Ethics / Privacy

Orfalea College of BusinessBus 494Small Business Information Systems

Professor Barry Floyd

Agenda

Definitions Factors that determine how you decide

ethical issues

Definitions

EthicsPrinciples and standards that guide our

behavior toward other people

Two factors

Basic ethical structure – developed as you grew

Set of practical circumstances involved in the decision

Influences

Consequences How much or how little benefit or harm will come from a particular decision

Society’s opinion What is your perception of what society really thinks of your intended action

Likelihood of effect What is the probability of the harm or benefit that will occur if you take action

Time to consequences What length of time will it take for the benefit or harm to take effect

Relatedness How much do you identify with the person or persons who will receive the benefit

or suffer the harm Reach of result

How many people will be affected by your action

What would you do?

You have access to the sales and customer information in a flower shop. You discover that the boyfriend of a woman you know is sending roses to three other women on a regular basis. The woman you know is on the flower list, but she believes that she’s the only woman in his romantic life. You really think that you should tell the woman. Your dilemma is that you have a professional responsibility to keep the company’s information private. However you also believe that you have a responsibility to the woman. Do you tell her?

Additional facts

The woman is your sister

Additional Facts

The man is your brother

Additional Facts

The woman is about to give the man her life savings as a down payment on a house in the belief that they will soon be married.

Additional facts

The woman is already married.

Is good ethics good business?

Article reports a study that compared business stock performance between two groups Those known for acting ethically and everyone else 6.2 per cent overall compared with 11.3 per cent for those

selected for study Note: Should act ethically even if not good for business?

http://www.ethics.org.au/things_to_read/articles_to_read/business/article_0130.shtm

Are you rewarded for acting ethically in business? Ethical Conduct Not Rewarded in Business, Say

Human Resources Professionals: Professionals Feel Growing Pressure to Compromise Standards Amid numerous recent corporate ethics violations, a survey in

April 2003 indicates that nearly half of human resource (HR) professionals believe ethical conduct is not rewarded in business today

Troubling figures show that during the last five years, HR professionals feel increasingly more pressure to compromise their organizations' ethics standards; however, they also say they personally observed significantly less misconduct in the workplace.

http://www.centeronline.org/knowledge/article.cfm?ID=2554

Are you rewarded for acting ethically in business? Twenty-four percent of HR professionals feel pressured to compromise ethics

standards all the time, fairly often, or periodically. In comparison, 13 percent indicated they felt pressured in 1997.

Forty-nine percent say that ethical conduct is not rewarded in business today. The top five pressures on HR professionals to compromise an organization's

ethical standards are (1) needing to follow the boss's directives (49 percent), (2) meeting overly aggressive business or financial objectives (48 percent), (3) helping the organization survive (40 percent), (4) meeting schedule pressures (35 percent), and (5) wanting to be a team player (27 percent).

Seventy-nine percent of respondent organizations have written ethics standards.HR professionals say that 70 percent of senior management and 72 percent of CEOs are committed to acting ethically, up slightly from 68 percent and 69 percent, respectively, in 1997.

Are you rewarded for acting ethically in business? Eighty-three percent of HR professionals indicate that employees

follow written ethics standards all the time or often. Eighty-five percent of respondents say that senior management

supports HR professionals' adherence to written ethics standards of their organizations.

Sixty-nine percent of HR respondents strongly agree or agree that HR is a primary ethics resource in the organization, but 40 percent say that HR is not part of the ethics infrastructure and is only tasked with cleaning up ethics violations.

Thirty-five percent of HR professionals often or occasionally personally observed ethics misconduct in the last 12 months, down from 53 percent in 1997.

Types of misconduct most commonly observed were misreporting of hours worked, an employee lying to a supervisor, and management lying to employees, customers, vendors, or the public.

Staying Out of the Headlines: Ensuring an Ethical Organization Two strategies

Ensuring ethical leadership Being perceived as an ethical leader requires more than

simply being an ethical person Leading by example is only effective when the example is

observable Ethical leaders make the connection between their decisions

and their values evident. Establishing ethical support systems an organization's mission, vision, and values. An

ethical organizational climate and culture rest on these three statements as their bedrock.

Motorola’s Code of Business Conduct"The Code of Business reaffirms what each Motorola

employee stands for: Doing the right thing.  Every day.  No excuses."

