Ethics in I.

T, E- Commerce & Privacy Code

What is Information Technology?

Information technology (or I.T.) is simply defined as the use of computers and software
to manage information such as business data, digital images and videos, voice conversation,
multimedia presentations and others electronic files. It involves storing, processing, designing,
transmitting and retrieving information through computer systems and applications. The term
“information technology” progressed during the 1970’s where microcomputers have been
developed, but the basic concept of it, ignited during the World War II where the military and
industry worked together for the development of electronics, computers, and information theory.

I.T. has gone far since then and became a part of daily routine of everyone’s life both in
business and social living. It has drastically developed over the past decades and still fast
developing. The generation of computers becomes smaller with greater speed and capability as
generation passes. In addition, the network connections of computers become more complex and
made the exchange of information more accessible.

What is Ethics?
But before drawing further and directly address the ethical issues on information
technology, it will be best to define what ethics first. Some say that ethics has to do with
religion. Conversely, ethics should not be confined with it. Most religions advocate higher
ethical standards. And yet, if ethics were confined to religion, then ethics would apply only to
religious people.

Some says that ethics is something about law. However, there are some unethical acts
that are not covered by law. One instance, lying or betraying the confidence or trust of a friend
is generally unethical, but it is not punishable and covered by any law. But, conforming to the
law is absolutely considered as ethical.

Furthermore, some says to be ethical is to do what the society accepts. But, the society
can be morally corrupt. Like during the time of Nazi in Germany, killing Jews is acceptable in
their society and grotesquely obvious that it deviates from being ethical. In this sense, ethics is
not generally related to the norms of the society.

In conclusion, ethics is not tantamount with religion, law and social norm, though in
some ways they are connected. Ethics is a set of standards of right and wrong in which advises
us the proper way to act and react. It relates on the manner one person treats others in which
respect and others’ well being are considered. It also relates with the compliance with law,
conforming with generally accepted social norms and contribution to the society. Lastly, it
relates on presenting oneself with honesty, reliability, and compassion.

Ethics and Professionalism in Information Technology

Parallel to the rapid development of Information Technology is uprising of certain ethical
and professional issues as well as social implications that were not thought decades back.
Internet particularly made a big impact not only the way people around the globe communicate
but also, it opens a wide door to information. Internet gave people the freedom to do, find and
share a lot of things and information in the web. It is like going inside a global grocery store
where everything you wanted and needed are there, all you have to do is put it inside your cart.
Consequently, this freedom became the key for emergence of numerous ethical issues and made
different cultures collide. One example is the cartoon published by a Danish newspaper that
created a huge global sensation due to the protest it received from the Muslim communities all
over the globe. In Danish culture and as the Danish court sided that there is no violation done by
the newspaper in publishing the said cartoons but in Muslim countries it is unacceptable and
unethical.
As part of the virtual world of I.T., it is our social mandate to act ethically and
professionally and promote it in our workplace. Although, at times there are acts that a lot of
users does not think it is unethical for it is done by many and no law or policy prohibits the act.
So, what can be the guidelines to distinguish the right from wrong? These guidelines can be
group into three categories, namely: equity, privacy and honesty.
1. EQUITY
Equity simply means being fair with others and to act fair is to act ethical. Equity
directly relates to the intellectual property rights which according to Justin Hughes, an American
law professor is characterized as “nonphysical property that is a product of cognitive processes
and whose value is based upon some idea or collection of ideas.” Intellectual Property is legally
protected by copyright, patents, trademarks, trade secrets and design rights. One common
violation of this right and almost everyone is guilty of, is the rampant uploading or downloading
an electronic files through peer-to-peer sharing (P2P) network and mostly this is without the
permission of the original author.

Though, P2P file sharing itself is not illegal. But, the spread of file sharing implicated the
growth of unauthorized sharing of copyrighted electronic files as well. The unauthorized
downloading harmed the business of copyright holders, publishers and also the global economy.
The music industry as an example has dropped approximately 15% on its 2003 sales compared to
1999. There was an attempt to stop these copying and sharing of electronic files. But, all was
unsuccessful, even in countries with eminent intellectual property rights law such as the US and
Europe. Later, it found out that this file sharing can work to their benefit and can promote sales.
Record companies allow users to download sample songs from a record album. They also gave
the option of rating the songs to influence others. Thus, creating a fan base and in turn augment
the album’s sales. The same with the case of software, where trial versions were now release
by its creators to beat the illegal downloading. The movie industry is also thinking of a way now
to use the file sharing network and applications for its own benefit. But despite the fact that file
sharing specifically unauthorized P2P sharing is working somehow positively to authors,
companies and publishers, still a number considers it as theft and unethical.

