Muhammad Faizan

70175858
BSCS-2M
PP-Assignment 4

Regulation and Control of Personal Information: Software Misuse, Risk

Management, and Legal Implication:
1.Introduction:
Nowadays, private data from individuals is considered an asset. Every day,
software systems collect, store and study users’ personal data, found on social media,
when they browse, as well as in their health and financial files. Good data protection
methods are important, because without them, the data could result in harm rather than
positive outcomes. Due to the high risks that users may suffer from being exploited,
having their information stolen or losing their privacy, skipping regulation and
information controls is unacceptable. With the rise of unethical surveillance capitalism,
those involved in software should work to create laws that ensure compliance, safety and
ethical behavior.

2. Software Misconduct and the problems mentioned in The Social Dilemma

Even though software makes things easier for us
daily, it can also take our privacy away by spying, collecting data secretly and tracking
us. Many apps collect private information from users, enticing them to agree to certain
features by using unethical tactics. Oftentimes, apps on mobile devices ask for access to
private information like location or contacts, regardless of the purpose.
The abuse of his position can have serious effects on society and
ethics. People often blame social media for easing the spread of deception, false facts and
altering public debates during elections, as well as changing the way people communicate
socially. When governments and corporations join in techniques of surveillance, it raises
the issue of privacy and complicates matters related to ethics, accountability, candor,
consent and self-control.
 Both people and organizations have a part to play in preventing misuse. Creators of
apps should make them with ethics in mind and end-users should be informed about
keeping their data safe. It is important for organizations to implement their own policies
and focus on privacy to comply with ethical rules and laws while developing software.

3. The role of Risk Management in software projects

Dealing with risks is very important in IT and software development. Since software
systems can be involved in many aspects of a business and data security, planning for
risks in advance minimizes weaknesses, saves money and keeps the user’s data safe.
Most risk management plans involve the following points:
Recognizing possible problems such as glitches, weaknesses in security and concerns
regarding the law.
Analyzing the possibility and the effects of every risk identified.
Answer: Developing measures to control, move or influence risks.
Continuously looking for risks from the beginning of the project to the end.
Strong security can be achieved in software use by emphasizing secure coding habits,
regular monitoring for challenges, compliance verification and requesting users’ consent.
To approach risk from all viewpoints, include legal advisors and data protection officers
when organizing the risk management strategy.
4. Typical Threats You May Face in IT Projects
IT projects can be put at risk by various problems, including those related to technology
and laws.
Risks from technology can take the form of programming errors, errors when using
different systems or cyberattacks. Security issues usually begin with little errors in the
code.
Technology Issues: When people communicate poorly, lack the necessary training or
make mistakes, the software’s functions may fail or data could be exposed.
Legal and Privacy Risks: They result when data is not protected according to laws or
when information is not handled securely.
Before risks grow, teams ought to review risk registers, assess the code on a frequent
basis, carry out simulated attacks (such as penetration testing) and perform privacy
evaluation. Using agile methodologies and DevSecOps can help a company respond more
quickly to risks that emerge.
5. Having to be Accountable for Software Failure
Software is said to be defective when it does not function properly, results in harm or
infringes on a user’s rights. There are three reasons for defects: poor coding in the
product, a lack of testing or choosing to make a product profitable even if it risks safety.
The consequences for a business that releases faulty software can be very serious.
Corporations could deal with lawsuits from a group of people, fines from regulators and a
damaged reputation. A similar story is Equifax being breached in 2017 after ignoring a
known vulnerability, ‘costing’ over $700 million in settlements.
This highlights the role of law enforcement in such cases. Quality assurance, compliance
with regulations and a clear message about the limitations of their products should be
priority for all software companies.
6. Problems in Software and Privacy
Failed or poor software often results in privacy issues by opening users to theft of
information or uninvited access or observation. Some of these threats are caused by
unsafe data storage, incorrect usage of passwords or neglecting the use of encryption.
Assets from the actual world are easy to find. Because of the Facebook-Cambridge
Analytica case, many discovered that third-party apps could collect data from millions of
people without obtaining their consent. In 2020, similar claims about privacy emerged
against Zoom which then saw its data become openly available, leading to lawsuits and
changes to its features.
Several international laws have been created to govern such matters.
GDPR (General Data Protection Regulation) helps ensure data is safely protected in the
EU, with a focus on user’s consent, minimizing data and swiftly notifying people when
there is a security issue.
Under HIPAA, health information in the United States is protected by requiring that all
medical data be handled and sent securely.
So, these new rules encourage organizations to include privacy-by-design steps and risk
financial penalties if they do not.
7. Conclusion
Controlling and following rules to work with personal data is both a technical and a legal
obligation in software development. Poorly managing risks and incorrect use of software
may lead to many harmful results, including damage to confidence, privateness being
violated and people losing money.
This paper points out that software companies need to focus on ethics, risk management
and follow stricter laws. It is important for organizations to build private and secure
systems and answer for any failures. Now that technology makes its way into many
aspects of life, ensuring everyone’s personal information is safe is necessary for a fair
society to function well.