Uploaded byjeremylockett77
DOCX, PDF42 views

1. Ethics for IT Professionals and IT Users2. PrivacyE.docx

The document discusses the ethical responsibilities of IT professionals and users, including the need for specialized knowledge, adherence to codes of ethics, and managing relationships with employers, clients, suppliers, and society. It highlights common ethical issues such as software piracy, fraud, identity theft, and privacy concerns, and emphasizes the importance of establishing ethical guidelines and policies for proper IT usage. Additionally, it addresses the role of professional organizations, certifications, and potential legal implications related to IT practice.

Download to read offline
1. Ethics for IT Professionals and IT Users 2. Privacy Ethics in IT Reference: Professional Ethics for Computer Science by Klaus Mueller (Stony Brook University) Ethics for IT Professionals and IT Users Objective: • What key characteristics distinguish a professional from other kinds of workers, and what is the role of an IT professional? • What relationships must an IT professional manage, and what key ethical issues can arise in each? • How do codes of ethics, professional organizations, certification, and licensing affect the ethical behavior of IT professionals? • What are the key tenets of four different codes of ethics that provide guidance for IT professionals? • What are the common ethical issues that face IT users? • What approaches can support the ethical practices of IT users? 2
IT Professionals Profession is a calling that requires: • specialized knowledge • long and intensive academic preparation Partial list of IT specialists: • Programmers • systems analysts • software engineers • database administrators • local area network (LAN) administrators • chief information officers (CIOs) 3 Are IT Workers Professionals? Legal perspective: • IT workers are not recognized as professionals • Not licensed • IT workers are not liable for malpractice IT professionals have many different relationships with: • Employers • Clients and Suppliers • Other professionals • IT users • Society at large
4 Relationships Between IT Professionals and Employers IT professionals must set an example and enforce policies regarding the ethical use of IT Software piracy is the act of illegally making copies of software or enabling others to access software to which they are not entitled Software piracy is an area in which IT professionals can be tempted to violate laws and policies The Business Software Alliance (BSA) is a trade group that represents the world’s largest software and hardware manufacturers • its mission is to stop the unauthorized copying of software produced by its members • penalties can be up to $100,000 per copyrighted work 5 Relationships Between IT Professionals and Employers
Trade secret: • information used in business • generally unknown to the public • company has taken strong measures to keep confidential • employees must sign a non-disclosure agreement (NDA) • problems due to high IT employee turn-over Whistle-blowing: attracts attention to a negligent, illegal, unethical, abusive, or dangerous act that threatens the public interest 6 Relationships Between IT Professionals and Clients • IT professional provides hardware, software, or services at a certain cost and within a given time frame • Client provides compensation, access to key contacts and work space • Relationship is usually documented in contractual terms Ethical problems arise if a company recommends its own products and services to remedy problems they detected
• but a company is unable to provide full and accurate reporting of a project’s status • company hired as consultants may recommend its affiliated products 7 Legal Overview Fraud, misrepresentation • crime of obtaining goods, services, or property through deception or trickery • fraud is proven in court Breach of contract • one party fails to meet the terms of a contract • schedule slippage, cost overruns, better product may be released by competitor during contract execution • can generate trials which are often settled out of court to minimize reputation damage 8 Relationships Between IT Professionals and Suppliers
Develop good relationships with suppliers • deal fairly with them and don’t make unreasonable demands Bribery: providing money, property, or favors to someone in business or government to obtain a business advantage U.S. Foreign Corrupt Practices Act (FCPA) makes it a crime to bribe a foreign official, a foreign political party official, or a candidate for foreign political office IT projects are joint efforts in which vendors and customers work together: difficult to assign blame Bribery • at what point does a gift become a bribe? • no gift should be hidden • perceptions of donor and recipient can differ 9 Relationships Between IT and other professionals Professionals owe each other adherence to a profession’s code of conduct
• there is a sense of mentorship and community Ethical problems between members of the IT profession • resumé inflation • inappropriate sharing of corporate information due to IT access 10 Relationships Between IT Professionals and IT Users IT user is a person for whom a hardware or software product is designed IT professionals’ duty • understand users’ needs and capabilities • deliver products and services that best meet those needs • establish an environment that supports ethical behavior by users 11 Relationships Between IT Professionals and Society
Actions of an IT professional can affect society • society expect professionals to not cause harm (=trust) • society expects professionals to provide benefits • so there must be a sense of responsibility, also not to damage a professional sector’s reputation Corporations are taking actions to ensure good business ethics among employees 12 Professional Codes of Ethics A professional code of ethics states the principles and core values that are essential to the work of a particular occupational group • a law does not provide complete guide to ethical behavior Main parts: • outlines what the professional organization aspires to become • lists rules and principles by which members of the organization are expected to abide
Benefits for individual, profession, and society • improves ethical decision making • promotes high standards of practice and ethical behavior • enhances trust and respect from the general public • provides an evaluation benchmark 13 Professional Organizations No universal code of ethics for IT professionals No single, formal organization of IT professionals has emerged as preeminent Professional organizations enable • building of professional and working relationships • sharing of useful information (stay up-to-date) • provides a stamp of adhering to defined standards Most prominent organizations include: • Association for Computing Machinery (ACM) • Association of Information Technology Professionals (AITP) • Computer Society of the Institute of Electrical and Electronics Engineers (IEEE-CS) • Project Management Institute (PMI) 14
Certification Indicates a professional possesses a particular set of skills, knowledge, or abilities in the opinion of a certifying organization Can also apply to products Generally voluntary Carries no requirement to adhere to a code of ethics Can serve as a benchmarks for mastery of a certain skill set and knowledge • good way to document and structure the acquisition of new skills and knowledge • get re-certified to stay up-to-date 15 Vendor vs. Industry association Certification Vendor certifications (Cisco, IBM, Microsoft, etc.): • some certifications substantially improve IT workers’ salaries and career prospects • relevant for narrowly defined roles or certain aspects of broader roles
• require passing a written exam • workers are commonly recertified as newer technologies become available Industry association certifications: • require a certain level of experience and a broader perspective than vendor certifications • lag in developing tests that cover new technologies 16 Government Licensing • Generally administered at the state level in the United States (examples: CPAs, doctors, lawyers, etc.) but also engineers that perform engineering services for the public Case for licensing IT professionals • encourage IT professionals to follow the highest standards of the profession • practice a code of ethics where violators would be punished by law • without it there is no incentive for heightened care and no concept of malpractice • licensing of IT professionals may improve today’s very complex IT systems
17 Government Licensing Adverse issues associated with government licensing of IT professionals: • there are few international or national licensing programs for IT professionals • no universally accepted core body of knowledge • unclear who should manage content and administration of licensing exams • no administrative body to accredit professional education programs • no administrative body to assess and ensure competence of individual professionals 18 IT Professional Malpractice Negligence: • not doing something that a reasonable man would do, or doing something that a reasonable man would not do
Duty of care: • the obligation to protect people against any unreasonable harm or risk Courts consistently reject attempts to sue individual parties for computer-related malpractice 19 Common Ethical issues for IT Users Employees’ ethical use of IT is a growing concern: Software piracy: copying work software for use at home (even when doing some work at home) is considered piracy Inappropriate use of computing resources • surf work-unrelated websites • send questionable email Inappropriate sharing of information • private data • confidential information 20
Supporting the Ethical Practices of IT Users Policies that protect against abuses: • establish boundaries of acceptable and unacceptable behavior • enable management to punish violators Policy components include: • defining and limiting appropriate use of IT resources • establishing guidelines for use of company software • structuring information systems to protect data and information • installing and maintaining a corporate firewall 21 Privacy Protection and the Law Ethical conundrum: • IT technology allows businesses to gather information • must balance the needs of those who use this information against the privacy rights of those people whose information may be used • Systems collect and store key data from every interaction with customers – purchasing habits, contacts, search terms, etc.