In addition, a lot of internet users predominantly students “copy and paste” text from
websites without proper citation from the original author. Sadly, some claims ownership of the
work afterwards. Plagiarism became dominant in the internet. Some website blocks the right-
click function to prevent the “copy and paste” command of web visitors. But, the act is still
widespread. Even journalist and writers are guilty of this act.
A senior student in Dublin, Shane Fitzgerald placed a fake quote in www.wikipedia.org
under a famous dead musician, Maurice Jarre’s biography for his experiment study. To his
surprise the bogus quote was copied and paste in the obituary and articles about Jarre. Only a
few weeks later upon his admission that the writers found out that it was a hoax. Also, this
brings up the social responsibility of content providers in presenting reliable information.
 Another case is the Missouri’s family Christmas card photo. The photo was published by
the wife in her personal Face book account and blog. To her surprise their family photo was
then edited and was used as an advertisement photo by Czech store without her or her husband’s
permission. The store owner thought the picture was computer generated and admitted the
mistake.

2. PRIVACY
Second is privacy. Something that intrudes the privacy of others is considered unethical.
These include accessing one’s email account, records and personal information such as credit
card number, address, etc. There are companies who practice monitoring of both personal and
business emails, as well as internet usage of their employees. A number of office workers are
accessing and using personal email account for business and personal reasons. This oftentimes
leads to information leakage and expose the company to unstable situations. According to the
survey done by Proof point Inc. in the U.S., more than 80 out of 220 large companies hire staff to
read and analyze outgoing emails of their staff. This is legal in most areas and done by
companies to shun them from any legal liability that may arise by the unlawful act of their
employees in the internet. However, the question on invasion of privacy arises and objected by a
lot of workers. The European Union together with its member nations enacted a ban from
transacting to businesses without workplace privacy. In some U.S. states, companies are
required to inform their employees that they are electronically monitored which will serve as
balance between ethical/privacy issues and business information security.

On the same note, some individuals collect email address and sell this information to
companies whose aim is to promote their products through spam email. Some uses credit card
information for computer theft. Consequently, with the rise of blogs and social network, this
personal information of individual became handy to anyone. Now, some social websites are
giving the option to its members to increase their privacy setting to avoid information
exploitation.
 3. HONESTY
Next is honesty which refers to acting with integrity. Generally, everyone knows and can
distinguish what is right from wrong. But, not everyone can act honestly at all times. Even with
the creation of company conduct code or policy, it cannot stop someone in doing unethical or
dishonest habits in the workplace for honesty is something intrinsic. These are common
unethical and unprofessional business habits and serves as current challenges of most companies:

1. Spamming – sending unsolicited email to many users and usually for commercial
purposes.
2. Flaming – sending grave and offensive email or posting offensive messages to social /
group bulletins.
3. Forwarding non-business emails
4. Moonlighting - doing side jobs or personal business using company’s network and
computer system
5. Sharing of password, data and access to other users
6. Hacking – unauthorized used or access of networked computer systems
7. Internet Hijacking – unauthorized use of another user’s email account and
information.
8. Use of internet for personal use such as online shopping, browsing, social
networking etc.
9. Acts which threatens the security of company’s information.

10 Ethical Issues Confronting I.T Managers

Technology raises complexities that go beyond typical questions of what's right or what's fair.
Does the capacity to do something justify the act? When new technology creates new
capabilities, do the old rules of behavior still apply? The environment is becoming ever more
challenging. Areas such as data access and capture, processing speed, tracking and monitoring
and job redesign are just a few examples of IT capabilities with ethical considerations. There are
no easy answers, but as you'll see, there seems to be no shortage of questions.

1: Who should have access to data?

If systems and infrastructure are the engines of technology, data is the fuel that powers those
engines. Access to that data is a richly nuanced issue. When building an HR or payroll system,
developers typically need access to live personal data records to fully test their work. What's
their responsibility in terms of protecting the confidentiality of that data, records to which they'd
ordinarily never have access under any other circumstances? Should support techs have access to
confidential personal or corporate information to service the applications that access those
databases? If not, can they, in fact, adequately perform their jobs?

On what basis does a system security officer comply with a request for access to a system,
especially when it's not entirely clear that the requestor has a legitimate claim? Other than the
legal requirements of FOIA (Freedom of Information Act) requests, do organizations have any
responsibility to supply personal data they may have on file to the particular individual who's the
subject of that data? Are organizations constrained in any way when cross-referencing internal
and external data sources? As technology provides increasing opportunities to house ever larger
information stores with expanded cross-referential and analytic capabilities at faster speeds, the
ethical considerations surrounding access to that data become correspondingly more complex.

2: To whom does data belong?

