DMBA210 : Management Information System

MASTERS OF BUSINESS ADMINISTRATION

SEMESTER 2

DMBA210
MANAGEMENT INFORMATION SYSTEM1
Unit: 14 - Ethical Issues
DMBA210 : Management Information System

Unit – 14
Ethical Issues

Unit: 14 - Ethical Issues 2

DMBA210 : Management Information System

TABLE OF CONTENTS

SL Fig No / Table SAQ /

Topic Page No
No / Graph Activity

1 Introduction - -
4
1.1 Objectives - -

2 Case Study - - 5-6

3 Key Issues - -

3.1 Privacy - -

3.1.1 Internet challenges to privacy -

3.2 Workplace monitoring - -

3.2.1 Types of workplace - - 7-20

monitoring

3.2.2 The information Panopticon 1 -

3.2.3 The role of monitoring - -

3.3 Power over users 2, 3 -

4 Summary - - 21

5 Glossary - - 22

6 Terminal Questions - - 23

7 Answers - - 24

8 References - - 25

Unit: 14 - Ethical Issues 3

DMBA210 : Management Information System

1. INTRODUCTION
Information systems are pervasive across organisations. When their use con- fronts existing norms
and practices at the organisation, ethical issues arise. Ethical issues relate to privacy, workplace
monitoring and use of power. Privacy of individuals in modern organisations is often at risk as
substantial private data about personal details is resident in the organisation’s databases.
Furthermore, work-related practices such as sending e-mail and browsing are also visible to the
organisation. Workplace monitoring often relies on such data to deter- mine how employees are
performing, where they are, how much time they have spent on work, who they have communicated
with, etc. Monitoring enforces dis- ciplined behaviour on employees and also protects them from
abusive or threat- ening behaviour. Systems professionals in organisations enjoy a power over
information systems users owing to their privileged knowledge and position, and this raises ethical
issues about how they influence the decisions of the users.

1.1 Objectives
After studying this unit, you should be able to:
• explain privacy in organisations

• discuss the workplace monitoring

• analyse issues concerning use of power over users

Unit: 14 - Ethical Issues 4

DMBA210 : Management Information System

2. CASE STUDY

Privacy Breach on Facebook

Is it possible to have privacy on the Internet? To many, this question seemslike a paradox: The
Internet is by definition meant to be open and acces- sible to all, then how is it that one can demand
or expect privacy?

Since its inception the World Wide Web, the Internet has stood for open- ness and accessibility. The
idea of creating web pages online and having them be viewed by anyone in the world with a
connection to the Internet and a browser, has spawned the idea that the Internet itself is an open, free
space that really does not promote privacy or closed spaces. The rise of dozens of different types of
public services and applications on the Web, such as Web portals, e-commerce, blogs, social
networking sites, and so on, led to the increasing belief that the Internet is essentially open, free, and
accessible to all.

On the other hand, amongst most powerful and popular applications on the Internet is that of e-mail.
E-mail is substantially a private application, where individuals have mailboxes that they can access
through a personal login and a password, which ensures that their e-mail content is not available for
public consumption and is only meant for them. There is a strong inherent notion of privacy
associated with e-mail; popular public e-mail application providers such as Yahoo and Hotmail ensure
that this implicit contract of privacy is not violated.

Between the openness of websites and the closed privacy of e-mail lie a number of sites, such as social
networking sites, that provide a measure of both. Social networking sites allow users to create login
profiles that enable private access and then allow them to create and display information that is open
to all. However, social networking sites also run the risk of exposing users to privacy risks.

Facebook is one of the largest social networking sites. Since its incep- tion, it has held a strong appeal
to users, who have enrolled in large num- bers on Facebook, sometimes abandoning other sites in the
process. Facebook has recently faced a number of allegations of privacy viola- tions. In an
investigation in 2010, The Wall Street Journal, a newspaper in the USA, found that applications being
run by users of Facebook took the users identity number (called the UID), which is used by Facebook
for managing all facilities provided to the user, and shared those numbers with parties external to
Facebook. A popular game, called Farmville, that many Facebook users play collectively, was drawing

Unit: 14 - Ethical Issues 5

DMBA210 : Management Information System

UIDs and passing them to another firm. This firm would then match UIDs with its own data- base of
information on the Facebook users, and sell the information thus obtained to other parties. The
problem that Facebook ran into was this act of taking UIDs without the user’s knowledge or consent
was against its own privacy policy.

