Page 149 - Trust in ICT 2017
P. 149
Trust in ICT 2
– The freedoms described in the Universal Declaration of Human Rights and the International
Covenant on Civil and Political Rights also guarantee that individuals throughout the world will not
allow themselves to be submerged by the mass of confused data. It is for relevant information,
exchange, sharing, discussion and scientific or free creative activity that such information can
become knowledge.
– Freedom of expression is moreover the guarantee of access for all to contents that are as diversified
and reliable as possible.
– From the point of view of fundamental rights, the political safeguarding of those rights and the
diversity of contents that circulate in the global information society.
Knowledge societies is risk societies
Knowledge resources have become strategic, but if exploited for ill-intentioned purposes they could inflict
irreparable damage. By making such resources accessible to the world at large, unknown dangers will be
opened up. On the contrary, the accelerated spread of knowledge is to confront risks and to boost the self-
regulating capacity of human societies. The risks that threaten people arise from the complexity of their
interaction and the mechanisms required to cope with those risks. Knowledge societies may precisely
constitute the most effective means of dealing with the new complexity of technological developments.
Eventually, some mechanisms are needed to cure the ills of ignorance and error, to free the individual from
fears and constraints represented by nature, to lessen uncertainty and to control risks.
Knowledge societies will have to meet instability and insecurity that are often social and political
consequences of scientific progress and technological innovation. In nature, any technological innovation
and any technical system generates risks. However, not all risks are equal and some are unacceptable. The
distinction between risks taken intentionally and risks incurred passively is an ethical debate on inequalities
with regard to risk.
Risks on data integrity
Data integrity refers to maintaining and assuring the accuracy and consistency of data. It is critical to design,
implementation, and usage of any system which stores, processes, or retrieves data. Data integrity is the
opposite of data corruption, which is a form of data loss. Data integrity as protecting data from unauthorized
parties is not to be confused with data security. It aims to prevent unintentional changes to information. The
failure of data integrity results from any unintended changes to data as the results of storage, retrieval,
processing operation, including malicious intent, unexpected hardware failure, and human error, etc. If the
changes are the results of unauthorized access, it may also be a failure of data security. Data integrity can be
lost because of programming errors (e.g. good data is processed by incorrect programs), processing errors
(e.g. transactions are processed more than once against the same master file), or management/process
errors (e.g. poor management of the systems maintenance process).
The risks of data integrity pervasively apply to an application system used to support a work process in
multiple places and at multiple times throughout the network. However, they are principally manifest in the
following components of risks:
– User interface: Risks in this area relate to whether there are adequate restrictions of user interfaces
to be authorized to perform system functions. Other risks relate to the adequacy of preventive or
detective controls of user interfaces to ensure that only valid data can be entered into a system.
– Processing: Risks relate to whether there are adequate preventive or detective balancing and
reconciliation controls to ensure that data processing has been timely completed. It includes risks
associated with the accuracy and integrity of decisions-making.
– Error processing: Risks in this area relate to whether or not there are adequate processes and other
system methods to ensure that any data entry or processing exceptions that are captured are
adequately corrected, and reprocessed accurately, completely and on a timely basis.
– Data interface: Risks relate to whether there are adequate preventive or detective controls to
ensure data that is adequately and completely transmitted to be processed by another system.
141