Ethics and Privacy
Ethics:
deals with what is considered to be right and wrong.
deals with what is considered to be right and wrong.
Deciding what is right or wrong is not always easy or clear cut
Code of Ethics:
A collection of principles that are intended to guide decision making by members of an organization
Ethical Issues:
Ethical Frameworks
Four widely representative used standards of ethical framework :
#Utilitarian Approach:
#Utilitarian Approach:
An ethical action is the one that provides the most good or does the least harm for all affected parties-customers, employees, shareholders, the community, and the environment.
#Rights Approach:
#Rights Approach:
An ethical action is the one that best protects and respects the moral rights of affected people e.g. Ethical organization action .
Moral Rights⇨can include the right to make one’s own choices about one kind of life to lead
✔The right to make your own choices.
✔The right to be told the truth.
✔The right of privacy.
✔The right to make your own choices.
✔The right to be told the truth.
✔The right of privacy.
#Fairness Approach:
Ethical actions treat all human beings equally, or, if unequally, then fairly , based on some defensible standard or imbalance of power and hence in unfair.
Examples: - fair to pay people higher salaries if they work harder contribute a greater amount to the firm
Highlights the interlocking relationships that underlie all societies.
This approach argues that respect and compassion for all is the basis for ethical actions.
It emphasizes the common conditions that are important to the welfare of everyone.
These conditions can include a system of laws, effective policy and fire departments, health care, a public educational system and even public recreation areas.
We can develop a general framework for ethics or for ethical decision making.
This framework consists of five steps:
1) Recognize an ethical issue
3) Evaluate alternative actions.
4) Make a decision and test it.
5) Act and reflect on the outcome of your decision.
Ethics in the Corporate Environment:
Code of ethics: is a collection of principles intended to guide decision making by members of the organization. (e.g. the Association for Competing Machinery, an organization of computing professional, has a thoughtful code of ethics for its members.)
Different codes of ethics are not always consistent with one another.
Fundamental Tenets of Ethics:
➡Responsibility:
means that you accept the consequences of your decisions and actions.
➡Accountability:
a determination of who is responsible for actions that were taken
➡Liability:
a legal concept meaning that individuals have the right to recover the damages done to them by other individuals, organizations, or systems
Unethical is not necessarily illegal
improvements in information technologies have generated a new set of ethical problems.
-organizations are more dependent than ever on information system.
With information system- Organizations can store increasing amount of data at decreasing cost.
- Enabling organizations to store more data on individuals for longer periods of time.
- Computer networks, particularly the internet, enable organization to collect, integrate, and distribute enormous amounts of information on individuals, groups, and institutions.
Ethics and Information Technology:
Many of business decisions will have ethical dimension. Consider the decisions that you might have to make such as:
>Monitor employees’ web surfing and e-mail.>Sell customer information to other companies.
>Audit employees’ computers for unauthorized software or illegally download music or video files.
Privacy:
1. Privacy Issues:
involve collecting, storing, and disseminating about individuals’
information Privacy: is the right to be left alone and to be free of unreasonable personal intrusions.
Privacy rights apply to :individuals/ groups/ institutions
Information Privacy: the right to determine when, and to what extent, information about yourself can be gathered and/or communicated
Court decisions in many countries have followed two rules fairly closely which determine and enforce why privacy regulations can be difficult :-The right of privacy is not absolute .
- privacy must be balanced against the needs of society.
-The public’s right to know is superior to the individual’s right of privacy.
2. Accuracy Issues:
involve the authenticity, fidelity and accuracy of information that is collected and processed
3. Property Issues :
involve the ownership and value of information.
4. Accessibility Issues:
revolve around who should have access to information and whether they should have to pay for this access
Threats to privacy :
☆Data aggregators
companies that collect public data (e.g., real estate records, telephone numbers) and nonpublic data (e.g., social security numbers, financial data, police records, motor vehicle records) and integrate them to produce digital dossiers
☆Digital dossiers
an electronic description of you and your habits
☆Profiling
use of computers to combine data from multiple sources and create digital dossiers of detailed information on individuals
☆NORA (nonobvious relationship awareness)
new data analysis technique for even more powerful profiling.
☆Electronic surveillance:
The tracking of people‘s activities ,online or offline,with the aid of computers. that conducted by employers, government, and other institutions (e.g. reading by employers of employees’ e-mail and other documents ).
It is major privacy-related problem.
# Cookies
# URL filtering :tow-third use software to block connection to inappropriate websites.
Personal Information in Databases:
Information about individuals is being kept in many databases:
Ø Banks
Ø Utility companies
Ø Government agencies
Ø Credit reporting companies
Social Networking Sites:
Social Networking Sites: often include electronic discussions such as chat rooms. These sites appear on the Internet, within corporate intranets, and on blogs.
Social Networking Sites Can Cause You Problems:
1-Anyone can post derogatory information about you anonymously.
Social Networking Sites Can Cause You Problems:
1-Anyone can post derogatory information about you anonymously.
