Jazan University

The ETHICAL and SOCIAL ISSUES of INFORMATION

TECHNOLOGY and SECURITY

STUDENT NAME

SUPERVISER BY
 TABLE OF CONTENT
INTRODUCTION ............................................................................................................................................ 3
OBJECTIVE ..................................................................................................................................................... 4
THE RELATIONSHIP BETWEEN INFORMATION TECHNOLOGY (IT) AND ETHICAL VALUES AND THEIR
CHALLENGES ................................................................................................................................................. 4
The history of technology ethics.............................................................................................................. 4
Technology Ethics ..................................................................................................................................... 4
Moral theories .......................................................................................................................................... 5
Ethical issues faced by Information Technology (IT) ............................................................................... 5
SPECIFIC ETHICAL CHALLENGES AT THE CULTURAL LEVEL ........................................................................ 10
Social media and networking................................................................................................................. 11
INFORMATION SECURITY AND ETHICS TOOLS AND TECHNOLOGIES ....................................................... 12
Information Security .............................................................................................................................. 12
Security Attacks ...................................................................................................................................... 13
Ethics as Human Foundation of Information Security .......................................................................... 13
CRITICAL ISSUES IN INFORMATION SECURITY AND ETHICS ...................................................................... 17
CONCLUSION .............................................................................................................................................. 19
REFERENCES ................................................................................................................................................ 20
INTRODUCTION
New advances particularly in the field of information technology have brought new scientific
gains to humans but it should be noted that the entry of new scientific and technological fields
will always have ethical issues and limitations. One of the interesting and, of course, new topics
in the field of information technology science is computer ethics or IT ethics. The study of
computer ethics has long been considered by the researchers. Today, in the digital age, the
society is dependent on computers in almost all its affairs, and the study of ethics in the field of
computer and information technology must always be considered. The growth and development
of the Internet has made it possible to store a large number of individuals’ personal data by
relying on advanced information systems and the abuse of personal data and privacy violations
in the field of information technology is increasing. The lack of scientific integrity in educational
environments that make the most use of technology is an issue that should be considered. Illegal
downloading of software is common among all social classes specially the students. The use of
social networks is an inseparable part of the lives of many people and the nature of students.
These cases have different effects on their lifestyle, especially on their academic performance
and the length of their studies.

Information technology has entered the lives of people everywhere in various forms such as
personal computers, smart phones, internet technologies, artificial intelligence and robotics. In
fact, this list is constantly growing and there are new forms entering all aspects of daily life. At
the core of all these technologies is a form of computing with which users often interact through
other software applications and operating systems. These technologies, in some cases such as
massive online multiplayer games (see 3.1.1), open up new ways in which people interact with
each other. Information technologies are used to record, communicate, aggregate, or synthesize
information through the use of computer technologies.

Keywords—Information technology; ethical and social issues; unethical practices; students.

OBJECTIVE
1. The relationship between information technology (IT) and ethical values and their
challenges.
2. Specific ethical challenges at the cultural level.
3. Information security and ethics tools and technologies

THE RELATIONSHIP BETWEEN INFORMATION TECHNOLOGY (IT) AND

ETHICAL VALUES AND THEIR CHALLENGES

The history of technology ethics

Although the ethical consequences of new technologies have existed since Socrates' attack on
writing in Plato's dialogue, Phaedrus, the formal field of technology ethics has only existed for a
few decades. The first effects of TE can be seen in the pragmatic Dewey and Peirce. With the
advent of the Industrial Revolution, it was easy to see that technological progress would affect
human activity. This is why they focus on the responsible use of technology.

Technology Ethics
Technology Ethics (TE) is an interdisciplinary field of research that draws on theories and methods
from multiple fields of knowledge (such as communication, social science information studies,
technology studies, applied ethics, and philosophy) to provide insights into the ethical
dimensions of technological systems and practices for the advancement of a technological
society.

Moral theories
Technology ethics includes the ethical aspects of technology within a society shaped by
technology. This raises a series of social and ethical questions regarding new technological
developments and opportunities to cross new frontiers. Before we go ahead and attempt to
address any ethical questions or concerns, it is important to review the three main ethical
theories to develop a foundation for perspective:

❖ Utilitarianism is a moral theory that attempts to maximize happiness and reduce suffering
for the greatest number of people. Utilitarianism focused on results and consequences
rather than rules.
❖ Etiquette of Duty (Kant) notes the obligations one has to society and follows the universal
rules of society. It focuses on the correctness of actions rather than the consequences,
focusing on what the individual should do.
❖ Virtue ethics is another major perspective in normative ethics. It highlights the role and
virtues that an individual's personality contains to be able to determine or evaluate moral
behavior in society. By practicing honest and generous behavior, Aristotle, the
philosopher of this theory, believed that people would then make the right decision when
faced with a moral decision.
❖ Relationship ethics states that care and consideration both derive from human
communication. Therefore, ethical communication is the basic core of maintaining
healthy relationships.