Every time you use a debit or credit card, make an online purchase, access and ATM, or
complete virtually any financial transaction, a significant amount of data about you and your
activity is recorded. In the simplest application, companies use that data to issue bills, record
payments, or update portfolios... basic recordkeeping. Technology has enabled more
sophisticated uses of that data. As just one example, online real-time data warehouses using
segmentation analysis can swiftly analyze buying patterns and "suggest" additional purchases on
the basis of the product you're trying to buy. Is this an ethical use of data? The information being
used is all about you, but it was collected by the company with which you were doing business.
Is it your data or theirs? If it's their data, do you have the right to tell them how to use it? Not too
many of us would have much of a problem with technology enabling the bank to quickly and
accurately apply interest to our accounts, but do we have the same attitude when that same bank
uses that data for marketing purposes? Where do you draw the line?

3: Who is responsible for maintaining accuracy and security?

When organizations share information, one of the partners may discover anomalies in the
supplied data. After correcting the data, does that entity have an ethical responsibility to pass the
edits back to the supplier? Your company's payroll system is operated by the finance department
and supported by IT. Which department is accountable for the accuracy of data maintained in
that system? A salesperson loses her laptop while on a business trip. Confidential corporate data
was on the hard drive, possibly in violation of company policy, and the laptop was not password
neither protected nor encrypted. How do you assess relative responsibility? In many cases
involving accuracy and security of data, the lines of ownership and accountability are blurred.
Recently, we've read about a number of devastating and potentially catastrophic losses of
personal data due to hacking, carelessness, noncompliance with policy, and poor security
practices. Organizations need to make clear their data usage and access policies, enforce
penalties on violators, and most important, assign specific ownership for ensuring data is
accurate and secure. In the final analysis, everyone is responsible.

4: Does the ability to capture data imply a corresponding responsibility to

monitor its use?
Prior to the advent of technology enabling mass capture, storage, and processing of data,
maintaining the security of that data and ensuring it wasn't misused was relatively easy. Critical
and confidential data was kept on paper, in locked files, in a secure file room, with access
controlled by a gatekeeper... a records manager. There weren't multiple copies floating around
because you weren't allowed to make copies.

Today, we have terabyte-sized databases that are tabulated and cross-referenced with other
megastores to provide all sorts of information about us to all sorts of people, and the access to
that data is often viewed with a certain degree of cavalier disinterest. As individuals, we have
little to no control over that data. When you apply for a car loan your personal financial data is
legitimately provided by the credit reporting agencies to enable your lender to make an
appropriate financial decision as to whether you're a good risk. The lending institution
subsequently uses that data to market products to you. That wasn't the original intention of the
transaction by which the data was supplied, but there's nothing inherently illegal about it.
However, is it ethical for that organization to use an asset to which it wouldn't ordinarily have
had access and in an entirely different manner than what was agreed by the two parties to begin
with? Does this constitute an invasion of your privacy?

5: Should data patterns be analyzed to prevent possible risks to employees or

customers?
In the not too distant past, you'd go to the toy store to buy your child a set of blocks for
Christmas, the manufacturer having already recorded a gross shipment to a supplier and probably
not even considering you as an end customer. Today, technology has enabled that manufacturer
to collect a broad spectrum of data that can be used for design and marketing decisions based on
consumer requirements and preferences. Does the manufacturer have an ethical responsibility to
factor into those design considerations the fact that several children were reported injured by
putting the smallest blocks in their mouths? Does the supplier, who can also track and analyze
this data, have a similar responsibility to force the manufacturer to redesign?

Airlines can collect and cross-reference an enormous amount of data on travelers. Patterns can
emerge that could allow them to draw conclusions identifying individuals as possible security
risks. Is this profiling, and if so, is it ethically challenged? If airlines do not do this and someone
who could have been stopped at the gate boards a flight and hijacks the plane, is the airline
ethically responsible for its own inaction?

6: How much information is necessary and relevant for decision making?

As data collection and processing methods have improved and become more streamlined, we can
easily find ourselves inundated with information. We've all experienced "analysis paralysis." The
Internet has made the largest repository of knowledge ever amassed in the history of civilization
instantly available. If enough information has been provided to make a particular business
decision, is it ethical to delay that decision simply because more data is capable of being
accessed? At what point do you decide you indeed have enough information to take action?
Marketing companies collect enormous quantities of data from various disparate sources to
customize individual marketing plans. Is it ethical to use this activity as a rationale for collecting
data that may not be immediately useful but may have some future utility? If it turns out that the
data can't be used, what if any action should the organization take?

