CHAPTER 27-CYBERLAW
TRUE/FALSE
1. The Internet was started in the 1960s as a project to link military contractors and
universities. The World Wide Web was created in 1991 as a subnetwork of the Internet.
Answer: True
2. Spam is illegal perse.
Answer: False
3. Jorgeson Co., on its website, promised the company would not give PII to third parties
without the customer’s consent, but then gave out such information. This practice violates
Section 5 of the FTC Act.
Answer: True
4. The federal government has preempted the field of online privacy, so states may not pass
their own online privacy statutes.
Answer: False
5. When you surf the Internet, information, much of which is anonymous, is collected about
you.
Answer: True
6. Rachel works for the Internal Revenue Service, but keeps some personal information on
her computer at work. The Fourth Amendment to the Constitution, prohibiting unreasonable
searches and seizures, does not apply to the government's right to obtain personal information
on her computer.
Answer: False
7. If a program is on your computer monitors your activities without your permission, you
may be able to get protection through state legislation which makes spyware illegal.
Answer: True
8. Consumers have been active in requesting government regulation of web data collection to
protect their privacy.
Answer: False
9. It is legal for websites to sell source code for viruses.
Answer: True
10. The Electronic Communications Privacy Act is a federal statute regulating e-mail.
Answer: True
11. The Gramm-Leach-Bliley Privacy Act of 1999 requires pretexting to find out private
financial information.
Answer: False
12. Bidding on one's own goods at an online auction may subject the bidder to liability under
anti-fraud statutes as well as liability under state statutes explicitly prohibiting shilling.
Answer: True
13. The European Union prohibits the transfer of personal customer information to countries
that lack adequate privacy protection.
Answer: True
14. The U.S. Department of Commerce reached agreement with the European Union on "safe
harbor" principles with which most U.S. companies have complied.
Answer: False
15. The United States of America v. Angevine case held that the professor had no reasonable
expectation of privacy in his office computer.
Answer: True
MULTIPLE CHOICE
1. Burns Medicine Shop developed a website where customers could ask the pharmacists
questions and could refill prescriptions online. What statute requires Burns to have and
disclose a privacy policy to anyone using the website?
a. The FTC Act.
b. The Electronic Communications Privacy Act.
c. The Gramm-Leach-Bliley Privacy Act.
d. No statutes presently require Web sites to have or disclose a privacy policy.
Answer: D
2. You make an online purchase of a hooded sweatshirt with the logo of the Dallas Cowboys.
The next time you log on, your screen has a banner ad for Dallas Cowboy hats and shirts.
This banner ad is most likely the result of:
a. a cookie.
b. a coincidence.
c. the Internet crime of theft of private information.
d. encryption software.
Answer: A
3. Which of the following countries has not passed legislation to comply with the European
Union’s directive prohibiting the transfer of personal data to any countries that do not provide
adequate privacy protection?
a. Canada
b. Australia
c. United States
d. New Zealand
Answer: C
4. The Computer Fraud and Abuse Act prohibits all but which of the following?
a. Computer trespass.
b. Sending spam.
c. Negligent damage to a computer attached to the Internet.
d. Trafficking in computer passwords.
Answer: B
5. The case of Carafano v. Metrosplash.com, Inc. held:
a. the Fourth Amendment applies to computers.
b. Congress, in enacting the Communications Decency Act, intended that ISPs should not be
held liable for information provided by someone else.
c. Congress had weighed free speech interests with protection of the public from offensive or
obscene materials and determined that protection of the public was more important in the
Internet setting.
d. Matchmaker, because it had provided the questionnaires for collecting information from its
users, must be considered an “information content provider” under the Communications
Decency Act, and it is therefore liable under the Act.
Answer: B
6. The CAN-SPAM Act:
a. applies to virtually all promotional e-mails, whether or not the sender has a pre-existing
relationship with the recipient.
b. provides unavoidable requirements for senders of promotional e-mails.
c. requires recipients of unsolicited, pornographic e-mails to notify the Justice Department.
d. requires senders of promotional e-mails to provide a valid return address, which may be a
post office box or a specific physical location.
Answer: A
7. The Children's Online Privacy Protection Act prohibits Internet operators from collecting
information from children under what age without parental permission?
a. 18.
b. 16.
c. 13.
d. 10.
Answer: C
8. Sherry, a 12-year-old, visited a website that wanted to know her family size, her parents'
educational level, and her weekly allowance. The site also asked Sherry's name, mailing and
e-mail addresses, and age.
a. Under COPPA, the website must disclose how it will use the information it acquires from
Sherry.
b. COPPA prohibits the Internet operator from collecting such information without her
parents’ permission.
c. COPPA does not apply to Sherry's situation since she is over the age limit for those
protected by the statute.
d. Both a and b.