• Many people object to data-collection policies of government and business – strips people of the power to control their own personal information – but IT does it on a regular basis.... 22 Privacy Protection and the Law (cont.) Privacy • key concern of Internet users • top reason why non-users still avoid the Internet (according to US Census data) Reasonable limits must be set • information and communication technologies must be developed to protect privacy, rather than diminish it Historical perspective on the right to privacy • Fourth Amendment (1789) - reasonable expectation of privacy protection against unreasonable searches and seizures 23
Key Privacy and Anonymity Issues • Government electronic surveillance • Data encryption • Identity theft • Customer profiling • Need to treat customer data responsibly • Workplace monitoring • Spamming • Advanced surveillance techniques 24 Government Electronic Surveillance • USA Patriot Act of 2001: “Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism” • passed just after 9/11 – although more than 340 pages and quite complex, passed into law just five weeks after being introduced • gives sweeping new powers to – domestic law enforcement wiretaps without court order – international intelligence agencies • critics argue it removes checks & balances that previously gave
courts opportunity to ensure that law enforcement agencies did not abuse their powers • contains several “sunset” provisions for increased searches & electronic surveillance (terminated on 12/31/05) • amendment to FISA: Foreign Intelligence Surveillance Act 25 Data Encryption Cryptography : science of encoding messages • only sender and intended receiver can understand the messages • key tool for ensuring confidentiality, integrity, authenticity of electronic messages and online business transactions Encryption: process of converting electronic messages into a form understood only by the intended recipients Encryption key • a (large random) value applied using an algorithm to encrypt or decrypt text • length of key determines strength of encryption algorithm 26
Data Encryption Public key encryption system uses two keys: public and private key • message recipient’s public key �readily available and used for encryption • message recipient’s private key � mathematically related to public key � kept secret and used for decryption RSA - a public-key encryption algorithm (RSA keys typically 1024– 2048 bits long) Private key encryption system – single key to encode and decode messages – issue of secretly distributing private key to sender/receiver paramount 27 Public Key Encryption 28 Data Encryption
Despite potential management and administration headaches most people agree encryption eventually must be built into – networks – file servers – tape backup systems Seagate Technology hard drive – automatically encrypts all data – must know password to access data U.S. Arms Export Control Act controls the export of encryption technology, hardware, and software – violators face 10-year jail term and $1M fine 29 Identity Theft Theft of key pieces of personal information to gain access to a person’s financial accounts • using this info, ID thief may apply for new credit or financial accounts, register for college courses, etc—all in someone else’s name Information includes:
– name – address – date of birth – Social Security number – passport number – driver’s license number – mother’s maiden name 30 Identity Theft (Cont.) Fastest growing form of fraud in the United States • victims spend >600 hours over several years recovering from ID theft Lack of initiative by companies in informing people whose data was stolen “The personal information of 90,000 people in a Stony Brook University database was accidentally posted to Google & left there until it was discovered almost two weeks later.” Phishing : attempt to steal personal identity data • by tricking users into entering information on a counterfeit Web site (spoof emails)
• spear-phishing - a variation in which employees are sent phony e- mails that look like they came from high-level executives within their organization 31 Identity Theft (Cont.) Spyware • keystroke-logging software downloaded to user’s computer without consent • enables the capture of: – account usernames – passwords – credit card numbers – other sensitive information • operates even if an infected computer is not connected to the Internet • records keystrokes until users reconnects; data collected then emailed to spy or posted to a web site Identity Theft and Assumption Deterrence Act of 1998 was passed to fight Identity fraud • makes it a Federal felony (3-25 yrs in prison) 32
Identity Theft (Cont.) Spyware • keystroke-logging software downloaded to user’s computer without consent • enables the capture of: – account usernames – passwords – credit card numbers – other sensitive information • operates even if an infected computer is not connected to the Internet • records keystrokes until users reconnects; data collected then emailed to spy or posted to a web site Identity Theft and Assumption Deterrence Act of 1998 was passed to fight Identity fraud • makes it a Federal felony (3-25 yrs in prison) 33 Consumer Profiling Companies can collect info about consumers without their explicit permission! Companies openly collect personal information about Internet users
• when they register at web sites, complete surveys, fill out forms or enter contests online Cookies • text files a web site places on user’s hard drive so that it can remember info • examples: site preferences, contents of electronic shopping cart • cookie are sent back to server unchanged by browser each time it accesses that server Tracking software • identify visitors to your web site from e.g. pay-per-click accounts 34 Consumer Profiling (Cont.) Similar methods used outside the Web environment • marketing firms warehouse consumer data • foer example, credit card purchases, frequent flier points, mail- order catalogue purchases, phone surveys Databases contain a huge amount of consumer behavioral data
Affiliated Web sites: • group of web sites served by single advertising network • DoubleClick tracks ad clicks and web purchases: useful for marketers and sellers Customized service for each consumer • marketers use cookies to recognize return visitors and store useful info about them 35 Consumer Profiling (Cont.) Types of data collected while surfing the Web • GET data: affiliated web sites visited and info requested • POST data: form data • Click-stream data: monitoring of consumer surfing activity Four ways to limit or even stop the deposit of cookies on hard drives • set the browser to limit or stop cookies • manually delete them from the hard drive • download and install a cookie-management program • use anonymous browsing programs that don’t accept cookies – e.g. anonymizer.com allows you to hide your identity while browsing
36 Consumer Profiling (Cont.) Personalization software used by marketers to optimize number, frequency, and mixture of their ad placements • Rules-based: uses business rules tied to customer-provided preferences or online behavior to determine most appropriate page views • Collaborative filtering: consumer recommendations based on products purchased by customers with similar buying habits • Demographic filtering: considers user zip codes, age, sex when making product suggestions • Contextual commerce: associates product promotions/ads with content user is currently viewing Platform for Privacy Preferences (P3P) • shields users from sites that don’t provide desired level of privacy protection • P3P software in a browser will download privacy policy for each site visited and notify users if policy does not match their preferences 37
Treating Consumer Data Responsibly Strong measures are required to avoid customer relationship problems Code of Fair Information Practices and 1980 OECD privacy guidelines • companies collect only personal info necessary to deliver its products/services • protects this info • informs customers if it intends to use this info for research or marketing • provides a means for customers to opt out Chief privacy officer (CPO) • executive to oversee data privacy policies and initiatives • avoids violating government regulations and assures customers that their privacy will be protected 38 Workplace Monitoring Ethical conundrum: ensure worker productivity without violating privacy rights of employees
Employers monitor workers • record email, surfing activity, files, even videotaping employees on the job • ensures that corporate IT usage policy is followed Fourth Amendment cannot be used to limit how a private employer treats its employees • public-sector employees have far greater privacy rights: • “reasonable expectation of privacy” Katz v. U.S. 1998 Supreme Court ruling Privacy advocates want federal legislation • to keep employers from infringing upon privacy rights of employees • inform employees of electronic monitoring devices; restrict type of info collected 39 Spamming Transmission of same e-mail message to large number of people The Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act 2004 says it is legal to spam but
• spammers cannot disguise their identity • there must be a label in the message specifying that the e-mail is an ad or solicitation • they must include a way for recipients to indicate they do not want future mass mailings (i.e. opt out) • may have actually increased the flow of spam as it legalizes the sending of unsolicited e-mail 40 Advanced Surveillance Technology Provides exciting new data-gathering capabilities vs. personal- privacy issues • advocates: people have no legitimate expectation of privacy in public places • critics: creates potential for abuse – intimidation of political dissenters, blackmail of people caught with “wrong” person or in “wrong” place Camera surveillance: U.S. cities plan to expand surveillance systems
• London has one of world’s largest public surveillance systems • “Smart surveillance system” singles out people acting suspiciously Facial recognition software: identifies criminal suspects and other undesirable characters Global Positioning System (GPS) chips Placed in many devices to precisely locate users 41

