Ict351 : Ict Professional Practice Assessment Answers

Ethical and Non-Ethical Issues Related with The Client Database

The anonymity of the clients is highly compromised as the data about them is linked with their names and the address they live in. This presents an ethical issue since the employee has access to the names of this clients under the programme (Smith, Dinev and Xu, 2011a). The company is using the client's data for purposes without the client’s consent. This possesses an ethical question since this violates their privacy. Information such as the criminal record is not justifiable to be stored by the organization and it is insignificant for usage in the programme (McKee, 2013). Max action of copying the organization data which is under copyright without seeking permission posses an ethical issue. The primary custodian of the data is the department and only authorized employees are supposed to copy the data. Max action of duplicating the data on personal CD and not destroying the CD after its usage posses an ethical issue as Max has exposed the privacy of clients by keeping a massive five years data of clients in his home, This is the highest form of irresponsibility and unethical behavior on Max part (Mason, 2017). Max action of downloading the file to office computer is unethical as the department computer has authentication and authorization for access hence it was more ideal to analyze the data from the office computer (Coughlin, Beauchamp and Weed, 2009).

Who is Affected

From the case study, all the clients of the state department of alcoholism and drug use are exposed to serious privacy issues as their personal data are kept in the department database which does not have proper control in terms of access rights.

What are the Ethical Issues and Its Implications?

The critical data about the clients of the department are exposed by the unethical actions of Max, the employee. The action of keeping a duplicate of the client’s data risk being in the wrong hands which can cause serious legal and ethical issues for the department as it violates the laws on privacy and security. Max decision to copy organization data into a CD without prior permission from the department posses a serious copyright violation (Slade and Prinsloo, 2013). This unethical decision by Max can potentially cause him his employment with the department as the action violates the copyright laws. The anonymity of the client is compromised by the decision of the department to store the names and addresses of the clients in their database. This poses a serious ethical issue as to the anonymity and the privacy of clients seeking the department services, This can make them lose clients when the data is exposed to the public since new clients will be wary to seek services from the department (Kerridge, Lowe and Stewart, 2009). This can negatively affect the department in terms of reducing budget allocation.

What Can be Done About It?

The department must make strict copyright policies to deter employees from illegally and irregularly complying the department data for their personal use. The department should put anonymity on the data they collect about the clients using new technology like blockchain which enhances the privacy of data stored through the use of hashing algorithms, this will be a great deal as the metadata about clients won’t be used to uniquely identify the clientele (Yue et al., 2016). The department should implement files based access control to have permission level for accessing the department’s data and files. This should be based on mandatory access control which reduces incidences where the employee misuse their rights and privileges accrued to them from the department

What are the Options?

The department must take clear steps in respecting the privacy of user data by implementing the following viable mechanism;

• Implement the use of blockchain technology to enhance anonymity of data stored about the clients by the department (Kosba et al., 2016).
• Formulate and implement strict ICT policies from copyrights policies and data storage policy to deter the employees from violating the privacy by illegally copying the department's data into their personal computers. The storage policy shall also ensure the employees follow proper procedures in handling clients data and how best the data should be destroyed once done.
• The department should ensure the entity attributes about the clients are most important and shall be used in the implementation of the department mandates and they should set up data collection policies to enforce the same.
• Mak has the option of destroying the CD which store the client data to ensure complete destruction of clientele information.

Which Option is the Best and Why?

The best option in this situation is for Mak to complete destroy the CD and any other client data he is in possession of to reduce the damage already done which has exposed the clientele data to access by unauthorized persons. This can seriously affect the privacy of the clients when such enormous information is exposed to the third party, it will be chaos with a feeling of resentment and negative public opinion towards the department (Smith, Dinev and Xu, 2011b).

Conclusion:

In conclusion, it is clear that the DEV technique can be used to reveal some of the hidden ethical issues in the activities of the ICT professionals and organization that handle the client's data. From the case study, it is clear the privacy of all the clients over the past five years of the department is compromised as discussed above. The analysis proposes the use of blockchain technology to enhance the anonymity of the client’s data making them freely seek the services of the department with a lot of confidence.

Analysis using the Australian Computer Society Code Of Ethics

The client database can also be analyzed using the Australian Computer Society code of ethics which focuses on putting the public interest first in ethical decision making, the need to improve the quality of life of its people, insisting on honesty as the best policy, being competent in whatever task one does, ensuring continual professional development and finally ensuring professionalism in whatever one does. This core code of ethics can help in the analysis of the client database case study in the following manner,

Facts

It a fact that the client’s data are exposed to the threat of unauthorized access by a third party since it is kept in a CD which is not securely disposed of. The data of all the clients who visited the department to seek its services is totally exposed and since there is no anonymity guaranteed in the data, the clients can easily be profiled and uniquely identified, thanks to the name and address attributes collected by the department.

