25 May ndividual: Cybersecurity Laws
The U.S. has in place many laws related to information security, computer security, and internet use. Many of these laws relate to information governance, accountability, and commercial liability. In addition, the issue of personal privacy is addressed in many of the laws that relate to specific industries, sectors, and types of information.
Write a 1-to 2-page paper using Microsoft® Word that answers the following questions:
· For two laws from Table 3.1 in Principles of Information Security, state the overall intent of each law. For example what do the U.S. Police and Justice Act and the Computer Fraud and Abuse Act of the U.K. do?
· Using a browser and search engine, determine the general number of cases/complaints that have been filed based on each of the laws listed below:
· Computer Fraud and Abuse Act
· National Information Infrastructure Protection Act
· Sarbanes-Oxley Act
· Having reviewed these laws and cases/complaints associated with them, completely answer each of the following:
· Which of these laws seemed more frequently enforced? Which of these laws have resulted in a large financial impact to a business? Which of these have imposed a strict punitive damage (e.g., someone being convicted of fraud)?
· According to your answer above, what infrastructural or cyber domain sector or assets are being protected by such enforcement?
· Accurately explain if the ethical confidentiality of all private information is assured by the three laws
· Based on your Learning Team discussion, list at least two conflicts faced by U.S. cloud service providers when providing services globally.
Table 3-1 Key U.S. Laws of Interest to Information Security Professionals
| Area | Act | Date | Description |
| Telecommunications | Telecommunications Deregulation and Competition Act of 1996—an update to Communications Act of 1934 (47 USC 151 et seq.) | 1934 | Regulates interstate and foreign telecommunications (amended in 1996 and 2001) |
| Civil legal evidence | Federal Rules for Civil Procedure (FRCP) | 1938 | As updated in 2006, specifies requirements for the storage, protection, and surrender of discoverable electronic data as used in federal civil proceedings |
| Freedom of information | Freedom of Information Act (FOIA) | 1966 | Allows for disclosure of previously unreleased information and documents controlled by the U.S. government |
| Privacy | Federal Privacy Act of 1974 | 1974 | Governs federal agency use of personal information |
| Copyright | Copyright Act of 1976—an update to U.S. Copyright Law (17 USC) | 1976 | Protects intellectual property, including publications and software |
| Cryptography | Electronic Communications Privacy Act of 1986 (Update to 18 USC) | 1986 | Regulates interception and disclosure of electronic information; also referred to as the Federal Wiretapping Act |
| Access to stored communications | Unlawful Access to Stored Communications (18 USC 2701) | 1986 | Provides penalties for illegally accessing communications (such as e-mail and voicemail) stored by a service provider |
| Threats to computers | Computer Fraud and Abuse Act (also known as Fraud and Related Activity in Connection with Computers; 18 USC 1030) | 1986 | Defines and formalizes laws to counter threats from computer-related acts and offenses (amended in 1996, 2001, and 2006) |
| Federal agency information security | Computer Security Act of 1987 | 1987 | Requires all federal computer systems that contain classified information to have security plans in place, and requires periodic security training for all people who operate, design, or manage such systems |
| Trap and trace restrictions | General prohibition on pen register and trap and trace device use; exception (18 USC 3121 et seq.) | 1993 | Prohibits the use of electronic pen registers and trap and trace devices without a court order |
| Criminal intent | National Information Infrastructure Protection Act of 1996 (update to 18 USC 1030) | 1996 | Categorizes crimes based on criminal intent and a defendant’s authority to access a protected computer system |
| Trade secrets | Economic Espionage Act of 1996 | 1996 | Prevents abuse of information gained while employed elsewhere |
| Personal health information protection | Health Insurance Portability and Accountability Act of 1996 (HIPAA) | 1996 | Requires medical practices to ensure the privacy of personal medical information |
| Intellectual property | No Electronic Theft Act amends 17 USC 506(a)—copyright infringement, and 18 USC 2319—criminal (Public Law 105-147) infringement of copyright | 1997 | Amends copyright and criminal statutes to provide greater copyright protection and penalties for electronic copyright infringement |
| Copy protection | Digital Millennium Copyright Act (update to 17 USC 101) | 1998 | Provides specific penalties for removing copyright protection from media |
| Identity theft | Identity Theft and Assumption Deterrence Act of 1998 (18 USC 1028) | 1998 | Attempts to instigate penalties for identity theft by recognizing people who lose their identity as the true victims, not just the commercial and financial credit entities that suffered losses |
| Children’s privacy | Children’s Online Privacy Protection Act of 1998 (COPPA) | 1998 | Protects children online by requiring Web sites with users under the age of 13 to post privacy policies that specify clear guidance and restrictions on information collection |
| Encryption and digital signatures | Security and Freedom Through Encryption Act of 1999 | 1999 | Affirms the rights of people in the United States to use and sell products that include encryption and to relax export controls on such products |
| Banking | Gramm-Leach-Bliley Act of 1999 (GLB) or the Financial Services Modernization Act | 1999 | Repeals the restrictions on banks affiliating with insurance and securities firms; has significant impact on the privacy of personal information used by these industries |
| Children’s online protection | Children’s Internet Protection Act | 2000 | Requires K-12 schools and libraries to use Internet filters to protect children online |
| Terrorism | USA PATRIOT Act of 2001 (update to 18 USC 1030) | 2001 | Defines stiffer penalties for prosecution of terrorist crimes |
| Accountability | Sarbanes-Oxley Act of 2002 (SOX) or Public Company Accounting Reform and Investor Protection Act | 2002 | Enforces accountability for executives at publicly traded companies; this law has created ripple effects throughout the accounting, IT, and related units of many organizations |
| Federal information security | Federal Information Security Management Act (FISMA) | 2002 | Specifies the requirement for federal agencies to establish information security programs to protect their information assets |
| Spam | Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 CAN-SPAM Act (15 USC 7701 et seq.) | 2003 | Sets the first national standards for regulating the distribution of commercial e-mail, including mobile phone spam |
| Fraud with access devices | Fraud and Related Activity in Connection with Access Devices (18 USC 1029) | 2004 | Defines and formalizes law to counter threats from counterfeit access devices such as ID cards, credit cards, telecom equipment, mobile or electronic serial numbers, and the equipment that creates them |
| Terrorism | Customs-Trade Partnership Against Terrorism (C-TPAT) | 2004 | Organizations that conduct international business may voluntarily comply with this initiative by U.S. Customs and Border Protection to facilitate security and shipments processing |
| Terrorism and extreme drug trafficking | USA PATRIOT Improvement and Reauthorization Act of 2005 (update to 18 USC 1030) | 2006 | Renews critical sections of the USA PATRIOT Act |
| Identity theft | Identity Theft Enforcement and Restitution Act | 2008 | Imposes criminal liability on people who commit identity theft, but does not regulate the technology |
| Terrorism | PATRIOT Sunsets Extension Act of 2011 (update to 18 USC 1030) | 2011 | Renews critical sections of the USA PATRIOT Act |
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteDemy. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.
About Writedemy
We are a professional paper writing website. If you have searched a question and bumped into our website just know you are in the right place to get help in your coursework. We offer HIGH QUALITY & PLAGIARISM FREE Papers.
How It Works
To make an Order you only need to click on “Order Now” and we will direct you to our Order Page. Fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Are there Discounts?
All new clients are eligible for 20% off in their first Order. Our payment method is safe and secure.