Instructor's Manual, Chapter 5

Management Information Systems, Second Canadian Edition

5-1

Chapter 5 Social, Legal, and Ethical Issues in the Information Age

Teaching Objectives
Students should be able to answer the following questions: 1. What ethical, social, and political issues are raised by information systems? 2. Are there specific principles for conduct that can be used to guide decisions about ethical dilemmas? 3. Why does contemporary information technology pose challenges to the protection for individual privacy and intellectual property? 4. How have information systems affected everyday life? 5. How can organizations develop corporate policies for ethical conduct?

Key Terms
The following alphabetical list identifies the key terms discussed in this chapter. The page number for each key term is provided.
Accountability, 154 Carpal tunnel syndrome (CTS), 176 Computer abuse, 173 Computer crime, 173 Computer vision syndrome (CVS), 177 Cookie, 160 Copyright, 165 Descartes rule of change, 155 Digital divide, 175 Digital Millennium Copyright Act (DCMA), 167 Due process, 154 Ethical no free lunch rule, 155 Ethics, 150 Fair Information Practices (FIP), 158 Framing, 167 Immanuel Kant's Categorical Imperative, 155 Information rights, 151 Informed consent, 159 Intellectual property, 164 Liability, 154 Non-obvious relationship awareness (NORA), 153 Opt-in, 161 Opt-out, 161 P3P, 162 Patent, 166 Personal Information Protection and Electronic Documents Act (PIPEDA), 157 Privacy, 156 Profiling, 153 Repetitive stress injury (RSI), 176 Responsibility, 154 Risk Aversion Principle, 155 Spamming, 175 Technostress, 177 Trade secret, 164 Utilitarian Principle, 155 Web bugs, 161

Teaching Suggestions
This is an interesting, stimulating chapter to present in class. Your students will have a variety of opinions about the ethical issues presented in this chapter. The opening vignette, BT Cellnet

Copyright 2005 Pearson Education Canada Inc.

Instructor's Manual, Chapter 5

Management Information Systems, Second Canadian Edition

5-2

Tests the Waters for Spamming, is an excellent discussion vehicle. This vignette presents the issue of using a text messaging service as a marketing channel. Since most, if not all, of your students own cell phones, the situation presented in this vignette will evoke strong reactions from some individuals. To facilitate class discussion, ask your students to discuss the following questions: 1. 2. 3. 4. What is your opinion about having ads sent to your cell phone? If you were not billed for the call, would your opinion change? What ethical, social, and political issues does this situation raise? Apply the five-step ethical analysis process to the situation presented in the vignette.

Many people do not want to discuss or even think about ethical and social issues, at least not until a large scandal takes place such as the current Enron and Anderson scandals. However, the use of new technology usually presents these kinds of problems, and the truth is that the further we are from being affected by an issue, the more we are willing to take the ethical/social side. Throughout this chapter, and throughout the rest of the text, it is imperative that you raise and discuss these issues so that students can see both the positive and negative sides of technology. It is possible, for example, that if more courses and schools had addressed these issues, the current scandals may have been avoided or uncovered sooner. So raise these issues, stress their importance, and point out ways that these issues can affect the students in the long run. Another scandal just now breaking (and may not become a major public issue at this time) is the issue of stock brokers advising investors on stocks, taking positions that they would never follow themselves, or even worse, that they can quietly benefit from. This chapter allows students to wrestle with the ethical questions they have probably had since the beginning of the text. You can use the United States Postal Service as an example of how automation and computerization seem to have harmed both consumers and postal workers. The combination of zip codes and electronic sorting machines, and requiring consumers to put nine digits on their mail is not good customer service, and is an example of the misuse of information systems. It also puts enormous stress on postal workers from the pressure to mark and sort mail under time constraints. Students should see that decisions to implement such systems are not a result of managerial maliciousness. The Postal Service was under desperate pressure to reduce costs. Automation was seen as a balm for its problems. Some students see technology as a malignant force. Ask whether computers or computerbased information systems should ever be traded for workers. Students usually demur, but some will assert that never is absolutely correct. Ask students whether a company should go out of business instead of increasing its automation and use of information systems. Ask the remaining students who are still holding fast to never if they are willing to pay two to three times more for goods so workers will not lose their jobs. At this point, students are ready to see that it is competitive pressure caused by consumer unwillingness to pay higher prices that is driving the reengineering process. At this point, you can lead a discussion about the ethical ways to reengineer and use information systems. While job loss or mistreatment of workers may be your students major concern, many of them, are very concerned about the issue of privacy. Recent public uproar about decisions by both DoubleClick and Amazon to share their customers data with third parties led both companies to change their decisions and re-establish privacy guidelines to maintain their customers privacy.