Ethical issues faced by Information Technology (IT)

Some of the major ethical issues faced by Information Technology (IT) are:

1. Personal Privacy

2. Access Right
3. Harmful Actions

4. Patents

5. Copyright

6. Trade Secrets

7. Liability

8. Piracy

These are explained with their affects as following below:

Personal Privacy:

It is an important aspect of ethical issues in information technology. IT facilitates the users having
their own hardware, operating system and software tools to access the servers that are
connected to each other and to the users by a network. Due to the distribution of the network
on a large scale, data or information transfer in a big amount takes place which leads to the
hidden chances of disclosing information and violating the privacy of any individuals or a group.
It is a major challenge for IT society and organizations to maintain the privacy and integrity of
data. Accidental disclosure to inappropriate individuals and provisions to protect the accuracy of
data also comes in the privacy issue.
Access Right:

The second aspect of ethical issues in information technology is access right. Access right
becomes a high priority issue for the IT and cyberspace with the great advancement in
technology. E-commerce and Electronic payment systems evolution on the internet heightened
this issue for various corporate organizations and government agencies. Network on the internet
cannot be made secure from unauthorized access. Generally, the intrusion detection system are
used to determine whether the user is an intruder or an appropriate user.

Harmful Actions:
Harmful actions in the computer ethics refers to the damage or negative consequences to the IT
such as loss of important information, loss of property, loss of ownership, destruction of property
and undesirable substantial impacts. This principle of ethical conduct restricts any outsiders from
the use of information technology in manner which leads to any loss to any of the users,
employees, employers and the general public. Typically, these actions comprises of the
intentional destruction or alteration of files and program which drives a serious loss of resources.
To recover from the harmful actions extra time and efforts are required to remove the viruses
from the computer systems.

Patents:

It is more difficult to deal with these types of ethical issues. A patent can preserve the unique
and secret aspect of an idea. Obtaining a patent is very difficult as compared with obtaining a
copyright. A thorough disclosure is required with the software. The patent holder has to reveal
the full details of a program to a proficient programmer for building a program.
Copyright:

The information security specialists are to be familiar with necessary concept of the copyright
law. Copyright law works as a very powerful legal tool in protecting computer software, both
before a security breach and surely after a security breach. This type of breach could be the
mishandling and misuse of data, computer programs, documentation and similar material. In
many countries, copyright legislation is amended or revised to provide explicit laws to protect
computer programs.

Trade Secrets:

Trade secrets is also a significant ethical issue in information technology. A trade secret secures
something of value and usefulness. This law protects the private aspects of ideas which is known
only to the discover or his confidants. Once disclosed, trade secret is lost as such and is only
protected by the law for trade secrets. The application of trade secret law is very broad in the
computer range, where even a slight head start in the advancement of software or hardware can
provide a significant competitive influence.

Liability:

One should be aware of the liability issue in making ethical decisions. Software developer makes
promises and assertions to the user about the nature and quality of the product that can be
restricted as an express warranty. Programmers or retailers possess the legitimate to determine
the express warranties. Thus they have to be practical when they define any claims and
predictions about the capacities, quality and nature of their software or hardware. Every word
they say about their product may be as legally valid as stated in written. All agreements should
be in writing to protect against liability. A disclaimer of express warranties can free a supplier
from being held responsible of informal, speculative statements or forecasting made during the
agreement stages.

Piracy:

Piracy is an activity in which the creation of illegal copy of the software is made. It is entirely up
to the owner of the software as to whether or not users can make backup copies of their
software. As laws made for copyright protection are evolving, also legislation that would stop
unauthorized duplication of software is in consideration. The software industry is prepared to do
encounter against software piracy. The courts are dealing with an increasing number of actions
concerning the protection of software.

SPECIFIC ETHICAL CHALLENGES AT THE CULTURAL LEVEL

The focus in the previous section was on the ethical effects of information technologies on the
user. In this section, the focus will be on how these technologies shape the ethical landscape at
the societal level. At the turn of the twentieth century, the term “web 2.0” began to appear and
was referring to the new way in which the World Wide Web is being used as a means of sharing
information and also of changing the mindset of web designers to include more interoperability
and user-centered experiences in their web sites. The term has also become associated with
"social media" and "social networking service". Whereas the original 1989 design of the World
Wide Web by Tim Berners-Lee incorporated the idea of meeting and collaborating with others
over the Internet, users finally took full advantage of this potential by 2004 at O'Reilly Media's
first Web 2.0 conference (O'Reilly 2007 [2005] ).