More Related Content

PPTX
Ethics for IT Workers and IT Users (Presentation 2).pptx
bymica150fantasy
 
PPT
Ethics for it professionals and it users
byBhanja Kishor Samudra
 
PPT
13824518.ppt
byzeinorrahman
 
PPTX
Week 4.pptx
byJohnLagman3
 
PPTX
Ethics for IT Professionals and IT Users
byalmario1988
 
PPT
Professional Ethics of IT
byMaria Stella Solon
 
PPT
IT Professional Ethics, Moral and Cu.ppt
byFrancisFayiah
 
PDF
20CS024 Ethics in Information Technology
byKathirvel Ayyaswamy
 
Ethics for IT Workers and IT Users (Presentation 2).pptx
bymica150fantasy
 
Ethics for it professionals and it users
byBhanja Kishor Samudra
 
13824518.ppt
byzeinorrahman
 
Week 4.pptx
byJohnLagman3
 
Ethics for IT Professionals and IT Users
byalmario1988
 
Professional Ethics of IT
byMaria Stella Solon
 
IT Professional Ethics, Moral and Cu.ppt
byFrancisFayiah
 
20CS024 Ethics in Information Technology
byKathirvel Ayyaswamy
 

Similar to 1. Ethics for IT Professionals and IT Users2. PrivacyE.docx

PPT
9781111534127 ppt ch02
bystanbridge
 
PPT
9781111534127 ppt ch02
bystanbridge
 
PPT
Ethic02
byLarcyneil Pascual
 
PPT
2_updated.ppt
byBandarAlmaslukh1
 
PPTX
LO1_Ethical Best Practices for IT Professionals_05_08_2024.pptx
bytomanmikey
 
