Professional Documents
Culture Documents
The Ethical and Social Issues of Information Technology and Security
The Ethical and Social Issues of Information Technology and Security
STUDENT NAME
SUPERVISER BY
TABLE OF CONTENT
INTRODUCTION ............................................................................................................................................ 3
OBJECTIVE ..................................................................................................................................................... 4
THE RELATIONSHIP BETWEEN INFORMATION TECHNOLOGY (IT) AND ETHICAL VALUES AND THEIR
CHALLENGES ................................................................................................................................................. 4
The history of technology ethics.............................................................................................................. 4
Technology Ethics ..................................................................................................................................... 4
Moral theories .......................................................................................................................................... 5
Ethical issues faced by Information Technology (IT) ............................................................................... 5
SPECIFIC ETHICAL CHALLENGES AT THE CULTURAL LEVEL ........................................................................ 10
Social media and networking................................................................................................................. 11
INFORMATION SECURITY AND ETHICS TOOLS AND TECHNOLOGIES ....................................................... 12
Information Security .............................................................................................................................. 12
Security Attacks ...................................................................................................................................... 13
Ethics as Human Foundation of Information Security .......................................................................... 13
CRITICAL ISSUES IN INFORMATION SECURITY AND ETHICS ...................................................................... 17
CONCLUSION .............................................................................................................................................. 19
REFERENCES ................................................................................................................................................ 20
INTRODUCTION
New advances particularly in the field of information technology have brought new scientific
gains to humans but it should be noted that the entry of new scientific and technological fields
will always have ethical issues and limitations. One of the interesting and, of course, new topics
in the field of information technology science is computer ethics or IT ethics. The study of
computer ethics has long been considered by the researchers. Today, in the digital age, the
society is dependent on computers in almost all its affairs, and the study of ethics in the field of
computer and information technology must always be considered. The growth and development
of the Internet has made it possible to store a large number of individuals’ personal data by
relying on advanced information systems and the abuse of personal data and privacy violations
in the field of information technology is increasing. The lack of scientific integrity in educational
environments that make the most use of technology is an issue that should be considered. Illegal
downloading of software is common among all social classes specially the students. The use of
social networks is an inseparable part of the lives of many people and the nature of students.
These cases have different effects on their lifestyle, especially on their academic performance
and the length of their studies.
Information technology has entered the lives of people everywhere in various forms such as
personal computers, smart phones, internet technologies, artificial intelligence and robotics. In
fact, this list is constantly growing and there are new forms entering all aspects of daily life. At
the core of all these technologies is a form of computing with which users often interact through
other software applications and operating systems. These technologies, in some cases such as
massive online multiplayer games (see 3.1.1), open up new ways in which people interact with
each other. Information technologies are used to record, communicate, aggregate, or synthesize
information through the use of computer technologies.
OBJECTIVE
1. The relationship between information technology (IT) and ethical values and their
challenges.
2. Specific ethical challenges at the cultural level.
3. Information security and ethics tools and technologies
Technology Ethics
Technology Ethics (TE) is an interdisciplinary field of research that draws on theories and methods
from multiple fields of knowledge (such as communication, social science information studies,
technology studies, applied ethics, and philosophy) to provide insights into the ethical
dimensions of technological systems and practices for the advancement of a technological
society.
Moral theories
Technology ethics includes the ethical aspects of technology within a society shaped by
technology. This raises a series of social and ethical questions regarding new technological
developments and opportunities to cross new frontiers. Before we go ahead and attempt to
address any ethical questions or concerns, it is important to review the three main ethical
theories to develop a foundation for perspective:
❖ Utilitarianism is a moral theory that attempts to maximize happiness and reduce suffering
for the greatest number of people. Utilitarianism focused on results and consequences
rather than rules.
❖ Etiquette of Duty (Kant) notes the obligations one has to society and follows the universal
rules of society. It focuses on the correctness of actions rather than the consequences,
focusing on what the individual should do.
❖ Virtue ethics is another major perspective in normative ethics. It highlights the role and
virtues that an individual's personality contains to be able to determine or evaluate moral
behavior in society. By practicing honest and generous behavior, Aristotle, the
philosopher of this theory, believed that people would then make the right decision when
faced with a moral decision.
❖ Relationship ethics states that care and consideration both derive from human
communication. Therefore, ethical communication is the basic core of maintaining
healthy relationships.
1. Personal Privacy
2. Access Right
3. Harmful Actions
4. Patents
5. Copyright
6. Trade Secrets
7. Liability
8. Piracy
Personal Privacy:
It is an important aspect of ethical issues in information technology. IT facilitates the users having
their own hardware, operating system and software tools to access the servers that are
connected to each other and to the users by a network. Due to the distribution of the network
on a large scale, data or information transfer in a big amount takes place which leads to the
hidden chances of disclosing information and violating the privacy of any individuals or a group.