Facebook faced heavy criticism from its users and the media at large and amended its arrangements
with its partners to ensure that such incidents did not recur. However, on its own too it has been
challenged by users for privacy violations. In a lawsuit in Canada, one user has alleged that Face- book
has used data from her account, and from accounts of her contacts, to create online public content
without their explicit consent. Facebook cre- ates ‘sponsored ads’ for its services, which it does by
taking data, including images, from some randomly selected users account, re-mixes the data and
images to create a unique page, and then displays this page to others as an advertisement of its
features. In this case, Facebook had created this ad without the user’s consent, including in it what
the user alleges is private data.

Tracking and using data on users of websites is a growing business. Companies have sprung up that
collect such data to identify user’s preferences for goods and services so that they can sell this
information to advertisers and for target marketing. Many websites do this without explicitly
identifying the user – meaning that as users browse content on the site, the activities are followed;
however, who they are remains unknown. When this data is aggregated over millions of users,
although all are unknown to the tracking agency, this provides very useful aggregate data to
marketing and publicity firms, as they can know for sure what preferences users have. For example,
e-commerce sites track how users search for particular products (whether by brand or by price
information), and can use this information to design sites more efficiently or provide information to
marketing firms on how to place advertisements.

Facebook too collects data on its users’ activities. This is known to its users. What they are concerned
about is identifying their specific, personal information and using this for advertisements, as opposed
to using data in the aggregate for many users, which shields individuals. Facebook’s future challenge
will be in being able to both collect information on user activities and protecting their privacy.

Unit: 14 - Ethical Issues 6

DMBA210 : Management Information System

3. KEY ISSUES
Information systems are used by people in organisations and in society. The use of these systems is
guided by the limits imposed by the systems them- selves, such as how much connectivity is possible,
and also by the norms and codes of conduct that the organisation or the society subscribes to.
Sometimes information systems enable capabilities that clash with existing norms, and here issues of
ethics and responsibility arise.

Ethics are publicly accepted rules of behaviour for social engagement. In a larger sense, ethics are the
moral rules and codes that individuals in a society follow. These rules are often derived from religion
or a community ethos. The dividing line between ethical and unethical behaviour is determined by
the com- munity ethos and what is considered, widely, to be acceptable.

Ethics are different from legal issues. What is legal is determined by an explicit set of laws, usually
written, in any country. The system of justice in the country decides on the legality or non-legality of
actions, issues, rules, etc. Ethics, on the other hand, are not sharply encoded in texts; they are
determined by loose codes outlined as conduct rules or ethical guidelines.

3.1 Privacy
Information systems are used widely across organisations, and they enable data and information to
be widely distributed for use. When the data pertains to individuals (relating to their work, personal
habits, or personal life), and it resides on organisational information systems, the question of privacy
that arises here is: Whose data is this – of the individual or of the organisation? Owing to the complex
nature of information systems and the manner in which data is created, stored, and manipulated, the
answer to this question is usu- ally difficult.

To answer the question of privacy one has to consider why it is important in the first place. Data and
information relating to individuals could be of sensitive nature. Some examples of such kind of data
are as follows:

1. Employees, who work extensively with computers, log in every morning when they come to
work and log out in the evening when they leave. Dur- ing the working day, every time they
leave their desk or are not working on the computer, the system logs their inactivity at work.
For example, a United Airlines worker, in the USA, was threatened with job loss on the grounds

Unit: 14 - Ethical Issues 7

DMBA210 : Management Information System

that she had spent more than the allotted time in the bathroom, making her co-workers take
up her work.
2. Medical records detailing illnesses and treatments, hospital visits, and medication routines are
all stored on organisational databases that con- tain personnel data. The data is specific to
individuals and, for some organisations, also contains details about the individual’s family
mem- bers. In the USA, for example, the medical records of the famous singer Britney Spears
were read by employees of a hospital in which she was treated. The employees later leaked
the information to the press. Spears took legal action against the hospital, which had to fire
several employees.
3. Web surfing activities of individuals are also logged by corporate web servers. Which sites
individuals have visited, how long they have been on the site, and what kind of material they
have downloaded are also logged. A multinational media firm, for example, threatened to fire
an employee based on his visits to Yahoo.com from an office computer. The firm had obtained
details about the employee’s surfing behaviour from server logs.
4. Security systems in some organisations, which are based on swipe cards or security cards that
enable doors and office buildings to be opened or accessed, retain records of all individual
movements across buildings and workplaces. Data pertaining to individual movements is
available in secu- rity logs. In the Vatican, for example, swipes were re-introduced in 2008 to
monitor the movement of employees. This was in response to criticism that employees were
‘slacking off’. Even though the Pope was not entirely in favour of such monitoring, it was
introduced to improve efficiency of staff.
5. Many organisations also check all incoming and outgoing e-mails of their personnel. The e-
mails are checked for content and attachments. Some organisations either remove e-mails
containing certain keywords, such as expletives, or flag them to warn employees.

