MANAGEMENT INFORMATION SYSTEMS

CHAPTER 15
SOCIAL, ETHICAL AND LEGAL ISSUES

Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-1


SOCIAL, ETHICAL AND LEGAL ISSUES

•

IT is influencing societies across the globe

•

Despite its benefits, there are also a number of negative social impacts, such as:

-

Loss of personal privacy and identity theft
Increased intellectual property violations

- E-mail spam
- Computer viruses and worms that destroy data on personal as well as corporate computers

Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-2

THE LEGAL ENVIRONMENT

•

Purpose of Legislation

- To constrain behavior within a society so that there is minimal

harm to its members and its needs are met

- IT is evolving so rapidly that laws inevitably lag behind

- Both needs and harms also differ across nations

Note: Examples of several recent U.S. laws that impact information security management are discussed in Chapter 14

Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-3


ETHICAL ISSUES

•

IT is having a growing effect on our lives and can give rise to ethical issues

–


•

Managers who determine how IT is used are also responsible for the ethical implications of their decisions

Potential consequences of unethical behavior

–

For an individual employee
- Loss of reputation
- Loss of employment or career

–

For an organization
- Loss of reputation
- Business survival

Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-4


IDENTIFYING ETHICAL PROBLEMS

– The first step is to recognize that a decision or action has ethical implications
– These questions can be used to identify potential ethical problems:
•
•

•
•

Is this fair to everyone that will be affected?
Would I want my mother to know about this?
Would I care if everyone knew about this?
What would be the result if everyone did this?

– IT-related ethical problems have the potential to impact many stakeholders

Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-5


ANALYZING ETHICAL PROBLEMS

– There is no universally accepted way to determine whether an action is justified or unethical
– Many basic ethical principles have come from religious traditions and philosophers
– Ethical issues may also be viewed differently depending on culture
•

Example: In some countries, bribery is not considered unethical

APEC attempt to ban bribes
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-6



EXAMPLE: CODE OF ETHICS

Professional Association Example:
The IEEE-CS and ACM have jointly developed a comprehensive code of ethics for the software engineering
profession

Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-7


ANALYZING ETHICAL PROBLEMS

–

Ethical reasoning is seldom difficult, but some problems are so complex that the decision is not obvious

–

In these complex situations, there are usually many alternative actions to consider

–

In organizations: Managers should identify ethical problems and include all parties who are affected by the
decision

Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-8



SOCIAL ISSUES

•

Privacy

•

Identity Theft

•

Intellectual Property Rights

Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-9


PRIVACY

Textbook definition of Privacy:

The ability to control access to information about ourselves

•

An individual might give permission to collect and use certain personal information in exchange for some
benefit or business transaction


•

Privacy is invaded when information is used in ways the individual never intended or explicitly agreed to

Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-10


PRIVACY

Why is Privacy a business issue?

•

Personal information can be extremely valuable to marketers, and many companies spend significant funds on
obtaining it

•

Credit cards, customer loyalty cards, warranty cards, and sweepstakes are all used to collect personal information

•

U.S. citizens differ widely in their attitude toward personal privacy. On average, U.S. surveys suggest that:
- 25% of individuals are not concerned with privacy issues
- 50% are willing to consider trading some personal privacy for other benefits
- 25% are quite sensitive to loss of privacy


Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-11


E- COMMERCE PRIVACY CONCERNS

•

The growth of IT, especially the Web, has increased the potential for Privacy violations

•

One method of obtaining information about consumers is through the use of cookies
Cookies: A small file created by a Web browser that can identify the user to a particular Web site

•

The effects of cookies on an individual’s Privacy can vary, depending on how they are used by companies
on the Internet

–

For example, Amazon.com uses cookies to identify users and then deliver personalized content based on the user’s prior
purchases

Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-12



E- COMMERCE PRIVACY CONCERNS

Example: ESPN.com cookie

DMSEG
2948220784574D0C&K03429&4459DBDF&4723
Variable Name
Value
Host Name

espn.go.com/
1024
2699591168
31381317
463312832

Flag

29912808
*

Expiration Date

Creation Date

Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-13



E- COMMERCE PRIVACY CONCERNS

•

Cookies can also be used to develop more comprehensive profiles of an individual’s interests and
preferences

•

DoubleClick: A company that builds user profiles
- Company places advertisements for business clients on thousands of Web sites
- First time a user visits any of these Web sites, a cookie is created by the Web browser
- The cookie will then identify the user on any subsequent visits to Web sites with DoubleClick advertising
- Through this mechanism, a detailed profile of browsing behavior and preferences can be compiled

Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-14


WEB PORTAL PRIVACY CONCERNS

•

Privacy concerns also increase when Web portals are involved:

-

In 2001, privacy advocates raised concerns about the strategic alliance between DoubleClick and Abacus

Direct, a direct marketing company with information on 88 million households, because the deal would link the
two companies’ databases

-

In 2007, the purchase of DoubleClick by Google raised similar concerns over the merging of Google’s data on
individual’s Internet searches and DoubleClick’s data on the same individual, collected from specific web sites

-

In 2006, three months of search queries by AOL members were available to the public

•
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

AOL Web Search queries
15-15


SOCIAL NETWORKING PRIVACY CONCERNS

Facebook

•

Initial company policy was that information would be shared only within the user’s group of friends.
However, over the years the company has changed its policy, sometimes without pre-warning its users.

