MANAGEMENT INFORMATION SYSTEMS
CHAPTER 15
SOCIAL, ETHICAL AND LEGAL ISSUES
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-1
SOCIAL, ETHICAL AND LEGAL ISSUES
•
IT is influencing societies across the globe
•
Despite its benefits, there are also a number of negative social impacts, such as:
-
Loss of personal privacy and identity theft
Increased intellectual property violations
- E-mail spam
- Computer viruses and worms that destroy data on personal as well as corporate computers
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-2
THE LEGAL ENVIRONMENT
•
Purpose of Legislation
- To constrain behavior within a society so that there is minimal
harm to its members and its needs are met
- IT is evolving so rapidly that laws inevitably lag behind
- Both needs and harms also differ across nations
Note: Examples of several recent U.S. laws that impact information security management are discussed in Chapter 14
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-3
ETHICAL ISSUES
•
IT is having a growing effect on our lives and can give rise to ethical issues
–
•
Managers who determine how IT is used are also responsible for the ethical implications of their decisions
Potential consequences of unethical behavior
–
For an individual employee
- Loss of reputation
- Loss of employment or career
–
For an organization
- Loss of reputation
- Business survival
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-4
IDENTIFYING ETHICAL PROBLEMS
– The first step is to recognize that a decision or action has ethical implications
– These questions can be used to identify potential ethical problems:
•
•
•
•
Is this fair to everyone that will be affected?
Would I want my mother to know about this?
Would I care if everyone knew about this?
What would be the result if everyone did this?
– IT-related ethical problems have the potential to impact many stakeholders
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-5
ANALYZING ETHICAL PROBLEMS
– There is no universally accepted way to determine whether an action is justified or unethical
– Many basic ethical principles have come from religious traditions and philosophers
– Ethical issues may also be viewed differently depending on culture
•
Example: In some countries, bribery is not considered unethical
APEC attempt to ban bribes
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-6
EXAMPLE: CODE OF ETHICS
Professional Association Example:
The IEEE-CS and ACM have jointly developed a comprehensive code of ethics for the software engineering
profession
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-7
ANALYZING ETHICAL PROBLEMS
–
Ethical reasoning is seldom difficult, but some problems are so complex that the decision is not obvious
–
In these complex situations, there are usually many alternative actions to consider
–
In organizations: Managers should identify ethical problems and include all parties who are affected by the
decision
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-8
SOCIAL ISSUES
•
Privacy
•
Identity Theft
•
Intellectual Property Rights
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-9
PRIVACY
Textbook definition of Privacy:
The ability to control access to information about ourselves
•
An individual might give permission to collect and use certain personal information in exchange for some
benefit or business transaction
•
Privacy is invaded when information is used in ways the individual never intended or explicitly agreed to
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-10
PRIVACY
Why is Privacy a business issue?
•
Personal information can be extremely valuable to marketers, and many companies spend significant funds on
obtaining it
•
Credit cards, customer loyalty cards, warranty cards, and sweepstakes are all used to collect personal information
•
U.S. citizens differ widely in their attitude toward personal privacy. On average, U.S. surveys suggest that:
- 25% of individuals are not concerned with privacy issues
- 50% are willing to consider trading some personal privacy for other benefits
- 25% are quite sensitive to loss of privacy
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-11
E- COMMERCE PRIVACY CONCERNS
•
The growth of IT, especially the Web, has increased the potential for Privacy violations
•
One method of obtaining information about consumers is through the use of cookies
Cookies: A small file created by a Web browser that can identify the user to a particular Web site
•
The effects of cookies on an individual’s Privacy can vary, depending on how they are used by companies
on the Internet
–
For example, Amazon.com uses cookies to identify users and then deliver personalized content based on the user’s prior
purchases
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-12
E- COMMERCE PRIVACY CONCERNS
Example: ESPN.com cookie
DMSEG
2948220784574D0C&K03429&4459DBDF&4723
Variable Name
Value
Host Name
espn.go.com/
1024
2699591168
31381317
463312832
Flag
29912808
*
Expiration Date
Creation Date
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-13
E- COMMERCE PRIVACY CONCERNS
•
Cookies can also be used to develop more comprehensive profiles of an individual’s interests and
preferences
•
DoubleClick: A company that builds user profiles
- Company places advertisements for business clients on thousands of Web sites
- First time a user visits any of these Web sites, a cookie is created by the Web browser
- The cookie will then identify the user on any subsequent visits to Web sites with DoubleClick advertising
- Through this mechanism, a detailed profile of browsing behavior and preferences can be compiled
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-14
WEB PORTAL PRIVACY CONCERNS
•
Privacy concerns also increase when Web portals are involved:
-
In 2001, privacy advocates raised concerns about the strategic alliance between DoubleClick and Abacus
Direct, a direct marketing company with information on 88 million households, because the deal would link the
two companies’ databases
-
In 2007, the purchase of DoubleClick by Google raised similar concerns over the merging of Google’s data on
individual’s Internet searches and DoubleClick’s data on the same individual, collected from specific web sites
-
In 2006, three months of search queries by AOL members were available to the public
•
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
AOL Web Search queries
15-15
SOCIAL NETWORKING PRIVACY CONCERNS
Facebook
•
Initial company policy was that information would be shared only within the user’s group of friends.