With the above information residing in organisational databases, it is possible for organisations or
individuals within organisations to access and use or misuse this information. For example, if the
medical history of an employee is known to others, it may be used to deny promotions or job
opportunities. This is an issue of ethics as many countries discourage discrimination against people
who have disabilities or health issues.

The matter becomes complex when the decision is not easy to make. For exam- ple, employee J has a
health problem for which he/she has received medical treatment that has been reimbursed by
his/her firm. Suppose an opportunity opens up in the firm that requires extensive travelling, and this

Unit: 14 - Ethical Issues 8

DMBA210 : Management Information System

opportunity is something that J desires and feels is important for his/her career. However, the firm’s
management could take a stand of denying the opportunity to J, based on their knowledge of J’s health
issues and the problems concerning his/her ability to travel. Or, the management could also inform J
of the opportunity and seek his/her opinion on the matter without raising the issue of his/her health.
Should the management use J’s private data to inform their own decision mak- ing? Should they ask J
about his/her willingness to avail of the opportunity and not inform J of their knowledge about
his/her health?

The important ethical issue here is whether the management should use private data related to an
employee for their decision making. The option they have is of asking the employee for his/her
opinion, and then not divulge the information. The resolution of this issue varies in different countries.
Many courts in the USA, for example, have ruled that an employee’s personal information available to
an organisation is not necessarily personal and can be used by the management.

Another aspect of privacy is that of maintaining confidentiality of clients and part- ners of an
organisation. It is often the case that the firms who have data on clients sell the data in aggregate form
for commercial profit. Some contracts between clients and firms explicitly forbid this. However, many
firms exploit weaknesses in contracts to disburse the information. For example, many banks are
known to sell information regarding their clients’ names, address and telephone numbers to credit
card firms that use this information to make marketing calls to customers.

Countries around the world have framed legislation around this issue, mandat- ing that commercial
firms must have explicit permission of the users before such information is divulged to others. In a
famous case, in 2006, an employee of the Hong Kong and Shanghai Banking Corporation (HSBC) was
caught trying to sell credit card details of 200,000 customers. He had collected all the data on cus-
tomer details that he was willing to sell to the highest bidder. Owing to the preva- lent laws in the UK,
to which country most of the customers belonged, the data dissemination was considered a theft
hence the perpetrator was prosecuted.

However, in many cases the law is ambiguous, and individuals and firms are able to dispense various
forms of data. The major ethical questions that arise in these situations are:

1. Who has the ownership of the data – the firm or the customer from whom the data is obtained?
2. If a profit is made with the data then should this be shared with the cus- tomer?
3. Do customers have any rights to the information that is derived from their data?

Unit: 14 - Ethical Issues 9

DMBA210 : Management Information System

The questions of privacy and ownership of data become critical when the gov- ernment also
participates in the collection of data from citizens and also in its use. In India, it is common for
government departments to collect data on citizens’ details and store them in massive databases. For
example, the tax department will have details about individual citizens and their tax histories. Is it
legally feasible for the department to share its data with other departments? With the increasing
prevalence of e-governance systems, these data stores have increased in both scale and scope. Many
countries, including India, have introduced or are in the process of introducing unique identity
numbers for all citizens, thus enabling all databases to have a common unique number that can be
used to collate records. This is a substantial challenge to the privacy and right to privacy of individuals.
The unique identity number project in India has been challenged by many civil society organisations
on the grounds that it will violate individual privacy. Till late 2010, India did not have a specific
privacy law in place; privacy is granted to individuals as a basic right, the ‘right to life and liberty’,
under Article 21 of the Indian Constitution. Section 72 of the Indian IT Act 2000 also protects privacy
by specifying penalties for breach of confiden- tiality. Owing to the challenge to the unique identity
number project, the Indian government has considered introducing a privacy act.

In this context of the individual’s privacy, it is worth mentioning that many coun- tries, including India,
have also passed the right to information laws that require government departments to open up their
internal records and files to citizens who desire to see them. These transparency laws strengthen the
democratic process as they allow citizens a view of the internal functioning of the govern- ment.
However, these laws also tend to infringe the privacy rights of individuals if their data, which is
maintained and used by the department, is the subject of a right to information request.

