This document is a letter submitted by John Waibochi Gitahi to KASNEB Newsline magazine proposing an article on ethics and social issues in information systems. The attached article discusses how information systems raise new ethical questions regarding privacy, property rights, and accountability. It highlights key trends like increasing data collection and analysis capabilities that threaten individual privacy. The article provides guidelines on performing ethical analysis when using information and avoiding exposing private data.
Original Description:
ethics & social issues in information systems
Original Title
Ethical Issues and Social Issues Related to Systems
This document is a letter submitted by John Waibochi Gitahi to KASNEB Newsline magazine proposing an article on ethics and social issues in information systems. The attached article discusses how information systems raise new ethical questions regarding privacy, property rights, and accountability. It highlights key trends like increasing data collection and analysis capabilities that threaten individual privacy. The article provides guidelines on performing ethical analysis when using information and avoiding exposing private data.
This document is a letter submitted by John Waibochi Gitahi to KASNEB Newsline magazine proposing an article on ethics and social issues in information systems. The attached article discusses how information systems raise new ethical questions regarding privacy, property rights, and accountability. It highlights key trends like increasing data collection and analysis capabilities that threaten individual privacy. The article provides guidelines on performing ethical analysis when using information and avoiding exposing private data.
October 02, 2012 The Editor KASNEB Newsline P.o Box 41326-00100 NAIROBI
Dear sir/madam,
RE: NEWSLINE ARTICLE I have the privilege to submit the attached article ETHICS AND SOCIAL ISSUES IN INFORMATION SYSTEMS to you for publication consideration in your esteemed magazine kasneb newsline. I believe the article may offer some insight into the increasing murky world of managing information available from information systems and trusting third parties with private and confidential information. Most information systems managers often find themselves with highly sensitive private information from their customers, employers, suppliers etc. Every so often, they have to manouvre a very thin line with regard to using such information for the purpose for which it was collected or use it commercially and secretively for their own individual benefit.
I have highlighted some general guidelines on how to perform ethical analysis on information use during decision making and the golden rules that can help information managers avoid pitfalls that come with exposure of private information.
Yours faithfully, JOHN W GITAHI. PERSONAL PROFILE Name: John Waibochi Gitahi Date of Birth: 12-10-1980 KASNEB No: NAC/86489 & CTP/094 Contacts: P.o Box 1020-10101 Karatina 0723 44 39 91 [email protected] Pofessional qualifications: -CPA (K) - Bachelor of Business Management(BBM-ongoing 4 th year) part-time student at Mt. Kenya University. -I have just passed my CICT Part III exams in June 2012 and am currently working on the information systems project. Work : Lecturer at Palmax Business & ICT College-Karatina
ETHICAL ISSUES AND SOCIAL ISSUES IN INFORMATION SYSTEMS Background In the last decade, we have witnessed, arguably one of the most challenging periods for global business. Lapses in management ethical and business judgment has occurred has occurred across a broad spectrum of industries. Numerous examples exist of such lapses which has lead to spectacular business collapse. The most known being that of the Lehman Brothers (US) 2008-2010. Although these major instances of failed ethical and legal judgments were not masterminded by information systems departments, information systems were instrumental in many of these frauds. In many cases, the perpetrators of these crimes artfully used information available from financial reporting information systems to perpetrate their crimes and bury their decisions from public scrutiny in the vain hope they will never be caught. In Kenya Today, we have reduced cases of violent bank robberies compared to the 80s and 90s but the banking sector is loosing more money than in the past. Tech-savvy employees are manipulating banking information systems to conduct and mask fraud. So, when using information systems, it is essential to ask, What is the ethical and socially responsible course of action?. ETHICS IN INFORMATION SYSTEMS Ethics refers to the principles of right and wrong that individuals, acting as free moral agents, use to make choices to guide their behaviors Information systems raise new ethical questions because they create opportunities for: Intense social change, threatening existing distributions of power, money, rights, and obligations. Like other technologies, such as steam engines, electricity, telephone etc, information technology can be used to achieve social progress but it can also be used to commit crimes and threaten social values. Ethical issues in information systems have been given new urgency by the rise of internet and e- commerce. Internet and digital firm technologies make it easier than ever to assemble, integrate and distribute information, unleashing new concerns about the appropriate use of customer information, the protection of personal privacy, and the protection of intellectual property.
So what is the relationship between ethical, social, and political issues in an information society? Information technology has a ripple effect, raising new ethical, social, and political issues that must be dealt with on the individual, social, and political levels. These issues have five moral dimensions: Information rights and obligations, property rights and obligations, system quality, quality of life, and accountability and control.
