Normally this cheating would not affect her but in this chemistry class the teacher grades on a curve. If the kids do well on the test because of cheating the….
Computer Ethics and Information Systems
“Computer Ethics and Information Security” a. Introduction The consideration of computer ethics fundamentally emerged with the birth of computers. There was concern right away that computers would be used inappropriately to the detriment of society compromising information security, or that they would replace humans in many jobs, resulting in widespread job loss. Ethics- Guidelines or rules of conduct that govern our lives, work, behavior and communication in both public and private undertaking. Ethics are a set of moral principles that govern an individual or a group on what is acceptable behaviour while using a computer.
Computer ethics is a set of moral principles that govern the usage of computers. One of the common issues of computer ethics is violation of copyright issues. Duplicating copyrighted content without the author’s approval, accessing personal information of others are some of the examples that violate ethical principles. Security – is the degree of protection to safeguard a nation, union of nations, persons or person against danger, damage, loss, and crime. Security as a form of protection are structures and processes that provide or improve security as a condition.
Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction Computer Ethics- is a branch of practical philosophy which deals with how computing professionals should make decisions regarding professional and social conduct. b. Discussion Computer Ethics Ethics deals with placing a “value” on acts according to whether they are “good” or “bad”. Every society has its rules about whether certain acts are ethical or not.
These rules have been established as a result of consensus in society and are often written into laws. When computers first began to be used in society at large, the absence of ethical standards about their use and related issues caused some problems. However, as their use became widespread in every facet of our lives, discussions in computer ethics resulted in some kind of a consensus. Today, many of these rules have been formulated as laws, either national or international. Computer crimes and computer fraud are now common terms. There are laws against them, and veryone is responsible for knowing what constitutes computer crime and computer fraud. The Ten Commandments of computer ethics have been defined by the Computer Ethics Institute. Here is our interpretation of them: 1) Thou shalt not use a computer to harm other people: If it is unethical to harm people by making a bomb, for example, it is equally bad to write a program that handles the timing of the bomb. Or, to put it more simply, if it is bad to steal and destroy other people’s books and notebooks, it is equally bad to access and destroy their files. ) Thou shalt not interfere with other people’s computer work: Computer viruses are small programs that disrupt other people’s computer work by destroying their files, taking huge amounts of computer time or memory, or by simply displaying annoying messages. Generating and consciously spreading computer viruses is unethical. 3) Thou shalt not snoop around in other people’s files: Reading other people’s e-mail messages is as bad as opening and reading their letters: This is invading their privacy. Obtaining other people’s non-public files should be judged the same way as breaking into their rooms and stealing their documents.
Text documents on the Internet may be protected by encryption. 4) Thou shalt not use a computer to steal: Using a computer to break into the accounts of a company or a bank and transferring money should be judged the same way as robbery. It is illegal and there are strict laws against it. 5) Thou shalt not use a computer to bear false witness: The Internet can spread untruth as fast as it can spread truth. Putting out false “information” to the world is bad. For instance, spreading false rumors about a person or false propaganda about historical events is wrong. ) Thou shalt not use or copy software for which you have not paid: Software is an intellectual product. In that way, it is like a book: Obtaining illegal copies of copyrighted software is as bad as photocopying a copyrighted book. There are laws against both. Information about the copyright owner can be embedded by a process called watermarking into pictures in the digital format. 7) Thou shalt not use other people’s computer resources without authorization: Multiuser systems use user id’s and passwords to enforce their memory and time allocations, and to safeguard information.
You should not try to bypass this authorization system. Hacking a system to break and bypass the authorization is unethical. 8) Thou shalt not appropriate other people’s intellectual output: For example, the programs you write for the projects assigned in this course are your own intellectual output. Copying somebody else’s program without proper authorization is software piracy and is unethical. Intellectual property is a form of ownership, and may be protected by copyright laws. ) Thou shalt think about the social consequences of the program you write: You have to think about computer issues in a more general social framework: Can the program you write be used in a way that is harmful to society? For example, if you are working for an animation house, and are producing animated films for children, you are responsible for their contents. Do the animations include scenes that can be harmful to children? In the United States, the Communications Decency Act was an attempt by lawmakers to ban certain types of content from Internet websites to protect young children from harmful material.
