Chapter 9 – Information Ethics, Privacy, and Security
• Information Ethics and Information Privacy
Policies for Information Ethics and Information Privacy
• Information Security
The First Line of Defence - People
The Second Line of Defence - Technology
Information technology would raise security questions because the information is
accessible to everyone, competitors, internal users who are not authorized. IT users
online might collect (and sell) information about us while we are browsing the web,
without our consent, or without us knowing which is a breach of privacy. They can
find out many things about our tastes and preferences online by following our
Employers “spy” on employees sometimes:
- Employers sometimes track what employees are doing on the office computers,
or videotaping them to see how productive they are.
- They want to avoid lawsuits by protecting their assets and themselves
- If someone forgets their memory key in class, in order to find who it belong too,
we would plug it into our computer.
o It could have a virus and wipe our computer hard drive
o It could have private information belonging to the user.
o It could have information about salaries, grades, etc. that we could access if
o Ethical issues related to the use of IT.
o Technology is replacing humans
Information Ethics and Information Privacy
• Ethics and new urgency:
The principles and standards that guide our behavior towards other people:
• Why the new urgency?
• Issues affected by technology advances
Fair use dealing
Pirated software Counterfeit software
• Privacy is a major ethical issue
Privacy – the right to be left alone when you want to be, to have control over
your own personal possessions, and not to be observed without your consent
Confidentiality – the assurance that messages and information are available
only to those who are authorized to view them
• The line between privacy and confidentiality is merky. The key word associated
with privacy is consent. If they are monitoring our web movement without us
knowing, then it’s an invasion of privacy. It’s without our consent.
• There are some people that are allowed to access certain information to do
something we need. Professors can access our student ID’s to post grades.
“One of the main ingredients in trust is privacy
Primary Reasons Privacy Issues Reduce Trust for E-Business
1. Loss of Personal Privacy
2. 37% of internet users are “a lot” more inclined to purchase a product
3. Effective privacy and security would convert more Internet users to
- Information just exists everywhere, but what we humans do with it is what is
ethical unethical. The humans who collect, analyze and share the information
can be ethical or unethical in their process.
- We can assure that the information is not passed on by having the regulations
and rules that assure they won’t be shared unethically.
- Use a firewall, change a password every week, and protect the information so it
is not misused. Nothing is unethical about information, the only
unethical/ethical thing can be the human interaction with the information.
• Information ethics - concerns the ethical and moral issues arising from the
development and use of information technologies, as well as the creation,
collection, duplication, distribution, and processing of information itself
(with or without the aid of computer technologies).
Individuals form the only ethical component of ISBeing ethical and being legal is not the same thing:
- If it is legal, it has to be legal for all people, same rules for all people. But ethics
can differ between people. Lawyers are legal, but it can be unethical.
- Principles and standards relating to ethics can be different for two people, but
something legal, but me legal for two people.
- Example: (Unethical/Legal) Lawyers want to legally protect their clients, but
sometimes the decision is not ethical, because the clients behavior was unethical.
- Example: (Ethical/Illegal) Speeding to go to the hospital because your wife is
pregnant. It is ethically explainable to do so, but legally speeding is not legal.
Ethical Concerns In The Workplace With IT Use
• Organizations can be held financially responsible for their employees’ actions
• Concern surrounding employees’ monitoring
American Management Association survey found that: 82% of companies
conduct electronic monitoring or physical surveillance; 63% monitor Internet
connections; and 47% store and review employee e-mail messages
• Monitoring – tracking people’s activities by such measures as number of
keystrokes, error rate, and number of transactions processed
• Information privacy - concerns the legal right or general expectation of
individuals, groups, or institutions to determine for themselves when, and to
what extent, information about them is communicated to others.
• Information privacy legislation varies widely
The United States
Models Supporting Web privacy: Opt-in vs. Opt-out Models
• Opt-in model of informed consent
Assumes consent is not given.
• Opt-out model of informed consent
Assumes consent is given.
• Personal Information Protection and Electronic Documents Act (PIPEDA) is a
Federal act that applies to all organizations
10 guiding principles
• Types of personal information covered:
pension and employment insurance files
student loan applications military records
• Legislated by the Canadian government (1999), it establishes the principles
that govern the collection, use and disclosure of personal information
Based on a set of 10 principles including accountability, accuracy, safeguards,
obtaining consent, identifying the purposes for the collection of personal
• Applies to federally regulated organizations (e.g., airlines, telephone
companies, banks), all commercial activities, and all companies that collect,
use or disclose personal health information
Developing Information Management Policies
• Organizations strive to build a corporate culture based on ethical principles
that employees can understand and implement
• ePolicies typically include:
Ethical computer use policy