PPT
Chapter 2 Ethics for IT Workers and IT Users.ppt
byvelasquezjanice952
 
PPT
ethcpp02.ppt
byfaridagushybana
 
PPTX
bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
byssuser0c4793
 
PPTX
Ethics for IT Workers and IT Users
byMark Jhon Oxillo
 
PDF
Ethics In Information Technology 3rd Edition George Reynolds
byjklrxgh5170
 
PPT
Chap05
byFathur Rohman
 
PPTX
Ethics in IT.pptx
bySikanderAnsari4
 
PPT
Ethical Issues In ICT
bykelly kusmulyono
 
PPTX
chapter 5.pptxggggggggggggggggggggggggggg
byadabotor7
 
PPTX
Professional practices in Software Industry
byfaiqhassan0880
 
PPTX
Final professional ethics for midterm(1)
byJUNAIDJUANID
 
PPTX
B ; PROFESSIONAL SOCIETIES.pptx
bysnowj7467
 
PPTX
Chap1_remaining ethics for managementremaining.pptx
byDEVKOTA Devi Bhakta
 
PPTX
Cyber-Law-and-Professional-Ethicsss.pptx
byprabeshxdezo
 
PDF
Chapter 2_dp-pertemuan 2&3
byUNIVERSITAS TEKNOKRAT INDONESIA
 
9781111534127 ppt ch02
bystanbridge
 
9781111534127 ppt ch02
bystanbridge
 
Ethic02
byLarcyneil Pascual
 
2_updated.ppt
byBandarAlmaslukh1
 
LO1_Ethical Best Practices for IT Professionals_05_08_2024.pptx
bytomanmikey
 
Chapter 2 Ethics for IT Workers and IT Users.ppt
byvelasquezjanice952
 
ethcpp02.ppt
byfaridagushybana
 
bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
byssuser0c4793
 
Ethics for IT Workers and IT Users
byMark Jhon Oxillo
 
Ethics In Information Technology 3rd Edition George Reynolds
byjklrxgh5170
 
Chap05
byFathur Rohman
 
Ethics in IT.pptx
bySikanderAnsari4
 
Ethical Issues In ICT
bykelly kusmulyono
 
chapter 5.pptxggggggggggggggggggggggggggg
byadabotor7
 
Professional practices in Software Industry
byfaiqhassan0880
 
Final professional ethics for midterm(1)
byJUNAIDJUANID
 
B ; PROFESSIONAL SOCIETIES.pptx
bysnowj7467
 
Chap1_remaining ethics for managementremaining.pptx
byDEVKOTA Devi Bhakta
 
Cyber-Law-and-Professional-Ethicsss.pptx
byprabeshxdezo
 
Chapter 2_dp-pertemuan 2&3
byUNIVERSITAS TEKNOKRAT INDONESIA
 

More from jeremylockett77

DOCX
M3 ch12 discussionConnecting Eligible Immigrant Families to Heal.docx
byjeremylockett77
 
DOCX
Loudres eats powdered doughnuts for breakfast  and chocolate that sh.docx
byjeremylockett77
 
DOCX
Lostinnocenceyoucouldexploreachildsoldierwhohasbeen.docx
byjeremylockett77
 
DOCX
Lori Goler is the head of People at Facebook. Janelle Gal.docx
byjeremylockett77
 
DOCX
Looking for someone to take these two documents- annotated bibliogra.docx
byjeremylockett77
 
DOCX
Lorryn Tardy – critique to my persuasive essayFor this assignm.docx
byjeremylockett77
 
DOCX
M450 Mission Command SystemGeneral forum instructions Answ.docx
byjeremylockett77
 
DOCX
Lymphedema following breast cancer The importance of surgic.docx
byjeremylockett77
 
DOCX
Love Beyond Wallshttpswww.lovebeyondwalls.orgProvid.docx
byjeremylockett77
 
DOCX
Longevity PresentationThe purpose of this assignment is to exami.docx
byjeremylockett77
 
DOCX
Look again at the CDCs Web page about ADHD.In 150-200 w.docx
byjeremylockett77
 
DOCX
M8-22 ANALYTICS o TEAMS • ORGANIZATIONS • SKILLS .fÿy.docx
byjeremylockett77
 
DOCX
Lombosoro theory.In week 4, you learned about the importance.docx
byjeremylockett77
 
DOCX
Looking over the initial material on the definitions of philosophy i.docx
byjeremylockett77
 
DOCX
Lucky Iron FishBy Ashley SnookPro.docx
byjeremylockett77
 
DOCX
Lucky Iron FishBy Ashley SnookMGMT 350Spring 2018ht.docx
byjeremylockett77
 
DOCX
look for a article that talks about some type of police activity a.docx
byjeremylockett77
 
