What is the Difference between laws and ethics?

Answer: Laws consist set of universal rules that are widely published, generally accepted and
usually enforced whereas ethics is a theory or system of moral values and a guiding philosophy.
Ethics in simple term is define how individual choose to interact with one another and what is
good for the individual and for society and establishes the nature of duties that people owe
themselves and one another.
Laws are rules that mandate or prohibit certain behavior. Laws are of different types: Civil,
Criminal, Private, And Public.
What is civil law and what does it accomplish?
Answer: Civil laws are governs nation or state and these laws manages relationships and
conflicts between organizational entities and people.
What is privacy in an information security context?
Answer: Usually privacy is not absolute freedom from observation but rather it is more precise
state of being free from unsanctioned intrusion. How your information is protected that you
supply. Privacy is ability to aggregate data from multiple sources allows creation of information
database previously impossible.
What is intellectual property (IP)? Is it afforded the same protection in every country of
the world? What laws currently protect it in the United States and Europe?
Answer: Basically intellectual property is creation of mind such as inventions, literacy, designs,
images and symbols used in laws. Intellectual property is protected in law.
Intellectual property is divided into two categories:
Industrial Property
Copyright
Intellectual property is recognised as a protected asset in United States. In the United States,
copy-right laws extend this privilege to the published word, including electronic formats, fair use
of copyrighted material includes their use to support news reporting, teaching, scholarship and
many more activities, so long as the use is for educational purpose, not for profit. As long as
proper acknowledgement is provided about the real author of such work and including proper
description of citation, it is permissible to include portion of someone elses work as reference.
U.S copy right law governs the protection of IP in US.
The agreement on Trade-Related Aspect of IP created by World trade organisation (WTO) and
negotiated over a year, introduced IP rules into multilateral trade system and DMCA is an
American contribution to an international effort by World Intellectual property Organisation to
reduce the impact of copyright, trademark and privacy infringement. The United Kingdom has
also already implemented a version of this law called Database Right, in order to comply with
directive 95/46/EC
What is due care? Why would an organization want to make sure it exercises due care in
its usual course of operations?
Answer: Due care is a company taking measures to make sure that every employee know what is
acceptable and what is not, and consequences of illegal and unethical actions.
For example, any prudent security manager will have a good security policy, use of least
privilege when appropriate, implement the SETA (Security Education, Training and Awareness)
program, use up-to-date technology programs, and have as much as possible passive defence
mechanisms.
The organisations are less likely will be liable for its employees illegal and/or unethical actions
if they observes the due care concept.
How does due diligence differ from due care? Why are both important?
Answer: Due diligence require that an organisation make a valid and ongoing effort to protect
others. The difference from due care in that due diligence is constantly active role in company.
Due care is a passive role after the action of informing employees in performed. Both are
important as they are complement to each other forming a barrier against liability. Due care
relies on the ethical behaviour of employees to protect the company and due diligence protect
against actions of unethical behaviour of employees. This protects the company as it has done its
legal duty to protect others. If employee does something unethical or illegal, the responsibly lies
with the employee and not the company.