Jeetendra Karki (ITS 360)

Chapter 4


Assignment: p174-179, Answer any two questions of “What would you do?” and answer Critical thinking questions of Two Cases.



What would you do Questions?



Question 1:

Answer1: As a webmaster of a site that caters children, the measures that i should take to ensure that my site does not violate the children’s online privacy protection right can be explained by following the five-steps-decision making process is as follows:

1.      Defining the problem: Children’s aren’t mature enough to decide what is legit, right or wrong in the internet. To make sure the site doesn’t violate their privacy is very important factor that needs to be addressed.

2.      Identifying alternatives: There are two alternatives that can be applied to overcome this possible issue and they are FERPA (Family Education Rights & Privacy Act) and COPPA (Children’s Online Privacy Protection Act).

3.  Choosing the alternative: Choosing this alternative will fix the issue or potential privacy leak.

4.  Implementing the Decision: When this is applied, this will ensure that the parents have the right and access to all the children’s documents, files, educational, financial records and everything that needs consent and authentication to disclose it in necessary requirement.  

5.  Evaluation: This will ensure that the children's privacy is in safe hands (with their parents) while using the site and provide trust in this digital world.




Answer2:  My friend is asking for help regarding a stalking app for the significant other to find out if she is cheating or not, I will be defining the solution by following the five-steps-decision making process is as follows:

1.      Defining the problem: The issue is that he and his wife is not getting along, and he thinks she is cheating on him and he wants to track and trace her to find if that's true or not and wants me to install the app. There is a big issue and risk with this, this is a total violation of privacy and security that cannot just violate her privacy, but also put a risk on her private information like pictures, financial bank info and others.

2.      Identifying alternatives: I understand that she is his wife and needs to know that, but not like this. The alternative is that he should talk to her and ask her if there is anyone else or he should ask her consent to let me install the app that stalks her phone.

3.      Choosing the alternative: If he chooses to talk, he could make things clear if that's not true or if he gets her consent then she can proof that no one is there.

4.      Implementing the decision: By implementing this decision we will be able to not just save people's private life, but also make a better secure choice.

5.  Evaluation: This is good as this will ensure that she is not being tracked under any things against her will and he will be able to make a right decision after he talks to her and knows that its a crime to do that.



Critical Thinking Questions of two cases:


Case 1: Serious Data Breach at OPM



Answer1: Yes, I think there should be some kind of readdress for those 21 million people who personal information was stolen without monetary damages, the government should run a investigation or a search if their information matches anywhere else.



Answer2: The foreign power or even terrorist can use the stolen data to mount the intelligence operation against the US by creating a duplicate information from the stolen data that can have the accessibility and resources like original to access very important credentials and files in the internet to find the weakness and cause trouble and terrorism in the US.



Answer3: OPM is also announcing the steps it is taking to protect those impacted:

1. Providing a comprehensive suite of monitoring and protection services for background investigation applicants and non-applicants who’s Social Security Numbers, and in many cases other sensitive information, were stolen

2. Helping other individuals who had other information included on background investigation forms

3. Establishing an online cybersecurity incident resource center

4. Establishing a call center to respond to questions.

5. Protecting all Federal employees

I feel I am satisfied with the steps, the only thing to do is that they must update the security and constantly monitor and adapt the changes to stay in track.




Case 2: Time to Update the Electronic Communications Privacy Act?



Answer1: I think and believe that ECPA must bring it more in line with the Bill of Rights if dealing and searching of private information of a person, they must be notified by following “Then 4th Amendment”, but if it’s about searching about terrorism and crime then it does not have to follow the bill of rights.



Answer2: From the study, it appears to be that the First bill (416-0) died in senate without leaving the place (Committee in the year 2013) and second in the year 2016 with not much changes and progress made.



Answer3:  I think media did the right thing to support Microsoft in its suits against the US over provisions of the ECPA as it is against the law and right of the people as their privacy is being searched without asking or letting them know.