7: Should certain data "follow" individuals or corporations throughout their

lives?
Living in a free society, we can do business with any organization as we see fit--and when
conditions change, we're free to take our business elsewhere. Let's say a person has a car
insurance policy with Acme Indemnity, and over the course of time has numerous accidents and
files a series of claims. The person then applies for a new policy with Midwest Mutual. Does
Acme have an ethical obligation to supply information to Midwest that might affect its decision
on the conditions for that policy?

If not, and if our ability-impaired driver has a serious accident, does Acme bear any
responsibility for withholding information that might have prevented new insurance, and
possibly even the license to drive, from being issued? Without technological advances in
processing high data volumes enabling data about consumers to be easily shared among
organizations, it would be difficult if not impossible to build up a comprehensive "life file" about
anyone. Does the fact that technology enables this to happen necessarily mean it should?
8: Do organizations maintaining permanent records have a right to charge for
their use?
The primary example that comes to mind in this category is the credit reporting agencies. These
organizations amass huge volumes of data on individuals in such areas as credit transactions, bill
paying patterns, loan applications, investment portfolios, and asset management. Everything you
want to know about anyone's personal financial history is in their files, assuming you have
appropriate identifying information and reason for access and that you're willing to pay for the
privilege of obtaining it. But should those companies be able to charge a fee for supplying that
data?

Data that's about you is yours; you're the one who engaged in the actions that generated those
transactions in the first place. Why should some corporate entity that had the means and
opportunity to gather it be able to profit from supplying your information to others? They are
performing a service, which we all hope is to our own personal benefit, and they are entitled to
be compensated for their effort. But they'd have no raw material for their product if it weren't for
you and the financial activities in which you engage. Should they pay you for the privilege of
housing your information before they can charge for its subsequent use?

9: Are there consequences to receiving data in more timely ways?

Technology has enabled many new business behaviors that were previously unthinkable. In
1950, when Frank McNamara issued the world's very first credit card, Diner's Club, he was
reconciling transactions and payments by hand. Months could pass before you'd be expected to
clear your account (ask your parents about "playing the float"). Today we have credit card
companies that process transactions the instant our cards get swiped through the readers, and in
many cases, there's no grace period for making payments. You could go out to dinner on a
Saturday evening and incur a late charge on your card by the following Tuesday. Have
companies been ethical in changing their behavior toward consumers as technology has provided
vastly increased processing speeds?

10: Does IT lead to job elimination, job routinization, or job enhancement?

Not to pass the buck, but to a certain extent this is a matter of perception, cause, and effect.
Advances in technology have provided a wide variety of opportunities to streamline, change, or
eliminate business processes and operations. Factories that in another era employed thousands of
workers can now turn out greater amounts of product with only a handful of technicians
monitoring computer-controlled robotic arms.
On the other side of the coin, whole professions that didn't exist just a few short decades ago
have provided significant new employment opportunities. Forty years ago, the average daily
volume on the New York Stock Exchange was several million shares, while today it's routinely
in the billions. Office workers no longer laboriously process transactions by hand; high speed
computing enables productivity many times that at a quality level at least as high if not higher.
The only constant is change, and while technology does in fact generate profound workplace
change that is capable of displacing large numbers of workers, it also creates ample alternative
opportunity. The ethical challenge is to manage that change such that quality of life improves for
all.

Unethical Practices
Information Technology

1. Software & Video Piracy

Software Piracy

The unauthorized copying of software. Most retail programs are licensed for use at just
one computer site or for use by only one user at any time. By buying the software, you
become a licensed user rather than an owner. You are allowed to make copies of the
program for backup purposes, but it is against the law to give copies to friends and
colleagues.

Software piracy is all but impossible to stop, although software companies are launching
more and more lawsuits against major infractors. Originally, software companies tried to
stop software piracy by copy-protecting their software. This strategy failed, however,
because it was inconvenient for users and was not 100 percent foolproof. Most software
now requires some sort of registration, which may discourage would-be pirates, but
doesn't really stop software piracy.

Some common types of software piracy include counterfeit software, OEM unbundling,
softlifting, hard disk loading, corporate software piracy, and Internet software piracy. An
entirely different approach to software piracy, called shareware, acknowledges the futility of
trying to stop people from copying software and instead relies on people's honesty. Shareware
publishers encourage users to give copies of programs to friends and colleagues but ask everyone
who uses a program regularly to pay a registration fee to the program's author directly.
Commercial programs that are made available to the public illegally are often called warez.

Video Piracy
 Video Piracy means an act of copying, showing, distributing and selling a video of
motion pictures without the due authority to do so for some consideration in return like money,
etc.
Unauthorized copying, showing, distributing and selling of a video is considered as an
offence because of the fact that film producers own a copyright in their productions. Thus they
are provided with legal protection by means of stringent copyright laws so as to safeguard their
work from video piracy or invasion.

