Chapter 8

Using Information
Ethically
“Coming Soon to Your Local Video Store: Big Brother”

 Blockbuster was chastised by the Wall Street

Journal for its plan to sell customer movie
preference information for targeted marketing
campaigns.
 Information collected for one purpose shouldn’t
be used for another purpose without an
individual’s consent.
 This example is not illegal but raises issues of
privacy and ethical handling of information.

2
Area Critical Questions

Privacy What information must a person reveal about one’s self to others?
What information should others be able to access about you –
with or without your permission? What safeguards exist for your
protection?

Accuracy Who is responsible for the reliability and accuracy of information?

Who will be accountable for errors?
Property Who owns information? Who owns the channels of distribution,
and how should they be regulated?

Accessibility What information does a person or an organization have a right to

obtain, under what conditions, and with what safeguards?

Figure 8.1 Mason’s areas of managerial concern.

3
 Privacy
 Those who possess the “best” information and
know how to use it, win.
 However, keeping this information safe and
secure is a high priority (see Figure 8.1).
 Privacy – “the right to be left alone”.
 Managers must be aware of regulations that are
in place regarding the authorized collection,
disclosure and use of personal information.
 Safe harbor framework of 2000.

4
 Accuracy
 Managers must establish controls to insure
that information is accurate.
 Data entry errors must be controlled and
managed carefully.
 Data must also be kept up to date.
 Keeping data as long as it is necessary or
legally mandated is a challenge.

5
 Property
 Mass quantities of data are now stored on
clients.
 Who owns this data and has rights to it is
are questions that a manager must
answer.
 Who owns the images that are posted in
cyberspace?
 Managers must understand the legal rights
and duties accorded to proper ownership.

6
 Accessibility
 Access to information systems and the data that
they hold is paramount.
 Users must be able to access this data from any
location (if it can be properly secured and does
not violate any laws or regulations).
 Major issue facing managers is how to create
and maintain access to information for society at
large.
 This access needs to be controlled to those who have
a right to see and use it (identity theft).
 Also, adequate security measures must be in place on
their partners end.

7
NORMATIVE THEORIES OF BUSINESS ETHICS

 Stockholder Theory
 Managers are agents of the stockholders.
Their only ethical responsibility is to
increase profit without violating the law or
engaging in fraud

8
NORMATIVE THEORIES OF BUSINESS ETHICS

 Stakeholder Theory
 Managers have an ethical responsibility to
manage a firm for the benefit of all its
stakeholders.
 Stockholders
 Employees

 Customers

 Suppliers

 Local community

9
NORMATIVE THEORIES OF BUSINESS ETHICS

 Social Contract Theory

 Companies have ethical responsibilities to all
members of society, which allow corporations to exist
based on a social contract
 1st condition: Social Welfare Term –
companies must enhance economic satisfaction
of consumers and employees
 2nd condition: Justice Term – avoid fraudulent
practices, show respect for employees as human
beings, and avoid practices that systematically
worsen the position of any group in society

10
 Emerging Issues (1/2)
 Two distinct spheres in which managers operate
when dealing with ethical issues:
 Outward transactions of the business with a focus on
the customer.
 Issues related to managing employees and information
inside the corporation.
 Email, instant messaging, and the Internet have
replaced traditional communications but pose
their own set of issues.
 Many companies are turning to programs that monitor
employees’ online activities (web sites visited, etc.).

11
 Emerging Issues (2/2)
 Many programs are available to accomplish
this monitoring.
 In 2001 sales of $140 million was reported for
this type of software.
 Employers can exert a higher level of
control over their employees.
 Managers must be careful to create an
atmosphere that is amenable to IS use.
 Ethically, managers are obliged to consider
the welfare of their workers.
12
Figure 8.3 Some causal connections between identified
areas of ethical concern.

13
1.Thou shalt not use a computer to harm other people.
2.Thou shalt not interfere with other people’s computer work.
3.Thou shalt not snoop around in other people’s computer files.
4.Thou shalt not use a computer to steal.
5.Thou shalt not use a computer to bear false witness.
6.Thou shalt not use or copy software for which you have not paid.
7.Thou shalt not use other people’s computer resources without authorization.
8.Thou shalt not appropriate other people’s intellectual output.
9.Thou shalt think about the social consequences of the program you write.
10.Thou shalt use a computer in ways that show consideration and respect.

Figure 8.4 Ten Commandments of Computer Ethics

14
 Security and Controls
 Ernst and Young survey suggests that most
companies rely on luck rather than proven IS
controls.
 Companies turn to technical responses to deal
with security threats (worms, viruses, etc.).
 Managers go to great lengths to make sure that
their systems are secure.
 Firewalls, IDS systems, password systems, and more.
 Future solutions will include hardware and
software.
 Managers must be involved in the decisions
about security and control.

15
 Sarbanes-Oxley Act
 The Sarbanes-Oxley Act of 2002 was enacted to
increase regulatory visibility and accountability of
public companies and their financial health.
 All companies subject to the SEC are subject to the
requirements of the act.
 CEO’s and CFO’s must personally certify and be
accountable for their firm’s financial records and
accounting.
 Firms must provide real-time disclosures of any
events that may affect a firm’s stock price or financial
performance.
 IT departments realized that they played a major role
in ensuring the accuracy of financial data.

16
 IT Control and Sarbanes-Oxley
 In 2004 and 2005 IT departments began to identify
controls, determined design effectiveness, and validated
operation of controls through testing.
 Five IT control weaknesses were uncovered by
auditors:
1. Failure to segregate duties within applications, and failure to set
up new accounts and terminate old ones in a timely manner.
2. Lack of proper oversight for making application changes,
including appointing a person to make a change and another to
perform quality assurance on it.
3. Inadequate review of audit logs to not only ensure that systems
were running smoothly but that there also was an audit log of
the audit log.
4. Failure to identify abnormal transactions in a timely manner.
5. Lack of understanding of key system configurations.

17
FOOD FOR THOUGHT: Ethics and the Internet
 The Internet crosses international boundaries
posing challenges that are not readily resolved.
 Different cultures, laws, customs, and habits
insure that different countries police the Internet
in very different ways.
 Managers face challenges in navigating their
organizations through the murky waters of
ethical use of the Internet.
 Example: Free speech and censorship.
 The U.S. provides for free speech protection, but
other countries do not.
 An Internet code of ethics by the IFIP is being
debated.

18