INFORMATION TECHNOLOGY AND ETHICS: AN EXPLORATORY ...

Download PDF
4 downloads 9542 Views 671KB Size Report
Comment
INFORMATION TECHNOLOGY AND ETHICS: ... social agenti, our focus is on individual computer ... the attitudes of the computer user who experiences.
INFORMATION TECHNOLOGY AND ETHICS: AN EXPLORATORY FACTOR ANALYSIS Sue Conger Southern Methodist University Dallas, TX Karen D. Lmch Geor~:~:: Unwrsity * B. Loerinc Helft Baruch College, CUNY New York, NY

INTRODUCTION Ethical diIemmas are situations in which a decision results in unpleasant consequences. The unpleasant consequences are treated as a zero-sum game in which someone always loses (Kahn, 1990; Moore, 1912). Introducing information technology (IT) to a situation makes the recognition of a potential loser more abstract and difficult to identify, thus an ethical dilemma may go unrecognized. The computer mediates the human relationship which causes a lost sense of contact with a person at the other end of the computer connection. In 1986, Richard O. Mason published an essay identifying privacy, accuracy, property, and access (PAPA) as the four main ethical issues of the information age. Anecdotes for each issue describe the injured party’s perspective to identify consequences resulting from unethical use of information and information technology (Mason, 1986). This research sought to validate Mason’s social issues empirically, but with distinct differences. Mason defined issues to raise awareness and initiate debate on the need for a social agenti, our focus is on individual computer users and the attitudes they hold about ethical behavior in computer use. This study examined the attitudes of the computer user who experiences dilemma to determine the extent to the ethical which ethical components are recognized, and whether Mason’s issues form recognizable constructs. Permission to copy without fee all or part of this material is granted provided that the copies are not made or distributed for direct commercial advantage, the ACM copyright notice and the title of the publication and its date appear,, and notice is given that copying is by permission of the Association of Computing Machinery. To copy otherwise, or to republish, requires a fee 2n~lfir =mcific ~ermission. Ethics in Computer Age, GatIinburg,TN USA @ 1994 ACM 0-89791-644-11941001 1...$3.50

BACKGROUND The four issues of interest in this research PAPA, have been the focus of single-issue research. Privacy is a legal and social concept referring to protection of personal affects and information. Privacy is defined as the individual control over disclosure and use of personal information (Culnan, 1993). Electronic eavesdropping, monitoring e-mail, and selling electronic customer identification information might all be construed as transgressions against privacy (Laudon, 1993). The use of computers to screen job applicants from databases of arrested people or those having AIDS screening tests are documented and clearly unethical uses of data that transgress the privacy of people whose data are in the databases (Miller, 1991, Straub & Collins, 1990). Privacy issues deal with the stakeholders who cw lose or gain by a lack of privacy. Information system accuracy is the completeness and correctness of data in a database, processing algorithms in a program, or relating to an work papers and documentation application development project. Accuracy has been defined as an issue in codes of ethics (ACM, 1992) while other discussions of harmful inaccuracy incIude incorrect reporting of credit histones, usage of data taken out of context, or development of applications with inadequate controls, (Mason, 1986; Parker, 1979). Property is an object to which an owner has controlling rights. Some types of property include software, intellectual property, such as design ideas, and intangible assets such as idle computer resources. An issue relating to property is access. According to the dictionary, access is a means of approaching, entering, exiting, or making a passage. In the context of ethical use of

computers, unethical access is the unauthorized, unnecessary use of the ‘access passage’ to read, copy or otherwise make use of databases, programs, or other computer resources. Access issues include stakeholdem and circumstances of the access transgressions. To summarize, Mason’s four factors of privacy, accuracy, property and access generate numerous situations that may result in ethical dilemmas. The issues were used to develop the research instrument. Therefore, identification of tie basic attitude constructs relating to ethical use of information technology resources was the goal of this research.

