MANAGEMENT INFORMATION SYSTEMS

INFORMATION SYSTEMS: ETHICAL & SOCIAL ISSUES

Compiled by Dr. Jennifer W, PhD, PMP® for Online Training

 Objectives
At the end of this lecture, you should be able to:
• Explain the emerging issues in area of information systems.
• Outline some threats to computer and communication
systems.
• Describe a number of control methods that ensure safety and
security of information technology system.
• Explain some of environmental and mental health problems
caused by IT.
• State code of ethics aspects guiding use of IT.
 Information System Security
In management of information systems, a number of issues such as threats and health related problems which
require measures such as controls or security and ergonomics considerations.
Security: Policies, procedures and technical measures used to prevent unauthorized access, alternation, theft, or
physical damage to information systems. There many threats to computer systems security: Errors and accidents,
Natural and other hazards, Crime against computers and communications, Crime using computers and
communications, Worms and viruses and Computer criminals.
• Errors and Accidents: Human errors, Procedural errors, Software errors, Electromechanical problems,
• Natural and other hazards: fires, floods, earthquakes, tornadoes, hurricanes, blizzards etc.
• Crime against computers and communications: Theft of hardware, destruction
Security policy: instrumental in managing of security problems. Security policy consists of statements ranking
information risks, identifying security goals and identifying mechanism for achieving these goals.
CONTROLS: methods, policies, and organizational procedures that ensure the safety of the organization assets,
the accuracy and reliability of accounting records, and operational adherence to management standards.
– Controls needed include: Procedure controls; physical facility controls: and information systems
controls.
 Information System Security
QUALITY OF LIFE ISSUES
– IT creates environmental and mental-health problems among other problems.
• Environmental problems
• Health problems and ergonomics
• IT ETHICAL ISSUES
– Ethics has been defined as involving the systematic application of moral rules,
standards, and principles to concrete problems. It refers to the principles of right and
wrong that individuals, acting as free moral agents, use to make choices to guide their
behavior.
– Information technology and information systems raise new ethical questions for both
individuals and societies because they create opportunities for intense social change
and, thus, threaten existing distributions of power, money, rights, and obligations.
– Information technology can be used to achieve social progress, but it can also be used to
commit crimes-and threaten cherished social values.
 Key Technology Trends that Raise Ethical Issues
• Computing power doubles every month
– Computer system are becoming faster each day and cost effective to process huge amounts of
information. Most companies rely on them for critical operations, thus increasing vulnerability to
system errors and poor data quality.
• Rapidly declining data storage costs
– Low storage cost lower the cost of storing huge national data including private information and illegal
files like music, movies, software's etc. violation of individual privacy is both cheap and effective.
• Advances in data analysis/data mining:
– Increases the ability of firms and governments to track the movement of citizens throughout life by
• Profiling – Combining data from multiple sources to create dossiers of detailed information on
individuals
• Nonobvious relationship awareness (NORA) – Combining data from multiple sources to find
obscure hidden connections that might help identify criminals or terrorists
• Networking advances and the Internet
– Its easier to access and copy personal data from one location to another remotely invading personal
privacy.
• Growth of Mobile devices
– Easy to track individual cell phones
 Non-obvious relationship awareness
(NORA)
NORA: The process of collecting large quantities of a variety of information and then combining it to create
profiles of individuals.
 Basic Concepts of Ethics
Ethics is about freedom of choice. Ethical decisions are made by individuals who are
responsible for the consequences of their actions
• Responsibility: A feature of an individual and a key element of ethical action. Being
responsible means accepting duties, obligations, potential costs for the decision you
make
• Accountability: A feature of system and social institutions. Means putting
mechanism in place to determine who took responsible actions, who are the
responsible parties. If system and social institutions cannot determine who took the
action, they cannot be used for ethical analysis or ethical action.
• Liability: A feature of political systems in which a body of law is in place which
permits individuals and firms to recover the damages done to them by other actors,
systems or organization.
• Due process: A related feature of law-governed societies, and is a process in which
laws are known and understood and there is ability to appeal higher authorities to
ensure that the laws are applied correctly
 Basic Concepts of Ethics

