B107 Principles of Information Systems
TOPIC 10
TECHNOLOGY AND SOCIETY
Objectives:
 To understand the impact of IT on society.
 To understand ethical issues associated with IT and how to handle them.
Readings:
 Kallman & Grillo (1993) Ethical Decision Making and Information Technology,
Chpt 1.
 Burmeister , O (2000) Applying the ACS code of ethics, Journal of research and
Practice in Information Technology 32(2) pp107-120.
 Beekman, (1999) pp19-20 and 203-207, Chpt 11, pp 454-460 (for social and
ethical issues)
An Information Society?
Our society is moving from the Industrial Era into the Age of Information.

The steam engine enabled the Industrial Revolution

The computer, and the convergence of computing and
telecommunications technologies, are enabling an information revolution.
IT has had a huge impact on society, the world economy, on business and in the
lives of individuals.
It has also raised important issues about life today (see Beekman readings in
references for this topic).
IS professionals frequently have to make ethical decisions about these issues
Why is ethical computer use a special challenge?
There is no distinct category of “computer ethics”; rather there are ethical situations
where computers are involved. The capabilities of computers allow us to perform
unethical actions faster, and perform actions where the scale of processing would
be impossible without the computer.
Using computers and networks alters relationships between people. Personal
contact is reduced, and the speed of communications often does not allow time to
reflect on the possible implications of unethical use.
Information in electronic form is far more “fragile” than when it is on paper. It is
easier to change, and vulnerable to unauthorised access. Property rights,
plagiarism and privacy are active issues.
Efforts to protect information integrity, availability and confidentiality may conflict
with the benefits of information sharing.
B107 Principles of Information Systems
1
Questions

Would you search through the top drawer on someone else's desk?

Would you search through the files on someone's computer?

Would you steal $600.00 from your friend?

Would you take a copy of a software package from his/her computer?

Would you accept a large overpayment in cash by a check-out operator?

Would you accept a large erroneous electronic deposit into your bank account?

Would you report a credit card transaction which is not debited against your
account?
What is unethical computer use?
Unethical computer use takes many forms. Networked computers are considered
less secure because of their external connections to potential “hackers”. However
most unethical computer usage is performed by people inside an organisation.
Areas of ethical concern re computer use can be categorised as:
 Social & economic issues
 Issues of individual practice
 Development process issues
 Issues involving managers & subordinates
 Processing issues
 Issues relating to the workplace
 Issues of data collection, storage, access
 Internet issues
 Vendor-client issues
B107 Principles of Information Systems
2
Social & economic issues

Job displacement - computers do cause job displacement. Some people can
be retrained, but there is an ethical issue involved in minimising the hardship
for those who ere removed from employment.

Computer work is high pressure, always behind schedule and can involve
long hours. Family problems & divorce are high in the profession. Is
management being fair to computer professionals?

