Manufacturing Social Responsibility Benchmarks in the Competitive Intelligence Age

The themes explored elsewhere in this volume, on the intersection between information technology and social responsibility, take on new shapes when considered in the context of competitive intelligence. Using the (probably) apocryphal Thomson-Raytheon story as a launching point, this chapter will explore the emergence of social responsibility benchmarks in the competitive intelligence age. This analysis is heavily flavored by my own experiences trying to understand the French approach to competitive intelligence. The paper reviews attempts by competitive intelligence agents in the US and France to manufacture Social Responsibility benchmarks in the contexts of covert operations, competitive strategy, corporate intelligence, economic security, economic intelligence, and economic warfare. The conclusion of the paper will argue that the construction of social responsibility is a local-level human accomplishment, not a global-level rational standard. Furthermore, the paper implies that the burden of social responsibility lies more heavily on the successful economic oppressor than the unsuccessful economic resistance.

Cyberspace Ethics and Information Warfare

We have seen a rise in computer misuse at a global level and also the development of new policies and strategies to describe organized computer security attacks against the information society–these strategies are described as being “information warfare.” This is very different from the traditional view of attack against computers by the individual, determined hacker, a cyber warrior with a code of conduct to follow. Today the threats come from individuals, corporations, government agencies (domestic and foreign), organized crime and terrorists. This new world of conflict in the electronic ether of virtual cyberspace has brought with it a new set of ethical dilemmas.

Component-Based Development

This chapter focuses on the issues raised by component-based development in the light of new data protection legislation recently introduced in the European Union. Component-based development has been proposed as a software engineering approach that can enable the development of flexible and evolutionary systems. The approach aims at the dynamic composition of information systems from pre-fabricated heterogeneous software components. The integration of components, however, potentially creates ethical issues as data need to be exchanged without the users or developers knowing which components will use what data and when. Our discussion unveils a complex ethical debate with important implications for data controllers and information systems developers.

Aggression on the Networks

This chapter examines the attitudes of Australian IS/IT managers to the concept of cyber-vigilantism. Also, it explores the policies and procedures which have been set in place by various organizations to cope with concerted attacks on their systems. It finds that although a majority of managers do approve of the concept of “striking back’, only a minority are prepared for this eventuality. There appears to be complacency about the threats posed by organized, offensive attackers.

Privacy and the Internet

With the advent of the Internet, a number of issues have surfaced that are affecting our society positively, negatively and confusingly at breakneck speeds. The issues surrounding an individual’s right to privacy on the Internet are one such example. Affording an individual a right to privacy is most definitely a unique right preserving the quality of the Constitution of the United States. Certainly the Internet has blurred an already gray line that courts have fought hard and long to preserve and define over the past 225 years.

Understanding Social Responsibility Issues in the Information Age

So, you are taking a trip and have booked your flight, paid your bills, bought a travel insurance and made hotel bookings–all without talking to a single person. Of course, you used the Internet to accomplish your tasks. But how can you be sure that your personal information used to book flights, buy a travel insurance and make hotel bookings would not be used by the concerned companies to send you junk email or it is not sold to some direct marketers without your consent? How can you be sure that your personal information and credit card details were transmitted in a secure mode? How can you be sure that online businesses have proper high integrity business processes to handle your private information with due care? You may also have worries that if something does go wrong, i.e., your personal information is stolen, misused or abused, what recourse would you have. These are all legitimate social responsibility concerns which have surfaced more so in the information age because of technological advances and our growing reliance on information and communication technologies to carry out our daily work.

Social Responsibility in IS/IT Project Management

Project managers obviously have a responsibility to manage their projects. In this chapter we explore the question of social responsibility of project managers. We take it as given for purposes of this chapter that the project involves information systems and/or information technology. Social responsibility implies something beyond technical responsibility (the project, when completed, is technically efficient and reliable and meets the project specifications). In this chapter we will use the stakeholder approach, which is common in discussions of business ethics and the role of business in society (Donaldson & Preston, 1995; Evan & Freeman, 1983) to identify various groups to which project managers have social responsibility. We will discuss the difference between legal responsibility and moral or ethical responsibility. We will use a rights and duties approach to apply principles from business ethics to the problem of identifying project manager responsibilities. After this general discussion, we will identify five specific groups to whom IS/IT project managers have responsibilities. For each group, we will identify the project manager role or roles which connect to the rights of the group and discuss the duties which those rights impose on project managers. In concluding the chapter, we will briefly consider how the duties or responsibilities of project managers can be viewed in a positive light as opportunities which most employees and many managers do not have.

Strategic and Ethical Issues in Outsourcing Information Technologies

Outsourcing of information technology (IT) is the transfer of a company’s information technology functions to external vendors. Ordinarily, such transfer is considered only with regard to its strategic and economic impact on the organization. However, as the recent practice demonstrated, cost-benefit considerations and other strategic considerations are not sufficient to analyze an outsourcing case. Important ethical concerns relating to fiduciary responsibilities, insiders’ bidding for outsourcing contracts, and the like, are also pertinent to the analysis of outsourcing. This chapter will identify major ethical problems and will propose guidelines for ethical conduct in the process of outsourcing IT. Such guidelines could have broad practical implications for the practice of outsourcing. The chapter will analyze literature on outsourcing models and professional ethical standards. It will have the following structure. First, the benefits and models of outsourcing information technology will be discussed. Second, ethical literature in general and professional organizations’ codes of ethics in particular will be considered. Third, a recent case of IT outsourcing will be presented and analyzed. The ethical standards established in the thesis will be applied to the case. Finally, generalized ethical guidelines will be suggested for outsourcing models.

Aspects of a Viable Social Responsibility Program in the Information Age

Various chapters in this book have addressed a broad range of social responsibility issues. In many ways, each chapter has identified a category of social responsibility concerns which if ignored are going to result in some ethical strain. In the paragraphs below, based on an understanding of potential ethical strains, key elements of a viable social responsibility program are identified and described.

On the Role of Human Morality in Information System Security

This chapter argues, following the scholars of the first category, that human morality has a role as a means for ensuring security. But to achieve this goal solid theoretical foundations, on which a concrete guidance can be based, are needed. The existing proposals (e.g., Kowalski, 1990; Baskerville, 1995; Dhillon & Backhouse, 2000) do not suggest any theoretical foundation nor concrete means for using ethics as a means of ensuring security. The aim of this paper is to propose a framework for the use of ethics in this respect. To achieve this aim, a critique of the relevance of ethics must be considered. The use of human morality as a means of ensuring security has been criticized by Leiwo and Heikkuri (1998a, 1998b) on the grounds of cultural relativism (and hacker ethics/hacking culture). If cultural relativism is valid as an ethical doctrine, the use of human morality as a means of protection is very questionable. It would only be possible in certain “security” cultures, i.e., cultures in which security norms have been established–if at all. However, the objection of Leiwo and Heikkuri (1998a, 1998b) is argued to be questionable. We feel that cultural relativism has detrimental effects on our well-being and security. Things might be better if the weaknesses of cultural relativism were recognized. This paper adopts the conceptual analysis in terms of Järvinen (1997, 2000) as the research approach. An early version of this paper was presented at an international conference on information security (IFIP TC11, Beijing, China, 2000).