That law was struck down because it violated the free speech principles in that country’s constitution. The discussion, of course, is going on. 10) Thou shalt use a computer in ways that show consideration and respect: Just like public buses or banks, people using computer communications systems may find themselves in situations where there is some form of queuing and you have to wait for your turn and generally be nice to other people in the environment. The fact that you cannot see the people you are interacting with does not mean that you can be rude to them. Ethical Issues :- •Computers in the Workplace Computer Crime • Privacy and Anonymity • Intellectual Property •Professional Responsibility •Globalization Computers in the Workplace. Computers can pose a threat to jobs as people feel they may be replaced by them. However, the computer industry already has generated a wide variety of new jobs. When computers do not eliminate a job, they can radically alter it. In addition to job security concerns, another workplace concern is health and safety. It is a computer ethics issue to consider how computers impact health and job satisfaction when information technology is introduced into a workplace.
Computer Crime. With the proliferation of computer viruses, spyware, phishing and fraud schemes, and hacking activity from every location in the world, computer crime and security are certainly topics of concern when discussing computer ethics. Besides outsiders, or hackers, many computer crimes, such as embezzlement or planting of logic bombs, are committed by trusted personnel who have authorization to use company computer systems. Privacy and Anonymity. One of the earliest computer ethics topics to arouse public interest was privacy.
The ease and efficiency with which computers and networks can be used to gather, store, search, compare, retrieve, and share personal information make computer technology especially threatening to anyone who wishes to keep personal information out of the public domain or out of the hands of those who are perceived as potential threats. The variety of privacy-related issues generated by computer technology has led to reexamination of the concept of privacy itself. Intellectual Property. One of the more controversial areas of computer ethics concerns the intellectual property rights connected with software ownership.
Some people, like Richard Stallman, who started the Free Software Foundation, believe that software ownership should not be allowed at all. He claims that all information should be free, and all programs should be available for copying, studying, and modifying by anyone who wishes to do so. Others, such as Deborah Johnson, argue that software companies or programmers would not invest weeks and months of work and significant funds in the development of software if they could not get the investment back in the form of license fees or sales.
Professional Responsibility and Globalization. Global networks such as the Internet and conglomerates of business-to-business network connections are connecting people and information worldwide. Such globalization issues that include ethics considerations include: •Global laws •Global business •Global education •Global information flows •Information-rich and information-poor nations •Information interpretation The gap between rich and poor nations, and between rich and poor citizens in industrialized countries, is very wide.
As educational opportunities, business and employment opportunities, medical services, and many other necessities of life move more and more into cyberspace, gaps between the rich and the poor may become even worse, leading to new ethical considerations. Common Computer Ethics Fallacies Although computer education is starting to be incorporated in lower grades in elementary schools, the lack of early computer education for most current adults led to several documented generally accepted fallacies that apply to nearly all computer users.
As technology advances, these fallacies will change; new ones will arise, and some of the original fallacies will no longer exist as children learn at an earlier age about computer use, risks, security, and other associated information. There are more than described here, but Peter S. Tippett identified the following computer ethics fallacies, which have been widely discussed and generally accepted as being representative of the most common. The Computer Game Fallacy. Computer users tend to think that computers will generally prevent them from cheating and doing wrong.
Programmers particularly believe that an error in programming syntax will prevent it from working, so that if a software program does indeed work, then it must be working correctly and preventing bad things or mistakes from happening. Even computer users in general have gotten the message that computers work with exacting accuracy and will not allow actions that should not occur. Of course, what computer users often do not consider is that although the computer operates under very strict rules, the software programs are written by humans and are just as susceptible to allowing bad things to happen as people often are in their own lives.
Along with this, there is also the perception that a person can do something with a computer without being caught, so that if what is being done is not permissible, the computer should somehow prevent them from doing it. The Law-Abiding Citizen Fallacy. Laws provide guidance for many things, including computer use. Sometimes users confuse what is legal with regard to computer use with what is reasonable behavior for using computers. Laws basically define the minimum standard about which actions can be reasonably judged, but such laws also call for individual judgment.
Computer users often do not realize they also have a responsibility to consider the ramifications of their actions and to behave accordingly. The Shatterproof Fallacy. Many, if not most, computer users believe that they can do little harm accidentally with a computer beyond perhaps erasing or messing up a file. However, computers are tools that can harm, even if computer users are unaware of the fact that their computer actions have actually hurt someone else in some way. For example, sending an email flame to a large group of recipients is the same as publicly humiliating them.
