Ethics of information security in a Workplace
Loch, K. D., Conger, S., & Oz, E. (1998). Ownership, privacy and monitoring in the workplace: a debate on technology and ethics. Journal of Business Ethics, 17(6), 653-663.
This article is aimed at providing the larger audience an overview of the ethics of the workplace related to the issues of ownership, privacy and monitoring in a working environment. There are practical examples to demonstrate how ethics play an important role in working environments related to information privacy but still there is less consensus on uniquely identifying specific ethical issues. Employees at different organization may define ethics from their own perspective which makes it difficult to implement code of conducts that have been suggested to be incorporated in the day to day activities at working places.
Researchers have shed light on the implication of ethics in the day today life of human beings and they have concluded that though human beings are intrinsically aware of the importance of the ethical code of the daily life, they may or may not act upon these codes. There is still a long to go for humans to come to consensus on the issues of ethics. This is difficult due to the fact that humans have personal agendas and interests that could conflict with the interests of others. The authors have argued that there is no quick fix solution to the issues if identifying ethics and a multi-phased solution needs to be articulated.
The authors of the article have suggested a step wise solution to address the ethical issues in the field of IT. They have suggested that IT professional need to develop micro-norms. This has to be done as an IT community. This process would identify specific issues and then the ethical actions that would be appropriate and normal in that specific situation. Though this would be very difficult in my opinion as the definition of “normal” is in itself a huge debate in any walk of life. So the IT community must sit together and find a definition to what is “normal” in IT and especially the field of information security. Technology is growing rapidly but the speed of consensus on ethical issues is very slow in my opinion.
What I understand from the article is that the authors want to raise a debate in relation to ethical issues in the field of privacy and workplace ethics. Their aim is not to find quick fix solutions, as I have mentioned earlier. I believe that raising concerns on the topic under discussion is itself a great initiative. Once a discussion is started, arguments will start flowing from different directions and then it would be easy to articulate the ethics in the IT industry working environments. Though that is a continuous process and with changing technologies and working environments, these ethics will keep evolving.
The authors designed a study in which the participants were asked specific questions about the use of computer resources. Different ethical questions were raised and the participants were then asked to vote for specific solutions to these ethical issues. The questions were related to Ownership Rights and Company Rights vs Individual Rights to Privacy. The participants were free to vote or skip voting. The participants were from mixed races with more than half of the participants being male.
The results of the study suggest that the participants did believe that the use of company’s resources like emails etc. have ethical issues involved but they did not have a strong feeling. On the other hand when they were asked about their privacy and the extent to which the company can monitor them, they had strong feelings about the ethical issues related to it. It signifies that when we as humans might have our own ethical standards that apply to specifically and are in accordance to our personal interests.
The last section of the articles provide an overview of how to get people to follow codes and policies. There are two positions about setting codes. First position is that they are effective. Unethical behavior is believed to be manageable if codes and conducts are set forwards and ethical and non-ethical are clearly differentiated. Codes have proven to be effective according to those who believe they are effective. Then there are others who believe that codes are ineffective as they are vague and general. They do not have specific guidelines and are confusing.
The research study has been conducted in a systematically and the results have been shared with the readers in clear words in the form of this paper. The authors were clear in what they intended to do. They also took help from the available literature to support their research methodology and findings. I believe that this work will be useful in the field of IT related to developing codes and policies of ethics.
The only concern that I have about this research is that the study sample was specific to the participants of the conference and the sample size was very low (>60). I believe that there are many generalizations made in this study and it would need further studies that would follow the same research design but with a bigger sample size that is diverse in nature.
I would like to conclude by review by pointing out that the research study might not be perfect from each and every angle, it does open a horizon for further investigation into the issue of working place ownership and privacy. More researchers need to come forward and conduct studies to investigate the ethical dilemmas that are present in the working places related to IT. This will help organizations and individuals to understand and define ethics and develop work frames to abide by these ethics.