DOCX
Look at the Code of Ethics for at least two professional agencies,  .docx
byjeremylockett77
 
DOCX
Locate an example for 5 of the 12 following types of communica.docx
byjeremylockett77
 
DOCX
Locate and read the other teams’ group project reports (located .docx
byjeremylockett77
 
M3 ch12 discussionConnecting Eligible Immigrant Families to Heal.docx
byjeremylockett77
 
Loudres eats powdered doughnuts for breakfast  and chocolate that sh.docx
byjeremylockett77
 
Lostinnocenceyoucouldexploreachildsoldierwhohasbeen.docx
byjeremylockett77
 
Lori Goler is the head of People at Facebook. Janelle Gal.docx
byjeremylockett77
 
Looking for someone to take these two documents- annotated bibliogra.docx
byjeremylockett77
 
Lorryn Tardy – critique to my persuasive essayFor this assignm.docx
byjeremylockett77
 
M450 Mission Command SystemGeneral forum instructions Answ.docx
byjeremylockett77
 
Lymphedema following breast cancer The importance of surgic.docx
byjeremylockett77
 
Love Beyond Wallshttpswww.lovebeyondwalls.orgProvid.docx
byjeremylockett77
 
Longevity PresentationThe purpose of this assignment is to exami.docx
byjeremylockett77
 
Look again at the CDCs Web page about ADHD.In 150-200 w.docx
byjeremylockett77
 
M8-22 ANALYTICS o TEAMS • ORGANIZATIONS • SKILLS .fÿy.docx
byjeremylockett77
 
Lombosoro theory.In week 4, you learned about the importance.docx
byjeremylockett77
 
Looking over the initial material on the definitions of philosophy i.docx
byjeremylockett77
 
Lucky Iron FishBy Ashley SnookPro.docx
byjeremylockett77
 
Lucky Iron FishBy Ashley SnookMGMT 350Spring 2018ht.docx
byjeremylockett77
 
look for a article that talks about some type of police activity a.docx
byjeremylockett77
 
Look at the Code of Ethics for at least two professional agencies,  .docx
byjeremylockett77
 
Locate an example for 5 of the 12 following types of communica.docx
byjeremylockett77
 
Locate and read the other teams’ group project reports (located .docx
byjeremylockett77
 

Recently uploaded

PPTX
Warehouse in Traceability Report - Odoo 19
byCeline George
 
PPTX
What are Forecast Reports in Odoo 18 CRM
byCeline George
 
PDF
Unit - I Communication Skills. B.pharmacy and D. Pharmacy
bySayyadTarannum
 
PPTX
THERAPEUTIC COMMUNICATION for 2nd year GNM, 2ND YEAR P.B.B.SC NSG, 5TH SEM B....
byparmarjuli1412
 
PDF
Statement-by-UK-PhD-cohort-to-the-Ghana-High-Commission-and-the-media.docx1_.pdf
bynservice241
 
PPTX
How to configure Client action in odoo 18
byCeline George
 
PPTX
Presentation - Opinion Editorial Basics.pptx
bygenelyn tallad
 
DOCX
ANATOMY NOTES- Dr. Sudhadevi Sadanandan
byDr. Sudhadevi Sadanandan
 
PDF
Genetic Erosion in Crop Plants: Causes, Consequences, and Conservation Strate...
bySatyam Sharma
 
PDF
BP605 T PHARMACEUTICAL BIOTECHNOLOGY UNIT 4 PART 1
byRushiMandali
 
PPTX
History in your Hands Class 2 November 2025.pptx
byEilsONeill
 
PDF
How to (Re)Build Your District's Enrollment Numbers
byMebane Rash
 
PPTX
Emminent personalities from agriculture sciences.pptx
byconvey2vivek
 
PPTX
How to Set Up Default Header_Footer in Odoo 18.2
byCeline George
 
PPT
Layers of the Earth crust and Lithosphere.ppt
bybonpat1954
 
PPTX
Tablets & Liquid orals Industrial pharmacy-I UNIT-2, B. Pharam V Semester PPT
byARUN KUMAR
 
PDF
2025 Caribbean Examinations Council CSEC Merit List
byCaribbean Examinations Council
 
PDF
Introduction to Genetics: The Foundation of Heredity and Variation- Understan...
bySatyam Sharma
 
PDF
Projects_for_Ministries,_Departments_&_Agencies2123341679.pdf
bynservice241
 
PPTX
How to Get Ahead in Marketing: Insights for University Students
byCareLineLive
 
Warehouse in Traceability Report - Odoo 19
byCeline George
 
What are Forecast Reports in Odoo 18 CRM
byCeline George
 
Unit - I Communication Skills. B.pharmacy and D. Pharmacy
bySayyadTarannum
 
THERAPEUTIC COMMUNICATION for 2nd year GNM, 2ND YEAR P.B.B.SC NSG, 5TH SEM B....
byparmarjuli1412
 
Statement-by-UK-PhD-cohort-to-the-Ghana-High-Commission-and-the-media.docx1_.pdf
bynservice241
 
How to configure Client action in odoo 18
byCeline George
 
Presentation - Opinion Editorial Basics.pptx
bygenelyn tallad
 
ANATOMY NOTES- Dr. Sudhadevi Sadanandan
byDr. Sudhadevi Sadanandan
 
Genetic Erosion in Crop Plants: Causes, Consequences, and Conservation Strate...
bySatyam Sharma
 