Copyright 2005 Pearson Education Canada Inc.

Instructor's Manual, Chapter 5

Management Information Systems, Second Canadian Edition

5-3

Ask students to consider how much information they give away. Then ask your students if giving away so much personal information is necessary. Help your students to see the relationship between the technology they want to use and the loss of privacy. Many students give a good amount of information away on surveys and Web sites without much thought. A good example would be the sites that allow people to attempt to win a free computer, vehicle, or some other expensive item after entering what seems like very personal information, such as income. People are fighting to enter the sweepstakes. Given our supposed love of privacy, why do some people have Web cams in their homes where everyone can watch their activities? Lack of confidence in information security, widespread Internet access, and increased malicious attacks by insiders have caused significant information security losses at major Canadian companies, according to an information security survey by Information Week and Ernst & Young LLP. The study found that more than half (54 percent) of the survey's 1320 participants experienced losses due to poor information security and disaster recovery within the last two years (this was before September 11, 2001). If you add computer viruses to the mix, the number rises to 78 percent. Ask students to weigh the tradeoffs of privacy versus information needs. Students, like professors, wear two or more hats. They may say yes to information for marketing purposes, but at the same time want their privacy and their childrens privacy protected. Is this an ethical question or a constitutional one? What kinds of rules or ethics do we need to constrain such databases? Apply each of the proposed ethical rules to see if it gives an answer. With the advent of technologies such as file-sharing, ethical issues have become increasingly important to authors. The anonymity promised by services like Gnutella and FreeNET is enticing to people who wish to share music, movies, and software without compensating the creators with royalties. While in the minds of the authors there may be no question as to whether these practices fall within the law, there are many people who think otherwise, indicated by either their practice of downloading these copyrighted materials or outright appeal to existing laws that may allow for such sharing. One thing is certain; file-sharing technology, encryption, and copy protection will stay around for a long time and can only get better. Some other questions to consider are: Does the loss of privacy engender the attacks on companies information systems? Why do people try to break into systems? Why do people create viruses? What are the ethical norms? How do I balance my personal needs with the ethical norms? Who owns e-mail systems?

Window On Boxes
Window on Organizations: Privacy for Sale
Apply the guidelines for ethical analysis to the failure to protect the privacy of individuals. The MIS in Action: Manager's Toolkit presents students with a five-step process for conducting an ethical analysis. The five steps include identifying and describing clearly the facts; defining the conflict or dilemma and identifying the higher-order values involved; identifying the stakeholders; identifying the options that you can reasonably take; and identifying the potential consequences of your options.

Copyright 2005 Pearson Education Canada Inc.

Instructor's Manual, Chapter 5

Management Information Systems, Second Canadian Edition

5-4

When identifying and clearly describing the facts, the situations described in this case involve several privacy issues, and the situations, such as Yahoo!, vary in their egregiousness. First, companies collect information about their customers. Second, some companies do not have privacy policies and should have established privacy policies. Third, some companies have privacy policies, yet do not monitor their sites. Fourth, it appears that Yahoo! has backtracked on its promise to not contact its customers who have opted-out of its promotions. When defining the conflict or dilemma and identifying the higher-order values involved, students will recognize that Internet businesses want to collect information about their customers, and most of their customers do not want or are not aware of the information being collected. The higher-order values involved are the values of free enterprise and privacy. The stakeholders are the Web site visitors, customers, and the Internet businesses. Web site visitors and customers do not want data collected about them, or they at least want to know how that information will be used and who will use the data. The Internet businesses want to build sharp customer profiles, so they can build better, more efficient marketing campaigns that can be targeted toward specific customers. Several options are available. The Internet businesses should develop privacy policies and enable their Web site visitors and customers to either opt-in or opt-out of the personal information collection process. Web surfers should also be aware of how cookies are stored and also set their browser security and privacy settings to help avoid the unintentional disclosure of personal information. Web surfers could also use privacy protection software to help them anonymously surf the Web. If Internet businesses establish privacy policies and then adhere to their policies, customers may feel more comfortable visiting the Web sites. If a company is not able to gather information about its customers and build sharp, detailed profiles, it will not be able to efficiently market its products and services, and prices may increase. On the basis of this analysis, what legal or business steps do you think should be taken to better protect the privacy of customers using the Internet? While student answers will vary, most will suggest that we need laws to regulate data collection in the private sector. Some students may suggest the need for due process and may suggest that a regulating agency be established.

