Development of A Code of Ethics: Information Technology (IT) Challenges

Abu Mohammed Fofana, PhD.
School of Business & Technology Management, Northcentral University. San Diego, California.

Defined as a set of moral guidance that controls the use of computers, codes of computer ethics tackle issues of privacy, copyright, and intellectual poverty concerns and how the uses of computers affect society. Business organizations invest an enormous capital in information technology. Global investment in information technology increased to $3.4 trillion in 2008 and $ 3.6 trillion in 2009. That trend will continue.  Information Technology (IT) has become the difference between businesses’ success and failure. It helps companies and individuals to do things faster, better and smarter.

Consequently, the way we work, communicate, learn, plan, and interact has become closely interwoven. However, the ubiquities of information technology and the continuous rise in the number of those who use it, have concomitantly raised the number of ethical issues that affect privacy and property rights as most computer users are bent on invading personal and private property rights. Also, they steal intellectual property, copyright materials such as music and movies and commit cybercrimes. Software and music thefts cost business firms in the US $100 billion per year. Pirated software constitutes more than 80 percent of software.

 Business organizations respond to these potential and real ethical issues differently. Some firms develop codes of ethics or standards of professional conduct that are ambiguous. The boundaries between ethical standards and the overarching objective of corporate goals are not clear (Edition, 2010). For the ethical codes of conduct to be an effective tool in protecting corporate IT security investment, the code must strike a balance between the interests of stockholders and stakeholders or social responsibility and IT managers must emphasize making ethics a center of the corporate culture. It should clearly define corporate expectations by identifying ethical issues and values that the organization finds significant; identify behaviors that are acceptable or unacceptable, provide a behavioral benchmark for self-evaluation, promote high standards of practices and teach employees what to do in case of improper or illegal use of company equipment, data or other breaches.

This paper seeks to critically analyze ethical standards and the challenges they pose to information technology professionals. It will begin with societal, ethical changes information has caused and interpret ethics in an academic setting, especially regarding academic integrity and the code of conduct.

Societal ethical changes caused by information technology

The effect of the unethical behaviors of corporate leaders such as Dennis Kozlowski (Tyco International), Kenneth Lay (Enron), Bernard Ebbers (WorldCom), Richard Scrushy (HealthSouth Corporation), et al., has dramatically intensified the necessity for ethics in business. The Sarbanes Oxley Act of 2002 and the Dodd-Frank Wall Street and Consumer Protection Act to name a few have been enacted to thwart corporate greed and unethical behaviors.

When computer usage became somewhat popular between 1980 and 1990, there was nothing like ethical standards of conduct that governed the use of information technology. Computer users then were few, and so there were not egregious ethical breaches. Today, the number of computer users has risen to 2 billion. The social network on Facebook has surpassed 1.19 billion users. Everyone with a computer can connect to the information superhighway. The net is neutral, and there are no restrictions or limits to its use. With the unfettered access to the World Wide Web and the ease with which people communicate and do business online has raised the level of unethical behavior of computer users across the globe making it difficult, if not, impossible to track down computer criminals and those who are bent on invading other people’s privacy and stealing their property and identity. In December 2013, Target retail store, for instance, was hacked. The breach in the store’s security impacted 40 million credit card and debit card numbers. The ability of IT departments and professionals to protect information technology property through ethical standards of conduct internally and avert external breaches such as industrial espionage is an acid test to their leadership. Many companies have developed standard codes of ethics that continue to make headway in achieving the goal of protecting IT corporate property from internal, as well as external assault. They do so by crafting a full IT code of ethics, engaging financial and moral support of top managers, and collectively modeling those standard codes of ethics.

The Ethical Use of Information Technology

Information Technology helps companies and individuals to work faster, better and smarter. Computers have become the fulcrum-the alpha and omega of business. Business firms and individuals use computers to communicate via email, make online purchases, make transactions and interact with relatives and friends via groupware. Anything that firms do in physical edifices can be done online with speed, ease, and efficiency. Online, business hold meetings, make presentations, store data using cloud technology, exchange data live, attend seminars, attend online classes, access data, and information and execute procurement to name a few. Despite these positive usages of computers, the use of technology and computer-related business activities such as automation, outsourcing, and cyber-crime can adversely affect employment, privacy, working condition, and individual wellbeing.

Moreover, those who use computers to cause harm to others by, among other things, stealing personal and private data, spreading viruses, committing cyber crimes, cybersquatting, committing industrial espionage, spamming, flaming and spreading false information. Security threats against IT departments pose ethical and legal challenges on two fronts: internal and external. Studies show that 35 percent of IT professionals have had illegal access to corporate data. Another poll conducted by Cyber-Ark in 2009 found that 60% of information technology employees have hacked another person’s computer. Businesses and individuals have concrete evidence of insurmountable threats that outsiders pose to privacy and property both public and private.