However, over the years the company has changed its policy, sometimes without pre-warning its users.
•
Facebook generates revenues through advertisements, and the disclosure of personal information gives
advertisers a greater ability to target relevant users
–
Example: Photographers can target future brides based on age, gender, engagement status and location
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-16
SPYWARE CONCERNS
Spyware is one of the most rapidly growing types of software that covertly gathers a user’s personal information without
the user’s knowledge; this is also referred to as “social engineering.”
-
Spyware is usually hidden inside of other programs, such as screensavers and file sharing software
-
Sometimes hidden software to reduce copyright violations and “piracy” of a major company’s products can “backfire”
SONY spyware gone wrong
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-17
WORKPLACE PRIVACY
•
Outside of the financial industry, there are no laws in the U.S. regulating the collection and sharing of
personal data
•
Many organizations now post privacy policies, but even these do not always explain how an individual’s
personal information is used
–
•
Since corporations have the right to view employee email messages, employees should assume that
their email messages are not private
Managers should note that actions that employees perceive to violate their personal privacy can result in
negative views of the company
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-18
U.S. PRIVACY LAWS
–
The Fair Credit Reporting Act
- Regulates disclosure of credit application data and credit histories
–
The Privacy Act
- Restricts a government agency from gathering information for one purpose and using it for another or
sharing it with another agency
–
The Family Education Rights and Privacy Act
- Protects the privacy of students by restricting access to their grade and disciplinary information
–
The Electronic Communications Privacy Act
- Prohibits unauthorized access to e-mail
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-19
U.S. PRIVACY LAWS
–
The Video Protection Privacy Act
- Prohibits videotape service providers from disclosing information about video rentals
–
The Driver’s Privacy Protection Act
- Prohibits states from selling driver’s license information
–
The Health Insurance Portability and Accountability Act
- HIPAA protects an individual’s personal health information from unauthorized disclosure
–
The Children’s Online Privacy Protection Act
- Prohibits collecting information from children under the age of 13 unless their parents authorize it
–
Gramm-Leach-Bliley Act
- Provides some privacy protections against the sale of financial information
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-20
PRIVACY LAWS
•
The U.S position on Privacy differs from the European position; these differences need to be recognized by
organizations when data is transferred across European borders
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-21
IDENTITY THEFT
Identity Theft
“Someone appropriating your personal information without your knowledge to commit fraud or theft” - FTC
•
Resolving the effects of identity theft takes 30-40 hours on average, but can also take months or
years
•
In 2009, 11.1 million U.S. adults were affected by Identity Theft, an increase of 12% over 2008
–
–
Total fraud amount increased by 12.5% to 54 billion
Average victim spent 21 hours and $343 resolving the crime
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-22
PREVENTING IDENTITY THEFT
–
Protect your national ID numbers (U.S. Social Security Number)
- Do not reveal it to anyone unless you know that it is necessary
- Do not carry your Social Security card or number in your wallet
–
Protect your credit cards
- Carry as few cards as possible
–
–
–
–
Keep them in sight when being handled by others
Protect your computer by using a firewall and installing antivirus and antispyware software
Do not throw bills & credit card offers into the trash; shred them instead
Check your credit card bills and bank statements carefully
Check Credit Reports frequently
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-23
INTELLECTUAL PROPERTY RIGHTS
Intellectual Property (IP)
Any product of the human mind, such as an idea, an invention, a literary creation, a work of art, a business
method, an industrial process, a chemical formula, a computer program, or a presentation
•
The key difference between intellectual and physical property is that the product
can be shared without the owner losing it
•
What can be “owned” differs from society to society, but many nations recognize
the importance of laws to protect IP
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-24
INTELLECTUAL PROPERTY RIGHTS
•
IP laws typically grant ownership rights for a limited time under the belief that IP should eventually be in the public
domain:
Copyrights: Give the owner control over the duplication of copyrighted intellectual property
Patents: Give the owner the exclusive right to the manufacture and use of a new design or method
•
However, IP laws were developed with tangible products in mind:
Since IT separates the content from the medium that contains it,
new laws are required, but legislation lags behind
the technology.
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall
15-25