Cronbach’s ~pha. The t-tests were used to perform pairwise comptison between the two university groups. There were no significant differences in mean responses between groups which were aggmgatcd for the remaining analysis. Factor analysis was the principle method of analysis used to identify ethical attitudes. Cronbach’s alpha was used to confm the strength of the intra-factor relationships. RESULTS All questionnaire items had a significant number of respondents indicating ethical content with the highest rating of ‘not an issue’ on a single item with 18 of 79 responses. The ethical content ratings were all significant at the p4001 level. Therefore, the f~st test, that issues existed, was passed. The factor analysis identified twelve factors explaining 84% of the total variance in survey items. The 12 factors were based on 16 scenarios comprised of 51 items. Inter-factor correlations were all under .30. The f~st eight factors had acceptable reliability scores of 80% and higher. The Iast four factors were somewhat unstable, with weak Cronbach’s alphas (i.e., c.70). The 12 factors were grouped to simplify discussion. The groupings sought to match Mason’s PAPA issues, but, in fact, identified five slightly different subjects: ownership (property), access, motivation, responsibility (accuracy), and privacy, respectively. Mason’s issues are in parentheses where they differ. Each grouping is discussed in detail, identifying the contributing factors in order of their strength. Tables are provided only for the three strongest factors. Remaining tables are available on reques~

METHODOLOGY INSTRUMENT DEVELOPMENT A scenario questionnaire was developed such that each scenkrio contained a single, PAPArelated idea, within a context, and with the respondent as the individual facing the dilemma. Two pilot tests were conducted to refine the wording of the 16 scenarios used in the final questionnaire. Each scenario asked personal attitudes toward the ethicality of one computer use or related issue. A Likert-like scale of responses was used scale anchors were not at all ethical, somewhat unethical, gray area, somewhat ethical, very ethical, or not an ethical issue. Coding of responses was 1 through 5 and 9, respectively. SAMPLE The revised instrument was administered in Summer 1992 to 83 graduate students in business policy classes in two urban universities from which 79 completed questionnaires were used in this analysis. The sample was heterogeneous, representing a cross-section of cultures, nationalities (ten countries) and business industries (12 industries). Fifty-three percent of the participants were male. Eighty-seven percent of the participants were between the ages of 28-40. Forty-four percent worked full-time with 75% reporting five years or more working experience, and all respondents reporting some work experience. Work experience was desired to increase the likelihood that respondents had experienced ethical dilemmas involving technology in the workplace. STATISTICAL

OWNERSHIP The ownership cluster includes 4 factors: 1 did computer it it’s mine, ether ownership, exploitatwn and intellectual ownership. I did it. it’s mine ownershirl The fwst factor, I did it, it’s mine, related to the taking home of application development work products as personal property and some use of those products by others. A total of nine items from two scenarios had factor loadings ranging from .41 to .84. Cronbach’s alpha for the factor was .90, indicating strong factor reliability (see Table 1). The factor explained 1190 of the total item variance. This result led to a change of Mason’s ‘property’ notion. The change shifted attention

METHODS

The statistical methods used in analysis include factor analysis and correlations, t-tests,

23

Table 1. Factor 1-1 did it, ir’s mine Results

user/system developer. The factor must be interpreted cautiously because of the very low Gonbach’s alpha reliability measure. The items explained 370 of the total sample variance. ~ntellectual “ . The intellectual ownownership factor had two items each from different scenarios relating to ownership of ideas about applications and personal use of company data. The loadings range from .48 to .67 with a Cronbach’s alpha of .56. The factor must be interpreted cautiously because of the very low Cronbach’s alpha reliability measure. The items explain 3~0 of the total sample variance.

* Item loaded on more than one factor

unech-Gray Item

ical

Taking aerwm design as own property

I

Taking sample reports as own fioperiy -

I 15 I \ 19% ~ ~ 31 [

Taking entire application ti-entation h-own Taking prOgTSIIl source cnde as‘owii properly Doing some computer aet for personat use, no financial gain Taking technicat

for non-competitor financial gain

/28% /34% [9%]

[54%/

25

\

24

11% ]

15

32% \ 30% i 19% 18 ~ 12 ] 6 23% \ 15% ! 8%

44/19110]6

/56% ~24%\ 7 9%

20 25%

13%1 7% 34

18

43%

23%

ACCESS The single access factor was best characterized as Come on In access because electronic file browsing, when not job related, was viewed as unethical by only 63% to 7390 of respondents. The factor Ioadings ranged from .45 to .91 with 10% of total item variance explained by this factor (See Table 2). The Cronbach’s alpha reliability measure was a strong .93. The access factor confirmed Mason’s notion of access and confirmed the need for access controls.

use, no

Taking user application Taking ideas about applications as own prop*

~ 19% i 22% { 39% I w.