The combination of internal and external threats to corporate security has continued to pose a stiff challenge to IT departments and professionals. Since many IT managers are without any ethical backgrounds or modeling behaviors that can positively impact subordinates in a positive manner, finding sustainable solutions is often elusive. For information technology leaders to alter the status quo, they must develop a sense of “concern about the moral principle involved and knowing that it’s simply the right thing to do”. Modeling moral and ethical behavior can trickle down to subordinates positively. Merely being concerned about ethics and morality is not however enough. The executives must set the right corporate culture and corporate social responsibility environment by among other things: crafting procedures, policies, and standard of conduct; making it easier for and protecting people who report ethical breaches; punishing violators and rewarding those who do the right things. Responding swiftly to problems when they occur, correcting ethical issues expeditiously and launching continuous training in ethics can improve moral behaviors and enhance ethical decision-making. It also helps the organization upgrade the code should new challenges emerge. Training formats may include lectures, mass-emails, PowerPoint presentations, videos, transcripts, and hard copies.

The development of a code of ethics associated with these ethical issues

The importance of having written codes can help the company manage ethical computer-related problems, ensure the accuracy, integrity, and safety of business operations such as e-commerce, reduce errors, fraud and IT security breaches, better communicate ethical dilemmas and reinforce and maintain a work environment that is supported by top management. Unfortunately, only about 55% of companies distribute written ethical codes to employees, and only 11% of companies provide ethical training to employees. A British study also found that only 42% of companies surveyed had codes (Pierce & Henry, 1996). It is good business to have ethical standards of conduct that define its expectations; punish unethical behavior and encourage employees to put the goal of the company ahead of personal gain. This can also have a significant impact on decision-making. The success of the ethical code is also dependent on the quality of training and respect for diversity.

Enforcement issues related to a code of ethics for information technology

IT management performs two functions: Internal and external. Internally, IT professionals protect physical property –software and hardware-from abuse and deter and track criminal activities. They also have the responsibility of protecting the network, personal information, and company property rights. Externally, they ensure that the company data and rights are protected from hackers and industrial espionage activities. Between 50-90% of the United States sustain big dollar losses due to abuse of IT nodes. The enforcement of codes of ethics for IT depends on four factors: leadership commitment, corporate culture, continuous training, and ethical enforcement framework. Leadership engagement and buy-in are paramount to enforcing the code of conduct; the better their collaboration and total commitment, the more likely for employees to comply and therefore the better to execute the code. A study shows that when corporate leaders model ethical as well as corporate social responsibility, it profoundly impacts employees’ behaviors.

That is why a corporate culture that rewards good performance behaviors and punishes the noncompliant is pivotal to the code of ethics enforcement mechanism. Training people about what is at stake and setting up milieus conducive to reporting violators. A study in legal and ethical issues shows that fewer employees know IT policies and procedures. Educating and informing employees about the importance of a code of conduct and why everyone without exception, must help reduce resistance and noncompliance. Education also comes in the form of software and hardware user training modules. The most IT ethical policy breaches result from users’ inability to use the network, software or programs. In other words, by making sure that everyone is well trained and skilled to interact and perform in conformity with the code of conduct, several violators can be reduced or eliminated. The ethical enforcement committee oversees the design and development of ethical codes of conduct. It must communicate ethical policies and procedures to employees and monitor and measure outcomes. One of the essential elements of an impartial, ethical framework is that it integrates all activities of employees in terms of how they follow or attend ethical training and gather data on those who do not comply with ethical procedures. It also recommends punishment for those who violate ethical procedure. As far as physical property is concerned, the ethical enforcement group can recommend actions as to what to do in case of theft as well. The recommendation can include collaboration with local as well as national law enforcement agencies aimed at bringing ethical violators to justice The framework should also provide employees more than one channel for reporting unethical behaviors, eliminate of fears of retribution for whistleblowers and those who ask questions and investigate and resolve issues as swiftly as possible.

