser information,
and OS data were leaked from the server. ElasticSearch is a high-end search engine
that's typically installed on internal networks to improve the performance of web apps.
These servers are not designed to be left exposed online. (Cimpanu, 2019)

Figure 3: Leaky server

20049258
3
CS5052NI Professional Issues, Ethics and Computer Law

Pane also discovered that the vulnerable ElasticSearch server exposed about 108 million
records holding data such as bets, winnings, deposits, and withdrawals, as well as credit
card information. Following further analysis, the researcher discovered that some of the
domains were registered by the same firm, while others were owned by companies that
shared a building or operated under the same eGaming license number. This revealed
that the same entity was behind all the web domains. None of the web sites whose data
was discovered by Pane on the ElasticSearch server replied to ZDNet's inquiries. The
leaking server, however, was discovered to be shut offline and inaccessible to the public
on January 21, 2019. However, there are chances that anyone with malicious intent would
have used the information from the leaky server such as names and contact details of the
players who recently won large sums of money to target users as part of scams or
extortion schemes. (Cyware Hacker News, 2019)

20049258
4
CS5052NI Professional Issues, Ethics and Computer Law

2) Legal Issues

A legal issue is anything that happens that has legal consequences and may need the
services of a lawyer to resolve. The law answers or resolves a question or problem. It is
not always evident that a situation may include the law, such as an unexpected condition
that may result in legal issues confronting work, mortgages, or insurance. (Solicitors
Regulation Authority, 2021). In the given case, it is stated that an online casino group was
left publicly available without any password and accessible to anyone because of which
all the information contained in that server like almost 108 million records such as bets,
win, withdrawals, deposits, including payment card details was exposed. According to my
research, the above scenario has violated “GDPR (General Data Protection Regulation)”
because Justin Paine who was the security researcher who has discovered the server
said that the server contained a lot of sensitive information like their real names, address,
phone numbers, email address, birth dates and many more things. Let us see some of
the legal issues that caused various effect in this data breach. (Solicitors Regulation
Authority, 2021)

2.1 Lawsuits by dissatisfied customers: - Customer satisfaction lawsuits emerge

when a customer decides to sue a business or corporation because of problems with the
product or service. These can include legal causes of action such as:

i. Improper product safety.

ii. Consumer scam and consumer protection considerations.
iii. Defective or toxic goods.
iv. Poor service (especially ones that violate laws on safety or quality).
v. Breaking a law (such as a failure to deliver products on time or correctly).
These kinds of disputes involving can sometimes affect many clients and consumers. In
such situations, the lawsuit may be launched as a major lawsuit.

A high customer satisfaction rating has several positives, including enhanced word-of-
mouth advertising and improved customer loyalty. As a result, company owners are often
encouraged to keep consumers contented. However, in circumstances of significant or

20049258
5
CS5052NI Professional Issues, Ethics and Computer Law

extensive breaches, a civil lawsuit for damages may be required. Some legal
considerations to be aware of while dealing with a customer satisfaction lawsuit are:

i. Cases that are ridiculous (Courts will only hear lawsuits with a significant amount
in dispute and a high possibility of winning.)
ii. Breach of warranty vs. breach of contract: A violation of contract is more likely
to result in a lawsuit than a defective product, which might be addressed by a
simple refund or remuneration of the product. (LegalMatch, 2022)

2.2 Consumer protection and data privacy violation: - Consumer privacy which
is also known as customer privacy, involves the processing and preservation of sensitive
personal information offered by customers. As the internet continues into a medium of
business, consumer data privacy has become a major concern. (Lutkevich, 2022) In this
case because all the data was left publicly available and was exposed due to which it
violated the consumers privacy. Consumer privacy is associated with the concept of
personal privacy, which, while not officially stated in the United States Constitution, has
been cited as a vital right in several court cases. The Ninth Amendment is sometimes
utilized to defend a broad interpretation of the Bill of Rights in order to preserve personal
privacy in ways that are not explicitly stated but are implied. Despite this, there is presently
no comprehensive reform standard for data privacy at the federal level in the United
States. There have been efforts, but none have been successful. For example, in 2017,
the United States government rejected a federal initiative to expand data privacy
protection by forcing internet service providers (ISPs) to get their customers' approval
before utilizing their personal data for advertising and marketing. Another major federal
consumer privacy measure, the Consumer Online Privacy Rights Act (COPRA), was
submitted in late 2019, but it has yet to be passed, and many believe that its passage will
be difficult. (Lutkevich, 2022)

20049258
6
CS5052NI Professional Issues, Ethics and Computer Law

3) Social Issues

A social issue or problem is one that has been acknowledged by society as a restriction
to society's best functioning. It is important to recognize that not all events in society are
lifted to the level of social concerns. Four variables have been identified that appear to
describe a social issue or problem. (Study.com, 2022)

Here include:
• The people must identify the issue as a problem.
• The scenario opposes traditional ideals.
• A considerable proportion of the population regards the issue as a reasonable
concern.
• Citizens' and/or community resources can work together to solve or reduce the
situation.
Let us have a look at some of the social issues which had a huge impact on the
ElasticSearch breach.