• Information technologies are filtered through social

institutions, organizations, individuals
• Responsibility falls on institutions, organizations, and
individuals who choose to use the technology
• In an ethical, political society, individuals and others can
recover damages done to them through a set of laws
 Some Real-World Ethical Dilemmas

• Competing values: one set of interests pitted against

another
• Using systems to increase efficiency, and causing
layoffs and personal hardships
• Using systems to monitor employee e-mail to protect
valuable assets, but decreasing employee privacy
• Monitoring employee use of the Internet at work,
decreasing employee privacy
 Professional Codes of Conduct
Example
• When groups of people claim to be professionals, they enter into special,
even more constraining relationship with employers, customers, and
society given their special claims to knowledge, wisdom and respect.
• Association of Computing Machinery(ACM): US-based international
learned society for computing.
– Contribute to society and human well-being
– Avoid harm to others
– Be honest and trustworthy
– Honor property rights including copyrights and patents
– Give proper credit for intellectual property
– Access computing resources only when authorized
– Respect the privacy of others
 Moral Dimensions of the Information Age
• Information rights and obligations: What information rights do individuals and organizations possess
with respect to themselves? What can they protect? E.g. (Privacy &Web sites Privacy , Spyware ,
Cookies )

• Property rights and obligations: How will traditional intellectual property rights be protected in a
digital society in which tracing and accounting for ownership are difficult and ignoring such property
rights is so easy? E.g. (trade secret, copyright, and patent law)

• Accountability and control: Who can and will be held accountable and liable for the harm done to
individual and collective information and property rights?
• System quality: What standards of data and system quality should we demand to protect individual
rights and the safety of society? Eg .(Computer crime , Spam junk e mail

• Quality of life: What values should be preserved in an information- and knowledge based society?
Which institutions should we protect from violation? Which cultural values and practices are supported
by the new information technology?
 Information Rights: Privacy and Freedom in the
Internet Age
• Privacy: Claim of individuals to be left alone, free from surveillance or interference
from other individuals, organizations, or state; individuals claim to be able to
control information about yourself.
• Protected primarily in United States by
– First Amendment (freedom of speech)
– Fourth Amendment (unreasonable search and seizure)
– Additional federal statues (e.g., Privacy Act of 1974)
• Most U.S. federal privacy laws apply only to federal government, not to private
sector
• Today, millions of employees are subject to electronic surveillance
• Because of information technology, invasion of privacy is cheap, profitable and
effective.
 Internet Challenges to Privacy
Computer systems able to monitor, capture, store communications passing through.
• Cookies
• Tiny files downloaded by Web site to visitor’s hard drive
• Identify visitor’s browser and track visits to site
• Allow Web sites to develop profiles on visitors
• Web bugs/ Web beacons
• Tiny graphics embedded in e-mail messages and Web pages
• Designed to monitor online Internet user behavior
• Monitor who is reading/view a message/website and transmitting that information to another computer on the
Internet without user knowledge.
• Spyware
• Surreptitiously installed on user’s computer
• May transmit user’s keystrokes or display unwanted ads
• Google services and behavioral targeting
• online behavioral advertising targeting users bases on behavior in web-browsing as well as collecting private
information
 How cookies identify Web visitors