Answer: D
9. The Children's Online Privacy Protection Act:
a. deals only with the collection of data that will be disclosed to children.
b. deals only with collecting, from children, information that will be disclosed publicly.
c. regulates the activities of Internet operators.
d. is enforced by the EEOC.
e. Both b and c.
Answer: C
10. Tom receives an e-mail from someone alleging to be a Nigerian government official who
has stolen money from the government. He needs some place safe to keep the money for a
short time. The official promises that, if Tom lets his bank account be used for this purpose,
Tom will be allowed to keep a percentage of the stolen money. Tom gives in to the temptation
and provides his account information. Instead of receiving money, Tom loses everything he
had in the account to the scammer. In this situation:
a. prosecution can be under state law.
b. prosecution can be under the Computer Fraud and Abuse Act.
c. a civil action can be brought under Section 5 of the FTC Act.
d. All of the above.
Answer: D
11. To be in compliance with the safe harbor principles of the Department of Commerce
agreement with the EU, a company must do all but which of the following?
a. Tell consumers how it intends to use their data and how they can limit its use.
b. Provide an opt-out provision for disclosure of all consumer data.
c. Provide adequate security for the data.
d. Establish a dispute-resolution procedure.
Answer: B
12. Rob works for a federal governmental agency. No policy statements have been reported to
the employees regarding their privacy rights or regarding their use of workplace computers
for personal business. Rob's supervisor has reason to suspect that Rob has used his workplace
computer to order an illegal substance. Which of the following is true?
a. Rob's employer may search Rob's computer at any time since it was provided by the
employer.
b. Even if Rob's employer tries to search Rob's computer, if Rob has deleted any
incriminating information, the employer will be able to find nothing on his computer to prove
Rob was engaged in illegal activity.
c. The Fourth Amendment prohibits unreasonable searches and seizures by the government,
but this amendment does not apply to computers.
d. If Rob has a legitimate expectation of privacy in the information on his computer, his
employer would have to obtain a search warrant in order to conduct a search of the computer.
Answer: D
13. Which of the following protects e-mail messages from unauthorized interception?
a. The Fourth Amendment.
b. The GLB Privacy Act of 1999.
c. The Electronic Communications Privacy Act.
d. COPPA.
Answer: C
14. The privacy of e-mail is regulated by:
a. the federal ECPA.
b. spyware.
c. both a and b.
d. neither a nor b. There is currently no regulation of e-mail privacy.
Answer: A
15. The Electronic Communications Privacy Act covers:
a. e-mail communications.
b. transmissions from cellular phones.
c. transmissions from pagers.
d. All of the above.
Answer: D
16. Under the Electronic Communications Privacy Act:
a. violators are subject to both criminal and civil penalties.
b. violators may be subject to civil, but not criminal, penalties.
c. only the unauthorized disclosure of e-mail messages constitutes a violation.
d. only the unauthorized interception of e-mail messages by the government or an ISP
constitutes a violation.
Answer: A
17. Which of the following is NOT true under the Electronic Communications Privacy Act?
a. An intended recipient of an e-mail has the right to disclose it to third persons.
b. ISPs are prohibited from disclosing the content of electronic messages to anyone other than
the addressee, even if the disclosure is necessary for the performance of the ISP's service.
c. An employer has the right to monitor workers' e-mail if the monitoring occurs in the
ordinary course of business or the employer provides the e-mail system.
d. To access e-mail messages that have been stored for 180 days or less, the government must
first obtain a search warrant.
Answer: B
18. What statute requires banks and other financial institutions to disclose to consumers any
non-public information they wish to reveal to third parties?
a. Banking and Financial Institution Privacy Act.
b. Gramm-Leach-Bliley Privacy Act.
c. Electronic Communications Privacy Act.
d. Communications Privacy and Decency Act.
Answer: B
19. "Hacking" is:
a. gaining unauthorized access to a computer system.
b. a major crime.
c. illegal under the federal Computer Fraud and Abuse Act, which applies to any computer
attached to the Internet.
d. All of the above are correct.
Answer: D
20. MajorLine offered travel packages, including airfare and hotel accommodations, at a
discounted price on their website. However, after Jason charged MajorLine's fees to his credit
card, he did not receive the promised airline tickets or the coupons for a reduced hotel rate.
