But IS IT Ethical?
Prof. Simon Rogerson
Originally published in the IDPM Journal Volume 5 No 1 1995
Information Systems and the underpinning Information Technologies have become very
powerful change agents. At a macro level they are capable of devastating industries, for
example, the Swiss watch industry and creating new ones, for example, the video games
industry. At the micro level they are capable of creating new ways of working, for
example, the automation of production lines through robotics and the integration of jobs
in the office through the use of office automation systems. We now live in an information
age where geographical distances have become irrelevant and where complex super
corporations are being created and supported by an IS/IT life support system. Social,
political, economic and technological turbulence in the sphere of operation has put
organisations under a lot of pressure in responding effectively and efficiently to the needs
of its clients.
Thus, society and its organisations have undergone and are undergoing restructuring
through the widespread use of IS/IT. The technological and economic rates of change
related to IT are still increasing. This restructuring effects department structures,
organisation hierarchies, job contents, span of control, social interaction and so on. Each
aspect of this impact has an ethical dimension which cannot and should not be ignored
otherwise there will be an unacceptable penalty incurred in applying IS/IT in the wrong
place, in the wrong way or at the wrong time. There is a need to develop goals, social
objectives and a moral framework within which the technologies can be applied in an
acceptable manner.
It is plain to see that the IS/IT professional through providing the information
infrastructures wields great influential power over individuals within organisations. With
that power goes responsibility and obligations to society, the employer, clients,
colleagues, and the profession. Actions founded on the ethical high ground are called for.
For this to be achieved, it is important to understand the meaning of ethics so that actions
can be kept under review regarding their ethical or unethical content.
What is ethics?
Ethics is the practice of making a principled choice between right and wrong. It is
concerned with how people ought to act not how they do act. Ethics is value driven,
action oriented and determined by the situation. In other words, ethics ensures that an
action that is designed to achieve a certain objective will do so without violating a value.
The only thing that is ever judged to be ethical or unethical is an action. The driving force
in ethics is to do the right thing all the time and not to do the same thing all the time.
1
But IS IT Ethical?
We need to understand that legality and ethical compliance are different. An action might
be prudent and legal but may well be unethical. The development of a software system to
improve the debt collecting powers of a loan shark may be legal but is it ethical to help
someone who feeds off the misery of others? Professional practice is more than simply
acting to the letter of the law. This moral stance can be beneficial to organisations. The
most significant input in instigating change is people and their attitudes to change.
Success is more likely if influential players in the change process adopt the moral high
ground rather than the legal baseline as this will promote a more favourable attitude from
all those involved in the change process.
There are often situations where IS/IT activity promotes morally and ethically
questionable practices, for example, the invasion of privacy, restricted practices, the
unnecessary loss of jobs and the disregard for intellectual property rights. The existence
of an organisational mission which links purpose, strategy, corporate values and
standards provides a framework for ethical behaviour. The question is whether this
behaviour is acceptable to individuals and society.
Is ethics an issue?
There are numerous incidents of unethical practice occurring in IS/IT related work. A
recent survey of a weekly computer trade journal in the UK revealed some interesting
facts on reported unethical incidents. During a six month period from mid April, 1994 to
mid October, 1994 a total of 40 separate issues relating to ethics was reported. Of these
eight were general informative items, nine reported on multiple incidents of breaches and
23 reported on specific instances.
This is a serious problem which is getting some attention in the press but often when a
system failure occurs or an organisation is detrimentally affected by an IS/IT event only
the technical aspects are debated. For example, in the debacle over the London
Ambulance Service’s new system implementation, many questions were asked
concerning the technical issues but little attention was given to the ethical issues of a
system which had a direct impact on the well being of so many individuals.
George Edward Moore once wrote, "It appears to me that in ethics the difficulties are
mainly due to the attempt to answer questions without first discovering precisely what
question it is which you desire to answer". This would seem to be the case in IS/IT
where reporting symptoms of unethical behaviour prevails and yet how people ought to
act gains little attention. Indeed, the current focus tends to be one of outcome rather than
process. A review of some of the recent literature revealed a list of issues which include:
invasion of privacy, computer viruses and hacking, computer crime, software theft, and
computerisation of the workplace. Discussion of how problematical are such unethical
outcomes seems to preoccupy many and advice is often forthcoming on how to address
these symptoms. What appears to be lacking is discussion on the root causes and how
they might be curtailed.
2
But IS IT Ethical?
An ethical focus for IS/IT.