* Item loaded on more than one factor

MOTIVATION Four factors emergd relating to motivation inhibiting or supporting different actions. The shifi of focus to motivation from Mason’s victim stakeholders more accurately reflects scenarios that project the respondent as application-developd whistle bIower or as computer-user whose actions affect different classes of stakeholders. The shift to motivation is also appropriate because behavior change must focus on the motivation of the computer user who experiences the dilemma. The factors include, Who Sujj6ers, which identifies classes of victims; Personal Motivation, which relates to rationales for creating computer Viruse$ Who Benefits Financially, which relates to companies and individuals and the resulting financial outcome; and Friends’ Benefit, which dates to using company IT rescmmes for a friend Each factor is discusscxl below. Who SUffers. The five items on this factor were all from the same scenario describing the ethicality of whistle bIowing when there is no penalty to the whistle blower. This was the third strongest factor with loadings ranging from .79 to .94 (alpha = .93, see Table 3). Who suers explained 970 of the total item variance. PersonaJ Motivation. The ftith strongest factor identified persona! motivation for a clearly

from property, an object, to ‘o wngrship’ an attribute of people who own property. factor, Ether Owners hi D. The fourth explaining 9% of item variance, referred to the notion th~t many company resources are on the ether and are public property to be used at will. Eight items from three scenarios loaded on this factor (alpha =.89). Items from the f~st scenario related to personal use of work resources that included paper clips, copy machines, and several uses of computers: ‘playing’, writing personal program, personal use of company data, and personal e-mail. The loadings for these items ranged from .51 to .85. Commter Exploitation. The computer exploitation factor represented three items from three scenarios dealing with different aspects of intellectwd ownership. The loadings ranged from .48 to .82, with Cronbach’s alpha of .52. The items of this factor include purchase of information with subject permission, expert observation that is unknown to the expert, and marketing software developed for the previous employer. This factor indicated a set of issues in intellectual ownership in which another person’s ownership is transgressed by the computer

24

Table

2. Factor 2--

Come

Item

on in

Aeeess Results

concerned the practice of companies using computers to replace employees. This factor differs from Mason who focused on the lack of accuracy rather than its cause. Individuals appear to have problems relating personal responsibility to group work which may relate to a lack of accuracy. . . e so al accountab~ Factor 11, a weak factor ~eq~iring cautious inte.~retation, identifies individuals’ difficulty in reconciling their individual and group responsibility. The factor is comprised of two items from two scenarios with factor loadings of .68 and .73 (Cronbach’s alpha =.53).

uneth- Gmy Ethical ieat

Area

Browse salary fries 63% Browse COMplllly fmcial fdes Browse employee medical fdes Browse customer fdes

2s 32%

34%

28%

Browse others’ e-mail Take computer iterns for 27 24 non-competitor use, no 34% 30%0 financial gain * -.. . . “ uem maaeuon more tnanonerector

21 27%

7 9%

unethical act: creating and testing a virus program while knowing it might become ‘alive’ if it tests successfully. The five item loadings ranged from .72 to .92 with a Cronbach’s alpha of .91; 8% of the total item variance was explained by the factor. o ene fits finan cially. The four items loading on the sixth factor - who benefits financially - all related to one scenario wfiich considered the ethicality of taking work products for different beneficiaries with the possibility of financial gain. Factor loadings ranged from .67 to .90 with a Cronbach’s alpha of .93. Seven percent (7%) of the total item variance was explained. Friend benefit~. The five items of the Friend Benefits factor all focused on the ethicality of contexts for running a program for a friend on computers at work. The item loadings ranged from .56 to .82, with a Cronbach’s alpha of .89. The factor accounted for 790 of the total item variance. RESPONSIBILllY Two factors dealt with responsibility: Factor 8, group responsibility, and Factor 11, personal accountability. The factors imply that respondents accept responsibility for personal work but do not attach personal responsibility to group work products. Grour) resDo nsibilitv. Four items from two scenarios loaded on the group responsibility factor. The loadings ranged from .60 to .90 with a Cronbach’s alpha of .81. The factor explained 6% of the item variance. Three of four items referred to the ethicality of working on a group project that is late, over budget, or buggy. The fourth item

