Information pervasiveness, along with all its benefits, brings concerns with respect to security issues. Data is no longer hidden behind the walls of companies. It does not reside only on mainframes physically isolated within an organization where all kind of physical security measures are taken to defend the data and the systems. Systems are increasingly open and interconnected, which poses new challenges for security technologies.
A number of privacy issues also arise with the proliferation of digital technologies. Personalized services such as reward programs require collection, processing, and often even distribution of personal data and sensitive information. With ubiquitous connectivity, people are increasingly using electronic technologies in business to business and business to consumer settings.
Such extensive use of information technology requires laws to protect the personal data and the deployment of ethical practices by the companies. This research paper discusses briefly the common categories of legal protection in most jurisdictions and surveys the internationally accepted privacy principles which form the basis of the law in most countries. This paper also discusses the ethical aspects and approaches to the information technology.
The term “privacy” is applied to a wide variety of issues, ranging from the use of surveillance techniques by employers and law enforcement issues to the processing of personal data in large databases.
Privacy Protection in Law
The type of laws and the level of protection may differ between countries and jurisdictions. However, few categories of legal protection can be identified in most jurisdictions. Criminal laws define the minimum level of acceptable behavior by a society. All privacy-intrusive behavior below that threshold is punishable by society like illegal wire-tapping of somebody else’s telecommunications or hacking into a computer system.
Administrative laws, such as Personal Data Protection Laws in Europe give rules and procedures for personal data protection. In some cases, the privacy intrusive behavior is only permitted when a certain protective procedure has been followed.
In most countries, legal privacy protection starts with just data security. For the member states of EU, this is a legal obligation laid down in the data protection and privacy laws. The data processors are also responsible for data protection1. The US Federal Trade Commission enforces data security as a violation of the obligation to conduct fair trade via the Fair Trade Act. In a 2005 case, the FTC found that the failure to protect financial data which were transmitted over a network after the consumers paid electronically was a violation of Fair Trade Act, as the “consumers must have the confidence that companies that possess their confidential information will handle it with due care and appropriately provide for its security.
International Privacy Principles
The most influential principles have been developed by the Organization for Economic Cooperation and Development (OECD), in which 30 developed nations work together2. With the rise of the importance of information technology in western countries and global trade, the OECD issued its guidelines on the protection of privacy and trans-border flows of personal data in 1980.
Ethical Aspect of Information Technology
Ethical analysis of security and privacy issues in information technology primarily takes place in computer ethics, which emerged in the 1980s as a field. Computer ethics analyzes the moral responsibilities of computer professionals and computer users and ethical issues in public policy for information technology development and use. The information security professionals have the professional responsibility to assure the correctness, reliability, availability, safety and security of all aspects of information and information systems. They also have a moral responsibility to maintain the confidentiality of the information. The moral responsibilities as part of their profession are reflected in the codes of ethics used by several organizations for information security. To appreciate the moral dimension of their job, and to manage with moral problem in it, they need training in information technology ethics. Training assists professionals to get clarity about rights, interests, and morality that are at risk in data security, to distinguish ethical query and problem in their work and to balance diverse moral standard in deciding such ethical issues.
The most obvious harm which occurs from Information breach is the economic loss as it can lead to software damage and service unavailability. The confidentiality of information can also be compromised by accessing, copying and disseminating it. This also violates privacy rights. All these ethical issues associated with information technology pose significant problems for organizations.
Information technology has several benefits; however these benefits are accompanied with some threats also. IT has made world borderless and its vast approach poses threat to the privacy of individuals. Data security and protection has emerged as an important aspect of information technology and every country has privacy laws protecting the information of individuals which are driven by internationally accepted principles. Along with privacy issues, organizations also deal with ethical issues in data security.
Bynum, T. (2003). Computer Ethics and Professional Responsibility. In S. Rogerson, Introductory Text and Readings. Blackwell.
OECD. (1980). Guidelines on the protection of privacy and transborder flows of personal data. Retrieved Oct 07, 2011, from http://www,oecd.org/document/80/0,2340,en_2649_34255_1815186_1_1_1_1 , 00%.html
Tavani, H. (2004). Ethics and Technology: Ethical Issues in an Age of Information and Communication Technology. Wiley.