And now technologies are beginning to appear on the scene that will allow us to combine the
real with the virtual. This new form of "Augmented Reality" is facilitated by the fact that many
people now carry GPS-equipped smartphones and other laptops with which they can run
applications that allow them to interact with their surroundings and their computers in At the
same time, looking at an object through their device's camera, the app calls information about
that entity and displays it on top of that object.

Each of these technologies has its own set of new ethical challenges, some of which will be
discussed below:

Social media and networking

Social networking is a term given to sites and applications that facilitate social interactions on the
Internet and typically focus on sharing information with other users referred to as “friends”. The
most famous of these sites today is Facebook but there are many others such as Instagram,
Twitter, and Snapchat, to name a few. There are a number of ethical values that question these
sites. Shannon Valor (2011, 2016) has an opinion on how sites like Facebook can change our
concept of friendship or even oppose it. And its analysis is based on the Aristotelian friendship
theory (see the entry on Aristotle's Ethics).

Because of the many privacy issues with social media use, James Parrish as Mason (1986)
recommends four policies that social media users should follow to ensure that there is an
appropriate ethical obligation to the privacy of others:

• When sharing information on the SNS (social networking sites) you must consider not only
the privacy of your personal information, but also the privacy of the information of others
whose information may be associated with your information.
 • A person wishing to share information on SNS is responsible for the accuracy of the
information prior to sharing it.
• Users of social networking services should not provide information about themselves that
they can back out at some time later. Also, social media users should not post information
posted by another person unless they have been given consent by that person. Either
way, once the information is released it may be impossible to back off.
• An SNS user is responsible for determining the credibility of a person or program before
allowing that person or program to access the information posted. ( Parrish 2010 )

INFORMATION SECURITY AND ETHICS TOOLS AND TECHNOLOGIES

Ethics, privacy, and information security has been viewed as one of the foremost areas of concern
and interest by academic researchers and industry practitioners. Information security and ethics
is defined as an all encompassing term that refers to all activities needed to secure information
and systems that support it in order to facilitate its ethical use. In this introductory chapter, this
very important field of study is introduced and the fundamental concepts and theories are
discussed.

Information Security
Information security is the security of the computers that process and store information. The goal
of information security is the confidentiality, integrity, availability, non-repudiation,
accountability, authenticity, and reliability of information resources. Information security used
to be purely technical, however has evolved over time to keep pace with changes to computers
and networks. The goal of information security involves preserving the confidentiality, integrity
and availability of business information.
Security Attacks
There are a large number of types of attacks that exploit vulnerabilities in systems. It describes
some of the more recent and technologically complex attacks that have plagued the information
networks and systems.

1. Denial of service: The attacker tries to prevent a service from being used rather than
compromising it. Numerous hosts are used to perform a denial of service attack.
2. Trojan horse: A malicious software which disguises itself as a benign software.
3. Computer virus: Reproduces itself by attaching to other executable files and once
executed can cause damage.
4. Worm: A self-reproducing program that creates copies of itself. Worms can spread easily
using e-mail address books.
5. Rootkit: A set of tools used by an attacker after gaining root-level access to a host
computer in order to conceal its activities on the host and permit the attacker to maintain
root-level access to the host through covert means.
6. Man-in-the-middle attack: Sometimes referred to as session hijacking in which the
attacker accesses the network though an open session and, once the network
authenticates it, attacks the client computer to disable it and uses IP spoofing to claim to
be the client.
7. IP spoofing: An attacker may fake its IP address so the receiver thinks it is sent from a
location that it is not viewed by the receiver as a threat.
8. Logic bomb: lays dormant until an event triggers it, such as a date, user action, or in some
cases may have a random trigger.

Ethics as Human Foundation of Information Security

The field of ethics is concerned with the understanding of the concepts of right and wrong
behaviors. ethics is the study of what human behavior ought to be. It is defined as the study of
moral values in human behavior and making sense of human experience. Ethics is concerned with
the morality of our actions. We define morality as the nature of how we treat others. Information
ethics (cyberethics), is the foundation by which the ethical implications of information security
are studied. Information ethics is a branch of applied ethics that has received considerable
attention not only from ethicists but also from information technology researchers and
professional.

Information security and ethics is a complex, growing and dynamic field. It encompasses all
aspects of the organization. As stated earlier in this chapter, information security and ethics has
received considerable attention from researchers, developers and practitioners. Given the
complexities of the issues involved, and the pace of technological change, tools and technologies
to support the organizational security efforts are diverse and multifaceted. This diversity of tools
and technologies available makes it difficult, if not impossible, for even seasoned professionals
to keep up with new tools, technologies, and terminologies.

1. Identification and Authentication

The user’s identity can be authenticated using the following mechanisms:

• Requiring the user to provide something they have (e.g., token)

• Requiring the user to provide something they alone know (e.g., password)
• Sampling a personal characteristic (e.g., fingerprint).
2. Access Control

Controlling access can be based on any or a combination of the following:

• User identity
• Role memberships
• Group membership
• Other information known to the system.