3.1.1 Internet challenges to privacy

Cookies are small files that are maintained by the browser a user is using to surf the Internet. These
files keep track of the user’s activity to help sites that the user has visited or is working with. For
instance, if a user is at an e-commerce site and is selecting and purchasing items, then the cookies
help to keep track of what the user wants, help him/her with making the payment, and allow him/
her to go back and forth over different pages without losing track of his/her pur- chase items. Cookies
may be enabled in browsers to help with surfing, or may be actively turned off by users.

Cookies present a threat to privacy, as they reveal the user’s surfing behaviour. Many e-commerce
sites use cookies to learn what kinds of sites and pages the user has visited, and then target

Unit: 14 - Ethical Issues 10

DMBA210 : Management Information System

advertisements at him/her. Sometimes cookies also reveal personal details about the user – such as
the name, phone number, and address of the user.

Several countries, such as the USA, have passed laws banning the use of cook- ies by agencies that
host web pages. Furthermore, the laws also restrict the manner in which cookies can be used.

Spyware are computer programs, pieces of software, which enter and reside on personal computers
and monitor user activity. A typical spyware program may enter the computer through e-mail or
through the browser, and then it resides on the computer. Spyware are malicious software created to
invade the privacy of users and report to their creators details about what software the user has, what
sites the user views and how the user uses his/her computer. Spyware typically send out information
they have gathered over the Internet to their creator.

To counter the privacy and confidentiality violation arising from cookies and spy- ware, many
organisations have formulated strict policies about Internet surfing and access. Many commercial
firms entirely ban visiting specific sites that use cookies or deploy spyware. Other policies include
setting strong privacy con- trols on the browser and on the routers used to connect to the Internet.

3.2 Workplace monitoring

Throughout the history of the industrial revolution, workplace monitoring has remained one of the
most contentious and prevalent management practices. This practice is of maintaining a vigil on the
workers’ activities in an organisa- tion, particularly in a commercial firm, with the objective of
ensuring higher pro- ductivity. When the workers are monitored in their workplace, they are required
to conform to certain work norms, such as how fast or efficiently they work and how they behave
with co-workers. And, the objective of workplace monitoring is to discipline them to conform to these
norms.

Supervision in factories of the industrial era involved closely watching work- ers as to how they went
about their work, how many units they produced, how they interacted with co-workers, how
efficiently they used their time, and other details. The supervisors used the data they collected from
their observations to reward workers who performed well and to discipline those who did not
perform. Disciplining often involved giving close attention to under-performing workers, providing
them detailed instructions, and meting out mild punishments such as threats of termination. In cases
where workers did not improve their perfor- mance, termination of their services was done based on
the evidence of their non-performance collected during the supervision process.

Unit: 14 - Ethical Issues 11

DMBA210 : Management Information System

From the management’s perspective, monitoring and supervision aim at improv- ing the productivity
and hence the earnings and morale of the workers. Super- visors ensure that there is no ‘freeloading’,
that is, in a unit, some workers are slack in their work and others have to work harder to meet the
goals of the unit. Supervisors are also able to spot the best performers and reward them, thus
improving the morale and motivation of the group.

On the other hand, critics of monitoring argue that close supervision leads to a loss of privacy and
confidence of the workers. They feel that the supervisors do not trust them enough to let them do
their work independently, thus leading to decline in their confidence. If performance has to be
measured for individuals and for groups then this can be done by measuring the output of the workers
and groups without close monitoring, and this would be less obtrusive. Individu- als do not like to be
monitored as this affects their personal choices and their ability to function independently.

With the pervasive use of information systems in organisations, the scale and precision of monitoring
has increased for certain kinds of tasks. For example, for many ‘back office’ tasks, where employees
of a commercial firm have to talk to and interact with a wide range of customers, information
technology is exten- sively used to enable the employees to have all the relevant information. Credit
card issuing agencies have such offices where the credit card customers can call in and have their
needs addressed. In such situations, the entire duration of the call is often recorded digitally and
stored, and also data and files used to address the customer’s needs are digitally recorded.
Supervisors then use the data thus collected to evaluate whether the employee spent the optimal
amount of time talking to the customer, whether the right data was used and whether the right
information was provided to the customer. As the work of the employees involves repetitive, often
mechanical, tasks, the management specifies guide- lines and norms for them. Employees then have
to conform to these norms such as the amount of time taken to respond to the customer, the number
of times the customer had to ask questions or call back, etc. And, the information system allows the
supervisors to measure this conformance.

