ETHICAL ISSUES
Because of the ubiquity and importance of information systems
in organizations of all
types, there are many potential misuses and abuses
of information and electronic
communication that create privacy and security problems. In addition to questions of legality, misuse and abuse
raise concerns of ethics. Ethics refers to a system of moral principles that
relates to the benefits and harms of particular actions, and to the rightness
and wrongness of motives and ends of those actions.
In this section, we look at ethical issues
as they relate
to computer and information system
security.
Ethics
and the IS Professions
To a certain
extent, a characterization of what constitutes ethical behavior for those
who work with or have access to information systems
is not unique to this context.
The basic ethical principles developed by civilizations apply. However, there are some unique considerations surrounding computers and information systems.
First, computer technology makes possible a scale of activities not
possible before. This includes a larger scale
of recordkeeping, particularly on individuals, with
the ability to develop finer-grained personal information collection and more precise data mining and data matching. The expanded scale of communications
and the expanded scale of interconnection brought
about by the Internet magnify
the power of an individual to do harm.
Second, computer technology has involved the creation
of new types of entities for which no agreed ethical rules
have previously been formed, such as databases, Web browsers, chat rooms, cookies,
and so on.
Further, it has always been the case that those with special
knowledge or spe- cial
skills have additional ethical obligations beyond
those common to all humanity.
We can illustrate this in
terms of an ethical hierarchy (Figure 23.6), based on one discussed in
[GOTT99]. At the top of the hierarchy are the ethical values profes- sionals share with all human beings,
such as integrity, fairness, and justice. Being a
professional with special
training imposes additional ethical obligations with respect
to those affected by his or her work. General
principles applicable to all profession- als arise at this level. Finally, each profession has associated with it specific
ethical values and obligations related to the specific knowledge of
those in the profession and the powers that they have to affect others. Most professions embody all of these
levels in a professional code of conduct,
a subject discussed subsequently.
Ethical Issues Related to Computers and Information Systems
Let us turn now more specifically to the ethical issues
that arise from computer technology. Computers have become the primary
repository of both personal
information
and negotiable assets, such as bank records,
securities records,
and other financial
information. Other types of databases, both statistical and otherwise, are
assets with considerable value.
These assets can only be viewed,
created, and altered by technical and automated means.
Those who can understand and exploit the
technology, plus those who have obtained
access permission, have power related
to those assets.
A classic paper on computers and ethics
[PARK88b] points out that ethical issues arise as the result of the roles of
computers, such as the following:
•
Repositories and processors of information: Unauthorized use of otherwise unused computer services or of
information stored in computers raises ques- tions of appropriateness or fairness.
•
Producers of new
forms and types
of assets: For example, computer programs are entirely new types of
assets, possibly not subject to the same concepts of ownership as other assets.
•
Instruments of acts: To what degree must computer services and users of computers, data, and
programs be responsible for the integrity and appropri- ateness of computer output?
•
Symbols of intimidation
and deception: The images of computers as thinking
machines, absolute truth
producers, infallible, subject
to blame, and as anthro- pomorphic replacements of humans
who err should be carefully considered.
Another listing of ethical issues,
from [HARR90], is shown in Table 23.3. Both of
these lists are concerned with balancing professional responsibilities with ethical or moral responsibilities. We cite two areas here of the types of
ethical questions that face a computing or IS professional. The first
is that IS professionals may find
themselves in situations where their
ethical duty as professionals comes
into conflict with loyalty
to their employer. Such a conflict
may give rise for an employee to con-
sider “blowing the whistle,” or exposing a situation that can harm the public
or a company’s customers. For example,
a software developer
may know that a product is scheduled to ship with
inadequate testing to meet the employer’s deadlines. The decision of whether to blow the whistle is one of the most difficult that an IS profes-
sional can face. Organizations have a
duty to provide alternative, less extreme
opportunities for the employee, such as an in-house ombudsperson coupled
with a commitment not to penalize employees for exposing problems in-house. Additionally, professional
societies should provide a mechanism whereby society members can get advice on how to proceed.
Another example of an ethical
question concerns a potential conflict
of inter- est. For example,
if a consultant has a financial
interest in a certain vendor, this should be revealed to any client
if that vendor’s products or services might
be recommended by the consultant.