25

PRIVACY Personal privacy is the ninth factor in loading strength and the only one in this category, with two items fi-om the same scenario about company monitoring of policy dictating business-only use of phone, e-mail, word processing and software. The factor loadings are .78 and .79, but the Cronbach’s alpha is .59, indicating weak reliability. This factor identifies a selfish perspective to the privacy issues raised by Mason. DISCUSSION This research showed that when the perspective of the person experiencing the dilemma is evaluated, the issues must also shift perspective. Access and privacy constructs were supported without change. Motivation shifted from the victim only to victims or beneficiaries. Property, an object, is shifted to focus on ownership, the disputed attribute. Accuracy, while universally held as important, shifted focus to responsibility for accuracy. Mason’s property issue identified the object of ownership, rather than the ownership stake itself as important. The results here showed that the disputed attribute that causes the dilemma is ownership rather than property. Ownership factors related to intellectual expertise, computer resources, and computer work products. Respondent attitudes on the I did it, it’s mine factor are reflected by anecdotal comments that justify actions on the basis of personal ownership. One person said, “If the company still has a copy, no one suffers, so it’s OK.” Another person said, “I did it, it’s mine as much as the company’s.” A third person, who workecl for a fompan y with strict ownership policies, said, “I signed a release to my ideas when I went to work for this

Table

3. Factor 3--

Motivation

Who syJers

restrictions on access, browsing was acceptable and “they [the company] get what they deserve.” Another respondent deseribed her experiences as an employee in a cralit card processing company, and how she routinely tracked a movie star’s buying habits. These two incidents highlight that a lack of edified policies invites browsing, and that personal curiosity is considered acceptable justitlcation for unnecessary access. This access factor again shifted the perspective away from Mason’s notions of socially responsible access for underdeveloped nations and the socially deprived toward the selfish attitude of the IT user who ‘does his thing’ without regard to the other stakeholders. Four factors relating to motivation issues identified the ethicality of actions depending on who benefits and who suffers from the computer act. This research confirmed Mason’s victims as important. stakeholders in the who sufiers factor, but also Identified possible beneficiaries from unethical acts in the who benejlts and friends benefir factors. Thus, the notion is one of motivation for acts: to avoid victimizing or to assist beneficiaries. Insight into motivation for ethical behavior is valuable for managers if they wish to influence the ethical practices of their employees. The responsibility factors showed an incredibly trusting attitude toward companies and managers. First, anecdotes on group project work were all assuming that IS managers shared the news about project lateness, budget overruns and bugs with users. Then, once a user knew, “it is no one’s responsibility’’... it was just one more management issue “to be dealt with”. Similarly, comments on a scenario that asked ethicality of workin~ on an artificial intelli~ence project with unknown consequences were “Company’s wouldn’t do something dangerous, right?” and “I’m sure if the company wants to do a system like this, they’ve probably thought it through... it’s not my place to second guess them.” Accuracy is not really an issue based on the results reported here. Rather, the emphasis shifted to who is responsible for accuracy. Respondents accepted responsibility for their own work. Acceptance of responsibility and accountability in a group setting was less clear. In the survey, a follow-up question dealt with assignment of responsibility for application development projects to users, MIS managers, project managers, systems analysis and programmers. Typical projeet participants received approximately equal

Results

Item

Whistle blow because: client customer information becomes public as result of application bug

client f~ciat

paition

becomes known as result of application

ical 11 14%

Am 13 17%

53 67%

2 2%

12 15%

11 14%

53 67%

3 4%

14 18%

10 12%

52 66%

12 15%

56 71%

~ flaw in application breaches client security, allowiin acxess user health is at risk 11% client company loses