3.2.1 Types of workplace monitoring

There are many possible ways in which electronic monitoring can be effected in organisations. Some
of these are as follows:

Unit: 14 - Ethical Issues 12

DMBA210 : Management Information System

1. Use of digital video cameras for internal monitoring of employees, offices, hallways, and
buildings. The video footage is stored for later retrieval and viewing.
2. Use of computer network logs to record all use of files, visits to websites, and access to other
computer networks and programs.
3. Scanning and storage of all outgoing and incoming e-mails from and to employees.
4. Use of employee identity cards to monitor physical movement of employ- ees.
5. Access given to outside agencies to obtain personal data on employees, such as credit card
statements, bank records, medical records, and phar- macy purchases.
6. Access to all files on employees’ personal computers and laptops, includ- ing removable
storage devices.

Often, other types of workplace monitoring are also conducted by firms, such as testing for drugs and
alcohol. However, these are not dependent on digital technologies and are not considered here.

3.2.2 The information Panopticon

Electronic workplace monitoring is considered by some commentators as the modern equivalent of
the Panopticon of the 19th century. The idea of the Panopticon was first conceived by the British
economist and philosopher Jeremy Bentham. Figure 14.1 depicts an octogonal Panopticon. Bentham
pro- posed a structure composed of an eight-sided building that had rooms along the periphery with
windows that opened towards the centre. The centre had a high columnar structure with a room at
the top that was open on all sides. This struc- ture, called a Panopticon, would serve to closely monitor
those in the peripheral rooms and also help discipline their behaviour. Bentham had envisaged that
structures of this nature could be used to discipline those who needed disciplin- ing, such as workers,
jail inmates, and students.

A major advantage of the Panopticon was that those in the peripheral rooms were usually not in a
position to see whether there was anyone in the central tower seeing them, but they always knew
that someone could be there. The disciplining was possible, according to Bentham, because the source
of power was always present but its presence could not be verified. Thus, some jails were designed
to have a similar structure, of an octagon with a tower at the centre, and the room in the central tower
covered with see-through mirrors. Here, the prison inmates could always see the tower from their
rooms but not know easily if anyone was watching them at that time.

Monitoring through information systems too has the same effect as that of the Panopticon: Those
being monitored are always conscious that they can be observed but are never sure that the

Unit: 14 - Ethical Issues 13

DMBA210 : Management Information System

monitoring is going on. Most users across organisations know that their files, data, activity, and Web
surfing behaviour can be monitored; however, they are never sure of this. When organisations imple-
ment rules of conduct, such as those for visiting websites, employees show conformity and discipline
because of the Panopticon effect.

Figure 1: The octagonal Panopticon. Along the periphery of the structure are the rooms. Each
room opens towards the centre and can be fully observed from the observation tower. A room at the
tower top is cov- ered with see-through mirrors which make it impossible for the room occupants to
verify whether there are observers in the tower

3.2.3 The role of monitoring

The rationale for monitoring draws from the fact that information about activities is useful. For
commercial organisations, the security aspect of information is paramount. Information entering the
organisation through e-mail and websites represents security threats owing to the massive presence
of viruses, worms, and other malicious software. Management concerns of privacy are often over-
ridden by the concern for security – all activity related to data and files being brought into the
organisation are thus monitored.

Another concern of organisations is that of abusive and threatening software and data that may be
brought in from outside and that may harm employees. For example, organisations monitor
computers and networks for pornographic or hateful literature or videos that employees will be wary
of. These materi- als are not owned by the organisation but if found on its digital networks, the
organisation could face serious charges of discrimination, harassment, or abuse from its own
employees. Many courts around the world have upheld such charges, and have forced organisations
to adopt very stringent monitoring policies.

Unit: 14 - Ethical Issues 14

DMBA210 : Management Information System

For example, in a famous case, the Chevron Corporation in the USA had to pay a fine of USD 2.2 million
owing to a gender insensitivity case filed by four of its women employees. When the case was filed, in
1992, the women employees alleged that they had been a target of offensive jokes, sexually explicit
mate- rial, and gender discrimination in the firm. Much of the material had been sent to them via e-
mail. The court settled the case in their favour and fined Chevron for what was, at that time, one of
the highest fines ever levied for a charge of this nature. Subsequent to this, many firms resorted to
electronic monitoring of e-mail to prevent occurrences of this nature.