Codes of Conduct
Unlike scientific and engineering fields,
ethics cannot be reduced to precise laws or
sets of facts. Although an employer or a client
of a professional can expect
that the professional has an internal
moral compass, many areas of conduct may present eth- ical
ambiguities. To provide
guidance to professionals and to articulate
what employers and customers have a right to expect,
a number of professional societies have adopted ethical codes of conduct.
A professional code of conduct can serve the
following functions [GOTT99]:
1.
A code can serve
two inspirational functions: as a positive
stimulus for ethical conduct on the part of the
professional, and to instill confidence in the cus- tomer or user of an IS
product or service. However, a code that stops at just providing inspirational
language is likely to be vague and open to an abun- dance of interpretations.
2.
A code can be educational. It informs
professionals about what should be their
commitment to undertake a certain
level of quality
of work and their responsibil-
ity for the well being of users of their
product and the public, to the
extent the product may affect nonusers.
The code also serves to educate
managers on their responsibility to encourage
and support employee
ethical behavior and on their
own ethical responsibilities.
3.
A code provides a measure of support for
a professional whose decision to act ethically in a situation may create
conflict with an employer
or customer.
4.
A code can be a means of deterrence and discipline. A professional society can use
a code as a justification for revoking membership or even a professional license.
An employee can use a code as a basis for a disciplinary action.
5.
A code can enhance
the profession’s public image, if it is seen to be widely honored.
We illustrate the concept of a professional code of ethics
for computer profes- sionals
with three specific examples. The
ACM (Association for Computing
Machinery) Code of Ethics and Professional Conduct
(Figure 23.7) applies
to com- puter scientists.5 The IEEE (Institute of Electrical and Electronics Engineers) Code of Ethics (Figure
23.8) applies to computer engineers as well as other types
of elec- trical and
electronic engineers. The AITP
(Association of Information Technology Professionals, formerly
the Data Processing Management Association) Standard
of Conduct (Figure 23.9) applies to managers of computer systems
and projects.
A number of common themes
emerge from these
codes, including (1) dignity
and worth of other people;
(2) personal integrity and honesty; (3) responsibility for work; (4) confidentiality of information;
(5) public safety, health, and welfare; (6)
participation in professional societies to improve standards of the profession; and
(7)
the
notion that public
knowledge and access to technology is equivalent to social power.
All three codes place their
emphasis on the responsibility of professionals to other people, which, after all, is the central
meaning of ethics.
This emphasis on peo-
ple rather than machines or software is to the good. However,
the codes make little
specific mention of the subject
technology, namely computers and information
systems. That is, the approach is quite generic
and could apply
to most professions and does not fully reflect
the unique ethical problems related to the development and use of computer
and IS technology. For example, these
codes do not specifically
deal with the issues raised in Table 23.3
or by [PARK88b] listed in the
preceding subsection.
1.
GENERAL MORAL IMPERATIVES.
Contribute to society and human well-being.
Avoid harm to others.
Be honest and trustworthy.
Be fair and take action not to discriminate.
Honor property
rights including copyrights and patent.
Give proper
credit for intellectual property.
Respect the privacy of others.
Honor confidentiality.
2.
MORE SPECIFIC PROFESSIONAL RESPONSIBILITIES.
Strive to achieve the highest quality, effectiveness and dignity in both the process and products of professional work.
Acquire and maintain professional competence.
Know and respect existing
laws pertaining to professional work.
Accept and provide appropriate professional review.
Give comprehensive and thorough evaluations of computer systems
and their impacts, including analysis of possible risks.
Honor contracts, agreements, and assigned
responsibilities.
Improve public
understanding of computing and its consequences.
Access computing
and communication resources
only when authorized to do so.
3.
ORGANIZATIONAL LEADERSHIP
IMPERATIVES.
Articulate social responsibilities of members of an organizational unit and encourage full acceptance of those
responsibilities.
Manage personnel
and resources to design and build information systems that enhance the quality of working life.
Acknowledge and support proper and authorized uses of an organization’s comput- ing and communication resources.
