Computer Laws
Mansoor (2008) defined computer ethics as a category of professional ethics similar to medical, legal, teaching and accounting ethics. It is based on an individual’s behavior which on the whole can be either secretive or undisclosed and cannot be measured. Computer ethics is based on facts, conceptualizations, policies and values related to constantly changing computer technology and people’s attitudes. The core issues in computer ethics are: (1) direct risks to users; (2) privacy; (3) reliability; and (4) responsibility (Mansoor, 2008). Some scholars argue that ethics precede laws, or that laws are often formulated based on existing ethical thinking (Manjikian, 2018). History shows us that old civilizations understood what constituted justice, fairness and acceptable retribution which was codified into laws.
Computer laws are rules that mandate or prohibit certain behavior, they are drawn from ethics, which define socially acceptable behaviors. The key difference between laws and ethics is that laws carry the authority of a governing body, and ethics do not (Kizza, 2007). Ethics instead are based on cultural mores. There are different types of computer laws at the state level, national level and internationally. For example, the Council of Europe drafted the European Council Cyber-Crime Convention which empowers an international task force to oversee a range of internet security functions. In the United States compliance with various laws is expected for companies operating in different sectors. Some of the laws include the Health Insurance Portability and Accountability Act (HIPAA) passed in 1996. It ensures that health information data is protected. The Children’s Internet Protection Act (CIPA) passed in 2000 it designed to limit access to offensive content from school and library computers. Schools are required to block or filter internet access to pictures that are obscene, child pornography and harmful to minors (Gibson, 2015).
Computer Policies
Companies operate within a complex combination of laws, regulations, requirements, competitors, and partners. Within this environment, organizations must publish overall statements and directives through policies and their supporting elements such as standards, procedures, baselines, and guidelines (Kim & Solomon, 2012). The computer policy sets the organization’s tone and culture. Computer security policies document management’s goals and objectives. They explain the organization’s security needs and their commitment to meeting those needs. Policies nonetheless are not of much value if they are not read, available, enforced, and updated (Gibson, 2015).
Anyone proposing a computer ethics policy must be aware that users do not all approach computer ethics the same way. The two most important splits are between power users and utilitarian users, and between the “old world” and “new world” approaches to computer policies. Utilitarian users view computers only as tools they use to do their work, but their technical skills and mission are something other than computers. Power users consider their computer expertise an important part of their life (Covington, 1995). Power users and utilitarian users often come down on opposite sides of controversies. Generally, utilitarians favor restrictions to allocate resources more fairly, while power users want no limits. Computer policymakers tend to listen more to power users resulting in a biased perspective. Different types of computer policies exist within organizations and some include, Acceptable use, E-mail use, wireless use, Antivirus, firewall, interconnection, and extranet (Kim & Solomon, 2012).
Confidentiality and Privacy
Privacy is what allows an individual to keep information or data secret or confidential and to decide with whom to share secrets and under what conditions (Manjikian, 2018). Therefore, privacy covers issues to do with rights to one’s body, rights to personal property, and rights to one’s information or data that is generated by or about you. Four types of privacy have been identified and these are physical privacy, decision privacy, mental privacy, and information privacy. Confidentiality means guarding information from everyone except those with rights to it. Confidential information includes the following, 1) private data of individuals, 2) intellectual property of businesses, and 3) national security for countries and governments (Kim & Solomon, 2012).
Ethics and Decision Making
There are four major domains that can be considered in ethical evaluation and decision making: the act, the consequences, the character of the person, and the motive. Ethical theories attempt to define moral principles to guide conduct. Two major types of ethical systems have dominated modern thought concerning ethics, one where the focus is on the act, the other where the focus is on the consequences (Manjikian, 2018). The two ethical systems are deontology and Utilitarianism. However, virtue ethics has reemerged as a major ethical theory because of dissatisfaction with the other two ethical systems. While each system has validity, something is lacking in each. Deontological systems have the problem that good results do not necessarily result from good acts. These systems “seem right in their emphasis on the importance of rules and the principle of justice but tend to become rigid or to lose focus on the central purposes of morality” (Aaron & Brannan, 2013). Utilitarianism seems to catch the spirit of morality (human flourishing and the amelioration of suffering) but undercuts justice in a way that is counterintuitive.
