Name:
Class:
Date:
1. The Internet was started in the 1960s as a project to link military contractors and universities. The World Wide Web
was created in 1991 as a subnetwork of the Internet.
a.
True
b.
False
True
2. Spam is illegal per se.
a.
True
b.
False
False
3. Jorgeson Co., on its website, promised the company would not give PII to third parties without the customer’s consent,
but then gave out such information. This practice violates Section 5 of the FTC Act.
a.
True
b.
False
True
4. The federal government has preempted the field of online privacy, so states may not pass their own online privacy
statutes.
a.
True
b.
False
False
5. When you surf the Internet, information, much of which is anonymous, is collected about you.
a.
True
b.
False
True
6. Rachel works for the Internal Revenue Service, but keeps some personal information on her computer at work. The
Fourth Amendment to the Constitution, prohibiting unreasonable searches and seizures, does not apply to the
government’s right to obtain personal information on her computer.
a.
True
b.
False
False
7. If a program is on your computer monitors your activities without your permission, you may be able to get protection
through state legislation which makes spyware illegal.
a.
True
b.
False
True
8. Consumers have been active in requesting government regulation of web data collection to protect their privacy.
a.
True
b.
False
False
Name:
Class:
Date:
9. It is legal for websites to sell source code for viruses.
a.
True
b.
False
True
10. The Electronic Communications Privacy Act is a federal statute regulating e-mail.
a.
True
b.
False
True
11. The Gramm-Leach-Bliley Privacy Act of 1999 requires pretexting to find out private financial information.
a.
True
b.
False
False
12. Bidding on one’s own goods at an online auction may subject the bidder to liability under anti-fraud statutes as well as
liability under state statutes explicitly prohibiting shilling.
a.
True
b.
False
True
13. The European Union prohibits the transfer of personal customer information to countries that lack adequate privacy
protection.
a.
True
b.
False
True
14. The European Union’s e-Privacy Directive requires websites to provide an optout” option for sites that use tracking
tools.
a.
True
b.
False
False
15. The United States of America v. Angevine case held that the professor had no reasonable expectation of privacy in his
office computer.
a.
True
b.
False
True
16. Burns Medicine Shop developed a website where customers could ask the pharmacists questions and could refill
prescriptions online. What statute requires Burns to have and disclose a privacy policy to anyone using the website?
a.
The FTC Act.
b.
The Electronic Communications Privacy Act.
c.
The Gramm-Leach-Bliley Privacy Act.
d.
No statutes presently require websites to have or disclose a privacy policy.
Name:
Class:
Date:
d
17. You make an online purchase of a hooded sweatshirt with the logo of the Dallas Cowboys. The next time you log on,
your screen has a banner ad for Dallas Cowboy hats and shirts. This banner ad is most likely the result of:
a.
a cookie.
b.
a coincidence.
c.
the Internet crime of theft of private information.
d.
encryption software.
18. Which of the following countries has not passed legislation to comply with the European Union’s directive prohibiting
the transfer of personal data to any countries that do not provide adequate privacy protection?
a.
Canada
b.
Australia
c.
United States
d.
New Zealand
19. The Computer Fraud and Abuse Act prohibits all but which of the following?
a.
Computer trespass.
b.
Sending spam.
c.
Negligent damage to a computer attached to the Internet.
d.
Trafficking in computer passwords.
b
20. The case of Carafano v. Metrosplash.com, Inc. held:
a.
the Fourth Amendment applies to computers.
b.
Congress, in enacting the Communications Decency Act, intended that ISPs should not be held liable for
information provided by someone else.
c.
Congress had weighed free speech interests with protection of the public from offensive or obscene materials
and determined that protection of the public was more important in the Internet setting.
d.
Matchmaker, because it had provided the questionnaires for collecting information from its users, must be
considered an “information content provider” under the Communications Decency Act, and it is therefore
liable under the Act.
21. The CAN-SPAM Act:
a.
applies to virtually all promotional e-mails, whether or not the sender has a pre-existing relationship with the
recipient.
b.
provides unavoidable requirements for senders of promotional e-mails.
c.
requires recipients of unsolicited, pornographic e-mails to notify the Justice Department.
d.
requires senders of promotional e-mails to provide a valid return address, which may be a post office box or a
specific physical location.