3.1 Identity theft: - Identity theft arises when someone uses your personal identifying
information to impersonate you to conduct fraud or earn other financial gains. Your
personal identifying information may include your full names, home address, email
address, digital login and passwords, Identification Number, driver's license number,
passport number, or bank number. When hackers get access to this information, they
may use it to attempt identity theft or sell it on the dark web. (Norton, 2022)

It's the same thing that happened in the online casino group when the data was exposed.
When Pane and ZDNet did research of the URLs obtained in the server's data and
discovered that all web domains were hosting online casinos. URLs revealed in the open
server data included kahunacasino.com, azur-casino.com, easybet.com,
viproomcasino.net, and others. Following subsequent analysis, the researcher
discovered that some of the domains were held by the same corporation, while others
were owned by companies headquartered in the same building or operating under the
same eGaming license number. This proved that all of the web domains were managed
by the same company. (Study.com, 2022)

20049258
7
CS5052NI Professional Issues, Ethics and Computer Law

3.2 Privacy: - Data privacy refers to an individual's ability to do so when, how, and to
what degree personal information about them is shared with or transmitted to others. This
personal information would include a person's name, location, contact information, or
online or offline conduct. Just as someone may prefer by excluding persons from a private
chat, many internet users wish to control or avoid some sorts of personal data collecting.
(Cloudflare, 2022)

Inability to protect your customers' privacy may bring to damage to reputation, the loss of
personal information, and the waste of resources. It can increasingly bring you in breach
of the rules, resulting in significant costs and legal claims. There is virtually definitely at
least one privacy regulation that your company must follow, no matter where it operates.
The news story, multimillion-dollar fines allowed under these fines are real, and they may
hurt smaller businesses that do not protect personal information properly. (Bateman,
2022)

According to fourth amendment “Courts have ruled that parents have a fundamental right
to make decisions about the care, custody, and control of their children. Parents have a
privacy right to determine how their children are educated, private schools or public
schools and in what language their children are taught”. In general, the privacy rights
developed from a desire to safeguard individuals from government overreach. The Fourth
Amendment to the United States Constitution, for example, protects citizens against
warrantless searches of their property, body, worldly belongings, or other places that they
might properly expect to keep private from law enforcement officers. Therefore, the police
nearly always require a proper warrant to conduct an authorized search of a person's
house. (LegalMatch, 2022)

Other social issues that take place after this incident were:

• Unscrupulous operators
• Embedding
• Circle Jerks
• Online customer tracking (Griffiths, 2003)

20049258
8
CS5052NI Professional Issues, Ethics and Computer Law

4) Ethical Issues

Ethical issues in business are situations in which a moral conflict occurs and must be
resolved. In other terms, it is a situation when a moral standard is called into issue. When
a choice, action, or circumstance in business clashes with the organization's or society's
ethical norms, ethical concerns arise. Because others may question their behaviour from
a moral standpoint, both organizations and people might become entangled in ethical
dilemmas. Diversity, compliance, governance, and compassionate decision-making are
all complex ethical concerns that match with the organization's basic principles.
(MyAccountingCourse.com, 2022)

Some of the ethical issues from the online casino leaked data are:

4.1 Informed consent: Although informed permission may be easily gained online for
online surveys, there is some disagreement over whether it is necessary when people
utilize comments on public internet forums. Withdrawing consent is more challenging
since it is difficult to discern the motivation of a participant who does not finish a survey.
For example, did the person leave on purpose, or was their internet connection
terminated? Given that many online surveys are housed on unsecure sites, confidentiality
is also a key problem. Researchers have also been concerned about cultural concerns.
Online surveys allow researchers to acquire larger samples, but at what cost? The
collecting of data from morally different samples might make it difficult to understand study
conclusions. (Griffths & Whitty, 2022)

4.2 Whistleblowing or Social media rant: Whistleblowing is a method of share some

confidential information of one company or organization to other organizations. As talking
about deontology, it is stated that people should stick to their rules and obligations while
taking any kind of decisions when ethics are in play because violating the rules can lead
to several impacts in people, society and even it impacted on the online casino group.
The good news is that the credit card details indexed on the ElasticSearch server were
temporarily deleted and did not publish the user's full financial information, but the bad
news is that someone who uncovered the database would have known the names, home
addresses, and phone numbers of individuals who had just won enormous sums of