Cookies are written by a Web site on a visitor’s hard drive. When the visitor returns to that Web site, the Web server requests the ID number from the
cookie and uses it to access the data stored by that server on that visitor. The Web site can then use these data to display personalized information.
 Challenges to Privacy and Intellectual Property
• U.S. allows businesses to gather transaction information without user consent and use this for other
marketing purposes
• Opt-out(request data not to be collected) vs. opt-in(one has to approve collection and use)
model
• Online industry promotes self-regulation over privacy legislation
• Extent of Self regulation responsibility varies
• Statements of information use are quite different some are complex and ambiguous
• Some firms offer opt-out selection boxes
• Online “seals” of privacy principles(trustee disclosure, choice, access, security)
• Network Advertising Initiative (NAI): provides self-regulatory guidelines for participating
networks and opt-out technologies
• Most Web sites do not have any privacy policies
• Many online privacy policies do not protect customer privacy, but rather protect the firm from law
suits
 Information Rights: Privacy and Freedom in the
Internet Age
Technical Solutions
• Platform for Privacy Preferences (P3P)
• Allows Web sites to communicate privacy policies to visitor’s Web browser – user get more control over personal
information
• User specifies privacy levels desired in browser settings
• E.g. “medium” level accepts cookies from first-party host sites that have opt-in or opt-out policies but rejects
third-party cookies that use personally identifiable information without an opt-in policy.
• Only works with Web sites who have translated policies into P3P format
• Privacy Protection Tools
– E-mail encryption : Secure e-mail or data
– Anonymity tools: Block ads and manage cookies
– Anti-spyware tools: E.g. Norton 360
– Browser features: Anonymous surfing
• “Private” browsing
• “Do not track” options
 The P3P Standard

P3P enables Web sites to translate their privacy policies into a standard format that can be read
by the user’s Web browser software. The user’s Web browser software evaluates the Web site’s
privacy policy to determine whether it is compatible with the user’s privacy preferences.
 Information Rights: Privacy and Freedom in
the Internet Age
Ethical Issues
• Under what conditions should privacy be invaded?
• What legitimates unobtrusive surveillance through
market research, or by whatever means?
 Information Rights: Privacy and Freedom in the
Internet Age
Social Issues
• Concerns on “Expectations of privacy”, privacy norms.
• Should people have expectations of privacy while using
e-mail, cellular phones, bulletin boards, postal system,
etc.?
• Do expectations of privacy extend to criminal
conspirators?
 Information Rights: Privacy and Freedom in the
Internet Age
Political Issues
• Statutes to govern relationship between record
keepers and individuals
• Should FBI monitor e-mail?
• Should e-commerce sites maintain personal data
about individuals
 Property Rights: Intellectual Property

Intellectual Property
• Intangible property created by individuals or corporations which is subject to
protections under trade secret, copyright and patent law
• Three ways that intellectual property is protected
• Trade secret: Intellectual work or product belonging to business, not in the
public domain
• Copyright: Statutory grant protecting intellectual property from being
copied for the life of the author.
• Patents: Grants creator of invention an exclusive monopoly on ideas behind
invention.
 Property Rights: Intellectual Property

Trade Secret
• Any intellectual work product used for a business purpose;
cannot be based on information in public domain
• Protects both ideas in product as well as product itself
• Applies to software with unique elements, procedures,
compilations
• Difficult to prevent ideas in the work from falling into public
domain after distribution
 Property Rights: Intellectual Property

Copyright
• Statutory grant that protects creators of intellectual
property from having work copied for the life of author
plus 70 years; 95 years for corporate-owned property
• Computer Software Copyright Act provides protection
for program code and product copies sold in commerce
• Does not protect underlying ideas behind work
 Property Rights: Intellectual Property

Patents
• Grants exclusive monopoly on ideas behind invention
for 20 years
• Ensures inventors receive full rewards for labor; but
prepares for widespread use by providing detailed
documents
• Applies to underlying concept of software
• Stringent criteria of nonobviousness, originality, and
novelty; lengthy application process
 Property Rights: Intellectual Property
Challenges to Intellectual Property Rights
• Digital media different from physical media (e.g. books)
• Ease of replication
• Ease of transmission (networks, Internet)
• Difficulty in classifying software
• Compactness of the product
• Difficulties in establishing uniqueness
• Proliferation of electronic networks, including Internet, World Wide Web
• File-sharing software
• Perfect digital copies cost almost nothing
• Sharing of digital content over the Internet costs almost nothing
• Sites, software, and services for file trading are not easily regulated.
• A web page may present data from many sources, and incorporate framing
Digital Millennium Copyright Act (DMCA) 1998
• Makes it illegal to circumvent technology-based protections of copyrighted materials
– Implements World Intellectual Property Organization treaty
Who owns the pieces? Anatomy of a Web
page