He found that other customers had been similarly defrauded. MajorLine:
a. can be prosecuted under state law.
b. can be prosecuted under the Computer Fraud and Abuse Act.
c. Both a and b.
d. cannot be prosecuted because fraud over the Internet is not yet defined as a crime in any
statutes.
Answer: C
21. Online auctions:
a. are the major source of consumer complaints about online fraud.
b. involve approximately $1 million worth of goods annually.
c. allow people to bid on their own goods.
d. allow owners of goods to cross-bid with a group of other sellers.
Answer: A
22. After Ashley was denied credit for a new car, she checked her credit report with Equifax.
The report showed that several credit cards had been issued to her recently, and they had
large, unpaid balances. Ashley had not applied for or received these cards. She found out that
someone had stolen personal information she had entered onto her computer and used the
information to fraudulently obtain the credit cards. Ashley:
a. is a victim of identity theft.
b. is protected under the Identity Theft and Assumption Deterrence Act.
c. can seek restitution in court.
d. All of the above.
Answer: D
23. Unsolicited commercial e-mail (UCE) or unsolicited bulk e-mail (UBE) messages:
a. are commonly known as "cookies."
b. constitute about 80 percent of all e-mail.
c. are estimated to be fraudulent either in content or packaging in approximately one-fourth
of all cases.
d. although annoying, do lower the cost of connecting to the Internet.
Answer: B
24. Identity theft:
a. is a relatively new crime that was created through use of the Internet.
b. affects about 8 million American victims each year.
c. has slight impact on the victim since consumer law protects owners of credit cards and
limits their loss to $50 if they promptly report the loss of their card.
d. is now addressed by only state statutes.
Answer: B
25. Lois receives an e-mail asking her to update her personal information on a website that is
an illegal imitation of a legitimate site. This practice:
a. is a crime called phishing.
b. is a tort called information theft.
c. is a breach of contract action known as shilling.
d. may be prosecuted under the GLB Privacy Act.
Answer: A
ESSAY
1. Stuart is vying for a promotion, but faces competition from a co-worker, Brenda. Without
authorization, Stuart accesses stored company records and discovers an unfavorable e-mail
message Brenda had written about the company. Stuart sends the message to his supervisor in
hopes of keeping Brenda from getting the promotion. Discuss whether Stuart has violated any
statute and, if so, what sanctions he may face.
Answer: Stuart violated the Electronic Communications Privacy Act. This is a federal statute
prohibiting unauthorized interception or disclosure of wire and electronic communications or
unauthorized access to stored communications. The Act applies to e-mail and transmissions
from pagers and cellular phones. Stuart may be subject to both criminal and civil penalties for
violating the Act.
2. Daniel went onto an Internet message board and found that his ex-wife, Faye, had posted a
message calling him a fat, insensitive jerk who only cared about watching sports on TV. Does
Daniel have any protection against Faye’s making such statements to a potentially large
number of readers, some of whom may know Daniel and some of whom may not?
Answer: Faye’s postings have First Amendment protection of free speech, as long as Fay
does not commit defamation. Courts have tended to find that such statements are opinion, not
fact, and therefore are protected speech. The fact that a statement may be offensive is not
reason enough to suppress it.
3. Discuss common abuses that occur with auctions on the Internet and how these abuses are
being addressed.
Answer: Internet auctions are the number one source of consumer complaints about online
fraud. Wrongdoers sometimes sell goods they do not own, provide defective goods, or offer
fake merchandise. Shilling is an increasingly popular online auction fraud. Shilling is a
seller's bidding on his own goods or his agreement to cross-bid with a group of other sellers.
Shilling is prohibited because the owner drives up the price of his own item.
Ebay has generally responded to shillers by suspending them. Shillers are also subject to suit
under general anti-fraud statutes. Some states explicitly prohibit shilling.
4. Maria, who lives in the United States, gains unauthorized access to a bank's computer
system and steals financial information about customers. Of what is Maria guilty, and under
what statute(s) could she be prosecuted?
Answer: Maria is guilty of hacking, a major crime. She could be prosecuted under the federal
Computer Fraud and Abuse Act, which prohibits theft of financial information from any
computer attached to the Internet.
5. Explain the difference between an ISP and a Web host, and discuss whether they are
treated alike under the Communications Decency Act (CDA).
Answer: An Internet Service Provider (ISP) is a company, such as AOL or CompuServe, that
provides connection to the Internet. Web hosts post Web pages on the Internet. Under the
Communications Decency Act, ISPs and Web hosts are not liable for information provided by
someone else. Only content providers are liable.
Test Bank For Introduction to Business Law
Jeffrey F. Beatty, Susan S. Samuelson
9781133188155