chapter 12 ethics and privacy 1 copyright john wiley & sons canada

CHAPTER 12Ethics and Privacy

1Copyright John Wiley & Sons Canada

Copyright John Wiley & Sons Canada 2

12.1 Ethical Issues12.2 Privacy

Chapter 12:ETHICS AND PRIVACY

3

LEARNING OBJECTIVES

1. Define ethics, list and describe the three fundamental tenets of ethics, and describe the four categories of ethical issues related to information technology.

2. Identify three places that store personal data, and for each one, discuss at least one potential threat to the privacy of the data stored there.

Copyright John Wiley & Sons Canada

4

OPENING CASE

What to Do About WikiLeaks?The Problem

• Whistleblowers can capture huge amounts of incriminating documents on a laptop, memory stick, or portable hard drive. This information can be sent through personal e-mail accounts or online drop sites, or they can simply submit it directly to WikiLeaks (www.wikileaks.org). WikiLeaks receives approximately 10,000 new documents every day. Since its inception, in December 2006, WikiLeaks has had significant impacts on both businesses and governments; how can future disclosures be prevented?


http://www.wikileaks.org/

5

OPENING CASE

The IT Solution– Several cyber security measures from the DLP (data leak

protection) industry have been tried. However, none have been effective. Recently, organizations have turned to network forensics, which is the process of constantly collecting every digital “fingerprint” on an organization’s servers to trace and identify an intruder who has broken into the system. Although this software gathers data and makes them easily available, it does not identify the culprit.


6

OPENING CASE

The Results– How can organizations and governments respond to WikiLeaks?

Lawsuits will not work, because WikiLeaks, is a mere conduit for documents. Moreover, even if a company or a government somehow won a judgment against WikiLeaks, that would not shut down the company, because its assets are spread all over the world. Governments may need to revise their practices to avoid being targeted.


7

OPENING CASE

What we learned from this case?– All organizations, large and small, must be concerned with

ethics. You will encounter numerous ethical and privacy issues in your career, many of which will involve IT requiring solutions that do not violate the privacy of governments, organizations, and individuals.


8

DISCUSSION

1. Define the term “whistleblower” as it relates to IT issues.

2. How can governments, organizations, and even individuals prevent future disclosures from whistleblowers? Is it possible to accomplish this task, given that the sources of WikiLeaks’ information appear to be internal?


9

12.1 ETHICAL ISSUES

• Ethics refers to the principles of right and wrong that individuals use to make choices that guide their behaviour.


10

ETHICAL FRAMEWORKS

• Ethical Frameworks are standards used to develop general frameworks for ethics or ethical decision making:– Utilitarian– Rights– Fairness– Common Good

• For examples of standards used in Canada click here: www.csa.ca


http://www.csagroup.org/ca/en/services/codes-and-standards

11

TRADITIONAL AND GVV APPROACHES

Traditional GVV

1. Recognize an ethical issue 1. Identify an ethical issue

2. Get the facts 2. Purpose and choice

3. Evaluate alternative actions 3. Stakeholder analysis

4. Make a decision and test it 4. Powerful response

5. Scripting and coaching


12

ETHICS IN THE CORPORATE ENVIRONMENT

• Code of ethics: a collection of principles that are intended to guide decision making by members of an organization.

• Fundamental tenets of ethics include:– Responsibility– Accountability– Liability


http://www.acm.org/about/code-of-ethics

13

ETHICS AND IT

• Four general categories of ethical issues in IT applications: – Privacy– Accuracy– Property– Accessibility


14

UNETHICAL VS. ILLEGAL

• What is unethical is not necessarily illegal.– Ethics scenarios


http://bcs.wiley.com/he-bcs/Books?action=resource&bcsId=2942&itemId=0471736368&resourceId=8968


IT’S ABOUT BUSINESS

12.2 Big Brother Is Watching You– People today live with a degree of surveillance that would have

been unimaginable just a few generations ago. Examples include surveillance cameras, GPS and facial-recognition software. Facebook encourage users to assign names to people in photos, Once you are tagged in a photo, that photo could be used to search for matches across the entire Internet or in private databases, including databases fed by surveillance cameras.

http://www.theglobeandmail.com/technology/digital-culture/facebook-preps-massive-expansion-of-facial-recognition-using-your-profile-pics/article14022251/

16

12.2 PRIVACY

• Court decisions have followed two rules for defining privacy:1. The right of privacy is not absolute. Your privacy must be

balanced against the needs of society.2. The public’s right to know supersedes the individual’s right of

privacy.