Commercial firms and even government departments use monitoring to restrict the personal use of
computers and networks within the premises. Such use not only wastes time of employees but also
presents a poor image of the depart- ment to the outside world. Firms are also wary of employees
using their elec- tronic networks to either work for some other agency during their off hours or
provide information about themselves to seek alternative jobs.

For many commercial firms, monitoring is a competitive necessity. There are many examples of
employees leaking out company secrets to rivals to the detriment of their own organisations. The
employees may do this for mon- etary gain or to extract revenge on their own organisation for not
gaining a promotion or a salary increase. The firms therefore maintain strict control over their
employees’ computers, desktops, and laptops, and monitor all file exchanges. Employees are also not
permitted to use removable media such as flash storage drives, and in case they have to, these are
carefully monitored during entry and exit.

3.3 Power over users

Every organisation that uses information systems also hires information systems professionals who
are responsible for ensuring that the systems are managed and run properly. In modern organisations,
the role of such professionals has increased considerably owing to the heavy dependence of the
organisations on information systems. Due to the important role the systems professionals play, they
come to have power over others in the organisation.

An individual is said to have power over a person when the individual can influ- ence the thinking or
behaviour of that person. For the information systems pro- fessionals, this power is their ability to
make IT users listen to and agree to what they say. For example, if a user wants to send an e-mail with
an attached file, he/she may ask the systems professional how to do this. The professional may
answer that the file can only be attached in a zipped format (a format that allows a file to be
compressed to a smaller size). The user may not be per- suaded by this answer as he/she knows that

Unit: 14 - Ethical Issues 15

DMBA210 : Management Information System

files can also be attached in the uncompressed format, provided they are not larger than the size
permitted by the e-mail system. However, the user listens to the professional and sends the file in a
zipped form.

There is a subtle difference between having power and exercising power. Exer- cising power implies
that the individuals who have power actually enforce it and have their way over the thinking and
behaviour of others. The exercise of power is a deliberate act that ensues in a particular situation.
Power in an organisation is associated with a position in the hierarchy or with the assumption of
superior knowledge. A systems professional is more powerful in some situations owing to his
superior knowledge of information technology.

Consider the situation of a project in which specific information systems are being built or used. The
context is narrow and technical. In such a situation, systems professionals may exercise power over
a user, as in the example of using a zipped file as an attachment, by simply stating a particular
technical fact. This technical knowledge, of which the user is not aware, acts to settle a conflict or
decide on a course of action. The professional simply states the fact and has his way, which is the
exercise of power, without bothering to explain why. Had the professional explained that zipped files
take less space and are faster to use, it would have been a rational argument to support his
recommendation. However, if this argument is not used, it becomes a technical exercise of power.
Figure 2 shows the exercise of of power by systems professionals.

Figure 2: Exercise of power by systems professionals

A different situation arises when the matter is of a specific technical issue but outside any specific
project or usage context. For example, in many organ- isations there is a policy that all computer and
related equipment purchases have to be routed through the IT department, or have to be approved
by the information systems professionals. The exercise of power is now structural, where the systems
professionals use their position in the organisation to influ- ence decisions about what to buy, how

Unit: 14 - Ethical Issues 16

DMBA210 : Management Information System

much to spend, where to buy, and so on. The users are bound to listen to the professionals owing to
their role in the organisation.

Outside of any issues of fact, such as the use of a system or building a sys- tem, the systems
professionals often exercise power by affecting the wants and desires of the users. Users who are not
familiar with the information systems terminology may not find the exact words or phrases needed
to express what they want to do or have done. In such cases, the frameworks, models and terminology
used by the professionals’ shapes the users’ expression of their wants. For example, if a user desires
to have a file sent from his department, say Stores, to another department, say Accounts, then he/she
may express this by saying he/she wants the file ‘sent to Accounts’. However, in the systems
terminology, he/she may be obliged to state his/her requirements as one of the following:

1. Copied into the folder of the Accounts department.

2. Sent to a central folder with access by the Accounts department.
3. Sent as an e-mail attachment to the Accounts department.

When the user chooses any of these alternatives, he/she is giving in to an exer- cise of power, where
the systems professionals are determining his/her wants by restricting the manner in which they can
be achieved. The desire that arises in the physical world is now shaped by the digital world to a new
form. This is known as a conceptual exercise of power.