BP605 T PHARMACEUTICAL BIOTECHNOLOGY UNIT 4 PART 1
byRushiMandali
 
History in your Hands Class 2 November 2025.pptx
byEilsONeill
 
How to (Re)Build Your District's Enrollment Numbers
byMebane Rash
 
Emminent personalities from agriculture sciences.pptx
byconvey2vivek
 
How to Set Up Default Header_Footer in Odoo 18.2
byCeline George
 
Layers of the Earth crust and Lithosphere.ppt
bybonpat1954
 
Tablets & Liquid orals Industrial pharmacy-I UNIT-2, B. Pharam V Semester PPT
byARUN KUMAR
 
2025 Caribbean Examinations Council CSEC Merit List
byCaribbean Examinations Council
 
Introduction to Genetics: The Foundation of Heredity and Variation- Understan...
bySatyam Sharma
 
Projects_for_Ministries,_Departments_&_Agencies2123341679.pdf
bynservice241
 
How to Get Ahead in Marketing: Insights for University Students
byCareLineLive
 

1. Ethics for IT Professionals and IT Users2. PrivacyE.docx

  • 1.
    1. Ethics forIT Professionals and IT Users 2. Privacy Ethics in IT Reference: Professional Ethics for Computer Science by Klaus Mueller (Stony Brook University) Ethics for IT Professionals and IT Users Objective: • What key characteristics distinguish a professional from other kinds of workers, and what is the role of an IT professional? • What relationships must an IT professional manage, and what key ethical issues can arise in each? • How do codes of ethics, professional organizations, certification, and licensing affect the ethical behavior of IT professionals? • What are the key tenets of four different codes of ethics that provide guidance for IT professionals? • What are the common ethical issues that face IT users? • What approaches can support the ethical practices of IT users? 2
  • 2.
    IT Professionals Profession isa calling that requires: • specialized knowledge • long and intensive academic preparation Partial list of IT specialists: • Programmers • systems analysts • software engineers • database administrators • local area network (LAN) administrators • chief information officers (CIOs) 3 Are IT Workers Professionals? Legal perspective: • IT workers are not recognized as professionals • Not licensed • IT workers are not liable for malpractice IT professionals have many different relationships with: • Employers • Clients and Suppliers • Other professionals • IT users • Society at large
  • 3.
    4 Relationships Between ITProfessionals and Employers IT professionals must set an example and enforce policies regarding the ethical use of IT Software piracy is the act of illegally making copies of software or enabling others to access software to which they are not entitled Software piracy is an area in which IT professionals can be tempted to violate laws and policies The Business Software Alliance (BSA) is a trade group that represents the world’s largest software and hardware manufacturers • its mission is to stop the unauthorized copying of software produced by its members • penalties can be up to $100,000 per copyrighted work 5 Relationships Between IT Professionals and Employers
  • 4.
    Trade secret: • informationused in business • generally unknown to the public • company has taken strong measures to keep confidential • employees must sign a non-disclosure agreement (NDA) • problems due to high IT employee turn-over Whistle-blowing: attracts attention to a negligent, illegal, unethical, abusive, or dangerous act that threatens the public interest 6 Relationships Between IT Professionals and Clients • IT professional provides hardware, software, or services at a certain cost and within a given time frame • Client provides compensation, access to key contacts and work space • Relationship is usually documented in contractual terms Ethical problems arise if a company recommends its own products and services to remedy problems they detected
  • 5.
    • but acompany is unable to provide full and accurate reporting of a project’s status • company hired as consultants may recommend its affiliated products 7 Legal Overview Fraud, misrepresentation • crime of obtaining goods, services, or property through deception or trickery • fraud is proven in court Breach of contract • one party fails to meet the terms of a contract • schedule slippage, cost overruns, better product may be released by competitor during contract execution • can generate trials which are often settled out of court to minimize reputation damage 8 Relationships Between IT Professionals and Suppliers
  • 6.
    Develop good relationshipswith suppliers • deal fairly with them and don’t make unreasonable demands Bribery: providing money, property, or favors to someone in business or government to obtain a business advantage U.S. Foreign Corrupt Practices Act (FCPA) makes it a crime to bribe a foreign official, a foreign political party official, or a candidate for foreign political office IT projects are joint efforts in which vendors and customers work together: difficult to assign blame Bribery • at what point does a gift become a bribe? • no gift should be hidden • perceptions of donor and recipient can differ 9 Relationships Between IT and other professionals Professionals owe each other adherence to a profession’s code of conduct
  • 7.
    • there isa sense of mentorship and community Ethical problems between members of the IT profession • resumé inflation • inappropriate sharing of corporate information due to IT access 10 Relationships Between IT Professionals and IT Users IT user is a person for whom a hardware or software product is designed IT professionals’ duty • understand users’ needs and capabilities • deliver products and services that best meet those needs • establish an environment that supports ethical behavior by users 11 Relationships Between IT Professionals and Society
  • 8.
    Actions of anIT professional can affect society • society expect professionals to not cause harm (=trust) • society expects professionals to provide benefits • so there must be a sense of responsibility, also not to damage a professional sector’s reputation Corporations are taking actions to ensure good business ethics among employees 12 Professional Codes of Ethics A professional code of ethics states the principles and core values that are essential to the work of a particular occupational group • a law does not provide complete guide to ethical behavior Main parts: • outlines what the professional organization aspires to become • lists rules and principles by which members of the organization are expected to abide
  • 9.
    Benefits for individual,profession, and society • improves ethical decision making • promotes high standards of practice and ethical behavior • enhances trust and respect from the general public • provides an evaluation benchmark 13 Professional Organizations No universal code of ethics for IT professionals No single, formal organization of IT professionals has emerged as preeminent Professional organizations enable • building of professional and working relationships • sharing of useful information (stay up-to-date) • provides a stamp of adhering to defined standards Most prominent organizations include: • Association for Computing Machinery (ACM) • Association of Information Technology Professionals (AITP) • Computer Society of the Institute of Electrical and Electronics Engineers (IEEE-CS) • Project Management Institute (PMI) 14