1. Information rights and obligations- what information rights do individuals and organizations possess with respect to themselves? What can they protect? 2. Property rights and obligations- how will traditional intellectual property rights be protected in a digital society in which tracing and accounting for ownership are difficult and ignoring such property rights is so easy? 3. Accountability and control- who can and will be held accountable and liable for the harm done to individuals and collective information and property rights? 4. System quality- what standards of data and system quality should we demand to protect individual rights and the safety of society? 5. Quality of life- what values should be preserved in an information and knowledge based society? Which institutions should we protect from violation? Which cultural values and practices are supported by new information technology?
Key technology trends that raise ethical issues Ethical issues long preceded information technology. But IT has nevertheless heightened ethical concerns, taxed existing social arrangements, and made some laws obsolete or severely crippled. There are 4 key technological trends responsible for these ethical stresses. 1. Doubling of computer power The doubling of computer power every 18 months has made it possible for More organizations to depend on information systems for their core production processes. This has increased our vulnerability to system errors and poor data quality. 2. Rapidly declining data storage costs Advances in data storage techniques and rapidly declining storage costs have been responsible for the multiplying databases in individuals- employees, customers, potential customers- maintained by private and public organizations. These advances have made the routine violations of individual privacy both cheap and effective. 3. Advances in data analysis techniques Advances in data analysis techniques for large pools enables companies and government agencies to find out highly detailed personal information about individuals. Contemporary data management tools enables organizations to combine data myriad pieces of information about you stored on computers to reveal not only a users credit information but also their driving habits, tastes, associations and their political interests. Profiling is the use of computers to compile data from multiple sources and create electronic dossiers of detailed information on individuals. For example, several thousands of the most popular websites allow DoubleClick(owned by Google), an advertising broker, to track the activities of visitors in exchange of revenue from advertisements based on visitors information DoubleClick gathers. ChoicePoint gathers information from police, criminal, and motor vehicle records; credit and employment histories; current and previous addresses; professional licenses; and insurance claims to assemble and maintain electronic dossiers on almost every adult in the United States. The company sells this personal information to businesses and government agencies. Demand for personal data is so enormous that data brokers businesses such as ChoicePoint are flourishing. A new data analysis technology called nonobvious relationship awareness (NORA) has given both the government and private sector even more profiling capabilities. NORA can take information about people from different sources and correlate to find obscure hidden connections that might help identify criminals or terrorists. NORA technology scans data and extracts information as the data are being generated so that it could, for example, instantly discover a man at an airline ticket counter who shares a phone number with a known terrorist before that person boards an airplane. The technology is an important tool securitywise but has privacy implications because it can provide such a detailed picture of the activities and associations of a single individual.
4. Networking advances and the Internet Copying data from one location to another and accessing personal data from remote locations is much easier with growth in networks and internet. But this also opens up the possibilities of mining large pools of data remotely using small desktop machines permitting invasion of privacy on a scale and with a precision heretofore unimaginable.
NORA technology can take information about people from disparate sources and find obscure, nonobvious relationships. It might discover, for example, that an applicant for a job at a casino shares a telephone number with a known criminal and issue an alert to the hiring manager. DEVELOPING ETHICS IN AN INFORMATION SOCIETY Ethics is a concern of humans who have freedom of choice. Ethics is about individual choice: when faced with alternative courses of action, what is the correct moral choice? What are the main features of ethical choice?
Basic concepts for ethical analysis Responsibility: This means that you accept the potential costs, duties, and obligations for the decisions you make. Accountability: This is a feature of systems and social institutions. It means mechanisms are in place to for identifying who took responsible actions and who are the responsible parties. Systems and institutions in which it is impossible to find out who took what action are inherently incapable of ethical analysis or ethical action. Liability: This extends the concept of responsibility further to areas of laws. Liability is a feature of the political systems in which a body of laws permits individuals (and firms) to recover damages done to them by other actors, systems, or organizations. Due process: This is a related feature of law-governed societies and is a process in which Laws are well known and understood, and there is an ability to appeal to higher authorities to ensure laws are applied correctly. These basic concepts form the basis of an ethical analysis of information systems and those who manage them.