Interpret how a code of ethics would be established within an academic setting, especially with the advancement of the online educational environment

Online education is equal to or even better than face-to-face or traditional education. It is growing at a surprising rate (Carrol & Burke, 2010). Educational institutions must be the forerunner of perpetuating standards of ethics and social responsibility. Educational leaders must focus on molding the minds of students to think and reflect on bigger things, strive towards long term perspectives and engage in civic duties and community development. They make them understand that the alternative to ethics is anarchy and chaos. Therefore, the ultimate success and failure of our world depend on the way we consider and apply ethics in our lives, work and interact with others both internally and externally. The fact that computer use has become the stock and trade of learning, both in pursuit of online as well face-to-face learning, the ability for educational institutions to stand up to the danger of ethical breaches is an acid test to the acumen of educational administrators. The first place to start is preparing policies and set standards of Academic misconduct that cover discussion on ethics as well as ethical behaviors and social responsibility. Universities should also help students to “recognize ethical issues, develop critical thinking and self –confrontation skills, encourage tolerance, elicit a sense of moral obligation and develop a personal code of ethics”. Educational institutions must also be able to engage students at the deeper level, to undertake deep learning of the abstract principles of philosophy that underpin ethics.

Conclusion

The universality of information technology and the ever-increasing number of its users will continue to pose threats to individual and corporate rights and property. These threats come from within as well as outside. Inside risks include computer abuse, theft, fire hazards, snooping into other peoples’ data and misuse of corporate information technology property. External threats include hacking, system intrusion, computer crime, cyber-attack, social engineering, and industrial espionage. The fact that the net is neutral and anyone –good or bad-with a computer can connect has made it troublesome to make comprehensive standards of conduct that can protect the individual as well as business transactions online. Regarding the conduct of internal use of IT, corporate leaders can enforce the management and control of the ethical standard of behavior. How to achieve this depends, however, on the implementation of various factors including top management support, putting in place clear corporate culture that has a corporate social responsibility, and infrastructural framework capable of monitoring the extent to which ethical standards of conduct, continuous training on ethical as well as legal issues.

References

Alfredo, D. (2014). The history of computers in business. Retrieved from http://www.ehow/about_5299598_history-computers-business.html

Bridgeman, T. (2010). Beyond the manager’s moral dilemma: rethinking the ’ideal-type’ business ethics case. Journal of Business Ethics, 312-321 http://dx.doi.org/10.1007/s10551-011-0759-3

Brooks, R. (2010). The development of code ethics: an online classroom approach to making connections between ethical foundations and the challenges presented by information technology. American Journal of Business Education, 3(10), 1-11

Carrol, N., & Burke, M. (2010). Learning effectiveness using different teaching modalities []. American Journal of Business Education, 3(12), 65-76

Computers sold this year worldwide. (2012). Retrieved from http://www.worldometers.info/computers

Edition, C. (2010). Sks7000-executive concepts in business strategy. Upper Saddle River, NJ: Prentice-Hall.

Facebook passes 1.19 billion monthly active users. (2013). Retrieved from http://thenextweb.com/facebook/2013/10/30/facebook-passes-1-19-billion-monthly-active-users-875-million-on-mobile-users-728-million-daily-users

Grebert, P. G., Cragnolini, C. J., Worsfold, K., & Webb, F. (2004, April 4). Griffith graduate attributes ethical behavior and social responsibility toolkit []. Ethical Behavior and Social Responsibility, 2-47. Retrieved from http://wwwgriffith.edu.au/_data/assets/pdf_file/0009/290691/ethical-behaviour.pdf

Maginnis, J., & Charles, J. P. (2009). Building a strong ethical culture. Pennsylvania CPA Journal.

Osowski, B. (2012). Health care industry codes of conduct-a must have? Journal of Health Care Compliance, 64

Pierce, M. A., & Henry, J. W. (1996). Computer ethics: the role of personal, informal, and formal codes. Journal of Business Ethics, 425-437

Quarshie, H. O. (2012). Ethical challenges in a computer society. Journal of engineering trends in computing and information sciences, 3, 1495. Retrieved from www.cisjournal.org

Reynolds, G. W. (2010). Information technology for managers. Boston, MA: Cengage learning.

Rottig, D., & Heischmidt, K. A. (2007). The importance of ethical training for the improvement of ethical decision-making: evidence from Germany and the United States. Journal of Teaching in International Business, 14(4), 5-35, http://dx.doi.org/10.1300/j066v18n04_02

Stephens, W., Vance, C. A., & Pettegrew, L. S. (2012). Embracing Ethics and Morality. The CPA Journal, 16-21.

Warren, E. (). Legal, ethical, and professional issues in information security. In Legal, ethical, and professional issues in information security (pp. 89-116) Retrieved from www.asil.org

Wolff, J. (). Why the cyberinsurance industry is a mess. Retrieved from http://www.slate.com/articles/technology/future_tense/2014/06/target_breach_cyberinsurance_is_a_mess.htm

Subscribe To LIPD Newsletter

Subscribe To LIPD Newsletter

 Join over 5,700 subscribers & get seminal articles, latest news, and updates from our team dedicated to Liberia’s democracy, stability, and prosperity.

Thank you! Your Newsletter is on the way soon