It is a major challenge for IT society and organizations to maintain the privacy and integrity of
data. Accidental disclosure to inappropriate individuals and provisions to protect the accuracy of
data also comes in the privacy issue.
Access Right:
The second aspect of ethical issues in information technology is access right. Access right
becomes a high priority issue for the IT and cyberspace with the great advancement in
technology. E-commerce and Electronic payment systems evolution on the internet heightened
this issue for various corporate organizations and government agencies. Network on the internet
cannot be made secure from unauthorized access. Generally, the intrusion detection system are
used to determine whether the user is an intruder or an appropriate user.
Harmful Actions:
Harmful actions in the computer ethics refers to the damage or negative consequences to the IT
such as loss of important information, loss of property, loss of ownership, destruction of property
and undesirable substantial impacts. This principle of ethical conduct restricts any outsiders from
the use of information technology in manner which leads to any loss to any of the users,
employees, employers and the general public. Typically, these actions comprises of the
intentional destruction or alteration of files and program which drives a serious loss of resources.
To recover from the harmful actions extra time and efforts are required to remove the viruses
from the computer systems.
Patents:
It is more difficult to deal with these types of ethical issues. A patent can preserve the unique
and secret aspect of an idea. Obtaining a patent is very difficult as compared with obtaining a
copyright. A thorough disclosure is required with the software. The patent holder has to reveal
the full details of a program to a proficient programmer for building a program.
Copyright:
The information security specialists are to be familiar with necessary concept of the copyright
law. Copyright law works as a very powerful legal tool in protecting computer software, both
before a security breach and surely after a security breach. This type of breach could be the
mishandling and misuse of data, computer programs, documentation and similar material. In
many countries, copyright legislation is amended or revised to provide explicit laws to protect
computer programs.
Trade Secrets:
Trade secrets is also a significant ethical issue in information technology. A trade secret secures
something of value and usefulness. This law protects the private aspects of ideas which is known
only to the discover or his confidants. Once disclosed, trade secret is lost as such and is only
protected by the law for trade secrets. The application of trade secret law is very broad in the
computer range, where even a slight head start in the advancement of software or hardware can
provide a significant competitive influence.
Liability:
One should be aware of the liability issue in making ethical decisions. Software developer makes
promises and assertions to the user about the nature and quality of the product that can be
restricted as an express warranty. Programmers or retailers possess the legitimate to determine
the express warranties. Thus they have to be practical when they define any claims and
predictions about the capacities, quality and nature of their software or hardware. Every word
they say about their product may be as legally valid as stated in written. All agreements should
be in writing to protect against liability. A disclaimer of express warranties can free a supplier
from being held responsible of informal, speculative statements or forecasting made during the
agreement stages.
Piracy:
Piracy is an activity in which the creation of illegal copy of the software is made. It is entirely up
to the owner of the software as to whether or not users can make backup copies of their
software. As laws made for copyright protection are evolving, also legislation that would stop
unauthorized duplication of software is in consideration. The software industry is prepared to do
encounter against software piracy. The courts are dealing with an increasing number of actions
concerning the protection of software.
And now technologies are beginning to appear on the scene that will allow us to combine the
real with the virtual. This new form of "Augmented Reality" is facilitated by the fact that many
people now carry GPS-equipped smartphones and other laptops with which they can run
applications that allow them to interact with their surroundings and their computers in At the
same time, looking at an object through their device's camera, the app calls information about
that entity and displays it on top of that object.
Each of these technologies has its own set of new ethical challenges, some of which will be
discussed below:
Because of the many privacy issues with social media use, James Parrish as Mason (1986)
recommends four policies that social media users should follow to ensure that there is an
appropriate ethical obligation to the privacy of others:
• When sharing information on the SNS (social networking sites) you must consider not only
the privacy of your personal information, but also the privacy of the information of others
whose information may be associated with your information.
• A person wishing to share information on SNS is responsible for the accuracy of the
information prior to sharing it.
• Users of social networking services should not provide information about themselves that
they can back out at some time later. Also, social media users should not post information
posted by another person unless they have been given consent by that person. Either
way, once the information is released it may be impossible to back off.
• An SNS user is responsible for determining the credibility of a person or program before
allowing that person or program to access the information posted. ( Parrish 2010 )
Information Security
Information security is the security of the computers that process and store information. The goal
of information security is the confidentiality, integrity, availability, non-repudiation,
accountability, authenticity, and reliability of information resources. Information security used
to be purely technical, however has evolved over time to keep pace with changes to computers
and networks. The goal of information security involves preserving the confidentiality, integrity
and availability of business information.