17

IT TECHNOLOGIES

• Data aggregators, digital dossiers, and profiling• Electronic Surveillance• Personal Information in Databases• Information on Internet Bulletin Boards, Newsgroups,

and Social Networking Sites


18

DATA AGGREGATORS, DIGITAL DOSSIERS, AND PROFILING

• Data Aggregators collect public and non-public data then integrate these data to form digital dossiers on most adults in North America.

• Click on the following links to review examples of data aggregators:– http://www.lexisnexis.ca/en-ca/home.page– www.acxiom.com– http://www.statcan.gc.ca/


http://www.lexisnexis.ca/en-ca/home.page

http://www.acxiom.com/

http://www.statcan.gc.ca/

19

ELECTRONIC SURVEILLANCE

1. The law supports the right of employers to read their employees’ e-mail and other electronic documents and to monitor their employees’ Internet use.

2. See the Globe & Mail article regarding surveillance in Canada.


http://www.theglobeandmail.com/news/politics/data-collection-program-got-green-light-from-mackay-in-2011/article12444909/

20

PERSONAL INFORMATION IN DATABASES

1. Banks and financial institutions2. Utility companies3. Employers4. Government agencies5. Credit reporting agencies6. Hospitals7. Schools and universities8. Retail establishments

© Nicolas Nadjar/Age Fotostock America, Inc.


http://www.cra-arc.gc.ca/menu-eng.html

https://www.econsumer.equifax.ca/index_en.html?transaction_id=102a6cfb101566c1585e60f2756a2f


INFORMATION ON INTERNET BULLETIN BOARDS, NEWSGROUPS, AND SOCIAL NETWORKING SITES

• Social Networking Sites often include electronic discussions such as chat rooms. These sites appear on the Internet, within corporate intranets, and on blogs.

• A blog (Weblog) is an informal, personal journal that is frequently updated and intended for general public reading.

• Clicking here will take you to the Government of Canada article on the Pros and Cons of Social Networking in business

© Marina Bordjieva/Age Fotostock America, Inc.

Click on the picture to read about the pros and cons of Social Networking in business

http://www.canadabusiness.ca/eng/page/2655/

22

PRIVACY CODES AND POLICIES

• Opt-in Model prohibits an organization from collecting any personal information unless the customer specifically authorizes it.

• Opt-out model permits the company to collect personal information until the customer specifically requests that the data not be collected.


http://fightspam.gc.ca/eic/site/030.nsf/eng/home

https://www.americanexpress.com/us/content/legal-disclosures/online-privacy-statement.html?inav=footer_privacy_statement

23

IT’S ABOUT BUSINESS

12.3 Your Privacy on Facebook– The Office of the Privacy Commissioner of Canada has

engaged in numerous actions against Facebook due to potential privacy concerns. Facebook continues to innovate, providing new products such as Graph Search and software for Android users. Every new product announcement is greeted by privacy concerns, while Facebook’s view is that users still have the ability to tailor their privacy settings while having better services available.


http://www.priv.gc.ca/

24

INTERNATIONAL ASPECTS OF PRIVACY

• Approximately 50 countries have some form of data-protection laws.

• Many of these laws conflict with those of other countries, or they require specific security measures.

• Some countries have no privacy laws at all• Whose laws have jurisdiction when records are stored

in a different country for reprocessing or retransmission purposes.


http://ec.europa.eu/dataprotectionofficer/dpl_transposition_en.htm

25

CHAPTER CLOSING

1. Ethics refers to the principles of right and wrong that individuals use to make choices that guide their behavior including responsibility, accountability, and liability.

2. Major ethical issues related to IT are privacy, accuracy, property and access to information.


26

CHAPTER CLOSING (CONTINUED)

3. Threats to privacy include advances in information technologies, electronic surveillance, personal information in databases, Internet bulletin boards, newsgroups, and social networking sites.

4. One personal threat to the privacy of data stored is that you might post too much personal information that many unknown people can see.


CopyrightCopyright © 2014 John Wiley & Sons Canada, Ltd. All rights reserved. Reproduction or translation of this work beyond that permitted by Access Copyright (the Canadian copyright licensing agency) is unlawful. Requests for further information should be addressed to the Permissions Department, John Wiley & Sons Canada, Ltd. The purchaser may make back-up copies for his or her own use only and not for distribution or resale. The author and the publisher assume no responsibility for errors, omissions, or damages caused by the use of these files or programs or from the use of the information contained herein.

27

chapter 12 ethics and privacy 1 copyright john wiley & sons canada

Documents