2-You can also hurt your live or job by posting your information.
These information can be text or images, etc.
What you can do when you are facing these problem:
First, be careful what information you post on social networking sites.
Second, a company, Reputation Defender, says it can remove derogatory information from the Web.
A blog (Weblog) is an informal, personal journal that is frequently updated and intended for general public reading.
http://www.msnbc.msn.com/id/20202935/ns/business-school_inc_/t/job-candidates-getting-tripped-facebook
These information can be text or images, etc.
What you can do when you are facing these problem:
First, be careful what information you post on social networking sites.
Second, a company, Reputation Defender, says it can remove derogatory information from the Web.
A blog (Weblog) is an informal, personal journal that is frequently updated and intended for general public reading.
http://www.msnbc.msn.com/id/20202935/ns/business-school_inc_/t/job-candidates-getting-tripped-facebook
Privacy Codes and Policies:
Privacy Codes and Policies:An organization’s guidelines with respect to protecting the privacy of customers, clients, and employees.
Opt-out Model
informed consent permits the company to collect personal information until the customer specifically requests that the data not be collected.
Opt-in Model
informed consent means that organizations are prohibited from collecting any personal information unless the customer specifically authorizes it.
P3P Platform for Privacy Preferences Project:
Platform for privacy preference (P3P): is platform that automatically communicates privacy policies between an electronic commerce website and visitors to that site.
(P3P): -enable visitors to determine the types of personal data that can be extracted by the websites they visit.
-allows visitors to compare a website’s privacy policy to the visitors’ preference or to other standards such as Federal Trade Commission’s (FTC) fair information practices standard / or European Directive on Data Protection.
International Aspects of Privacy:
Privacy issues that international organizations and governments face when information spans countries and jurisdictions ( transfer data among nations without the knowledge of either the authorities or the individuals could raises the privacy issues).
Trans border data flows :the absence of consistent or uniform standards for privacy and security obstructs the flow of information among countries.
European union (EU): in 1998 the European Community Commission (ECC) put laws for it’s members about the right of individuals to access their information.
The EU data-protection laws are more stricter than US laws which create problems for multinational corporations and face lawsuits for privacy.
EU developed a “safe harbor” framework to regulate the way that US companies export and handle the personal data of European citizens.
Privacy Policy Guidelines :
◆Data should be collected on individuals only for the purpose of accomplishing a legitimate business objective.
◇Data should be adequate, relevant, and not excessive in relation to the business objective.
◆Individuals must give their consent before data pertaining to them can be gathered.
◇Such consent may be implied from individual’s version should be noted and included with any disclosure of the file.
◆ Computer security procedures should be implemented to ensure against unauthorized disclosure of data. These procedures should include physical, technical, and administrative security measures.
◇ Third parties should not be given access to data without individual’s knowledge or permission, except as required by law.
◆Disclosures of data, other than the most routine, should be noted and maintained for as long as the data are maintained.
◇ Data should not be disclosed for reasons incompatible with the business objective for which they are collected.
Privacy issues that international organizations and governments face when information spans countries and jurisdictions ( transfer data among nations without the knowledge of either the authorities or the individuals could raises the privacy issues).
Trans border data flows :the absence of consistent or uniform standards for privacy and security obstructs the flow of information among countries.
European union (EU): in 1998 the European Community Commission (ECC) put laws for it’s members about the right of individuals to access their information.
The EU data-protection laws are more stricter than US laws which create problems for multinational corporations and face lawsuits for privacy.
EU developed a “safe harbor” framework to regulate the way that US companies export and handle the personal data of European citizens.
Privacy Policy Guidelines :
Data Collection:
◆Data should be collected on individuals only for the purpose of accomplishing a legitimate business objective.
◇Data should be adequate, relevant, and not excessive in relation to the business objective.
◆Individuals must give their consent before data pertaining to them can be gathered.
◇Such consent may be implied from individual’s version should be noted and included with any disclosure of the file.
Data accuracy :
◆Sensitive data gathered on individuals should be verified before they are entered into the database.
◇Data should be kept current, where and when necessary.
◆The file should be made available so that the individual can ensure that the data are correct.
◇In any disagreement about the accuracy of the data, the individual’s version should be noted and include with any disclosure of the file.
◇Data should be kept current, where and when necessary.
◆The file should be made available so that the individual can ensure that the data are correct.
◇In any disagreement about the accuracy of the data, the individual’s version should be noted and include with any disclosure of the file.
Data confidentiality:
◆ Computer security procedures should be implemented to ensure against unauthorized disclosure of data. These procedures should include physical, technical, and administrative security measures.
◇ Third parties should not be given access to data without individual’s knowledge or permission, except as required by law.
◆Disclosures of data, other than the most routine, should be noted and maintained for as long as the data are maintained.
◇ Data should not be disclosed for reasons incompatible with the business objective for which they are collected.
No comments:
Post a Comment