20049258
9
CS5052NI Professional Issues, Ethics and Computer Law

money and could have used this information to target people as part of scammers or
ransom schemes. (indeed, 2021)

4.3 Confidentiality & Privacy:

Computers can be used to frighten, deceive, or swindle victims metaphorically. Attorneys,

government entities, and companies are increasingly using legally obtained data to
confuse their consumers. Computer-generated fake invoices, bills, and cheques are also
beneficial to criminals. The confidential information released from this common
ElasticSearch server includes genuine names, home addresses, phone numbers, email
addresses, birth dates, site usernames, account balances, IP addresses, browser and
OS details, last login information, and a list of played games. By presenting a pristine
quality to the crime, the computer serves as a perfect shroud for carrying out illicit deeds.
The Fourth Amendment to the United States Constitution, which stipulates those
individuals have a right to be safe in their homes and against excessive search and
seizure, is the fundamental provision that protects our privacy. Furthermore, several
regulations have been created to safeguard individuals from having harmful information
recorded in electronic systems. (Idaho State University, 2021)

20049258
10
CS5052NI Professional Issues, Ethics and Computer Law

5) Professional Issues

Professional issues are debates concerning ethical or practical behaviour that support
competent professional activity. (Psychology Wiki, 2022)

A professional code of conduct is a document that instructs employees on how to act on

behalf of their firm. A code of conduct may include aspects such as the company's ideals,
disciplinary procedures, and obligations. (Betterteam, 2021)

Talking about professional issue, it is the issue that occurs in professionalism and
professional association, their rules of ethics and continued professional growth. Let us
also talk about security breach. Security breach is also one of the professional issues. A
security breach is considered as any accident that results in unauthorized computer data,
applications, networks, or devices. As a result, information is accessed without
permission. It often occurs when an offender can sidestep security systems. Technically,
there is a distinction between a security breach and a data breach. A security breach is
simply a break-in, but a data breach is described as the cybercriminal obtaining
information. Consider a robber: the security breach is when he climbs through the
window, and the data breach is when he takes your wallet or laptop and takes it away.
(Kaspersky Lab, 2022)

There are also various professional code of conduct and some of them are listed below:

• Be inclusive
• Be considerate
• Be respectful
• Choose your words carefully
• Do not harass others

This portion of the assignment should cover any extra non-technical difficulties that arise
because of the project. Non-technical difficulties may include possible ethical quandaries,
social effect, health and safety requirements, negative fallout, limitations, economic
considerations, maintainability, usability, sustainability, and environmental impact.
Working with people requires ethical behaviours. It is the moral thing to do. It is not

20049258
11
CS5052NI Professional Issues, Ethics and Computer Law

surprising that essentially all our professional organizations and organisations, in all
professions, have ethical guidelines. Professionals understand that there are excellent
and negative methods to collaborate with others, and we must discriminate between the
two.

As relating it with the data breach, it created a huge impact on the online casino data
breach as Justin Pane stated that the database had data from an online betting platform
as well as data gathered from various website domains. ZDNet contacted all of the web
sites whose data was discovered by Pane on the ElasticSearch server, but none of them
answered. However, on January 21, 2019, the leaking server was reported to be shut
offline and unreachable to the public.

It was a one of the huge data breaches that existed and after that various people were
not able to trust online gambling because there was still a fear of getting their personal
information exposed publicly. (Cyware Hacker News, 2019)

20049258
12
CS5052NI Professional Issues, Ethics and Computer Law

6) Conclusion

If not controlled, online gambling may become an addiction. It has the potential to be
extremely dangerous to individuals. It is frequently noticed that young people readily
become involved in this sort of behaviours, destroying their future. The thrill of winning
money when playing a game or betting may be highly appealing. It may cause even the
middle-aged group to lose sight of their obligations. People that gamble are frequently
perceived to be involved in drugs and other unethical activities. It also causes a
disturbance in mental serenity. Online gambling, on the other hand, has the potential to
be a profitable industry. It has been noted as one of the most enjoyable internet games.
Internet gambling is no longer a novel phenomenon or method of gambling, yet there is
still a lack of awareness about its use and consequences.