                                                          Ed Zander                                                         Chairman and Chief

Executive Officer Our Key Beliefs - The Way We Will Always Act

Uncompromising Integrity Constant Respect for People

http://www.motorola.com/content/0,,75-107,00.html#intro

Key Ethics Program Components A focus on ethical leadership Vision statement Values statement Code of ethics Designated ethics official Ethics task force or committee Ethics communication strategy Ethics training Ethics help line Ethical behavior — investigations, rewards, and sanctions Comprehensive system to monitor and track ethics data

http://www.centeronline.org/knowledge/article.cfm?ID=2431

Incentive ….

Organizations that have "an effective program to prevent and detect violations," as defined by the U.S. Sentencing Commission, may receive reduced legal fines for infractions.

Responsibility for maintaining privacy The responsibility of

EmployersService and information providersMailing list operators, database managers,

and other information collectorsSoftware developers IndividualsGovernments

http://www.cpsr.net/issues/privacy/epp

The Responsibilities of Employers

1. Each employer must provide clear policies regarding the privacy implications of the computing resources used in the workplace. These policies should explicitly describe: • acceptable use of electronic mail and computer

resources, including personal use; • practices that may be used to enforce these

policies, such as reading of electronic mail or scanning of hard disks;

• and penalties for non-compliance with these policies.

2. Employees should be informed of any electronic monitoring systems that might be used on workplace computers.

The Responsibilities of Service and Information Providers

1. Service providers must provide users with a clear understanding of privacy implications of the service contract. This includes: • the intended use of any information collected as part of

the subscription to an ISP, such as mailing address, phone number and credit card information

• a description of the intended use of "registration" information required by some Web sites prior to access or to downloading of information.

2. Demographic or identifying information gathered at servers that is not actively provided by the user should not be used beyond the analysis of site activity; in particular, no attempt should be made to identify individual users or to pass this information on to other parties.

The Responsibilities of Service and Information Providers

3. Demographic or identifying information gathered at servers that is not actively provided by the user should not be used beyond the analysis of site activity; in particular, no attempt should be made to identify individual users or to pass this information on to other parties.

4. Internet white pages services should use only legitimate, publicly available sources for information. For example, Usenet posts and home pages might be appropriate, while service provider customer lists would not be. These services should provide automated delete me services suitable for eliminating present and future inclusions of an individual's identifying information.

The Responsibilities of Service and Information Providers

5. Individuals should have access to a Electronic Direct Marketer's Association. This electronic counterpart to the paper-based organization would allow users to remove their names from mass electronic mailing lists.

The Responsibilities of Mailing List Operators, Database Managers, and other Information Collectors

1. Individuals should be provided with descriptions of potential uses of any personal information. These potential uses should be narrowly and clearly defined.

2. Information collected should be limited to that which is necessary for these uses, and all personal information should be accurate and up-to-date.

3. Information collectors should take appropriate technical measures to insure the protection of individual privacy.

4. Upon request, information collectors must be required to provide an individual with copies of any information that the collector may have regarding him/her. Individuals should be allowed to dispute and/or correct any inaccuracies.

The Responsibilities of Software Developers

1. Network software should provider users with the ability to take active measures to protect their privacy. These measures might include 1. support for encryption, such as PGP; 2. mailer/news-posting options that might be used to exclude

an item from automated search services; 3. and explicit notification of any cases where a user's

identity might be implicitly revealed.

The Responsibilities of Individuals

1. Network users must take appropriate and proactive measures to assure protection of their own individual privacy.

2. In particular, individuals must be willing to learn the privacy protections in software they are using, and must take responsibility for making use of the tools at their disposal.

The Responsibilities of Governments

1. Attempts at protecting individual privacy and anonymity must not be hindered by government interference or legislation.

2. Strong encryption and complete anonymity for protection of individual privacy should be available without restriction.

3. Law-enforcement efforts must not be used as a pretext for invasion of privacy rights.

4. Laws must make it clear that the use of information stored in computers and on networks should be limited to the use for which the information was collected, and should include penalties for misuse of that information by individuals, private institutions, or government agencies.

Summary

As business professionalsYou have responsibilities for acting ethicallyFor ensuring privacy

As individualsSame!