Ethical analysis: A five-step process When presented with a situation that seems to present ethical issues, how should you analyze it? The following steps should guide you; 1. Identify and clearly describe the facts 2. Define the conflict or dilemma and identify the higher-order values involved 3. Identify the stakeholders 4. Identify the options that you can reasonably take 5. Identify the potential consequences of your options
Six Candidate Ethical Principles 1. Golden Rule Do unto others as you would have them do unto you. Put yourself into the place of others, and thinking of yourself as the object of the decision can help you think about fairness in decision making. 2. Immanuel Kants Categorical Imperative If an action is not right for everyone to take, it is not right for anyone. Ask yourself, if everyone did this, could the organization, or society, survive? 3. Descartes Rule of Change If an action cannot be taken repeatedly, it is not right to take at all. This is the slippery-slope rule: an action may bring about a small change now that is acceptable, but if it is repeated, it would bring unacceptable changes in the long run. 4. Utilitarian Principle Take the action that achieves the higher or greater value. This rule assumes you can prioritize values in a rank order and understand the consequences of various courses of action. 5. Risk Aversion Principle Take the action that produces the least harm or least potential cost. Some actions have extremely high failure costs of very low probability( e.g. building a nuclear facility in an urban area) or extremely high failure costs of moderate probability( speeding and motor accidents). Avoid these high-failure-cost actions, paying greater attention to high-failure-cost actions, paying greater attention to high-failure-cost potential of moderate to high probability. 6. Ethical no free lunch Rule Assume that virtually all tangible and intangible objects are owned by someone unless there is a specific declaration otherwise. If something someone else has created is useful to you, it has value, and you should assume that the creator wants compensation for this work. Actions that do not pass these rules deserve close attention and a great deal of caution. The appearance of unethical behavior may do as much harm to you and your company as actual unethical behavior. PROFESSIONAL CODE OF CONDUCT Promulgated by associations of professionals e.g. ICPAK, LSK etc. these professional groups take responsibility for the partial regulation of their professions by determining entrance qualifications and competence. Code of ethics are promises by professions to regulate themselves in the general interest of society. For example avoiding harm to others, honoring property rights (including intellectual property), respecting privacy etc. information managers have to observe their professional code of conduct (not currently in place in Kenya) to avoid exposing their clients of employers to INFORMATION RIGHTS : PRIVACY AND FREEDOM IN THE INTERNET AGE. Privacy is the claim of individuals to be left alone, free from surveillance or interference from other individuals or organizations, including the state. Claims to privacy are also involved at the workplace: Millions of employees are subject to electronic and other forms of high-tech surveillance (Ball,2001). Information Technology and systems threaten individual claims to privacy by making the invasion of privacy cheap, profitable and effective. The claim to privacy is protected in the U.S, Canadian, and German constitutions in a variety of different ways and in other countries through various statutes. Most American and European privacy law is based on a regime called Fair Information Practices (FIP). FIP is a set of principles governing the collection and use of information about individuals. FIP principles are based on the notion of a mutuality of interest between the Record Holder and the Individual. The individual has an interest in engaging in a transaction, and the record keeper usually a business or government agency requires information about the individual to support the transaction. Once information is gathered, the individual maintains an interest in the record, and the Record may not be used to support other activities without the individuals consent. INTERNET CHALLENGES TO PRIVACY Internet Technology has posed new challenges for the protection of individual privacy. Information sent over this vast network may pass through many different computer systems before it reaches its final destination. Each of these systems is capable of monitoring, capturing, and storing communication that pass through it. Much of this monitoring and tracking of web Site visitors occurs in the background without the visitors knowledge. It is conducted not just by individual Websites but by advertising networks such as Microsoft Advertising, Yahoo, and Double Click that are capable of tracking all browsing behavior at thousands of Web sites. The commercial demand for this personal information is virtually insatiable. Websites can learn the identities of their visitors if the visitors voluntarily register at the site to purchase a product or service or to obtain a free service, such as information. Web sites can also capture information about visitors without their knowledge using cookie technology. Cookies are small text files deposited on a computer hard drive when a user visits Web Sites. Cookies identify the visitors Web Browser software and track visits to the Websites. When the Visitor returns to a site that has stored a cookie, the Website software will search the visitors computer, find the cookie, and know what that person has done in the past. In this way, the site can customize its content for each visitors interests. For Example, if you purchase a book on Amazon.com and return later from the same browser, the site will welcome you by name and recommend other books of interest based on your past purchases. Double Click, described earlier in this chapter, uses cookies to build its dossiers with details of online purchases and to examine the behavior of Website visitors. Other more subtle and surreptitious tools for surveillance of Internet users includes Web Beacons, also called We bugs, which are tiny objects invisibly embedded in e-mail messages and Web pages that are designed to monitor the behavior of the user visiting a Web site or sending e-mail. The web beacon captures and transmits information such as the IP address of the users computer, the time a Web Page was viewed and for how long, the type of Web Browser that retrieved the beacon, and previously set cookie values. We beacons are placed on popular Web Sites by Third Party firms who pay the Web sites a fee for access to their audience. A Spyware can secretly install itself on an Internet users computer by piggybacking on larger applications. Once installed, the spyware calls out to Web Sites to send banner ads and other unsolicited material to the user, and it can also report the users movements on the Internet to other computers. More information is available about intrusive software. About 75 percent of global Internet users use Google search and many of its services such as gmail, doubleclick, Youtube, Google Toolbar, Google Chrome, Google analystics, etc making Google the Worlds largest collector of online user data.