money

9 11%

2 3%

company. They own everything I do whether at work or not, while I’m employed there.” When asked how he felt abo~t {t, the individual answered, “I go along on big things, but I keep little things, like programming techniques. Why should I have to reinvent the wheel?” There was strong feeling among respondents that computer resources are on the ‘ether’, that is, they are intangible, and a *use it or lose it’ resource that is there for the taking. For instance comments on doing sports club work included, “It’s my time, it’s none of their [the company’s] business.” When asked how the company might view this attitude, the response was “unused computer time is lost and does not cost anything, therefore it is free for the taking.” Several people commented that if the company had no policy, “they [managers in the company] do not care if people use the computer for personal work”. This fact might be disputed by company executives. The access factor showed a prevailing attitude that if access was not restricted, electronic . browsing is acceptable. Analogous situations that could be used to counter this attitude are walking into unlocked homes because they are unlocked, or reading exposed mail on another’s desk at work, but the social norms related to physical goods seem not to hold in a computer setting. In fact, IT users appear unable to analogize about their computer actions because of difficulty in identifying potential stakeholdem; they perceived no fallout fkom their actions. Several respondents commented that if a company had no policy or



26

responses when analyzing who is ‘more than half’ responsible for application accuracy with 44% (user), 46% (MIS manager), 34% (project manager), 4970 (anal yst), and 33!Z0(programmer). In this analysis, no one is clearly responsible. The highest number of responses identified the analyst, who is closest to the daily work early in the project, as the responsible person. This assignment of responsibility emphasizes the symbolic importance of the analyst as responsible for all work relating to his/her analytical work. Emphasis in organizations on responsibilities and roles in group work is important to providing a guide to group members. Policies should be clear about who is responsible for each aspect of accuracy of application development work. Privacy was the weakest of the constructs. The weakness of this factor could be due to sample size limitations, or relative unimportance of the issue to respondents, or nonmeasurement of privacy issues of importance by this questionnaire. There are two major limitations to this research. The sample size of 79, while adequate for the anticipated four factors, was small for 12 factors that resultwl. In particular, the four factors with Cronbach’s reliability scores under -.70 (Factors 9-12) need further empirical verification. Second, the scenario method, while used consistently for this type of research, is problematic. There is no camouflaging of research intention in ethical scenarios so respondents might be inclined to answer what they perceive to be the desired answers although we had no indication of this problem. Finally, even though several evaluations for internal and external validity were performed on the scenarios, interpretation across samples may not be consistent.

themselves, and only tangentially concerned with, or even aware of, other stakeholders. This lack of awareness of the stakeholder appears to stem from the mediation of technology which fosters a psychological separation of the computer user and stakeholder. This psychological distance may explain, in part, the increasing number of incidents of unethical computer usage, such as system break-ins and viruses. As this research shows, ethics of computer use is a complicated set of issues that need more investigation to better understand their complexities. BIBLIOGRAPHY

Association for Computing Machinery. \~99~~g~CM Code of Ethics, Adopted October ‘ Culnan, Mary. (1993). “How did you get my name?: An exploratory investigation of consumer attitudes toward secondary information use”, MIS Quarterly, 17(3), October, 1993, forthcoming. Kahn, William A. (1990). “Toward an agenda for business ethics research,” Academy of Management Review, 15 (2):31 1-328. Laudon, Kenneth, “Markets and Privacy”, in Proceedings of the 14th Iruernationul Conference on Information Systems (lC’IS), (DeGross, J. I., Bostrom, R. P., and Robey, D., Eds.), December 5-8, 1993, Orlando, FL, pp. 65-76.. Mason, Richard O. (1986). “Four ethical issues of the information age,” MIS Quarterly, 10 (l): 4-12. Miller, Arthur (1991). “Computers and privacy”, Ethical Issues in Information Systems. (De Joie, Roy, Fowler, George, and Paradice, David, editors), Boston, MA: Boyd & Fraser. Moore, George E. (1912). Ethics. NY: Oxford University Press. Parker, Dorm B. (1979). Ethical Conf7icts in Computer Science and Technology. NY: AFIPS Press. Straub, Detmar, and Collins, Roseanne. (1990) .’’Key information liability issues facing managers: Software piracy, proprietary databases, and individual rights to privacy,” MIS Quaflerly, 14(2):143-158.

SUMMARY Focus on the computer user as the individual who actually experiences the ethical dilemma and is forced to make a decision is crucial to identifying attitudes toward different computer usage situations if the goal is to obtain ethical behavior. This understanding then can serve as the basis for development of policies and reward and punishment structures to foster ethical use of IT resources. The five groups of ownership, access, motivation, responsibility, and privacy identified factors that can result in ethical dilemmas. The survey results showed that people were consistently egocentric and concerned for

27