Fraud
Fraud is a complex philosophy composed of two opposing thoughts. The first is that fraud definitions defer cross cultures but are universal. This espouses the belief that most people can recognize fraud for what it is, and most people generally agree that a certain fraud is a fraud (Watson, 2015). The second thought is that fraud cannot ultimately be understood apart
from the cultural context in which it occurs, and generalizations must refer to the culture and subjective values of those who define it. Fraud can be defined as any crime which uses deception as its principal mode of operation (Button, Lewis, Shepherd, & Brooks, 2015). Even though it is hard to define, fraud can be committed 1) by false representation 2) by failing to disclose information and 3) by abuse of position.
Governance
Many systems of governance exist but all systems are concerned primarily with managing organizations and associations. Therefore, they focus on political authority and institutional governance. Governance in this particular sense implies formal political institutions that aim to coordinate and control interdependent social relations and that have the ability to enforce decisions (Crowther & Seifi, 2017). Increasingly, however, in a globalized world, the term governance is being used to describe the regulation of interdependent relations in the absence of overarching political authority, such as in the international system, in other words, governance and regulation are becoming treated as synonymous (Crowther & Seifi, 2017).
Patent and Copyright Laws
A patent is defined as an exclusive right granted for an invention (a product or process that provides a new way of doing something or offers new technical solution to a problem) (Manjikian, 2018). It lasts for a specific time period and is specific to a geographic area. It compels the inventor to publicly disclose his process or product specifications through filing a patent (Li & Yi, 2017). Copyright is granted for artistic products and can be given to the creator and can also be passed on to his or her heirs. Copyright products include novels, plays, music, and photographs (Manjikian, 2018).
Since the beginning of this class, have your views on ethical computer security changed?
My views have not necessarily changed, instead, they have been strengthened by reaffirming my ethical viewpoints from a detailed academic standpoint. Every human being has an inherent understanding of ethics but some choose not to behave in an ethical manner. Virtue ethics looks at which position is in line with or best expresses one’s values and character. Utilitarian ethics focuses on which position gives the greatest positive utility and produce the fewest negative consequences. Finally, deontological ethics looks at who will be affected by a decision (Manjikian, 2018). Therefore, different people will have different ethical outcomes depending on the approach they use.
References
Aaron, G., & Brannan, D. (2013). Ethical decision-making for homeland security. Naval Postgraduate School. Retrieved from https://calhoun.nps.edu/bitstream/handle/10945/37684/13Sep_Nelson_Aaron.pdf?sequence=1&isAllowed=y
Button, M., Lewis, C., Shepherd, D., & Brooks, G. (2015). Fraud in overseas aid and the challenge of measurement. Journal of Financial Crime, 22(2). https://doi.org/10.1108/MBE-09-2016-0047
Covington, M. A. (1995). Design and implementation of a campus computer ethics policy. Internet Research, 5(4). https://doi.org/10.1108/EUM0000000006758
Crowther, D., & Seifi, S. (2017). Modern organisational governance: re-examining governance: the evidence. Modern Organisational Governance. https://doi.org/10.1108/MBE-09-2016-0047
Gibson, D. (2015). Managing risk in information systems. Burlington, MA: Jones & Bartlett Learning.
Kim, D., & Solomon, M. G. (2012). Fundamentals of Information Systems Security. Sudbury, MA: Jones & Bartlett Learning.
Kizza, J. M. (2007). Computer network security and cyber ethics. Libraries and the academy (4th ed.). Jefferson, NC: McFarland & Company, Inc.
Li, F., & Yi, Z. (2017). Counterfeiting and piracy in supply chain management: theoretical studies. Journal of Business & Industrial Marketing, 32(1). https://doi.org/10.1108/JBIM-09-2015-0171
Manjikian, M. (2018). Cybersecurity ethics an introduction. New York, NY: Routledge.
Mansoor, A. A. (2008). Computer ethics for the computer professional from an Islamic point of view. Journal of Information, Communication and Ethics in Society, 6(1). https://doi.org/10.1108/JICES-07-2013-0021
Watson, D. M. (2015). Cultural dynamics of corporate fraud. Cross Cultural Management, 10(1). Retrieved from https://doi.org/10.1108/13527600310797522