TECHNICAL SOLUTIONS In Addiction to legislation, new technologies are available to protect user privacy during interactions with Web Sites. Many of these tools are used for encrypting email, for making e-mail or surfing activities appear anonymous, for preventing client computers from accepting cookies, or for detecting and eliminating spyware. There are now tools to help users determine the kind of personal data that can be extracted by Web Sites. The Platform for privacy Preferences, known as P3P, enables automatic communication of privacy policies between an e-commerce site and its visitors. P3P provides a standard for communicating a Web Sites privacy policy to Internet users and for comparing that policy to the users preferences or to other standards, such as the FTCS FIP guidelines or the European Directive on Data protection. User a can use P3P to select the level of privacy they wish to maintain when interacting with the Web site . PROPERTY RIGHTS: INTELLECTUAL PROPERTY Contemporary information systems have severely challenged existing laws and social practices that protect private intellectual property. Intellectual property is considered to be intangible property created by individuals or corporations. Information Technology has made it difficult to protect intellectual property because computerized information can be so easily copied or distributed on networks. Intellectual property is subject to a variety of protection under three different legal traditions: trade secrets, copyright, and patent law. TRADE SECRETS Any intellectual work product a formula, device, pattern, or compilation of data used for a business purpose can be classified as a trade secret, provided it is not based on information in the public domain. Protections for trade secrets vary from state to state. In general, trade secret laws grant a monopoly on the ideas behind a work product, but it can be very tenuous monopoly. Software that contains novel or unique elements, procedures, or compilations can be included as a trade secret. COPYRIGHT Copyright is a statutory grant that protects creators of intellectual property from having their work copied by others for any purpose during the life of the author plus an additional 70 years after the authors death. For corporate-owned works, copyright protection lasts for 95 years after their initial creation. Copyright protects against copying of entire programs or their parts. Damages and relief are readily obtained for infringement. PETENTS A patent grants the owner an exclusive monopoly on the ideas behind an invention for 20 years. The intent behind patent law was to ensure that inventors of new machines, devices, or methods receive the full financial and other rewards of their labor and yet make widespread use of the invention possible by providing detailed diagrams for those wishing to use the idea under license from the patents owner The key concepts in patent law are originality, novelty, and invention. The strength of patent protection is that it grants a monopoly on the underlying concepts and ideas of software. The difficulty is passing stringent criteria of nonobviousness (e.g the work must reflect some special understanding and contribution), originality, and novelty, as well as years of waiting to receive. CHALLENGES TO INTELLECTUAL PROPERTY RIGHTS. Contemporary information technologies, especially software, pose severe challenges to existing intellectual property regimes and , therefore, create significant ethical, social, and political issues. Digital media differ from books, periodicals, and other media in terms of ease of replication; ease of transmission; ease of alteration; difficulty in classifying a software work as a program, book, or even music; compactness making theft easy; and difficulties in establishing uniqueness. The proliferation of electronic networks, including the internet, has made it even more difficult to protect intellectual property. Using Networks, information can be more widely reproduced and distributed. The Internet was designed to transmit information freely around the world, including copyrighted information. With the world Wide Web in particular, you can easily copy and distribute virtually anything to thousands and even millions of people around the world, even if they are using different types of computer systems. Mechanisms are being developed to sell and distribute books, articles and other intellectual property legally on the internet, and the Digital Millennium Copyright Act (DMCA) of 1998 is providing some copyright protection. The DCMA implemented a World Intellectual property Organization Treaty that makes it illegal to circumvent technology- based protections of copyrighted materials. Internet Service Providers (ISPs) are required to take down sites of copyright infringers that they are hosting once they are notified of the problem.
CONCLUSION Information managers must come up with procedures and mechanism of protecting information against exposure to outsiders. In addition, they must apply sober decision making whenever situations arise which guarantee some benefits to them or their proxies but maybe detrimental to the organization or its stakeholders. The interests of the owners of the information should guide any decision making. Breaking of trust may lead to undesirable consequences both for the organization and the decision makers.
REFERENCES: Wikipedia Management Information Systems by Kenneth C. Laudron & Jane P. Laudron