Window on Management: Alberta Narrows Its Digital Divide

Evaluate the SuperNet approach to narrowing the digital divide. Could this approach be used in other provinces, states, and countries? Explain your answer. SuperNet is a project devised by the Alberta government to provide high-speed residential Internet access to its rural communities. SuperNet provides rural access at very competitive prices. Besides providing its residents and businesses with reliable, fast access, the project also encouraged economic activity. Other provinces, states, and countries could use an approach similar to SuperNet to subsidize Internet access and thus reduce the digital divide. Suggest other ways governments might help solve the digital divide problem.

Copyright 2005 Pearson Education Canada Inc.

Instructor's Manual, Chapter 5

Management Information Systems, Second Canadian Edition

5-5

Student answers to this question will vary. The SuperNet project is a positive step that the Alberta government is taking to provide equal access. Some students may mention that Internet access can be made available through educational institutions and public libraries. However, an inequitable distribution still exists. Some students may suggest providing subsidies to special interest groups or perhaps giving free service to qualifying individuals or businesses.

For Discussion Questions

1. Should producers of software-based services, such as ATMs, be held liable for economic injuries suffered when their systems fail? If a system fails, it is foreseeable that the producers of the software-based services could potentially be held liable for economic injuries. This could even extend to systems that have been managed poorly and implemented unsuccessfully. They, too, have the potential to impact the company's bottom line and subject producers of software-based services to liability. While the general rule is that they cannot be held liable for matters beyond their knowledge or control, this defense many not be available in some software guideline compliance programs. Thus, producers of software-based services need to be aware of and involved in the software compliance program. In addition, software vendors may face liability if they fail to advise licensees of latent problems in their software. Software compliance is also an issue to be considered in due diligence conducted by any company involved, directly or indirectly, in investing or making loans to businesses with computer systems. Financial advisors, in particular, may be held liable even if they are unaware that a company is not in compliance when making financial recommendations. In connection with mergers or acquisitions of companies using date-sensitive software (as almost all are), software compliance is also a factor in due diligence. Basically, software compliance raises technical, contractual, and managerial issues. For a complete solution, the strategies for responding to them must be handled on a coordinated basis. 2. Should companies be responsible for unemployment caused by their information systems? Why or why not? Student answers for this question will vary, as will their discussion of the ethics of various issues in information systems, including social responsibility, environmental protection, privacy, individual rights, occupational safety and health, product liability, equality of opportunity, and the morality of capitalism. This question provides an excellent opportunity for students to discuss American economist, Milton Friedmans (Nobel Prize for economics, 1976, currently, senior research fellow at the Hoover Institution at Stanford University) famous statement that a business is in business to: maximize shareholder wealth. Ask your students to discuss the following questions. What is the corporation? Do corporations, and more particularly the managers who represent them, have any responsibilities beyond seeking to maximize shareholder wealth? Is the term business ethics an oxymoron? What is the source of moral truth? These and other related questions provide the grist for the answer to this question.

Copyright 2005 Pearson Education Canada Inc.

Instructor's Manual, Chapter 5

Management Information Systems, Second Canadian Edition

5-6

Review Questions
1. In what ways are ethical, social, and political issues connected? Give some examples. Ethics refers to principles of right and wrong which individuals use to guide their behaviour. Individuals act within a social environment that, in turn, exists within a political environment. Ethical dilemmas are problems that affect society and that often are addressed in the political arena. For example, new computer technology makes it easier to gain private information about individuals, creating an ethical dilemma for the potential user of that information (whether or not to invade the privacy of the individual). Society will respond by demanding new laws to regulate the use of data. Students will be able to give a range of examples of this connection. 2. What are the key technological trends that heighten ethical concerns? Table 5-1 identifies the four key technology trends. These trends include computer power doubling every 18 months, the rapid decline in data storage costs, data analysis advances, and networking advances and the Internet. The doubling of computing power every 18 months is creating a growing dependence on systems and a consequent vulnerability to system errors, poor data quality, and failure of critical systems. Advances in data storage techniques and rapidly declining storage costs provide for massive data storage capabilities on individual systems and enable the routine violation of individual privacy. Advances in datamining techniques for large databases allow those who are able to dominate supercomputing capacity (large businesses and governments) to increase their power over individuals through the analysis of massive amounts of data about individuals. Advances in telecommunications infrastructure allow the movement of massive amounts of data at greatly reduced cost, permitting the duplication and use of data and, as a result, the invasion of privacy on a scale and precision unimaginable to us now. 3. What are the differences between responsibility, accountability, and liability? Responsibility means that you accept the potential costs, duties, and obligations for the decisions you make. Accountability is a feature of systems and social institutions that allows the determination of who is responsible. Liability is a feature of political systems that permits individuals to recover damages done to them by responsible individuals or organizations. 4. What are the five steps in an ethical analysis? The five steps in an ethical analysis are outlined in the Manager's Toolkit. The five steps include (1) identify and describe clearly the facts; (2) define the conflict or dilemma and identify the higher order values involved; (3) identify the stakeholders; (4) identify the options you can reasonably take, and (5) identify the potential consequences of your options.