2. Credit Card Fraud

In the end of 2005, MasterCard and Visa generated a sales volume of more than $190.6
billion, from the circulation of approximately 56.4 million credit cards across Canada.
Credit card fraud statistics show that about $2.8 million was lost due to credit card
fraud, from fraudulent use of MasterCard and Visa alone. In total, credit card fraud
costs cardholders and credit card issuers as much as $500 million a year.
Who pays for the loss? Everyone. Even if you haven’t been defrauded yourself, the cost
of goods and services increases to pay off the credit and charge card frauds.

Credit Card Fraud and Technology

Transactions completed with credit cards seem to become more and more popular with the
introduction of online shopping and banking. Correspondingly, the number of credit card frauds
has also increased with the introduction of newer technology. From embossers to encoders to
decoders, credit card counterfeiters are now using the latest technology to read, change, and
implant magnetic information on counterfeit credit cards.

What Are Counterfeiters Doing with the Cards?

Counterfeiters mainly use fake identities to receive government assistance, unemployment
insurance benefits, personal loans, and to scheme corporations and individuals. Counterfeit credit
card is the most common type of credit card fraud and is responsible for 37% of the millions lost
yearly by credit fraud in Canada.

Types of Credit Card Fraud

Credit fraud can fall into one of five categories:

• Counterfeit credit card

• Lost or Stolen Cards
• No-Card Fraud
• Non-Receipt Fraud
• Identity Theft Fraud

The percentage that each type of credit card fraud represents is described below:

 Counterfeit credit card:

Makes up for 37% of all funds lost through credit card frauds. To make fake cards criminals use
the newest technology to “skim” information contained on magnetic stripes of cards and to pass
security features such as holograms.

 Lost or Stolen Cards:

Cards stolen from their cardholders or lost by them account for 23% of all card frauds. Often,
cards are stolen from the workplace, gym, and unattended vehicles.

 No-Card Fraud:
Comprise 10% of all the losses and is completed without the physical card in hand. This can
happen by giving your credit card information on the phone to shady telemarketers and deceptive
Internet sites that are promoting the sales of their non-existent goods and services.

 Non-Receipt Fraud:
Is responsible for 7% of all losses. It occurs when new or replaced cards mailed by your card
company are stolen during the process of being mailed. However, this type of fraud is on the
decline with the card-activation process that most companies use. In 1992, non-receipt fraud
represented16 % of the losses.

 Identity-Theft Fraud:
Accounts for 4% of all losses, and occurs when criminals apply for a card using someone else’
identity and information.

1. Internet Crimes
Although the Internet has made life easier in many ways, it’s smart to be concerned about
Internet crimes. Computer crime is becoming a growing problem for law enforcement
officials around the world. Unfortunately, since Internet crimes typically involve people
from many different geographic areas, catching and punishing the guilty parties is a
difficult task.

Different types of Internet Crimes

Phishing
 Nowadays electronic mails sent across to innocent customers deceive them by making
them think that electronic mails are from genuine internet site. Phishing attacks are where
emails are sent from a trusted source which will then trick you into giving them your
information. Phishing can easily cause identity theft.

Internet scams
Employment or business opportunity Internet scams that pray on the desires of
financially desperate individuals are becoming increasingly popular as well. These
Internet crimes may involve asking the victim to illegally reship merchandise to overseas
locations, make fraudulent wire transfers, or advertise non-existent merchandise for sale
on behalf of a third party. Generally, if you see an advertisement promising large
monetary rewards for a minimal amount of effort, it’s smart to be cautious. It is possible
to make money online, but legitimate business opportunities require a substantial
investment of your time and skill.
Cyber stalking
Cyber stalking is a type of Internet crime that is of particular concern for teenagers and young
adults. Social networking websites such as MySpace make it very easy for criminals to learn
private details about a victim’s hobbies, interests, friends, family, and daily schedule. Cyber
stalking Internet crimes may also lead to sexual assault if the perpetrator is able to convince the
victim to appear for a personal meeting.
To prevent yourself from becoming victim of Internet crimes, it’s important to remain alert when
using your computer. Never give out personal information such as your full name, birth date,
address, or Social Security number unless you understand what the information will be used for.
In addition, remember that people you meet online may not always be representing themselves
truthfully. Be suspicious of claims that seem exaggerated or hard to verify.
If you believe you are a victim of Internet crime, the best course of action is to file a formal
complaint with the Internet Crime Compliant Center. Also known as IC3, this organization is a
partnership between the Federal Bureau of Investigation and the National White Collar Crime
Center. IC3 works with federal, state, local, and international law enforcement agencies to
identify patterns in Internet crimes.
2. Hacking
Some Internet users think that hacking is pretty harmless fun and even quite clever, but it
can be a serious invasion of privacy and a significant threat to e-commerce. The
Information Security Advisory Group estimates that world-wide there are now some
100,000 hackers or crackers (as they prefer to describe themselves). White-hat hackers
test computer security at the request of organizations; black-hat hackers act privately to
break into systems; and grey-hat hackers straddle both worlds.
The hacking of personal computer terminals is actually quite easy because most people
use Microsoft software which is notoriously open to abuse. Hackers have developed a
program called “The Backdoor” which provides them access to systems running
Microsoft Windows. At its most invasive, this would allow a hacker to switch on
remotely a microphone or webcam associated with the PC being hacked.
Company computer systems are usually more difficult to hack because they employ
protective arrangements such as firewalls. The most serious threats faced by
 organizations are from insiders or former insiders who have privileged information such
as passwords.