Name:
Class:
Date:
22. The Children’s Online Privacy Protection Act prohibits Internet operators from collecting information from children
under what age without parental permission?
a.
18.
b.
16.
c.
13.
d.
10.
23. Sherry, a 12-year-old, visited a website that wanted to know her family size, her parents’ educational level, and her
weekly allowance. The site also asked Sherry’s name, mailing and e-mail addresses, and age.
a.
Under COPPA, the website must disclose how it will use the information it acquires from Sherry.
b.
COPPA prohibits the Internet operator from collecting such information without her parents’ permission.
c.
COPPA does not apply to Sherry’s situation since she is over the age limit for those protected by the statute.
d.
Both a and b.
d
24. The Children’s Online Privacy Protection Act:
a.
deals only with the collection of data that will be disclosed to children.
b.
deals only with collecting, from children, information that will be disclosed publicly.
c.
regulates the activities of Internet operators.
d.
is enforced by the EEOC.
e.
Both b and c.
25. Tom receives an e-mail from someone alleging to be a Nigerian government official who has stolen money from the
government. He needs some place safe to keep the money for a short time. The official promises that, if Tom lets his bank
account be used for this purpose, Tom will be allowed to keep a percentage of the stolen money. Tom gives in to the
temptation and provides his account information. Instead of receiving money, Tom loses everything he had in the account
to the scammer. In this situation:
a.
prosecution can be under state law.
b.
prosecution can be under the Computer Fraud and Abuse Act.
c.
a civil action can be brought under Section 5 of the FTC Act.
d.
All of the above.
d
26. The Identity Theft and Assumption Deterrence Act of 1998 does all but which of the following:
a.
prohibits the use of false identification to commit fraud.
b.
limits liability on a stolen credit card to $50.
c.
permits a victim to seek restitution in court.
d.
It does all of the above.
b
27. Rob works for a federal governmental agency. No policy statements have been reported to the employees regarding
their privacy rights or regarding their use of workplace computers for personal business. Rob’s supervisor has reason to
suspect that Rob has used his workplace computer to order an illegal substance. Which of the following is true?
Name:
Class:
Date:
a.
Rob’s employer may search Rob’s computer at any time since it was provided by the employer.
b.
Even if Rob’s employer tries to search Rob’s computer, if Rob has deleted any incriminating information, the
employer will be able to find nothing on his computer to prove Rob was engaged in illegal activity.
c.
The Fourth Amendment prohibits unreasonable searches and seizures by the government, but this amendment
does not apply to computers.
d.
If Rob has a legitimate expectation of privacy in the information on his computer, his employer would have to
obtain a search warrant in order to conduct a search of the computer.
d
28. Which of the following protects e-mail messages from unauthorized interception?
a.
The Fourth Amendment.
b.
The GLB Privacy Act of 1999.
c.
The Electronic Communications Privacy Act.
d.
COPPA.
29. The privacy of e-mail is regulated by:
a.
the federal ECPA.
b.
spyware.
c.
both a and b.
d.
neither a nor b. There is currently no regulation of e-mail privacy.
30. The Electronic Communications Privacy Act covers:
a.
e-mail communications.
b.
transmissions from cellular phones.
c.
transmissions from pagers.
d.
All of the above.
d
31. Under the Electronic Communications Privacy Act:
a.
violators are subject to both criminal and civil penalties.
b.
violators may be subject to civil, but not criminal, penalties.
c.
only the unauthorized disclosure of e-mail messages constitutes a violation.
d.
only the unauthorized interception of e-mail messages by the government or an ISP constitutes a violation.
32. Which of the following is NOT true under the Electronic Communications Privacy Act?
a.
An intended recipient of an e-mail has the right to disclose it to third persons.
b.
ISPs are prohibited from disclosing the content of electronic messages to anyone other than the addressee,
even if the disclosure is necessary for the performance of the ISP’s service.
c.
An employer has the right to monitor workers’ e-mail if the monitoring occurs in the ordinary course of
business or the employer provides the e-mail system.
Name:
Class:
Date:
d.