Copyright 2005 Pearson Education Canada Inc.

Instructor's Manual, Chapter 5

Management Information Systems, Second Canadian Edition

5-7

5. Identify and describe six ethical principles. The six ethical principles include the golden rule, Immanuel Kant's Categorical Imperative, Descartes' rule of change, the Utilitarian Principle, the Risk Aversion Principle, and the ethical "no free lunch" rule. The Golden Rule suggests doing unto others as you would have them do unto you. Kant's Categorical Imperative suggests that if an action is not right for everyone to take, then it is not right for anyone. Descartes' rule of change, also known as the slippery slope rule, suggests that if an action cannot be taken repeatedly, then it is not right to be taken at any time. The Utilitarian Principle suggests taking the action that achieves the higher or greater value. The Risk Aversion Principle suggests taking the action that produces the least harm or the least potential cost. The ethical "no free lunch" rule says that virtually all tangible and intangible objects are owned by someone unless there is a specific declaration otherwise. 6. What is a professional code of conduct? When groups of people claim to be professionals, they subscribe to special rights and obligations. As professionals, they enter into even more constraining relationships with employers, customers, and society because of their special claims to knowledge, wisdom, and respect. Professional codes of conduct are promulgated by associations of professionals in order to regulate entrance qualifications and competencies and to establish codes of ethics and practice. 7. What are meant by "privacy" and "fair information practices? Privacy is the claim that individuals have the right to be left alone, free from surveillance or interference from other individuals or organizations, including the state. Claims to privacy involve the workplace as well as the home. Information technology threatens individual claims to privacy by making the invasion of privacy cheap, profitable, and effective. Fair information practices (FIP) is a set of principles governing the collection and use of information about individuals. The five FIP principles are: (1) notice/awareness; (2) choice/consent; (3) access/participation; (4) security; and (5) enforcement. 8. How is the Internet challenging the protection of individual privacy? Cookies, Web bugs, and other means of collecting information about Internet users can be used or shared without the Internet user's consent. This allows information that a user may have given voluntarily for a good purpose, say logging into the Winnipeg Free Press site, to be shared with some other site. Spamming or e-mail that spoofs a users e-mail address is another invasion of privacy. 9. What role can informed consent, legislation, industry self-regulation, and technology tools play in protecting individual privacy of Internet users? Informed consent means that the Web site visitor knowingly permits the collection of data about his or her and his or her visit to the company's Web site. Federal privacy laws help regulate the collection, usage, and disclosure of information in Canada. Table 5-3 lists several of the federal privacy laws in the United States. Businesses have taken some steps, including publishing statements about how their information will be used and sometimes offering an opt-out right. However, few businesses offer an opt-in approach.

Copyright 2005 Pearson Education Canada Inc.