3. Intrusion Detection

Intrusion Detection is devices or softwares that monitors a network or systems for malicious
activity or policy violations. Any intrusion activity or violation is typically reported either to an
administrator or collected centrally using a security information and event management system.

4. Firewall

Firewall is devices or systems that control the flow of network traffic between networks or
between a host and a network. A firewall acts as a protective barrier because it is the single point
through which communications pass. Internal information that is being sent can be forced to pass
through a firewall as it leaves a network or host. Incoming data can enter only through the
firewall. Network firewalls are devices or systems that control the flow of network traffic
between networks employing differing security postures.
5. Malicious Code Protection

Malicious code is the term used to describe any code in any part of a software system or script
that is intended to cause undesired effects, security breaches or damage to a system. Malicious
code is an application security threat that cannot be efficiently controlled by conventional
antivirus software alone. Malicious code describes a broad category of system security terms that
includes attack scripts, viruses, worms, Trojan horses, backdoors and malicious active content.
Malicious code can take the form of:

• Java Applets
• ActiveX Controls
• Scripting languages
• Browser plug-ins
• Pushed content

6. Vulnerability Scanners

A vulnerability scanner is a computer program designed to assess computers, networks or

applications for known weaknesses. In plain words, these scanners are used to discover the
weaknesses of a given system. By running scanners on a regular basis, administrators can also
see how effectively they have mitigated vulnerabilities that were previously identified. Products
use dozens of techniques to detect vulnerabilities in hosts’ operating systems, services and
applications

CRITICAL ISSUES IN INFORMATION SECURITY AND ETHICS

Information security and ethics are fundamentally related to information privacy. Technological
advances, decreased costs of hardware and software, and the World Wide Web revolution have
allowed for vast amounts of data to be generated, collected, stored, processed, analyzed,
distributed and used at an ever-increasing rate by organizations and governmental agencies.
Almost any activity that an organization or an individual is engaged in creates an electronic foot
print that needs to be managed, processed, stored, and communicated.

Most critical Information Security issues in next two years, CSI/FBI 2006 Computer Crime and
Security Survey 2006:

Privacy Definition

Data privacy or information privacy is a branch of data security concerned with the proper
handling of data – consent, notice, and regulatory obligations. More specifically, practical data
privacy concerns often revolve around:

1. Whether or how data is shared with third parties.

2. How data is legally collected or stored.

3. Regulatory restrictions such as GDPR, HIPAA, GLBA, or CCPA.

CONCLUSION
Ethical issues in the field of information technology are ranked by the results of statistical analyses.
According to the students’ opinion, anti-religious propaganda had the highest prevalence in cyberspace
among the indices that With Informing people, teaching religious issues, more monitoring and determine
the correct rules it can be reduced. Also hacking was also ranked in the last place. According to the
conducted studies and the results obtained from this study, it can be concluded that ethics in information
technology can be trained. Therefore, mandatory syllabus for students in bachelors and master and PhD
course on ethical issues in information technology seems essential to cope with the ethical challenges of
IT. Finally, a set of strategies and training for controlling unethical activities in the field of information
technology was presented with the hope that their challenges are reduced.

As a conclusion, information security is importance to the development of an organization that keep the
data or information about their customers or company. The development of modern organizations are
depends on the availability, confidentiality and integrity to ensure information security. Other than that,
the extensive use of information technology had improves the efficiency of the business, but exposes the
organization to additional risks and challenges such as failure to understand about information security,
mobile workforce and wireless computing, shortage of information security staff and information security
attacks. The implementation of the information security is a process that is by far more complex than the
implementation of the other management due to the large number of factors that may affect its
effectiveness. To ensure information security, the organization should understand that information
security is not solely a technological issue. The organization should also consider the non-technical aspect
of information security while developing the information security.
REFERENCES
Adam, A., 2002, “Cyberstalking and Internet pornography: Gender and the gaze,” Ethics and Information
Technology, 4(2): 133––––, 2008, “Ethics for things,” Ethics and Information technology, 10(2–3).

American Academy of Pediatrics, 2018, “Children and Media Tips from the American Academy of
Pediatrics,” May 1,available online.

Anderson, M. and S. L. Anderson (eds.), 2011,Machine Ethics, Cambridge: Cambridge University Press.

Gotterbarn, D., Miller, K., & Rogerson, S. (1999). Software engineering code of ethics is approved.
Comm. ACM, 42(10), 102-107. o http://www.itsecurity.com/papers/recourse1.htm.

Wiener, N. (1948). Cybernetics or control and communication in the animal and the machine.
Technology Press.

Westin, A. (1967). Privacy and freedom. New York: Atheneum