Security, Privacy, and Ethical Issues in Information Systems and the Internet

Principles of Information Systems, Sixth EditionChapter 14

Chapter 14

Security, Privacy, and Ethical Issues in Information Systems and the Internet

At a Glance

Instructor’s Manual Table of Contents

Chapter Overview

Chapter Outline

Chapter Principles and Objectives

Teacher Notes

Quick Quizzes

Teaching Tips

Further Readings or Resources

Discussion Questions

Projects to Assign

Key Terms

Chapter Overview

Chapter 14 emphasizes the importance of encouraging ethical behavior in the workplace as a means of reducing computer crime, waste, and computer-related health problems. Managers and users at all levels play a major role in helping organizations achieve the positive benefits of IS. These individuals must also take the lead in helping to minimize or eliminate the negative consequences of poorly designed and improperly utilized information systems. For managers and users to have such an influence, they must be properly educated.

Chapter Outline

Lecture Topics / Page #
Computer Waste and Mistakes / 14-3
Computer Crime / 14-3
Privacy / 14-5
The Work Environment / 14-5

Chapter Principles and Objectives

Principles / Learning Objectives
Policies and procedures must be established to avoid computer waste and mistakes. /

• Describe some examples of waste and mistakes in an IS environment, their causes, and possible solutions.
• Identify policies and procedures useful in eliminating waste and mistakes.

Computer crime is a serious and rapidly growing area of concern requiring management attention. /

• Explain the types and effects of computer crime.
• Identify specific measures to prevent computer crime.
• Discuss the principles and limits of an individual’s right to privacy.

Jobs, equipment, and working conditions must be designed to avoid negative health effects. /

• List the important effects of computers on the work environment.
• Identify specific actions that must be taken to ensure the health and safety of employees.
• Outline criteria for the ethical use of information systems.

Teacher Notes

Computer Waste and Mistakes

The U.S. government is the largest single user of information systems in the world. It should come as no surprise then that it is also perhaps the largest misuser. The government is not unique in this regard as the same type of waste and misuse found in the public sector also exists in the private sector. Some companies discard old software and even complete computer systems when they still have value. Others waste corporate resources to build and maintain complex systems never used to their fullest extent. A less dramatic, yet still relevant, example of waste is the amount of company time and money employees may waste playing computer games, sending unimportant e-mail, or accessing the Internet. Junk e-mail, also called spam, and junk faxes also cause waste.

Despite many people’s distrust, computers themselves rarely make mistakes. Even the most sophisticated hardware cannot produce meaningful output if users do not follow proper procedures. Mistakes can be caused by unclear expectations and a lack of feedback, or a programmer might develop a program that contains errors. In other cases, a data entry clerk might enter the wrong data. Unless errors are caught early and prevented, the speed of computers can intensify mistakes. As information technology becomes faster, more complex, and more powerful, organizations and individuals face increased risks of experiencing the results of computer-related mistakes.

To remain profitable in a competitive environment, organizations must use all resources wisely. Preventing computer-related waste and mistakes like those just described should therefore be a goal, and should also involve: (1) establishing, (2) implementing, (3) monitoring, and (4) reviewing effective policies and procedures.

Quick Quiz

1. Who is the largest single user of information systems in the world?

ANSWER: U.S. Government

1. What is another name for junk e-mails?

ANSWER: Spam

1. True or False: The speed of computers can intensify mistakes?

ANSWER: True

1. What can help prevent computer-related waste and mistakes?

ANSWER: Policies and procedures

Computer Crime

A computer can be used as a tool to gain access to valuable information and as the means to steal thousands or millions of dollars. It is, perhaps, a question of motivation as many individuals who commit computer-related crime claim they do it for the challenge, not for the money. Credit card fraud, whereby a criminalillegally gains access to another’s line of credit with stolen credit card numbers, is a major concern for today’s banks and financial institutions.

In general, criminals need two capabilities to commit most computer crimes. First, the criminal needs to know how to gain access to the computer system and second, he/she must know how to manipulate the system to produce the desired result. Frequently, a critical computer password has been talked out of an individual, a practice called social engineering, or the attackers simply go through the garbage (dumpster diving) for important pieces of information that can help crack the computers or convince someone at the company to give themmore access.

Identity theft is a crime in which an imposter obtains key pieces of personalidentification information, such as social security or driver’s license numbers, inorder to impersonate someone else. The information is then used to obtaincredit, merchandise, and services in the name of the victim, or to provide thethief with false credentials. In addition, there are over 2,000 Web sites that offer digital tools, for free, that will let people snoop, crash computers, hijack control of amachine, or retrieve a copy of every keystroke.

A computer can also be the object of a crime, rather than the tool for committingone.Tens of millions of dollars of computer time and resources are stolen everyyear. Each time system access is illegally obtained, data or computer equipmentis stolen or destroyed, or software is illegally copied, the computer becomes theobject of crime. These crimes fall into several categories: illegal access and use,data alteration and destruction, information and equipment theft, software andInternet piracy, computer-related scams, and international computer crime.

Quick Quiz

1. _____ is a crime in which an imposter obtains key pieces of personal identification information, such as social security or driver’s license numbers, in order to impersonate someone else.

ANSWER: Identity theft

1. Wannabe crackers with little technical savvy who download programs that automate the job of breaking into computers are called ____.

ANSWER: script bunnies

1. A(n) _____ is a person that enjoys computer technology and spends time learning and using computer systems.

ANSWER: hacker

1. A computer-savvy person that attempts to gain unauthorized access to computer systems is normally referred to as a(n) _____.