Instructor's Manual, Chapter 5

Management Information Systems, Second Canadian Edition

5-8

Several technology tools are available to combat privacy invasion. Technical solutions enable e-mail encryption, anonymous e-mailing and surfing, and cookie rejection. Table 54 lists several privacy tools. Of particular interest is the P3P standard that allows the user to have more control over personal information that is gathered on the Web sites that he or she visits. 10. What are the three different regimes that protect intellectual property rights? What challenges to intellectual property rights are posed by the Internet? Three different legal traditions that protect property rights are trade secret, copyright, and patent. A trade secret is any intellectual work product used for a business purpose that can be classified as belonging to that business, provided it is not based on information in the public domain. The drawback to trade secret protection is that once an idea falls into the public domain, it can no longer be protected as a trade secret. A copyright is a statutory grant that protects creators of intellectual property against copying by others for any purpose for a period of 20 years. The drawback of this protection is that underlying ideas are not protected, only their manifestations in a work. A patent grants the owner a monopoly on the ideas behind an invention for 20 years. While patent protection does grant a monopoly on the underlying concepts and ideas, the difficulty is passing stringent criteria of non-obviousness, originality, and novelty. The Internet makes it very easy to widely distribute and reproduce intellectual property. 11. Why is it so difficult to hold software services liable for failure or injury? It is very difficult, if not impossible, to hold software producers liable for their software products because it is only when software acts as a part of a defective product that strict liability pertains. If the software is strictly a service (not part of a product), these laws do not apply. As part of a product, software is still considered to be like books, which historically are protected from liability claims by the First Amendment guaranteeing freedom of expression. 12. What is the most common cause of system quality problems? The three principal sources of system quality problems are hardware and facility failures, software bugs and errors, and data quality. However, the most common cause of system quality problems is data quality. According to the 1998 Redman study cited in the textbook, individual organizations report data error rates ranging from 0.5 to 30 percent. 13. Name and describe four "quality of life" impacts of computers and information systems. The textbook describes eight "quality of life" impacts of computers and information systems. These include balancing power, rapidity of change, maintaining boundaries, dependency and vulnerability, computer crime and abuse, employment, equity and access, and health risks. Balancing power describes the shift toward highly decentralized computing, coupled with an ideology of "empowerment" of thousands of workers and decentralization of decision making to lower organizational levels. The problem is that the lower-level worker involvement in decision making tends to be trivial. Key policy decisions are as centralized as in the past.

Copyright 2005 Pearson Education Canada Inc.

Instructor's Manual, Chapter 5

Management Information Systems, Second Canadian Edition

5-9

The rapidity of change impact suggests that information systems have increased the efficiency of the global marketplace. As a result, businesses no longer have many years to adjust to competition. Businesses can now be wiped out very rapidly, and along with them, jobs. The maintaining boundaries impact suggests that portable computers and telecommuting have created the condition where people can take their work anywhere with them and do it at any time. As a result, workers find that their work is cutting into family time, vacations, and leisure, weakening the traditional institutions of family and friends and blurring the line between public and private life. The dependency and vulnerability impact suggests that businesses, governments, schools, and private associations are becoming more and more dependent on information systems, and so they are highly vulnerable to the failure of those systems. The computer crime and abuse impact suggests that computers have created new opportunities for committing crimes and have themselves become the target of crimes. The employment impact suggests that redesigning business processes could potentially cause millions of middle-level managers and clerical workers to lose their jobs. Worse, if reengineering actually works as claimed, these workers will not find similar employment because the demand for their skills will decline. The equity and access impact suggests that access to computer and information resources is not equitably distributed throughout society. Access is distributed inequitably along racial, economic, and social class lines (as are many other information resources). Poor children attending poor school districts are less likely to use computers at school. Children from wealthy homes are five times more likely to use PCs for schoolwork than poor children. White children are more likely to use computers at home for schoolwork than Native children. Potentially, we could create a society of information haves and havenots, further increasing the social cleavages in our society. Health risks have been attributed to computers and information technologies. For instance, business now spends $20 billion a year to compensate and treat victims of computerrelated occupational diseases. Those illnesses include RSI (repetitive stress injury), CVS (computer vision syndrome), and technostress. 14. What is technostress, and how would you identify it? Technostress is defined as stress induced by computer-use. Its symptoms are aggravation, hostility towards humans, impatience, and enervation. 15. Name three management actions that could reduce RSI. Management can reduce RSI (repetitive stress injury) by using workstations (mainly keyboards) designed for a neutral wrist position (using a wrist rest to support the wrist). Use of proper monitor stands and footrests will contribute to proper posture and so reduce RSI, as will allowing (or requiring) employees to take frequent breaks from their work to walk around. Finally, use of new, ergonomically designed keyboards will also help.

Copyright 2005 Pearson Education Canada Inc.

