Ethics and IS 1 IS, Ethics and the Law
Ethics and IS 1
IS, Ethics and the Law
Ethics and IS 2
What Do We Mean By Ethics?
‘The purpose of ethics is to enable us to behave honourably..’
Richard Spinello, Ethical Aspects of Information Technology (Prentice Hall, 1995)
Ethics and IS 3
Definitions….. Beliefs regarding right and wrong
behaviour Behaviour that conforms to generally
accepted social norms The purpose of ethics is to help us
behave honourably
Ethics and IS 4
Integrity Acting in a way that is consistent with
your principles Cornerstone of ethical behaviour Extend to all persons the respect and
consideration that you would like to receive
Ethics and IS 5
Good Business Ethics Protect the organisation from legal
action Organisation operates consistently Avoid unfavourable publicity Gain the goodwill of the community Promotes good business relationships
Ethics and IS 6
To answer questions…. Should we use data mining tools? What are my responsibilities as a
consultant? What should I do if I think the system
being designed is not secure enough? How can I resolve a conflict of
interest?
Ethics and IS 7
Aren’t we reinventing the wheel? Yes
‘There is nothing new under the sun’
But There are complications inherent in IT
Ethics and IS 8
Complications Scale – global, pervasive Sophistication – robots, space, medical
imaging Knowledge – amount, type Technology – power, pervasiveness
Ethics and IS 9
New Dilemmas or Old?
Ethics and IS 10
Ethical Decision Making Get the facts Identify the stakeholders and their positions Consider the consequences of your
decision Weigh various guidelines and principles Develop and evaluate options Review the decision Evaluate the results of the decision
Ethics and IS 11
Frameworks For Ethical Analysis
Basic ethical theories Rights based (universal rights grounded in
human nature) Duty based (moral law is rigid and
universal) Utilitarianism (the greatest happiness of
the greatest number) Normative principles
Ethics and IS 12
If you want to know more. . There are lots of books
Ethics Philosophy
Ethics and IS 13
Need for Computer SystemsSophisticated computer systems are
needed because of: The need to handle massive amounts of
data The need to deliver vital information to
decision makers
Ethics and IS 14
IS and IT and EthicsPossible problem areas: Software Networks Hardware Expert systems
Ethics and IS 15
Computer Software Who ‘owns’ the information?
How do we balance the right to privacy with the need for information?
What about property rights to the software? Can copyright and patent laws protect
software?
Ethics and IS 16
Networks How do we cope with viruses?
How do we ensure computer networks are secure?
Who will be liable if there is a breach of security? Should people at risk from security
breaches have some say in security decisions?
Ethics and IS 17
Computer Hardware What about using computers for
performance monitoring? When does monitoring become intrusive
and a form of harassment? What about the power of the vendors?
What are the customers’ rights?
Ethics and IS 18
Expert Systems Who ‘owns’ the knowledge?
The company or the expert? What if it’s wrong? Or the expert won’t share it?
Who is responsible if there is a problem or malfunction? The programmer, the expert, the knowledge
engineer, or the end user?
Ethics and IS 19
Professional Bodies IEEE
http://www.ieee.org/about/corporate/governance/p7-8.html
BCS http://www.bcs.org/upload/pdf/conduct.pdf
Ethics and IS 20
The Law Privacy and Electronic Communications
Directive (2003) Freedom of Information Act (2000) Data Protection Act (1998) Human Rights Act (1998) Health and Safety at Work Act (1974) Copyright, Designs and Patents Act 1988
inc The Copyright And Related Rights Regulations 2003 SI No: 2498
Ethics and IS 21
Privacy and Electronic Communications Directive (2003) Applies to marketing by electronic
means By fax, telephone, email, text message,
picture and automated calling systems
Ethics and IS 22
Freedom of Information Act (2000) The right of access to information held
by public authorities including: Central Government Local Authorities NHS Schools Police
Ethics and IS 23
Freedom of Information Act (2000)……… Full implementation from January 2005 You can obtain information from a
public authority from an approved publication scheme (ie a guide to the type of information routinely published by that authority)
Exempt material does not need to be provided
Ethics and IS 24
The Difference Between FOI and DPA
Information about yourself, the DPA applies
Information related to a public authority, FOI
You have a general right of access to ‘recorded’ information held by public authorities
Ethics and IS 25
Data Protection Act (1998) Aims to strike a balance between the
rights of the individual and the rights of organisations who have a legitimate reason to use personal data
If you process personal data you need to notify the Information Commissioners Office
Ethics and IS 26
8 Principles of Good Practice
The data must be: Fairly and lawfully processed Processed for limited processes Adequate, relevant and not excessive Accurate and up to date
Ethics and IS 27
8 Principles of Good Practice… Not kept longer than necessary Processed in accordance with the
individual’s rights Secure Not transferred to countries outside the
European Economic area unless the country has adequate protection for the individual
Ethics and IS 28
6 Conditions for information to be considered fairly processed The individual has consented to the
processing Processing is necessary for the
performance of a contract with the individual
Processing is required under a legal obligation (other than one imposed by the contract)
Ethics and IS 29
6 Conditions for information to be considered fairly processed.. Processing is necessary to protect the
vital interests of the individual Processing is necessary to carry out
public functions eg administration of justice
Processing is necessary in order to pursue the legitimate interests of the data controller or third parties (unless it could unjustifiably prejudice the interests of the individual
Ethics and IS 30
Sensitive Data If sensitive data (racial or ethnic origin,
political opinions, religious or other beliefs, trade union membership, physical or mental health condition, sex life, criminal proceedings or convictions) is processed, extra conditions must be met
Ethics and IS 31
Sensitive Data…. Having the explicit consent of the
individual Being required by law to process the
information for employment purposes Needing to process the information in
order to protect the vital interests of the individual or another person
Dealing with the administration of justice or legal proceedings
Ethics and IS 32
Human Rights Act (1998) Became law in October 2000 A legal mechanism for recognising and
protecting human rights Includes the right to privacy Breaches of confidence Telephone tapping and the interception
of communication
Ethics and IS 33
Health and Safety at Work Act (1974) Health and Safety (Display Screen
Equipment) Regulations 1992 Advice on the positioning and use of VDUs
and workstations in general to reduce the risk of Upper Limb Disorders
Ethics and IS 34
Copyright, Designs and Patents Act 1988 Including The Copyright And Related
Rights Regulations 2003 SI No: 2498 Covers intellectual property rights Limited coverage of computer software
Legislation having an impact on ICT development in Sri Lankahttp://www.icta.lk/index.php/en/programmes/ict-policy-leadership-and-institutional-development-programme/99-e-laws/69-e-laws-project
Information and Communication Technology Act No.27 of 2003
Evidence (Special Provisions) Act No.14 of 1995 Intellectual Property Act No. 36 of 2003 (Sections
related to Copyright) Electronic Transactions Act No. 19 of 2006 Computer Crimes Act No. 24 of 2007 Payment And Settlement Systems Act, No. 28 of
2005 Payment Devices Frauds Act No.30 of 2006
Ethics and IS 35