3. Cyber Crime
Intentional use of information technology by cyber terrorists for producing destructive
and harmful effects to tangible and intangible property of others is
called “cyber crime”. Cyber crime is clearly an international problem with no
national boundaries. Hacking attacks can be launched from any corner of the world
without any fear of being traced or prosecuted easily. Cyber terrorist can collapse
the economic structure of a country from a place where that country might not
have any arrangements like “extradition treaty” to deal with that criminal. The only
safeguard would be better technology to combat such technology already evolved
and known to the Hackers. But that still has threat of being taken over by the
intellect computer criminals.

Though there are many techniques evolved to curb the criminal activities by cyber terrorists but
still the problem persists in legal structure and has failed to produce a deterring effect on the
criminals. If the suggestions are undertaken in light of conclusion there can be a better
co-ordination among various national and international agencies to make the system more
efficient, and Information Technology Act 2000 more secured and trustworthy. It can still be
held good for the objects it had existed to provide the benefits to the society.

PRIVACY & SECURITY

• Privacy

Governments collect massive amounts of data on individuals and organizations and use it
for a variety of purposes: national security, accurate tax collection, demographics,
international geopolitical strategic analysis, etc. Corporations do the same for commercial
reasons; to increase business, control expense, enhance profitability, gain market share,
etc. Technological advances in both hardware and software have significantly changed
the scope of what can be amassed and processed. Massive quantities of data, measured in
petabytes and beyond, can be centrally stored and retrieved effortlessly and quickly.
Seemingly disparate sources of data can be cross-referenced to glean new meanings when
one set of data is viewed within the context of another.
Should organizations' ability to collect and process data on exponentially increasing
scales be limited in any way? Does the fact that information can be architected for a
particular purpose mean it should be, even if by so doing individual privacy rights are
potentially violated? If data meant for one use is diverted to another process which is
 socially redeeming and would result in a greater good or could result in a financial gain,
does that mitigate the ethical dilemma, no matter how innocent and pure the motivation?

• Security

Security used to be confined to locking the door on the way out of the office or making
sure the lock on the safe was spun to fully engage the tumblers. Technology presents us
with a whole new set of security challenges. All organizations collect personal data on
employees, data that if not properly safeguarded can result in significant negative
implications for individuals. Networks can be breached, personal identification
information can be compromised, identities can be stolen and potentially result in
personal financial ruin, critical confidential corporate information or classified
government secrets can be stolen from online systems, web sites can be hacked,
keystroke loggers can be surreptitiously installed, and a host of others. (It's interesting to
note at this point that statistics still show that more than 80 percent of stolen data is the
result of low tech “dumpster dives diving,” and approximately the same percentage of
organizational crime is the result of an inside job.)
How far can--and should--management go in determining the security risks inherent in
systems? What level of addressing those risks can be considered reasonable?

• Control
Organizations have the right to monitor what employees do (management is
measurement) and how technology systems are used. It's common practice to notify
employees that when they use organizational assets such as networks or Internet access,
they should have no expectation of privacy. Even without that disclaimer, they really
don't need the warning to know this monitoring is, or could be, taking place.

Do organizations have an obligation to notify employees as to the extent of that

monitoring? Should an organization make it clear that in addition to monitoring how long
employees are using the Internet, it's also watching which Web sites they visit? If the
Organization merely says there's no expectation of privacy when using the e-mail system,
is it an ethical violation when employee’s later find out it was actually reading their e-
mails?