ANSWER: cracker

Privacy

The issue of privacy deals with the right to be left alone or to be withdrawn from public view. With information systems, privacy deals with the collection and use, or misuse of data. Data is constantly being collected and stored on each of us, and is often distributed over easily accessed networks without our knowledge or consent. This issue must be addressed.

The right to privacy at work is also an important issue. Currently, the rights of workers who want their privacy, and the interests of companies that demand to know more about their employees are in conflict. E-mail also raises some interesting issues about work privacy. Federal law permits employers to monitor e-mail sent and received by employees. Furthermore, e-mail messages that have been erased from hard disks may be retrieved and used in lawsuits because the laws of discovery demand that companies produce all relevant business documents.

Some people assume that there is no privacy on the Internet and that you use it at your own risk. Others believe that companies with Web sites should have strict privacy procedures and be accountable for privacy invasion. However, the courts are not clear on this issue. Regardless of your view, the potential for privacy invasion on the Internet is huge. People wanting to invade your privacy could be anyone from criminal hackers to marketing companies to corporate bosses. Your personal and professional information can be seized on the Internet without your knowledge or consent.

Quick Quiz

1. _____ is a screening technology that shields users from Web sites that donot provide the level of privacy protection they desire

ANSWER: Platform for Privacy Preferences (P3P)

1. Federal law permits employers to monitor _____ sent and received by employees.

ANSWER: e-mail

1. A good database design practice is to assign a single unique _____ to eachcustomer

ANSWER: identifier

The Work Environment

The use of computer-based information systems has changed the makeup of theworkforce. Jobs that require IS literacy have increased, and many less-skilled positionshave been eliminated. Corporate programs, such as reengineering and continuousimprovement, bring with them the concern that, as business processes arerestructured and ISs are integrated within them, the people involved in theseprocesses will be removed. However, the growing field of computer technology and IS has opened up numerous avenues to professionals and nonprofessionals of all backgrounds. Enhanced telecommunications has been the impetus for new types of business and has created global markets in industries once limited to domestic markets.

Organizations can increase employee effectiveness by paying attention to the healthconcerns in today’s work environment. For some people, working with computers can cause occupational stress. Computer use may affect physical health as well. Strains, sprains, tendonitis, and other problems account for more than 60 percent of all occupational illnesses and about a third of workers’ compensation claims, according to the Joyce Institute in Seattle. Other work-related health hazards involve emissions from improperly maintained and used equipment.

Many computer-related health problems are minor and are caused by poorly designed work environments. The computer screen may be hard to read, with glare and poor contrast. Desks and chairs may also be uncomfortable. Keyboards and computer screens may be fixed in place or difficult to move. The hazardous activities associated with these unfavorable conditions are collectively referred to as work stressors. Although these problems may not be of major concern to casual users of computer systems, continued stressors such as repetitive motion, awkward posture, and eyestrain may cause more serious and long-term injuries. If nothing else, these problems can severely limit productivity and performance.

Quick Quiz

1. What injury can be caused by performing the same action over and over?

ANSWER: Repetitive stress injury (RSI)

1. What term is used to describe an aggravation of the pathway for nerves that travel through the wrist?

ANSWER: Carpal Tunnel Syndrome (CTS)

1. What study results in the design and placement of equipment for employee safety and health?

ANSWER: Ergonomics

1. True or False: Exercise can help prevent repetitive stress injuries.

ANSWER: True

Teaching Tips

• Invite a speaker from the University health center to discuss work-related and computer-related health problems.

• Use an on-line chat room and encourage students to discuss various ethical issues in an anonymous fashion.
• Use classroom debates to make stands on either side of ethical issues.
• Ask students to develop their own ethical standards for computer use in the College of Business.
• Take an anonymous survey about software and digital music piracy. Discuss the results.
• Bring in a diskette that has a virus and demonstrate to students how viruses can be removed with appropriate software. Be careful on this one!

Further Readings or Resources

Readings

Baird, R., Ramsower, R.M., Rosenbaum, S.E. eds. 2000. Cyberethics : Social & Moral Issues in the Computer Age. Prometheus Books.

E-mail Virus Protection Handbook, Syngress Media Inc. 2000.

Schmauder, P. (2000). Virus Proof : The Ultimate Guide to Protecting Your PC, Prima Publishing.

Computer Viruses Sites

Computer Ethics Sites

Discussion Questions

Some interesting topics of discussion in this chapter include the following:

Discuss Information systems use in public schools.

Discuss the issue of free speech versus protection of children on-line.

Discuss the impact of viruses on organizations.

Projects to Assign

1. Assign Review Questions: 1, 3, 8, 11, and 15.
2. Assign Problem Solving Exercise 1.
3. Assign Team Activity 3 or Web Exercise 2 or Case 3.

Key Terms

Antivirus programs - programs or utilities that prevent viruses and recover from them if they infect a computer.

Application virus - infect executable application files such as word processing programs.

Ergonomics -the study of designing and positioning computer equipment for employee health and safety.

Hacker -a person who enjoys computer technology and spends time learning and using computer systems.

Identity theft -a crime in which an imposter obtains key pieces of personal identification information, such as social security or driver’s license numbers, in order to impersonate someone else.

Virus -a program that attaches itself to other programs.

Worm -an independent program that replicates its own program files until it interrupts the operation of networks and computer systems.

14-1