Most people realize that they could be sued for libel for making such statements in a physical public forum, but may not realize they are also responsible for what they communicate and for their words and accusations on the Internet. As another example, forwarding e-mail without permission of the author can lead to harm or embarrassment if the original sender was communicating privately without expectation of his message being seen by any others. Also, using e-mail to stalk someone, to send spam, and to harass or offend the recipient in some way also are harmful uses of computers.
Software piracy is yet another example of using computers to, in effect, hurt others. Generally, the shatterproof fallacy is the belief that what a person does with a computer can do minimal harm, and only affects perhaps a few files on the computer itself; it is not considering the impact of actions before doing them. The Candy-from-a-Baby Fallacy. Illegal and unethical activity, such as software piracy and plagiarism, are very easy to do with a computer. However, just because it is easy does not mean that it is right.
Because of the ease with which computers can make copies, it is likely almost every computer user has committed software piracy of one form or another. The Software Publisher’s Association (SPA) and Business Software Alliance (BSA) studies reveal software piracy costs companies multibillions of dollars. Copying a retail software package without paying for it is theft. Just because doing something wrong with a computer is easy does not mean it is ethical, legal, or acceptable. The Hacker’s Fallacy.
Numerous reports and publications of the commonly accepted hacker belief is that it is acceptable to do anything with a computer as long as the motivation is to learn and not to gain or make a profit from such activities. This so-called hacker ethic is explored in more depth in the following section. The Free Information Fallacy. A somewhat curious opinion of many is the notion that information “wants to be free,” as mentioned earlier. It is suggested that this fallacy emerged from the fact that it is so easy to copy digital information and to distribute it widely.
However, this line of thinking completely ignores the fact the copying and distribution of data is completely under the control and whim of the people who do it, and to a great extent, the people who allow it to happen. Hacking and Hacktivism Hacking is an ambivalent term, most commonly perceived as being part of criminal activities. However, hacking has been used to describe the work of individuals who have been associated with the open-source movement. Many of the developments in information technology have resulted from what has typically been considered as hacking activities.
Manuel Castells considers hacker culture as the “informationalism” that incubates technological breakthrough, identifying hackers as the actors in the transition from an academically and institutionally constructed milieu of innovation to the emergence of self-organizing networks transcending organizational control. A hacker was originally a person who sought to understand computers as thoroughly as possible. Soon hacking came to be associated with phreaking, breaking into phone networks to make free phone calls, which is clearly illegal.
The Hacker Ethic. The idea of a hacker ethic originates in the activities of the original hackers at MIT and Stanford in the 1950s and 1960s. Stephen Levy outlined the so-called hacker ethic as follows: 1. Access to computers should be unlimited and total. 2. All information should be free. 3. Authority should be mistrusted and decentralization promoted. 4. Hackers should be judged solely by their skills at hacking, rather than by race, class, age, gender, or position. 5. Computers can be used to create art and beauty. . Computers can change your life for the better. The hacker ethic has three main functions: 1. It promotes the belief of individual activity over any form of corporate authority or system of ideals. 2. It supports a completely free-market approach to the exchange of and access to information. 3. It promotes the belief that computers can have a beneficial and life-changing effect. Such ideas are in conflict with a wide range of computer professionals’ various codes of ethics. Ethics Codes of Conduct and Resources
Several organizations and groups have defined the computer ethics their members should observe and practice. In fact, most professional organizations have adopted a code of ethics, a large percentage of which address how to handle information. To provide the ethics of all professional organizations related to computer use would fill a large book. The following are provided to give you an opportunity to compare similarities between the codes and, most interestingly, to note the differences and sometimes contradictions in the codes followed by the various diverse groups. Information Security
Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction Information Security Attributes: or qualities, i. e. , Confidentiality, Integrity and Availability (CIA). Information Systems are decomposed in three main portions, hardware, software and communications with the purpose to help identify and apply information security industry standards, as mechanisms of protection and prevention, at three levels or layers: physical, personal and organizational.
Essentially, procedures or policies are implemented to tell people (administrators, users and operators)how to use products to ensure information security within the organizations. Confidentiality Confidentiality is the term used to prevent the disclosure of information to unauthorized individuals or systems. For example, a credit card transaction on the Internet requires the credit card number to be transmitted from the buyer to the merchant and from the merchant to a transaction processing network.