Security Attacks
There are a large number of types of attacks that exploit vulnerabilities in systems. It describes
some of the more recent and technologically complex attacks that have plagued the information
networks and systems.
1. Denial of service: The attacker tries to prevent a service from being used rather than
compromising it. Numerous hosts are used to perform a denial of service attack.
2. Trojan horse: A malicious software which disguises itself as a benign software.
3. Computer virus: Reproduces itself by attaching to other executable files and once
executed can cause damage.
4. Worm: A self-reproducing program that creates copies of itself. Worms can spread easily
using e-mail address books.
5. Rootkit: A set of tools used by an attacker after gaining root-level access to a host
computer in order to conceal its activities on the host and permit the attacker to maintain
root-level access to the host through covert means.
6. Man-in-the-middle attack: Sometimes referred to as session hijacking in which the
attacker accesses the network though an open session and, once the network
authenticates it, attacks the client computer to disable it and uses IP spoofing to claim to
be the client.
7. IP spoofing: An attacker may fake its IP address so the receiver thinks it is sent from a
location that it is not viewed by the receiver as a threat.
8. Logic bomb: lays dormant until an event triggers it, such as a date, user action, or in some
cases may have a random trigger.
Information security and ethics is a complex, growing and dynamic field. It encompasses all
aspects of the organization. As stated earlier in this chapter, information security and ethics has
received considerable attention from researchers, developers and practitioners. Given the
complexities of the issues involved, and the pace of technological change, tools and technologies
to support the organizational security efforts are diverse and multifaceted. This diversity of tools
and technologies available makes it difficult, if not impossible, for even seasoned professionals
to keep up with new tools, technologies, and terminologies.
• User identity
• Role memberships
• Group membership
• Other information known to the system.
3. Intrusion Detection
Intrusion Detection is devices or softwares that monitors a network or systems for malicious
activity or policy violations. Any intrusion activity or violation is typically reported either to an
administrator or collected centrally using a security information and event management system.
4. Firewall
Firewall is devices or systems that control the flow of network traffic between networks or
between a host and a network. A firewall acts as a protective barrier because it is the single point
through which communications pass. Internal information that is being sent can be forced to pass
through a firewall as it leaves a network or host. Incoming data can enter only through the
firewall. Network firewalls are devices or systems that control the flow of network traffic
between networks employing differing security postures.
5. Malicious Code Protection
Malicious code is the term used to describe any code in any part of a software system or script
that is intended to cause undesired effects, security breaches or damage to a system. Malicious
code is an application security threat that cannot be efficiently controlled by conventional
antivirus software alone. Malicious code describes a broad category of system security terms that
includes attack scripts, viruses, worms, Trojan horses, backdoors and malicious active content.
Malicious code can take the form of:
• Java Applets
• ActiveX Controls
• Scripting languages
• Browser plug-ins
• Pushed content
6. Vulnerability Scanners
Most critical Information Security issues in next two years, CSI/FBI 2006 Computer Crime and
Security Survey 2006:
Privacy Definition
Data privacy or information privacy is a branch of data security concerned with the proper
handling of data – consent, notice, and regulatory obligations. More specifically, practical data
privacy concerns often revolve around:
As a conclusion, information security is importance to the development of an organization that keep the
data or information about their customers or company. The development of modern organizations are
depends on the availability, confidentiality and integrity to ensure information security. Other than that,
the extensive use of information technology had improves the efficiency of the business, but exposes the
organization to additional risks and challenges such as failure to understand about information security,
mobile workforce and wireless computing, shortage of information security staff and information security
attacks. The implementation of the information security is a process that is by far more complex than the
implementation of the other management due to the large number of factors that may affect its
effectiveness. To ensure information security, the organization should understand that information
security is not solely a technological issue. The organization should also consider the non-technical aspect
of information security while developing the information security.
REFERENCES
Adam, A., 2002, “Cyberstalking and Internet pornography: Gender and the gaze,” Ethics and Information
Technology, 4(2): 133––––, 2008, “Ethics for things,” Ethics and Information technology, 10(2–3).
American Academy of Pediatrics, 2018, “Children and Media Tips from the American Academy of
Pediatrics,” May 1,available online.
Anderson, M. and S. L. Anderson (eds.), 2011,Machine Ethics, Cambridge: Cambridge University Press.
Gotterbarn, D., Miller, K., & Rogerson, S. (1999). Software engineering code of ethics is approved.
Comm. ACM, 42(10), 102-107. o http://www.itsecurity.com/papers/recourse1.htm.
Wiener, N. (1948). Cybernetics or control and communication in the animal and the machine.
Technology Press.