Civil rights - Computer access issues. Do we all have equal rights to
computer access? Is it fair that different schools may have vastly different
computer resources? That some universities have easier & more generous
terms of accessing the Internet for students than other universities. What
about rural access? Should we all be able to access the Internet equally - via
the public library system for example?
Issues of individual practice
Responsible attitude to security eg
 use passwords
 change them frequently
 do not use easy to guess passwords
Protect resources by...
 backing up files
 locking removable disks up securely
 not leaving confidential data unattended on the screen
Development process issues
 Incomplete or unreliable programs which fail to perform as expected - due to
incomplete analysis, poor testing, rushing to meet deadlines..........
 Software piracy - as much as 50% of all PC software may be pirate copies. Is
it a reasonable excuse to say the person/firm cannot afford it and will be
disadvantaged without it?
Issues involving managers & subordinates
 a programmer who feels he has been passed over for promotion plants a
“bomb” which deletes company data
 a manager demands a programmer produce an accounting routine that does not
conform to generally accepted accounting principles
B107 Principles of Information Systems
3
Processing Issues
 Reliability - or unreliability. Generally a promised service is not delivered and
harm results.
 Untimely output - who is responsible for a late clearing cheque
 Unintended data use - data collected for one use should not be used for another
purpose without permission eg credit card companies selling customer purchase
data. Includes computer matching by government agencies eg matching
taxation and social security details
Issues relating to the workplace
 ergonomics - creating a comfortable, healthy work environment - minimise
eyestrain, backache etc
 monitoring - of employee activity key issue is the employees knowledge and
consent
Issues of data collection, storage, and access
A whole host of issues relate to data confidentiality, privacy, accuracy:
 How much data do you collect? What you need or all you can get?
 Has the subject given permission for the data to be used?
 Should you inform a subject of the use to which data is put?
 How accurate is the data? How accurate need it be?
 How much effort should be made to correct errors?
 Who has access?
 Who knows who has access?
 Do we monitor illegal access attempts?
 Who owns the data?
Internet issues
 does the employer/carrier/access provider/government have the right to monitor
the content of e-mail etc. Informed consent is an issue here. Should the rules
be the same for e-mail as post office mail?
 does the employer/carrier/access provider/government have the duty to monitor
the content of e-mail etc, to prevent the network being used for terrorism, child
pornography, criminal activity etc
 is personal Internet use in the employers time unethical?
 is sending unsolicited e-mail unethical?
 is “spamming” (bombarding with e-mail) unethical ? - in response to unsolicited
mail? as a political protest?
B107 Principles of Information Systems
4
Resource exploitation issues
Wasting resources, interrupting services, and taking advantage of vulnerable
systems
 planting viruses and logic bombs
 hacking
 using an employers computer for personal gain
Vendor-client issues
 shipping a new software product on the advertised release date even if it is not
fully tested
 user continually changing the system specification, adding to projected
development costs
 a consultant being paid to develop a product exclusively for one client and
subsequently selling it to others
 vendor guarantees “timely” maintenance. User does not believe it has been “timely’
Solving Ethical Dilemmas
Ethical issues are often difficult to resolve, and our reaction is often intuitive.
Kallman and Grillo recommend the following procedures for dealing with ethical
dilemmas (note: the Kallman and Grillo reading does not specifically cover this
procedure but provides background for it).
The steps are:
Step 1: Analyze the situation – facts and stakeholders
Step 2: Make a defensible ethical decision
a)
Isolate the ethical issues.
b)
Examine the legal issues
c)
Consult guidelines
d)
Discover the applicable ethical principles:
e)
Make a defensible choice
Step 3 Describe steps to resolve the situation
Step 4 Prepare policies and strategies to prevent recurrence
Step 1: Analyze the situation
What is the subject of the situation? What is it all about?
a)
What are the relevant facts?
b)
Who are the stakeholders? Who has an interest in the outcome?
B107 Principles of Information Systems
5
Step 2: Make a defensible ethical decision
a)
Isolate the ethical issues.
 Should someone have done something or not done something?
 Does it matter that.....(reasons or excuses)
b)
Examine the legal issues
Actions can be:
 Ethical and legal - buying Sybiz to do accounting for clients
 Ethical but not legal - taking a backup copy of a software package for security
purposes, even though the copyright agreement prohibits it.
 Not ethical but legal - using a pirate version of Sybiz in a country with no
copyright laws.
 Not ethical and not legal - pirating copyright software.
c)
Consult guidelines
Formal guidelines - lists of decision criteria eg corporate policies; codes of ethics
Consider these questions:
 Do corporate policies apply? Is the act consistent with corporate policy?
 Does the act violate corporate/professional codes of conduct? eg ACS code of
Ethics http://www.acs.org.au/national/pospaper/acs131.htm
 Does the act violate the Golden Rule? (treat others as you would wish to be
treated)
 Does it serve the majority rather than a minority? Generally seek an outcome
which satisfies the common good, not the good of an individual, or a small
group.
Informal guidelines
Tests for rightness/wrongness:
 Mother test : Would you tell her?
 TV test: Would you tell a large audience?
 Smell test: Do you feel that something is wrong, but can’t quite pin it down?
 Other person’s shoes test: What if the roles were reversed?
 Market test: If the act were public knowledge, would it increase or decrease your
companies market share?
d)





Discover the applicable ethical principles:
Explore ways to minimise harm
Analyse relevant rights & duties
Define professional responsibility
Examine the situation in terms of egoism & utilitarianism
Apply concepts of consistency and respect
Principle of harm minimisation:
Choose the action that minimises actual & potential harm.
Globally, this is a common standard for deciding right from wrong. It often helps to
spot ethical problems as well as analyse them. Often it helps to identify the
stakeholders and examine the issue from their perspective. A stakeholder is any
B107 Principles of Information Systems
6
individual, group or organisation that will be concerned in the situation. Harm may
be physical, psychological, financial, or to reputation.
Principles involving rights and duties:
i) Rights include:
 The right to know - Do we have a right to access information relating to us on a
database? Should we control the use to which it is put?
 The right to privacy - Do we have a right to control who should access
information about us?
 The right to property - To what extent do we have a right to protect our computer
resources from misuse? How do we deal with copyright issues on the Internet?
There is no current legislation covering copyright issues of transmission of music
or art on the Internet. Does this mean we can ignore the moral obligation to
recompense an artist whose work we download?
ii) Duties include....
Personal duties:
 To foster trust - this will occur if others have confidence that our work is
competent and will not cause harm
 Integrity
 Truthfulness
 Justice - results from fair dealing eg wrong acts are punished, services are paid for
 Beneficience & nonmaleficience - helping others, avoiding doing harm
 Gratitude and reparation - being thankful for the efforts of others, providing fair
recompense for harm
 Self Improvement - learning from our mistakes
Professional responsibilities:
 Maintain appropriate professional relationships - differ from personal
relationships. May be specified in a contract eg employees should perform
a full days work
 Maintain professional efficacy - We use our skills/knowledge to provide
goods/services. We should do this fairly eg not accept a 3 month contract to
produce a system if we know it is impossible to do so effectively in that time.