The dynamic nature of online gambling sites, expanding technology, creative product
offers, and ever-shifting regulatory rules make worldwide understanding of online
gambling challenging. The enormous number of sites and the big number of owners and
operators dispersed across numerous different jurisdictions make assembling a complete
picture of the online gambling fi eld challenging. Similarly, because players tend to visit
many and offshore sites, estimating the frequency of Internet gambling inside certain
countries is challenging. I'd want to begin by thanking Justin Paine not just for finding the
problem, but also for attempting to help us resolve it. Because of his finding, we were able
to take immediate measures to safeguard our clients' information and avert any possible
data dissemination. We are also happy that Justin discovered this via his significant
experience, rather than any other party with less ethics and maybe nefarious motivations.
We were able to respond quickly and prevent critical data from being disclosed or leaked
further. This event will be beneficial to both our firm and the iGaming industry in the future.
We operate in a dynamic, ever-changing technical world that is rapidly evolving. In this
contemporary technology paradigm, cyber security is a critical component of any online
organization, and we take satisfaction in being at the forefront of technical innovations.
The discovery of this problem has allowed our organization to re-evaluate the nature of
our security measures and procedures, and we believe that having this happen will only
enhance our defences against such incidents in the future. Furthermore, this should

20049258
13
CS5052NI Professional Issues, Ethics and Computer Law

ensure that we and other industry participants can learn from one another and adjust our
best practices and principles as necessary. Every detected and undiscovered challenge,
we regard as a chance to progress.

20049258
14
CS5052NI Professional Issues, Ethics and Computer Law

7) References

Bateman, R., 2022. What can heppen if you violate privacy laws?. [Online]
Available at: https://www.termsfeed.com/blog/violate-privacy-laws/
[Accessed 09 May 2022].
Betterteam, 2021. Professional Code of Conduct. [Online]
Available at: A professional code of conduct is a document that instructs employees on
how to act on behalf of their firm. A code of conduct may include aspects such as the
company's ideals, disciplinary procedures, and obligations.
[Accessed 08 May 2022].
Cimpanu, C., 2019. ZDNet. [Online]
Available at: https://www.zdnet.com/article/online-casino-group-leaks-information-on-
108-million-bets-including-user-details/
[Accessed 10 May 2022].
Cloudflare, 2022. What is data privacy?. [Online]
Available at: https://www.cloudflare.com/learning/privacy/what-is-data-privacy/
[Accessed 08 May 2022].
Cyware Hacker News, 2019. Cyware Social. [Online]
Available at: https://cyware.com/news/an-unprotected-elasticsearch-server-of-an-online-
casino-group-exposes-108-million-records-8c005204
[Accessed 10 May 2022].
Griffiths, M., 2003. Internet Gambling: Issues, Concerns, and Recommendations.
CYBERPSYCHOLOGY & BEHAVIOR, Volume 6, pp. 562-563.
Griffths, M. & Whitty, M., 2022. Online behavioural tracking in Internet gambling
research: Ethical and methodological issues. International Journal of Internet Research
Ethics, Volume 3, pp. 108-111.
Idaho State University, 2021. Ethical Issues. [Online]
Available at: https://www.niatec.iri.isu.edu/ViewPage.aspx?id=153
[Accessed 09 May 2022].
indeed, 2021. 8 Ethical issues in business. [Online]
Available at: https://uk.indeed.com/career-advice/career-development/ethical-issues-in-
business
[Accessed 09 May 2022].
Kaspersky Lab, 2022. What is a security breach?. [Online]
Available at: https://www.kaspersky.com/resource-center/threats/what-is-a-security-
breach
[Accessed 09 May 2022].

20049258
15
CS5052NI Professional Issues, Ethics and Computer Law

LegalMatch, 2022. Customer Satisfaction Lawsuits. [Online]

Available at: https://www.legalmatch.com/law-library/article/customer-satisfaction-
lawsuits.html#:~:text=Customer%20satisfaction%20lawsuits%20occur%20when,fraud%
20and%20consumer%20protection%20issues
[Accessed 08 May 2022].
Lutkevich, B., 2022. Consumer Privacy. [Online]
Available at: https://www.techtarget.com/searchdatamanagement/definition/consumer-
privacy
[Accessed 07 May 2022].
MyAccountingCourse.com, 2022. What are Ethical Issues?. [Online]
Available at: https://www.myaccountingcourse.com/accounting-dictionary/ethical-
issues#:~:text=Ethical%20issues%20occur%20when%20a,question%20from%20an%2
0ethical%20standpoint.
[Accessed 08 May 2022].
Norton, 2022. ID Theft. [Online]
Available at: https://us.norton.com/internetsecurity-id-theft-what-is-identity-theft.html
[Accessed 09 May 2022].
Psychology Wiki, 2022. Professional Issues. [Online]
Available at:
https://psychology.fandom.com/wiki/Professional_issues_in_clinical_psychology#See_a
lso
[Accessed 09 May 2022].
Solicitors Regulation Authority, 2021. What is a Legal issue?. [Online]
Available at: https://www.sra.org.uk/consumers/choosing/legal-
issue/#:~:text=A%20legal%20issue%20is%20something,or%20resolved%20by%20the
%20law.
[Accessed 08 May 2022].
Study.com, 2022. Social Issues. [Online]
Available at: https://study.com/academy/lesson/social-issues-definition-examples.html
[Accessed 09 May 2022].

20049258
16