To access e-mail messages that have been stored for 180 days or less, the government must first obtain a
search warrant.
b
33. You receive an e-mail telling you that your bank’s website is undergoing some security updates and you need to log in
to update your account information. Conveniently, there is a link in the e-mail allowing you to easily log in. Most likely
this is an example of:
a.
hacking
b.
phishing
c.
hunting
d.
shilling
34. “Hacking” is:
a.
gaining unauthorized access to a computer system.
b.
a major crime.
c.
illegal under the federal Computer Fraud and Abuse Act, which applies to any computer attached to the
Internet.
d.
All of the above are correct.
d
35. MajorLine offered travel packages, including airfare and hotel accommodations, at a discounted price on their
website. However, after Jason charged MajorLine’s fees to his credit card, he did not receive the promised airline tickets
or the coupons for a reduced hotel rate. He found that other customers had been similarly defrauded. MajorLine:
a.
can be prosecuted under state law.
b.
can be prosecuted under the Computer Fraud and Abuse Act.
c.
Both a and b.
d.
cannot be prosecuted because fraud over the Internet is not yet defined as a crime in any statutes.
36. Online auctions:
a.
are the major source of consumer complaints about online fraud.
b.
involve approximately $1 million worth of goods annually.
c.
allow people to bid on their own goods.
d.
allow owners of goods to cross-bid with a group of other sellers.
37. After Ashley was denied credit for a new car, she checked her credit report with Equifax. The report showed that
several credit cards had been issued to her recently, and they had large, unpaid balances. Ashley had not applied for or
received these cards. She found out that someone had stolen personal information she had entered onto her computer and
used the information to fraudulently obtain the credit cards. Ashley:
a.
is a victim of identity theft.
b.
is protected under the Identity Theft and Assumption Deterrence Act.
c.
can seek restitution in court.
d.
All of the above.
Name:
Class:
Date:
38. Unsolicited commercial e-mail (UCE) or unsolicited bulk e-mail (UBE) messages:
a.
are commonly known as “cookies.”
b.
constitute about 90 percent of all e-mail.
c.
are estimated to be fraudulent either in content or packaging in approximately one-fourth of all cases.
d.
although annoying, do lower the cost of connecting to the Internet.
39. Identity theft:
a.
is a relatively new crime that was created through use of the Internet.
b.
affects about 8 million American victims each year.
c.
has slight impact on the victim since consumer law protects owners of credit cards and limits their loss to $50
if they promptly report the loss of their card.
d.
is now addressed by only state statutes.
40. Lois receives an e-mail asking her to update her personal information on a website that is an illegal imitation of a
legitimate site. This practice:
a.
is a crime called phishing.
b.
is a tort called information theft.
c.
is a breach of contract action known as shilling.
d.
may be prosecuted under the GLB Privacy Act.
41. Stuart is vying for a promotion, but faces competition from a co-worker, Brenda. Without authorization, Stuart
accesses stored company records and discovers an unfavorable e-mail message Brenda had written about the company.
Stuart sends the message to his supervisor in hopes of keeping Brenda from getting the promotion. Discuss whether Stuart
has violated any statute and, if so, what sanctions he may face.
communications. The Act applies to e-mail and transmissions from pagers and cellular phones. Stuart may be
subject to both criminal and civil penalties for violating the Act.
42. Daniel went onto an Internet message board and found that his ex-wife, Faye, had posted a message calling him a fat,
insensitive jerk who only cared about watching sports on TV. Does Daniel have any protection against Faye’s making
such statements to a potentially large number of readers, some of whom may know Daniel and some of whom may not?
Courts have tended to find that such statements are opinion, not fact, and therefore are protected speech. The
fact that a statement may be offensive is not reason enough to suppress it.
43. Discuss common abuses that occur with auctions on the Internet and how these abuses are being addressed.
cross-bid with a group of other sellers. Shilling is prohibited because the owner drives up the price of his own
item.
Name:
Class:
Date:
44. Maria, who lives in the United States, gains unauthorized access to a bank’s computer system and steals financial
information about customers. Of what is Maria guilty, and under what statute(s) could she be prosecuted?
45. Explain the difference between an ISP and a Web host, and discuss whether they are treated alike under the
Communications Decency Act (CDA).