The system attempts to enforce confidentiality by encrypting the card number during transmission, by limiting the places where it might appear (in databases, log files, backups, printed receipts, and so on), and by restricting access to the places where it is stored. If an unauthorized party obtains the card number in any way, a breach of confidentiality has occurred. Confidentiality is necessary (but not sufficient) for maintaining the privacy of the people whose personal information a system holds.  Integrity
In information security, integrity means that data cannot be modified undetectably.  This is not the same thing as referential integrity in databases, although it can be viewed as a special case of Consistency as understood in the classic ACID model of transaction processing. Integrity is violated when a message is actively modified in transit. Information security systems typically provide message integrity in addition to data confidentiality. Accessibility For any information system to serve its purpose, the information must be available when it is needed.
This means that the computing systems used to store and process the information, the security controls used to protect it, and the communication channels used to access it must be functioning correctly. High availability systems aim to remain available at all times, preventing service disruptions due to power outages, hardware failures, and system upgrades. Ensuring availability also involves preventing denial-of-service attacks. Authenticity In computing, e-Business, and information security, it is necessary to ensure that the data, transactions, communications or documents (electronic or physical) are genuine.
It is also important for authenticity to validate that both parties involved are who they claim they are. Non-repudiation In law, non-repudiation implies one’s intention to fulfill their obligations to a contract. It also implies that one party of a transaction cannot deny having received a transaction nor can the other party deny having sent a transaction. Electronic commerce uses technology such as digital signatures and public key encryption to establish authenticity and non-repudiation. c. Conclusion
Impact of Computer Ethics on Information Security The relationship between information security and computer ethics does not look, on the surface, readily obvious, and even appears remote. It is, however, credible. Culture, customs, trust and privacy that characterize security fall within the realm of ethics. Computer ethics alert information security management to ethical considerations and warn potential offenders of ethical consequences in situations where the technical tools or the legal measures fail.
In these cases, an ethical decision may be helpful in bringing about a solution. Furthermore, this conclusion is consistent with the following premises with respect to technical controls, computer laws and computer ethics: •Premise 1: The information security management community has applied control tools to meet the information security objectives of safeguarding confidentiality against unauthorized access, upholding integrity and maintaining availability. However, detecting computer crime is difficult, because the act is either traceless or difficult to trace.
Quantifying the damage is problematic since the victims all too often withhold reporting the crime for reasons including fear of recrimination and bad publicity. 8 Therefore, the technical control tools are ineffective, with respect to legal issues. •Premise 2: Computer laws have been enacted in various nations at an ever-increasing rate since the late 1980s, when business and the society at large were forced to face the magnitude and severity of damage not experienced prior to computer crimes. There has been a dramatic increase in specialized legislation to combat criminal behaviors related to computer crime, which include traditional crimes committed with the use of a computer and a variety of new, technologyspecific criminal behaviors spawned by the rapid emergence of computer technologies and the exponential expansion of the Internet. 10 However, despite the additional new laws, prosecution is deterred because the legal proceeding is a tardy, time-consuming and expensive process, even when there are well-justified intentions to proceed with legal action.
Also, legislation always lags behind the event such that either no appropriate laws are found or the new law is too late for the case in hand. Hence, computer laws are at best a deterrent to computer crime, not a guardian of information. •Premise 3: Computer ethicists assert, on the one hand, that special ethical issues are raised because computers are special technology, and query, on the other hand, why there should be computer ethics since, for example, there is no such thing as telephone ethics even though the telephone is a special technology that makes a profound change on the way individuals communicate with others. 1 However, information security is worthy of ethical consideration as many decisions in information technology affect a wide range of stakeholders. National and international computer societies have promoted codes of ethical practice and even written these codes into their constitutions. As technology advances, computers continue to have a greater impact on society.
Therefore, computer ethics promotes the discussion of how much influence computers should have in areas such as information security, artificial intelligence and human communication. As the world of computers evolves, computer ethics continues to create ethical standards that address new issues raised by new technologies. Reference http://www. isaca. org/Journal http://plato. stanford. edu/entries/ethics-computer/ http://www. cmpe. boun. edu. tr/~say/c150/intro/lit10. html