The users’ values and beliefs are also affected by the exercise of power by the systems professionals.
Values and beliefs about the use of technology, their role in the world of work, their usefulness and
their ability to shape human interaction are some of the ideas that may be shaped by a power exercise.
For example, many systems professionals now argue that social interaction, through social networks
on the Internet and within the organisa- tion have increased with widespread use of information
systems. However, many social scientists argue that computing and networks have actually reduced
social interaction and increased alienation in the workplace. Indi- viduals in organisations interact
less with each other, not more, owing to information systems. When individuals believe that
computers and networks have increased socialisation, they are succumbing to a power exercise that
is symbolic in nature.

The power that the systems professionals exercise may be in a context in which the users are aware
of it or are not. Figure 14.3 depicts this. Further- more, it may be the case that even the systems
professionals are consciously not aware of the power they are exercising. When both the users and
the pro- fessionals are aware of the power exercise, this results in a situation where both have

Unit: 14 - Ethical Issues 17

DMBA210 : Management Information System

negotiated and come up with a solution that is acceptable to both. In a situation where the user is not
aware of the power exercise, this results in manipulation by the professional. The user is led into a
decision where he/she is not even aware that other possibilities exist. If the professional is unaware
of the power exercise, and the user is, then this results in a situation of resis- tance from the user. The
user refuses to be manipulated but the professional believes he/she is not exercising any power.
When either party is unaware of the power exercise, a case of unintended influence is likely to result.

Both the users and the systems professionals have to be aware and fully cognizant of any power
exercise to have the best possible situation for decision making. The ethical issues may arise in
situations where either is not aware.

Figure 3: Awareness of power exercise by users and systems professionals

SELF-ASSESSMENT QUESTIONS – 1
Fill in the blanks:
1 From ____________________ perspective, workplace monitoring improves productivity and
morale of the workers, by ensuring there is no ___________________ and by spotting
__________________ for prompt rewards.
2 ___________________ are publicly accepted rules of behaviour and are determined by loose codes
which __________________ sharply encoded in texts, in sharp con- trast to __________________ issues.
3 ____________________, ______________________and ______________________ are examples of data and
information relating to individuals that are collected by organisations, which could be of a
sensitive nature.

Unit: 14 - Ethical Issues 18

DMBA210 : Management Information System

4 Electronic monitoring is considered by experts, as a modern day equivalent of _______________,

a much-debated 19th century concept.
5 Managements concerns of ___________________ are often over-ridden by the concern for
_______________, hence justifying workplace monitoring.
True or False Questions:
6 Collection of personal data by Government departments and provision of unique identities
for all citizens by the Government, do not challenge any of the rights of the citizens.
(True/False)
7 Collection of personal data by Government departments and provision of unique identities
for all citizens by the Government, do not challenge any of the rights of the citizens.
(True/False)
Multiple Choice Questions:
8 As the JSPL Case Study points out, workplace monitoring through video surveillance cameras,
helps the organisation
a) track unknown persons, reduce theft and damage, improving security
b) remotely monitor project progress, saving costs
c) remotely monitor project personnel, improving productivity
d) achieve all the above, going from a tactical solution to become a strategic management
tool
9 The Right to Information Law though strengthening democratic pro- cesses, tends to infringe
on what rights of individuals?
a) Privacy Rights
b) Right to Education
c) Right to Freedom
d) Right to Equality
10 Ethics are moral rules and codes that individuals in a society follow, which are
a) derived by religion and community ethos
b) publicly accepted widely, forming loose codes and guidelines
c) both (a) and (b)
d) determined by an explicit set of laws
11 With pervasive use of information systems in organisations, the scale and precision of
monitoring for certain tasks like ‘back-office’ tasks has

Unit: 14 - Ethical Issues 19

DMBA210 : Management Information System

a) increased considerably
b) decreased considerably
c) remained the same
d) decreased marginally
12 Which of these are possible ways of electronic monitoring in organisa- tions?
a) Use of access cards
b) Incoming and outgoing e-mails
c) Inactivity records on system logs
d) All the above
13 In modern organisations, the role of information systems professionals
a) has increased in importance owing to a heavy dependence on information systems
b) has increased due to the power they exercise over other users
c) both (a) and (b)
d) is not more important than other functions
14 To have the best possible situation for organisational decision making, full awareness of any
exercise of power by systems professionals
a) is neither necessary for the systems users nor is it required of sys- tems professionals
b) is required of systems professionals, so that they can guide the organisation towards
better solutions
c) is required of systems users, so that they can ensure that sub- optimal solutions are
not implemented by the organisation
d) is required of both systems users and systems professionals to ensure negotiations for
mutually-acceptable solutions
15 For many commercial organisations, workplace monitoring is
a) a competitive necessity
b) a security imperative
c) a strategic management tool
d) all of the above

Unit: 14 - Ethical Issues 20

DMBA210 : Management Information System

4. SUMMARY

Let us recapitulate the important concepts discussed in this unit:

• Ethics are publicly accepted rules of behaviour for social engagement.