If we accept the need to consider the process and outcomes associated with IS/IT activity
and that the current focus is heavily weighted towards symptom analysis it would appear
that to redress the balance we need to consider process more carefully. In particular,
there are three issues that warrant some attention; codes of conduct, project selection and
systems development. Currently, codes of conduct are simply guidelines which IS/IT
professionals are politely asked to adhere to. There are few, if any, instances where a
breach of conduct has led to the rescinding of membership. When an unethical action
comes to light a professional body should undertake an independent review to investigate
whether any of its members are involved and what part they played in such action. For
example, the recent police investigation of illegal software copying by Minstrel
uncovered a large number of the software pirate’s key customers in the UK. Professional
bodies should now seek to ascertain whether these customers include any of their
members and if so what was their part in these unethical transactions. In selecting
projects to be funded, organisations tend to focus on economic and technical issues,
little, if any, thought is given to the ethical issues raised through the commencement of a
project. There are many available system development methodologies each pedalling its
own particular strengths. However, the vast majority have one major weakness in that
they do not have any moral dimension to them. It is totally unacceptable to assume such
matters have been catered for through the established business values of the organisation
in question.
The focus of ethics regarding IS/IT should comprise three dimensions. We should be
concerned about how we develop systems. We should consider how advances in the
technologies can be best used. Finally, we should develop strategies which promote
ethical activity. This focus can be summarised by the following terms.
Ethical Development
This is concerned with the use of development methodologies and the consideration
of ethical dilemmas, user education and professionalism.
Ethical Technology
This is concerned with the advances in technologies and the likely ethical issues
they raise as they are applied to business and societal problems.
Ethical Application
This is concerned with developing ethical strategies which allow technology to be
exploited in an ethically acceptable way.
3
But IS IT Ethical?
Guiding the individual.
Ramon Barquin of the Computer Ethics Institute in US recently distributed a list of "dos
and don’ts" entitled "The Computing Ten Commandments" as shown in Figure 1. It
illustrates the type of action required of the IS/IT professional and demonstrates how
difficult that can be at times.
Figure 1.
•
Thou shalt not use a computer to harm other people.
•
Thou shalt not interfere with other people’s computer work.
•
Thou shalt not snoop around in other people’s computer files.
•
Thou shalt not use a computer to steal.
•
Thou shalt not use a computer to bear false witness.
•
Thou shalt not copy or use proprietary software for which you have not paid.
•
Thou shalt not use other people’s computer resources without authorisation or proper
compensation.
•
Thou shalt not appropriate other people’s intellectual output.
•
Thou shalt think about the social consequences of the program you are writing or the
systems you are designing.
•
Thou shalt always use a computer in ways that ensure consideration and respect for
your fellow humans.
The problem with this approach is that it is rule based and implies the need for
legislation to regulate ethical behaviour. There are those who would argue that it is not
possible to legislate ethical behaviour and therefore education must be relied upon to
improve human behaviour. John McLeod drew up a list of generic questions to help
determine the ethical nature of an action as shown in Figure 2. Such a list provides
practical help for IS/IT practitioners as they strive to serve society and its organisations.
To be ethical, an action should elicit a positive response to all applicable primary
questions and a negative response to each clarification.
4
But IS IT Ethical?
Figure 2.
Is it honourable?
"Is there anyone from whom you would like to hide the action?"
Is it honest?
"Does it violate any agreement, actual or implied, or otherwise betray a trust?"
Does it avoid the possibility of a conflict of interest?
"Are there other considerations that might bias your judgement?"
Is it within your area of competence?
"Is it possible that your best effort will not be adequate?"
Is it fair?
"Is it detrimental to the legitimate interests of others?"
Is it considerate?
"Will it violate confidentiality or privacy, or otherwise harm anyone or anything?"
Is it conservative?
"Does it unnecessarily squander time or other valuable resources?"
No longer can such issues be ignored, no longer can the profession seek absolution
through focusing only on the technical agenda. Indeed, the first question any IS/IT
professional should ask is "Is the action ethical?" and be able to answer based on
reasoned thought. Geoff Walsham wrote, "If a more self-reflective and self-critical
attitude on moral issues were adopted by considerable numbers of future IS analysts, the
cumulative effect would be a significant and positive societal change". We all need to act
and act now!
Please send your views on ethical and social responsibility issues and cases of ethical
dilemmas to:
5
But IS IT Ethical?
Professor Simon Rogerson
Director
Centre for Computing and Social Responsibility
Faculty of Computing Sciences and Engineering
De Montfort University
The Gateway
Leicester
LE1 9BH
Tel:(+44) 116 257 7475
Fax:(+44) 116 207 8159
Email:<srog@dmu.ac.uk>
Home Page: (
)
6