Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

IT Ethics

advertisement 
IT Ethical Issues
Dr. Merle P. Martin
MIS Department
CSU Sacramento
Agenda
Fair Information Practices (FIP)
 Ethics Issues
 IT Mistakes
 IT Crime
 Invasion of Privacy
 Corporate Code of IT Ethics

Fair Information
Practices (FIP)
US Dept Health, Education
and Welfare
 1973
 Framework for ensuing laws
 There will be no personal record
system whose existence is secret.

Fair Practices
Individuals have rights of
access, inspection, review,
and amendment to systems
that contain information about them.
 There must be no use of personal
information for purposes other than
those for which it was gathered,
without prior consent.

Fair Practices
Managers of systems are
responsible and can be held
accountable and liable for the
damage done by systems, for
their reliability and security
 Governments have the right to
intervene in the information
relationships among private parties.

Ethical Issues
IT increases, particularly in
processing and storage,
have led to increases in:
 numbers of mistakes
 computer crime
 invasion of privacy
 unethical behavior
IT Mistakes
Data entry errors
 Programming errors
 Mishandling of IT output
 Inadequate planning for / control of
equipment malfunctions
 Inadequate planning for / control of
electrical, humidity, and other
environmental problems.

Preventing IT Errors
Training
 Documentation
 Controls / standards
 Involvement of:
 managers
 end-users
 IT specialists

Computer Crime
Add / delete / modify inputs
 Modify / develop programs that
commit a crime
 Alter / modify data files
 Operate IT in a way to commit
a crime
 Divert / misuse valid output
 Role of auditor

Security / Privacy
Security is protection of data
which, if wrongly disseminated,
may damage organizational goals.
 Privacy is protection of data
which, if wrongly disseminated, may
damage individuals.
 Natural motivation to protect security
 Must have laws to protect privacy.

Privacy Acts
Privacy Act (1974)
 protection from federal govt.
 Fair Credit Reporting Act (1970)
 Tax Reform Act (1976)
 Electronic Funds Transfer Act (1979)

Privacy Acts
Right to Financial
Privacy Act (1978)
 Freedom of Information
Act (1970)
 Education Privacy Act
 Computer Matching and
Privacy Act (1988)

Ethics
A means for judging right
from wrong behavior through a
set of cultural / organizational
values, and a standard for
acceptable conduct.
IT Ethics Problems
Unauthorized software
copying (bootlegging)
 Knowing of wrongful acts, but
failing to inform supervisor
 Knowing a software problem
and using it to your advantage
 Unauthorized viewing of confidential
information, including E-mail

IT Ethics Problems
Passing confidential info
to unauthorized persons
 Knowing of error in data
through unauthorized access,
yet not informing anyone
 Following orders of supervisor
although by doing so you knowingly
commit an illegal act

Mason’s PAPA Model
Privacy
 Accuracy
 Property
 Access

Privacy
What info about individuals
should be revealed?
 What safeguards are in place
to protect a person’s privacy?
 What information can a person
keep private and confidential,
and not be forced to reveal
to others?

Accuracy
Who is responsible for
data accuracy?
 Who is accountable / liable for
inaccurate data?
 What safeguards have been
established to ensure accuracy?
 What can individuals do to ensure
that data stored on them is accurate?

Property
Who owns the information?
 Who has the right to buy or
acquire the information?
 How should access to intellectual
property be regulated?
 Who places a value on intellectual
property?

Intellectual Property
Rights
Trade secrets: software,
if not in public domain
 Copyright
 1980 Computer Software
Copyright Act
 Patent
 1981 Supreme Court decision
allowed software to be patented

Access
What information does a person
have a right to access?
 What safeguards exist for
information access?
 How do we guarantee equal
access across social and
economic groups?
 Shneiderman’s “haves and
have nots”

Corporate Code
of IT Ethics
Laudon and Laudon, 1996
 Issues that must be addressed
 Information rights / obligations
 Property rights / obligations
 Accountability and control
 System quality
 Quality of life

Info Rights / Obligations
Employee e-mail privacy
 Workplace monitoring
 Treatment of corporate info
 Policies on customer info

Property Rights
Software licenses
 Ownership firm data / facilities
 Ownership employee software
created on firm’s hardware
 Software copyrights

Accountability / Control
Single person responsible
for all IT
 Reporting persons responsible for:
 individual rights
 property rights
 system quality
 quality of life
 potential liabilities of system /
corporation officers

System Quality
Errors that can be tolerated
 system warranties
 Measurement methodology
 collection
 reporting

Quality of Life
IT purpose to improve quality
of life for customers and
employees
 Achieve high levels of:
 product quality
 customer service
 employee satisfaction
 human dignity

Issue
What is “human dignity” and
how do we preserve it in a
technological environment?
 Will firm’s preserve it voluntarily?
 Do we need more laws?
 Must we make some sacrifices
to human dignity in order to
reap technological benefits?
Related documents
Quarterly Sensitive Data Handling Training
Quarterly Sensitive Data Handling Training
Maintaining Privacy and Dignity in Care (Fiona Throp)
Maintaining Privacy and Dignity in Care (Fiona Throp)
Acknowledgement of Privacy
Acknowledgement of Privacy
“Contrasting the early 19th versus early 21st Centuries”
“Contrasting the early 19th versus early 21st Centuries”
Download
advertisement