Instructor's Manual, Chapter 5

Management Information Systems, Second Canadian Edition

5-10

Application Software Exercise

Chapter 5 Application Software Exercise Solution Description: Word Processing and Web Page Development Tool Exercise: Creating a Simple Web Site This exercise will not turn students into Web site developers, but it will give them a feel for its basic functions. Students are asked to create a simple Web site using whatever software is available to them. They may use a Web page development tool such as Microsoft FrontPage, Macromedia Dreamweaver, or Microsoft Word to create their Web pages. Each students solution will differ, depending on the content and design they have chosen. Have students discuss the different software that they used. Also, what problems or challenges did they encounter? What strategies did they employ to overcome them? Have them assess the Web pages they created. Here are some helpful criteria: Authority: Who is the author? Are his or her credentials stated? How knowledgeable is he or she? Who is the sponsor of the site? Is there an organization affiliated with the site or its author? Can you find out more about their purposes and intent? Accuracy: Is the material free of error (typos, spelling, grammar, etc.)? Are the sources for factual information in the material clearly identified? Objectivity: Is any bias present? To what extent is the material meant to persuade? Is this clearly stated? Is the page an advertisement or some other kind of promotional material? Would any surrounding advertising influence the material's contents or results? Is the advertising clearly separate from the resource contents? Coverage: Who is the intended audience? Currency: When was the site last updated? Does it rely on the most current available information? If not, is the reason clearly stated and justified?

Group Project
With three or four of your classmates, develop a corporate ethics code on privacy that addresses both employee privacy and the privacy of customers and users to the corporate Web site. Be sure to consider e-mail privacy and employer monitoring of work sites, as well as corporate use of information about employees concerning their off-job behaviour (e.g., lifestyle, home arrangements, and so forth). If possible, use electronic presentation software to present your ethics code to the class. Answers will vary by individual groups, but should reflect the concepts presented in this chapter. The purpose of the exercise is to cause students to struggle with difficult, but vital, issues of privacy. They should view these issues not only as personal (privacy for themselves and their families) but for our society (whichever country you are in) and for the world in general. Students should both understand that rights do not end when they walk through the door of their job, and they should also gain an appreciation of the complexities of these issues.

Copyright 2005 Pearson Education Canada Inc.

Instructor's Manual, Chapter 5

Management Information Systems, Second Canadian Edition

5-11

In writing the code, students must remember to include the accountability and control dimensions.

Case Study Are You Really Secure?

1. How much money should a company spend on securing its information systems from hackers? Explain your answer. According to industry best practice, a company should spend 10% of their information technology budget on security. If an asset is worth $100,000 dollars, a business should spend at least $10,000 dollars to secure the asset. This percentage is based on a costbenefit analysis of protecting information assets with a reasonable level of security. 2. Who do you think are more likely to hack into a companys information systems: current employees, ex-employees, or outsiders? Why? The percentages may vary from year to year, but successful attacks on corporate information systems that result in financial or legal ramifications are caused by exemployees. An ex-employee has enough insider knowledge to exploit the many vulnerabilities present in many corporate networks. Depending on the reasons for dismissal, these attacks may be vindictive or malicious in nature, potentially causing serious harm to the company. 3. Do you think there is a credible hacking threat from terrorists? How could you anticipate this? Student views will vary widely. Many security professional believe that terrorist hacking threat is fairly low on the probability scale. Many countries around the world scan the Internet continuously, searching for vulnerable services and servers. However, the real threat comes from the endless supply of viruses and worms that have propagated themselves across the Internet. 4. Why do companies leave themselves open for hacking attempts? How could they prevent them? Based on several computer security surveys performed over the years, many companies are vulnerable or become vulnerable to hacking attempts because of a shortage in financial, human, knowledge, or technological resources. These are not easy problems to solve since many IT budgets are constantly being slashed and downsized. One method to combat these problems is to outsource the IT security function of a company. Many security experts have related outsourcing security to outsourcing payroll. They are both functions that must be performed, but the expertise and efforts of the employees are better suited to the core business than to these tasks. 5. Is it ethical to hack? Is it ethical to use tools that are freely available on the Web to hack? What should be the punishment for hackers? Hacking is simply the electronic version of break-and-enter. While many in the electronic world see hacking as a game or sport, many others, such as criminal hackers, or crackers,

Copyright 2005 Pearson Education Canada Inc.

Instructor's Manual, Chapter 5

Management Information Systems, Second Canadian Edition

5-12

break into corporate networks with the intent to steal data and information. Hacking should be viewed the same as break-and-enter: unethical. Many arguments may come up regarding the rights and freedoms people feel they have on the Internet. There are many ideas regarding the fair punishment of hackers and electronic attackers. Forbidden use of information technology, jail time, heavy long-term fines, or even reparations are all potential legal options for the accused.

Copyright 2005 Pearson Education Canada Inc.