Ensure that users and those who will be affected by a system have their needs clearly articulated during the assessment
and design of requirements; later the system must be validated to meet requirements.
Articulate and support policies
that protect the dignity of users and others affected by a computing system.
Create opportunities for members of the organization to learn the principles and limitations of computer systems.
4.
COMPLIANCE WITH THE CODE.
Uphold and promote the principles of this Code.
Treat violations of this code as inconsistent with membership in the ACM.
Figure 23.7 ACM Code of Ethics and Professional Conduct (Copyright ©1997, Association for Computing Machinery, Inc.)
We, the members of the IEEE, in recognition of the importance of our
technologies in affecting the quality
of life throughout the world, and in accepting a personal obligation to our profession, its members
and the communities we serve, do hereby commit our- selves to the highest
ethical and professional conduct and agree:
1.
to accept responsibility in making decisions
consistent with the safety,
health and welfare of the
public, and to disclose promptly factors that might endanger the public or the environment;
2.
to avoid
real or perceived conflicts of interest
whenever possible, and to disclose them to affected parties
when they do exist;
3.
to be honest and realistic in stating claims or estimates
based on available
data;
4.
to reject bribery in all its forms;
5.
to improve
the understanding of technology, its appropriate application, and potential consequences;
6.
to maintain
and improve our technical competence and to undertake technological tasks for others only if qualified by training or experience, or after full disclosure of pertinent limitations;
7.
to seek,
accept, and offer
honest criticism of technical work,
to acknowledge and correct errors, and to credit properly
the contributions of others;
8.
to treat
fairly all persons
regardless of such factors as race, religion, gender, disability, age, or national origin;
9.
to avoid injuring others,
their property, reputation, or employment by false or malicious action;
10.
to assist colleagues and co-workers in their professional development and to support them in following this code of ethics
Figure 23.8 IEEE
Code of Ethics
In recognition of my obligation to management I shall:
•
Keep my personal knowledge up-to-date and insure
that proper expertise is available when needed.
•
Share my knowledge with others and present factual
and objective information to management to the best of my ability.
•
Accept full responsibility for work that I perform.
•
Not misuse the
authority entrusted to me.
•
Not misrepresent or withhold information concerning the capabilities of equipment, software or systems.
•
Not take advantage of the lack of knowledge or inexperience on the part of others.
In recognition of my obligation to my fellow members and the profession I shall:
•
Be honest
in all my professional relationships.
•
Take appropriate action in regard to any illegal
or unethical practices that come to my atten- tion. However, I will bring charges
against any person
only when I have reasonable basis for believing in the truth
of the allegations and without
any regard to personal interest.
•
Endeavor to share my special knowledge.
•
Cooperate with others in achieving understanding and in identifying problems.
•
Not use or take credit for the work of others
without specific acknowledgement and authorization.
•
Not take advantage of the lack of knowledge
or inexperience on the part of others for
personal gain.
In recognition of my obligation to society
I shall:
•
Protect the privacy and confidentiality of all information entrusted to me.
•
Use my skill and knowledge to inform the public in all areas
of my expertise.
•
To the best of my ability, insure that the products of my work are used in a socially
responsible way.
•
Support, respect,
and abide by the appropriate local, state,
provincial, and federal
laws.
•
Never misrepresent or withhold information that is germane
to a problem or situation of public concern nor will I allow any such known
information to remain
unchallenged.
•
Not use knowledge of a confidential or personal nature in any unauthorized manner or to achieve personal gain.
In recognition of my obligation to my employer I shall:
•
Make every
effort to ensure
that I have the most current knowledge and that the proper
expertise is available when needed.
•
Avoid conflict of interest
and insure that my employer
is aware of any potential conflicts.
•
Present a fair, honest,
and objective viewpoint.
•
Protect the proper interests
of my employer at all times.
•
Protect the privacy and confidentiality of all information entrusted to me.
•
Not misrepresent or withhold information that is germane
to the situation.
•
Not attempt
to use the resources of my employer
for personal gain or for any purpose without proper approval.
•
Not exploit
the weakness of a computer
system for personal
gain or personal
satisfaction.
Related Topics
Privacy Policy, Terms and Conditions, DMCA Policy and Compliant
Copyright © 2018-2023 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.