•


Facebook generates revenues through advertisements, and the disclosure of personal information gives
advertisers a greater ability to target relevant users

–

Example: Photographers can target future brides based on age, gender, engagement status and location

Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-16


SPYWARE CONCERNS

Spyware is one of the most rapidly growing types of software that covertly gathers a user’s personal information without
the user’s knowledge; this is also referred to as “social engineering.”

-

Spyware is usually hidden inside of other programs, such as screensavers and file sharing software

-

Sometimes hidden software to reduce copyright violations and “piracy” of a major company’s products can “backfire”

SONY spyware gone wrong

Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-17



WORKPLACE PRIVACY

•

Outside of the financial industry, there are no laws in the U.S. regulating the collection and sharing of
personal data

•

Many organizations now post privacy policies, but even these do not always explain how an individual’s
personal information is used

–
•

Since corporations have the right to view employee email messages, employees should assume that
their email messages are not private

Managers should note that actions that employees perceive to violate their personal privacy can result in
negative views of the company

Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-18


U.S. PRIVACY LAWS


–

The Fair Credit Reporting Act
- Regulates disclosure of credit application data and credit histories

–

The Privacy Act
- Restricts a government agency from gathering information for one purpose and using it for another or
sharing it with another agency

–

The Family Education Rights and Privacy Act
- Protects the privacy of students by restricting access to their grade and disciplinary information

–

The Electronic Communications Privacy Act
- Prohibits unauthorized access to e-mail

Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-19


U.S. PRIVACY LAWS

–


The Video Protection Privacy Act
- Prohibits videotape service providers from disclosing information about video rentals

–

The Driver’s Privacy Protection Act
- Prohibits states from selling driver’s license information

–

The Health Insurance Portability and Accountability Act
- HIPAA protects an individual’s personal health information from unauthorized disclosure

–

The Children’s Online Privacy Protection Act
- Prohibits collecting information from children under the age of 13 unless their parents authorize it

–

Gramm-Leach-Bliley Act
- Provides some privacy protections against the sale of financial information

Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-20


PRIVACY LAWS


•

The U.S position on Privacy differs from the European position; these differences need to be recognized by
organizations when data is transferred across European borders

Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-21


IDENTITY THEFT

Identity Theft
“Someone appropriating your personal information without your knowledge to commit fraud or theft” - FTC

•

Resolving the effects of identity theft takes 30-40 hours on average, but can also take months or
years

•

In 2009, 11.1 million U.S. adults were affected by Identity Theft, an increase of 12% over 2008

–
–

Total fraud amount increased by 12.5% to 54 billion
Average victim spent 21 hours and $343 resolving the crime


Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-22


PREVENTING IDENTITY THEFT

–

Protect your national ID numbers (U.S. Social Security Number)
- Do not reveal it to anyone unless you know that it is necessary
- Do not carry your Social Security card or number in your wallet

–

Protect your credit cards
- Carry as few cards as possible

–
–
–
–

Keep them in sight when being handled by others

Protect your computer by using a firewall and installing antivirus and antispyware software
Do not throw bills & credit card offers into the trash; shred them instead

Check your credit card bills and bank statements carefully
Check Credit Reports frequently


Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-23


INTELLECTUAL PROPERTY RIGHTS

Intellectual Property (IP)

Any product of the human mind, such as an idea, an invention, a literary creation, a work of art, a business
method, an industrial process, a chemical formula, a computer program, or a presentation

•

The key difference between intellectual and physical property is that the product
can be shared without the owner losing it

•

What can be “owned” differs from society to society, but many nations recognize
the importance of laws to protect IP

Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-24


INTELLECTUAL PROPERTY RIGHTS


•

IP laws typically grant ownership rights for a limited time under the belief that IP should eventually be in the public
domain:

Copyrights: Give the owner control over the duplication of copyrighted intellectual property

Patents: Give the owner the exclusive right to the manufacture and use of a new design or method

•

However, IP laws were developed with tangible products in mind:
Since IT separates the content from the medium that contains it,

new laws are required, but legislation lags behind

the technology.

Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall

15-25