Information Technology and Law

 Information technology boosted high with the emergence of internet. Consequently is the
rise of issues that placed internet users in legal threat and argument. In addition, there is a
conflict of international law that governs internet users which is considered one of the greatest
challenges of I.T. today. Web content can be illegal to one country and can be legal to some.
Internet wagering is one example. In most countries online gambling is illegal, but like in
Antigua and Curacao it is lawful and web servers in such websites is located there. In some
states of U.S. gambling is legal but regulated. The question now is this, if the internet user in
Saudi Arabia for instance engages in online gambling (which is illegal this country), is the
internet user liable to any legal violation? One electronic transaction can be under three
jurisdiction and these are (1) location of the user; (2) location of the server that host the
transaction; (3) location of the business of company whom the user transacted with. So, it
means one transaction can be under the sovereignty and jurisdiction of three nations.

Today, e-business and transactions are being done online so security measures are highly
needed and should be in high regard. New law has been enacted in different countries as new
criminal behavior in the cyberspace come into surface. Like in Saudi Arabia where in January
2008, it started implementing laws to fight against cyber crimes which increasingly threatens
security and welfare of users. The new laws concerns about computer theft, computer hacking,
anti-terrorism, pornography and computer privacy to name a few.
According to www.intenetworldstats.com and as published by Nielsen Online,
International Telecommunications Union and GfK there are over 1.7 billion internet users as of
September, 2009. And there is a growth rate of almost 400% on the number of users compared
to year 2000. With these high figures, it makes it impossible to control users’ behaviors. Some
country regulates and filters websites with illegal content lead by Asian countries and Middle
Eastern nations such as China and Saudi Arabia. As each nation self-regulates the internet
usage and websites in their respective country, the control on the behavior of users is higher and
criminal acts can be more prevented. Though, debates on this arise as users and web publishers
feel that it suppress their freedom of speech.

Awareness is another key to lessen unethical, unprofessional and unlawful behavior in

information technology especially in internet. Most users are unknowledgeable that their certain
acts have violated ethical standards and worst certain law. Information technology is for
everyone’s freedom to use. But, everyone should also be aware that with this freedom comes a
responsibility to act ethical, professional and abide the laws that administers it.

INFORMATION TECHNOLOGY ACT, 2000

The law relating to ‘information technology’ is contained in the Information Technology (IT)
Act, 2000 which came into force on 17th October, 2000. It is the first Cyber Law in India. It is
mainly based on the UNCITRAL Model Law. The United Nations Commission on International
Trade Law (UNCITRAL) adopted the Model Law on Electronic Commerce in 1996. This Model
Law provides for equal legal treatment of users of electronic communication and paper based
communication.

OBJECTS OF THE ACT

The Information Technology Act, 2000 seeks to achieve the following objects.

1. To grant legal recognition to electronic records.

2. To grant legal recognition to Digital Signature for authentication of lie information or

matters requiring authentication under any law of the country

3. To permit retention of information, documents and records in electronic form where any law
requires such retention for a specific period.
4. To foster use and acceptance of electronic records and digital Signatures in the Government
offices and its agencies

5. To prevent the possible misuse arising out of transactions and oilier dealings concluded over
the electronic medium.

6. To prevent and arrest offences as well as deter abuse of Information Technology.

7. To deal with civil and criminal liabilities arising out of contravention of the provisions of the
law.

8. To provide for necessary changes in the various provisions, which deal with offences relating
to documents and paper-based transactions.

9. To facilitate electronic fund transfers between the financial institutions and banks.

10. To give legal sanctity for books of account maintained in the electronic

E-Commerce
E-commerce is the name given to the process of carrying out commercial transactions over the
Internet. One of the best known examples is Amazon.com. You can purchase books anywhere in
the world from this web site. You make payment using your credit card at the same time as
making the purchase. Amazon.com exemplifies many of the characteristics of e-commerce.
You are entitled to post a comment on the site, whether good or bad, about any book you buy.
Before you purchase a book, you can look through the comments of other purchasers. They also
have a procedure in place that allows you to return books under certain
circumstances. To purchase goods using an e-commerce site you need to provide a name and
physical address to which the goods must be sent and a credit card. You can also specify the
delivery method. This will depend on how urgently you need the goods and how much you are
willing to spend on delivery. Good e-commerce sites will tell you in advance, the availability of
the goods, how long they will take using the different delivery methods and the cost of delivery.
There are two types of e-commerce site. Business to consumer orB2C sites sell directly to the
consumer. Other sites involve transaction between businesses themselves. These are are Business
to Business orB2B sites.

E- COMMERCE – LEGAL & ETHICAL ISSUES

When using the Internet and E-Commerce, it is important to remember that there are many legal
and ethical issues to consider. When it come to legal issues, laws are enacted by governments
and developed through case precedents (common law). Laws are strict, legal rules, governing the
acts of all citizens within their jurisdictions. Someone who breaks the law has done something
illegal and can be held liable for punishment by the legal system.