• An important ethical issue for an organisation is whether it should use pri- vate data related
to an employee for their decision making.
• Cookies are files that keep track of the user’s activity to help sites that the user has visited or
is working with. Cookies present a threat to privacy, as they reveal the user’s surfing behaviour.
• Workplace monitoring maintains a vigil on the workers’ activities in an organisation,
particularly in a commercial firm, with the objective of ensur- ing higher productivity.
• Panopticon is a structure composed of an eight-sided building that had rooms along the
periphery with windows that opened towards the centre.

Unit: 14 - Ethical Issues 21

DMBA210 : Management Information System

5. GLOSSARY

Ethics - Moral rules and codes of behaviour for social engagement.

Privacy - The condition of being secluded from scrutiny by electronic means.

Workplace To observe or record the behaviour of employees in their place of work

-
monitoring through electronic devices.

An eight-sided building structure, with rooms along the periphery and a

Panopticon - central tower. The structure is designed to ensure that those inside the
rooms are always visible to anyone in the tower.

Individual power refers to the ability of persons to influence the thinking

Power -
or behaviour of others.

Unit: 14 - Ethical Issues 22

DMBA210 : Management Information System

6. TERMINAL QUESTIONS
1. Give two reasons why privacy is important for individuals in organisations?
2. How is privacy being affected by information technology in modern organ- isations?
3. How does workplace monitoring affect workers?
4. What is the concept of the Information Panopticon? Do you see examples of it in modern
organisations?
5. What are the different kinds of power that systems professionals exert over users?

Unit: 14 - Ethical Issues 23

DMBA210 : Management Information System

7. ANSWERS
Self-Assessment Questions
1. management’s, free-loading, best performers
2. Ethics, are not, legal
3. E-mail, network logs, work of employees
4. the Panopticon
5. privacy, security
6. False
7. False
8. (d) achieve all the above, going from a tactical solution to become a strategic management tool
9. (a) Privacy Rights
10. (c) both (a) and (b)
11. (a) increased considerably
12. (d) All the above
13. (c) both (a) and (b)
14. (d) is required of both systems users and systems professionals to ensure negotiations for
mutually-acceptable solutions
15. (d) all of the above

Terminal Questions Answers

Answer 1: Refer Section 14.3.1
Answer 2: Refer Section 14.3.1
Answer 3: Refer Section 14.3.2
Answer 4: Refer Section 14.3.2.2
Answer 5: Refer Section 14.3.3

Unit: 14 - Ethical Issues 24

DMBA210 : Management Information System

8. REFERENCES

• Pasha, A. (2010) Wi-fi video surveillance system for overseeing projects,

• Express Computer.
• Rosenthal, E. (2009) Smuggling Europe’s waste to poorer countries. The New York Times.
• Markus, M.L. and Bjorn-Anderson, N. (1987) Power over users: Its exercise by systems
professionals, Communications of the Association for Comput- ing Machinery, 30(6), 498–504.

E-References

• ‘Facebook in Privacy Breach’ available at http://online.wsj.com/article/SB1

0001424052702304772804575558484075236968.html (viewed in April 2012).
• ‘Facebook admits inadvertent privacy breach’ available at http://www.tele-
graph.co.uk/technology/facebook/8070513/Facebook-admits-inadvertent- privacy-
breach.html (viewed in April 2012).
• An article Spears hospital to punish staff in BBC News, 16 March 2008 is available at:
http://news.bbc.co.uk/2/hi/entertainment/7299510.stm (accessed on November 2010).
• Duffy, M. (2008) Vatican monitoring workplace slackers, introduces swipe cards for staff, Digital
Journal. The article is available at: http://digitaljournal. com/article/262051 (accessed on
November 2010).
• Crampton, S.M. (2001) Employee monitoring: Privacy in the workplace, All Busi- ness. The article
is available at: http://www.allbusiness.com/human-resources/ workplace-health-
safety/699768-1.html (accessed on November 2010).
• Lewin, T. (1995) Chevron settles sexual harrassment charges, The New York Times. The article is
available at: http://www.nytimes.com/1995/02/22/ us/chevron-settles-sexual-harassment-
charges.html (accessed on Novem- ber 2010).

Unit: 14 - Ethical Issues 25