  • 10.
    Certification Indicates a professionalpossesses a particular set of skills, knowledge, or abilities in the opinion of a certifying organization Can also apply to products Generally voluntary Carries no requirement to adhere to a code of ethics Can serve as a benchmarks for mastery of a certain skill set and knowledge • good way to document and structure the acquisition of new skills and knowledge • get re-certified to stay up-to-date 15 Vendor vs. Industry association Certification Vendor certifications (Cisco, IBM, Microsoft, etc.): • some certifications substantially improve IT workers’ salaries and career prospects • relevant for narrowly defined roles or certain aspects of broader roles
  • 11.
    • require passinga written exam • workers are commonly recertified as newer technologies become available Industry association certifications: • require a certain level of experience and a broader perspective than vendor certifications • lag in developing tests that cover new technologies 16 Government Licensing • Generally administered at the state level in the United States (examples: CPAs, doctors, lawyers, etc.) but also engineers that perform engineering services for the public Case for licensing IT professionals • encourage IT professionals to follow the highest standards of the profession • practice a code of ethics where violators would be punished by law • without it there is no incentive for heightened care and no concept of malpractice • licensing of IT professionals may improve today’s very complex IT systems
  • 12.
    17 Government Licensing Adverse issuesassociated with government licensing of IT professionals: • there are few international or national licensing programs for IT professionals • no universally accepted core body of knowledge • unclear who should manage content and administration of licensing exams • no administrative body to accredit professional education programs • no administrative body to assess and ensure competence of individual professionals 18 IT Professional Malpractice Negligence: • not doing something that a reasonable man would do, or doing something that a reasonable man would not do
  • 13.
    Duty of care: •the obligation to protect people against any unreasonable harm or risk Courts consistently reject attempts to sue individual parties for computer-related malpractice 19 Common Ethical issues for IT Users Employees’ ethical use of IT is a growing concern: Software piracy: copying work software for use at home (even when doing some work at home) is considered piracy Inappropriate use of computing resources • surf work-unrelated websites • send questionable email Inappropriate sharing of information • private data • confidential information 20
  • 14.
    Supporting the EthicalPractices of IT Users Policies that protect against abuses: • establish boundaries of acceptable and unacceptable behavior • enable management to punish violators Policy components include: • defining and limiting appropriate use of IT resources • establishing guidelines for use of company software • structuring information systems to protect data and information • installing and maintaining a corporate firewall 21 Privacy Protection and the Law Ethical conundrum: • IT technology allows businesses to gather information • must balance the needs of those who use this information against the privacy rights of those people whose information may be used • Systems collect and store key data from every interaction with customers – purchasing habits, contacts, search terms, etc.
  • 15.
    • Many peopleobject to data-collection policies of government and business – strips people of the power to control their own personal information – but IT does it on a regular basis.... 22 Privacy Protection and the Law (cont.) Privacy • key concern of Internet users • top reason why non-users still avoid the Internet (according to US Census data) Reasonable limits must be set • information and communication technologies must be developed to protect privacy, rather than diminish it Historical perspective on the right to privacy • Fourth Amendment (1789) - reasonable expectation of privacy protection against unreasonable searches and seizures 23
  • 16.
    Key Privacy andAnonymity Issues • Government electronic surveillance • Data encryption • Identity theft • Customer profiling • Need to treat customer data responsibly • Workplace monitoring • Spamming • Advanced surveillance techniques 24 Government Electronic Surveillance • USA Patriot Act of 2001: “Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism” • passed just after 9/11 – although more than 340 pages and quite complex, passed into law just five weeks after being introduced • gives sweeping new powers to – domestic law enforcement wiretaps without court order – international intelligence agencies • critics argue it removes checks & balances that previously gave
  • 17.
    courts opportunity toensure that law enforcement agencies did not abuse their powers • contains several “sunset” provisions for increased searches & electronic surveillance (terminated on 12/31/05) • amendment to FISA: Foreign Intelligence Surveillance Act 25 Data Encryption Cryptography : science of encoding messages • only sender and intended receiver can understand the messages • key tool for ensuring confidentiality, integrity, authenticity of electronic messages and online business transactions Encryption: process of converting electronic messages into a form understood only by the intended recipients Encryption key • a (large random) value applied using an algorithm to encrypt or decrypt text • length of key determines strength of encryption algorithm 26
  • 18.
    Data Encryption Public keyencryption system uses two keys: public and private key • message recipient’s public key �readily available and used for encryption • message recipient’s private key � mathematically related to public key � kept secret and used for decryption RSA - a public-key encryption algorithm (RSA keys typically 1024– 2048 bits long) Private key encryption system – single key to encode and decode messages – issue of secretly distributing private key to sender/receiver paramount 27 Public Key Encryption 28 Data Encryption
  • 19.
    Despite potential managementand administration headaches most people agree encryption eventually must be built into – networks – file servers – tape backup systems Seagate Technology hard drive – automatically encrypts all data – must know password to access data U.S. Arms Export Control Act controls the export of encryption technology, hardware, and software – violators face 10-year jail term and $1M fine 29 Identity Theft Theft of key pieces of personal information to gain access to a person’s financial accounts • using this info, ID thief may apply for new credit or financial accounts, register for college courses, etc—all in someone else’s name Information includes:
  • 20.
    – name – address –date of birth – Social Security number – passport number – driver’s license number – mother’s maiden name 30 Identity Theft (Cont.) Fastest growing form of fraud in the United States • victims spend >600 hours over several years recovering from ID theft Lack of initiative by companies in informing people whose data was stolen “The personal information of 90,000 people in a Stony Brook University database was accidentally posted to Google & left there until it was discovered almost two weeks later.” Phishing : attempt to steal personal identity data • by tricking users into entering information on a counterfeit Web site (spoof emails)
  • 21.
    • spear-phishing -a variation in which employees are sent phony e- mails that look like they came from high-level executives within their organization 31 Identity Theft (Cont.) Spyware • keystroke-logging software downloaded to user’s computer without consent • enables the capture of: – account usernames – passwords – credit card numbers – other sensitive information • operates even if an infected computer is not connected to the Internet • records keystrokes until users reconnects; data collected then emailed to spy or posted to a web site Identity Theft and Assumption Deterrence Act of 1998 was passed to fight Identity fraud • makes it a Federal felony (3-25 yrs in prison) 32
  • 22.
    Identity Theft (Cont.) Spyware •keystroke-logging software downloaded to user’s computer without consent • enables the capture of: – account usernames – passwords – credit card numbers – other sensitive information • operates even if an infected computer is not connected to the Internet • records keystrokes until users reconnects; data collected then emailed to spy or posted to a web site Identity Theft and Assumption Deterrence Act of 1998 was passed to fight Identity fraud • makes it a Federal felony (3-25 yrs in prison) 33 Consumer Profiling Companies can collect info about consumers without their explicit permission! Companies openly collect personal information about Internet users
  • 23.
    • when theyregister at web sites, complete surveys, fill out forms or enter contests online Cookies • text files a web site places on user’s hard drive so that it can remember info • examples: site preferences, contents of electronic shopping cart • cookie are sent back to server unchanged by browser each time it accesses that server Tracking software • identify visitors to your web site from e.g. pay-per-click accounts 34 Consumer Profiling (Cont.) Similar methods used outside the Web environment • marketing firms warehouse consumer data • foer example, credit card purchases, frequent flier points, mail- order catalogue purchases, phone surveys Databases contain a huge amount of consumer behavioral data
  • 24.
    Affiliated Web sites: •group of web sites served by single advertising network • DoubleClick tracks ad clicks and web purchases: useful for marketers and sellers Customized service for each consumer • marketers use cookies to recognize return visitors and store useful info about them 35 Consumer Profiling (Cont.) Types of data collected while surfing the Web • GET data: affiliated web sites visited and info requested • POST data: form data • Click-stream data: monitoring of consumer surfing activity Four ways to limit or even stop the deposit of cookies on hard drives • set the browser to limit or stop cookies • manually delete them from the hard drive • download and install a cookie-management program • use anonymous browsing programs that don’t accept cookies – e.g. anonymizer.com allows you to hide your identity while browsing
  • 25.
    36 Consumer Profiling (Cont.) Personalizationsoftware used by marketers to optimize number, frequency, and mixture of their ad placements • Rules-based: uses business rules tied to customer-provided preferences or online behavior to determine most appropriate page views • Collaborative filtering: consumer recommendations based on products purchased by customers with similar buying habits • Demographic filtering: considers user zip codes, age, sex when making product suggestions • Contextual commerce: associates product promotions/ads with content user is currently viewing Platform for Privacy Preferences (P3P) • shields users from sites that don’t provide desired level of privacy protection • P3P software in a browser will download privacy policy for each site visited and notify users if policy does not match their preferences 37
  • 26.
    Treating Consumer DataResponsibly Strong measures are required to avoid customer relationship problems Code of Fair Information Practices and 1980 OECD privacy guidelines • companies collect only personal info necessary to deliver its products/services • protects this info • informs customers if it intends to use this info for research or marketing • provides a means for customers to opt out Chief privacy officer (CPO) • executive to oversee data privacy policies and initiatives • avoids violating government regulations and assures customers that their privacy will be protected 38 Workplace Monitoring Ethical conundrum: ensure worker productivity without violating privacy rights of employees
  • 27.
    Employers monitor workers •record email, surfing activity, files, even videotaping employees on the job • ensures that corporate IT usage policy is followed Fourth Amendment cannot be used to limit how a private employer treats its employees • public-sector employees have far greater privacy rights: • “reasonable expectation of privacy” Katz v. U.S. 1998 Supreme Court ruling Privacy advocates want federal legislation • to keep employers from infringing upon privacy rights of employees • inform employees of electronic monitoring devices; restrict type of info collected 39 Spamming Transmission of same e-mail message to large number of people The Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act 2004 says it is legal to spam but
  • 28.
    • spammers cannotdisguise their identity • there must be a label in the message specifying that the e-mail is an ad or solicitation • they must include a way for recipients to indicate they do not want future mass mailings (i.e. opt out) • may have actually increased the flow of spam as it legalizes the sending of unsolicited e-mail 40 Advanced Surveillance Technology Provides exciting new data-gathering capabilities vs. personal- privacy issues • advocates: people have no legitimate expectation of privacy in public places • critics: creates potential for abuse – intimidation of political dissenters, blackmail of people caught with “wrong” person or in “wrong” place Camera surveillance: U.S. cities plan to expand surveillance systems
  • 29.
    • London hasone of world’s largest public surveillance systems • “Smart surveillance system” singles out people acting suspiciously Facial recognition software: identifies criminal suspects and other undesirable characters Global Positioning System (GPS) chips Placed in many devices to precisely locate users 41