On the other hand, "ethics is a branch of philosophy that deals with what is considered to be right
and wrong". However, what is unethical is not necessarily illegal unless it overlaps with
activities that are also illegal. Society will agree on what is considered right and wrong.

In a world of E-Commerce, companies using Web sites to conduct business, need to adhere to
the same ethical standards that other businesses follow. Businesses that fail to adhere to these
ethical standards will suffer the consequences that all companies suffer. These include; a
damaged reputation and long-term loss of trust that can result in loss of business.

While E-Commerce opens up a whole new world of unregulated activity, the definitions of right
and wrong are not always clear. People engaging in E-Commerce need guidelines as to what
behaviours are reasonable under any given set of circumstances. However, the differences in
cultures throughout the world have resulted in different expectations about ethical and legal
issues associated with E-Commerce. What is unethical in one culture may be perfectly
acceptable in another. Many Western countries have a much higher concern for individuals and
their privacy than do some Asian countries. Many European countries have laws that prohibit
companies from exchanging consumer data without the express consent of the consumer.
However, in Asia, more emphasis is placed on the benefits that information about consumer
behaviour provides, to society, rather than on the rights of the individual.
Many companies and professional organizations develop their own codes of ethics as a guide for
its members. Mason et al categorized ethical and legal issues into privacy, intellectual property
rights, free speech versus censorship and consumer and merchant protection against fraud.

Privacy:
The collection, storage, and dissemination of information about individuals. Internet users in
many countries rate privacy as their first or second top concerns.

Intellectual property rights:

Ownership and value of information and intellectual property. Rights to intellectual property are
easy to violate on the Internet, resulting in billions of dollars of losses to the owners of the rights.

Free speech versus censorship:

The issue of attempting to control offensive, illegal, and potentially dangerous information on
the Internet is controversial. This collides with rights of free speech.

Consumer and merchant protection against fraud:

It is easy to reach millions on the Internet and to conduct different types of E-Commerce-related
fraud. The success of E-Commerce depends on the protection provided to consumers and
merchants.

The issue of online privacy is continuing to evolve as the Internet and the Web continues to
grow. "The FTC is serious about enforcing online privacy concerns, and Congress continues to
debate instituting online privacy regulations such as the proposed Consumer Privacy Protection
Act. Web data collectors are forced to dedicate ever-increasing attention and resources to privacy
protection". While many organizations are active in promoting privacy rights, many are not.
"Advertising on the Web should include only true statements and should not omit any
information that could mislead potential purchasers or wrongly influence their impressions of a
product or service". Legal and ethical issues play a major role in the world of E-Commerce and
need to be taken seriously to prevent any problems from occurring.

Differentiation in foreign and Indian information technology

Foreign:-
1) Dependence:-

There is more dependence in the foreign countries in this field (with reference to U.S.A., U.K,
etc.)

2) Advancement:-

In foreign this field is more advanced, as there are better resources to configure the technological
advancement.

3) Ethical practices:-

Unethical practices have their origins from foreign countries, as there are more people in hacking
computer passwords, and illegal practices.

4) Ownership:-

The ownership of most computers and laptop making companies (such as Microsoft, dell, acer,
etc) have monopolized in this particular industry.

5) Exports:-
Most of the chips and outer shells of the operating systems are exported to various countries
importing the parts.

6) Initiative:-

Research and development facilities in the foreign countries are better than many developing
countries; hence, there are probable chances of the foreign countries in taking the initiative first

Indian:-
1) Dependence:-

There is less dependence as compared to the foreign countries; here there is more of labour and
mental dependence.

2) Advancement:-

Due to limited resources and more of scarcity in advancing of this particular field. With the
emerging of Wipro in this field there has been some competence to the foreign countries.

3) Ethical Practices
Unethical Practices are far more less in India as compared to foreign countries as the concept of
hacking, computer passwords, and illegal practices are developed there.

4) Ownership:-

There is more of ethical practices and a “stop to unethical practices” as India is more concerned
in bringing the world to a front of ethical trade and practices and making bans to illegal sites and
forums.

5) Exports:-

There has been lesser of exports and more of imports in India. With the increasing percentage of
taxation on imports India is on the verge of reducing its revenue deficits.

6) Initiative:-
In India, the facilities of research and development are becoming advanced, as an outcome of
this there would be better chances of the Indian companies to take the competitive initiative over
the other neighboring countries making India as one of the top leading information technology
initiator

Conclusion
We hereby end this topic of ethics in information technology sector. We would as studied by us,
propose that the IT sector is helpful in India as well as in foreign countries. Along with the
various unethical practices committed by various corporate bodies (individuals), they benefit in
monetary terms but they also lose their reputation and goodwill in the market. Hence, these
practices should be avoided and prevented in order to permit the smooth functionality of this
sector.