Particularly important in computing are...
 Maintain confidentiality - protect information from unauthorised access/use.
eg should a bank use live data from clients accounts to test a system, if this
means many staff will have access to the details of others accounts?
 Maintain impartiality - provide services without bias eg a software firm
should make new releases available to all clients on the same terms.
B107 Principles of Information Systems
7
Principles involving consequentialism (teleology)
Teleology focuses on the end result of an action. We judge it to be right or wrong
on the basis of the outcomes. Two main types are:
i)
Egoism
Enlightened self interest. Justifies an act which furthers our own ends.
Often used to justify businesses seeking to increase profits. Needs to be
guided by other principles, or becomes self-interest. Eg, you decide not to
incorporate a pirated piece of code in your own software product because
you are afraid of the consequences if you are caught.
ii)
Utilitarianism
We consider whether an act will benefit others as well as ourselves. Eg, a
company provides high security on its databases to protect its clients
information. This increases their costs, but is of benefit to the clients.
Kant’s categorical imperative
i)
Principle of consistency
Would it make sense to force everyone to take the action we are
considering? If not, do not take that action. Eg, if everyone used pirate
software rather than buying it, how would the creators of software survive?
They would stop creating software.
ii)
Principle of respect
Treat people with dignity. People are not a means to an end. Conducting
electronic surveillance without the knowledge of employees might be
considered an act of disrespect.
e)
Make a defensible choice
Review the conclusions reached in the preceding steps and ask:
 Does the action serve the public interest? Or at least, not cause unnecessary
social harm?
 Are any basic human rights violated?
 Are any commonly accepted duties abridged?
Step 3 Describe steps to resolve the situation
a)
What are the options at this time?
b)
What option(s) do you recommend?
c)
Defend the legality and ethicality of your recommendation.
d)
How would you implement your recommendation?
e)
Recommend short term corrective measures
B107 Principles of Information Systems
8
Step 4 Prepare policies and strategies to prevent recurrence
a)
What organizational, political, legal, technological, or societal change are
needed?
b)
What are the consequences of your suggested changes?
What happens when this resolution is invoked?
What obstacles might prevent your plan from working?
Why should the organisation implement the changes?
How do the changes benefit the organisation? Are they marketable, or do
they further public relations?
Do the changes increase the net good for those concerned? Does anyone
get hurt?
Do the changes support human rights and reflect common duties?






Case Study: Too much of a good thing:
Amy is a systems analyst for RT Electronics Inc. Her major role is user support for
127 end users. She provides training and acts as a troubleshooter. Much of her
time was spent travelling between sites, as she often needed to see for herself
what the users saw on their screens.
A new utility, VIEWER has changed her job. It allows her to view & even take over
all networked work stations and terminals. As a user rings or e-mails her with their
problem, she speaks to the user by ‘phone while monitoring their terminal with
VIEWER and talks them through the problem.
Amy is delighted with VIEWER. She roves electronically from one troubled user to
another, seeing on her screen exactly what the user sees. She saves so much
travelling time, she is even able to scan user activities without them making a
request. If she finds one in trouble she can intervene.
Amy tells her boss, Jim, “With this program I can watch over the users’ shoulders
without being there. I recommend we buy additional copies for all personnel.”
Jim lunches with the Executive VP, Jan. Jan is very interested in Jim’s report on
VIEWER. “You mean you can tell me at any time what people are doing?”, she
asks.
“Yes, if they are logged on.” replies Jim.
“Hmm, this could be very useful. This is confidential, but we suspect one or more
persons are dealing drugs from company premises, during company time. We
have suspects, but no proof. We are already monitoring their phones...sounds like
we can use VIEWER to enhance our surveillance.”
B107 Principles of Information Systems
9
Step 1: Analyze the situation
What is the subject of the case? What is it all about?
a)
b)
What are the relevant facts?
Who are the stakeholders? Who has an interest in the outcome?
Step 2: Make a defensible ethical decision
a)
Isolate the ethical issues.
 Should someone have done something or not done something?
 Does it matter that.....(reasons or excuses)
b) Examine the legal issues
B107 Principles of Information Systems
10
c) Consult Guidelines:
 Do corporate policies apply?
 What codes of conduct apply?
 Does the act violate the Golden Rule? (treat others as you would wish to be
treated)
 Who benefits? Who is harmed?
 Does the action pass tests for right and wrong?
d) Discover the applicable ethical principles.
 Explore ways to minimise harm
 Analyse relevant rights & duties

Examine the situation in terms of egoism and utilitarianism
B107 Principles of Information Systems
11
 Apply concepts of consistency and respect
e) Make a defensible choice.
Step 3 Describe steps to resolve the situation
a) What are the options at this time?
b) What option(s) do you recommend?
b)
Defend the legality and ethicality of your recommendation.
d)
How would you implement your recommendation?
e)
Recommend short term corrective measures
B107 Principles of Information Systems
12
Step 4 Prepare policies and strategies to prevent recurrence
a)
What organisational, political, legal, technological, or societal change are
needed?
b)
What are the consequences of your suggested changes?
 What happens when this resolution is invoked?

What obstacles might prevent your plan from working?

Why should the organisation implement the changes?

How do the changes benefit the organisation? Are they marketable, or do they
further public relations?
 Do the changes increase the net good for those concerned? Does anyone get
hurt?
 Do the changes support human rights and reflect common duties?
B107 Principles of Information Systems
13