Web pages are often constructed with elements from many different sources, clouding issues of ownership and intellectual property protection.
 Property Rights: Intellectual Property

• Ethical Issues: Is there value in protecting

intellectual property when it is so easily copied and
distributed?
• Social Issues: Routine illegal file-sharing creating
society of lawbreakers
• Political issues: New protection measures needed
to protect investments made by creators
 Accountability, Liability, and Control

• Ethical issues: Who is morally responsible for

consequences of use of hardware or software? If
software causes injury, who is liable?
• Social issues: What should society expect and allow of
service-providing information systems? Does producer,
Programmer or IT manager has responsibility?
• Political issues: To what extent should government
intervene, protect service providers and users?
 System Quality: Data Quality and System Errors
• Ethical issues: At what point should software/services be released for consumption?
• What is an acceptable, technologically feasible level of system quality?
• Flawless software is economically unfeasible
• Three principal sources of poor system performance:
• Software bugs, errors
• Hardware or facility failures
• Poor input data quality (most common source of business system failure=data
quality)
• Social issues: Should people be encouraged to believe systems are infallible?
• Political Issues: Laws of responsibility and accountability
 Quality of Life: Equity, Access, and Boundaries
Negative Social consequences of Information Technology
• Balancing power: Although computing power is decentralized, key
policy decisions still centralized
• Rapidity of change: More efficient marketplace reduces business
response time to global competition
• Maintaining boundaries: Ubiquitous computing weakening traditional
boundaries between family or leisure and work.(More time on the
computer)
• Dependence and vulnerability: Public and private organizations ever
more dependent on computer systems despite the Vulnerability to
system failures; no standards as with other public-utility technologies
 Quality of Life: Equity, Access, and Boundaries

• Computer crime: Commission of illegal acts through the

use of a computer or against a computer system.
• Computer abuse: Commission of acts involving a
computer that may not be illegal but are considered
unethical, i.e. spamming: High costs for businesses in
dealing with spam
Computer forensics: scientific collection and analysis of
data held on or retrieved from computer storage media
to be used as evidence in court of law
 Quality of Life: Equity, Access, and Boundaries
Internet Crime and Abuse
• Spamming – spams multiply and disable resources
• Hacking – take over control of the resource or service
• Jamming – replacing signals with wrong messages or
content
• Malicious software – cause damage or inconvenience to
users
• Sniffing – intercepting message packets, like tapping lines
• Spoofing- pretend to be legal user and gain access using
false data
 Window on Management

Can the Spamming Monster Be Tamed?

• Is spamming an important management decision?
Why or why not?
Quality of Life: Equity, Access, and Boundaries
• Employment: reengineering work possibly leading to
job losses; offshore outsourcing
• Equity and Access: Will inequitable distribution of
access to information system resources lead to digital
divide?
• Health risks: repetitive stress injury (RSI); carpal tunnel
syndrome (CTS); computer vision syndrome (CVS);
technostress; radiation from display screens
 Quality of Life: Equity, Access, and Boundaries
• Repetitive Stress Injury (RSI):
– Occupational disease
– Muscle groups are forced through repetitive actions with high-impact loads or thousands of
repetitions with low-impact loads
• Carpal Tunnel Syndrome (CTS):
• Type of RSI
• Pressure on the median nerve through the wrist’s bony carpal tunnel structure produces pain.
• Computer Vision Syndrome (CVS):
• Eyestrain condition
• Related to computer display screen usage
• Symptoms include headaches, blurred vision, and dry and irritated eyes
• Technostress:
• Stress induced by computer use
• Symptoms include aggravation, hostility toward humans, impatience, and enervation
 Window on Organizations

Offshore Outsourcing: Good or Bad?

• Does offshore outsourcing create an ethical
dilemma? Why or why not?
Management Actions: A Corporate Code of
Ethics
• Information rights and obligations
• Property rights and obligations
• System quality
• Quality of life
• Accountability and control
 Exercises

• Discuss the issues and challenges associated with the

moral dimension of information security
• Discuss the responsibility, accountability, liability and
due process associated with information security.
• Discuss the related ethical issues touching on privacy
and information rights