It is also factual that the organization don’t have a proper way to restrict access to the department files and no information classification is done to protect some aspects of the client data. This has enabled employees like Mak has a full-scale access to the department files which some are not required to compile the report.

Stakeholders

The key stakeholders in this case study are the citizens suffering from alcohol and drug abuse and seek the services of the department in mitigating this addiction. Their data is at stake in the present arrangement as depicted by the case study (Low, 2009). The various ethical issues are outlined below

Ethical Issues

Not putting the public interest first

Maks made a wrong ethical decision of negligently leaving the sensitive data about the public exposed to confidentiality and privacy breach as the data can be accessed by anyone who has access to the CD. The action of allowing employees to take corporate data to their personal homes is seen to raise ethical issues on part of the department. This is one department who have direct contact with the people in attempting to reduce their addiction level hence should be more concerned with the public well being. Of the public. They however negligently set up profile systems which seek to identify a member of the public who has suffered due to alcohol abuse. This is quite unethical behavior (Bailey, 2018)

Need to Improve Quality Of Life

The department most ethical conduct would be to strive on a better way to make the addicted individuals who abuse drugs and alcohol have a change in lifestyle by enacting policies and procedure to ensure the persons are put in programs that help in counseling. This has the overall effect of improving the quality of life of the individuals addicted to the drugs. The department however set up a profiling system to store whatever the addicted individuals have done in their past including the criminal records. Such records when exposed can potentially lead to depressions as the individuals see themselves as not a big part of the society. The department should have set up programs to effect the same.

Non Competent

There is an ethical issue by the actions of Maks in his decision to keep a copy of the client’s data on a CD which he knows could land into the wrong hands. This showed a high level of incompetent on his side. The most ethical decision Maks could have done is to permanently destroy the data by destroying the CD. Ethical questions are raised whether the employee was competent enough in handling the sensitive data. The department is also seen to have acted unethically by incompetently not setting up controls and mechanism to ensure the employee data is safe and anonymous hence can’t be identifiable to a particular client (Columbia, 2008).

Conclusion:

In conclusion, the two ethical dilemma analysis presents serious ethical issues that the department needs to handle to improve their public trust. The action of Maks of copying the private data of clients onto his PC and subsequently burning it on a CD possess serious ethical issues. The privacy of the individuals linked to the department is exposed. The department has not made efforts to reduce profiling and increasing anonymity. The data kept by the department is so big that an individual name and address can be used to uniquely identify the individual. This is a serious ethical issue as the individual anonymity which should be guaranteed by the department when keeping their metadata has not been guaranteed. The two techniques clearly issue an analysis of the situation and both agree that maks did not act in the public interest but majorly acted for himself and the department, this explains why he recklessly left a sensitive data on a CD in his personal residential (Bynum, 2008).

To fully reduce the damages of the ethical issues raised from the analysis of the two techniques, the following recommendation is put forward

Recommendation:

It is recommended that the following actions should be taken

• Maks must destroy the  CD which he is keeping in his private residential to reduce the chances of the CD being in the wrong hands which could potentially compromise the privacy and anonymity of the clients
• The department going forward must set up data protection policies and copyrights policies with punitive effects on the employees who fail to adhere to the setup policies. This will deter them from compromising the copyright and ensuring data is protected at all cost
• The department should set up blockchain technology to anonymize the data they collect about the clients, this shall improve the quality of data at the same time not easily identifying a particular data to a particular client. This shall increase the number of clients seeking the department’s services.

References:

Bailey, S.K., 2018. Ethics and the public service. In: Classics of Administrative Ethics. Routledge, pp.63–78.

Bynum, T., 2008. Computer and information ethics.

Columbia, C. of R.N. of B., 2008. Professional Standards for Registered Nurses and Nurse Practitioners: Accountibility, Knowledge, Competence, Ethics, Service, Self-regulation. College of Registered Nurses of British Columbia.

Coughlin, S.S., Beauchamp, T.L. and Weed, D.L., 2009. Ethics and epidemiology. Oxford University Press.

Kerridge, I., Lowe, M. and Stewart, C., 2009. Ethics and law for the health professions. Federation Press Sydney.

Kosba, A., Miller, A., Shi, E., Wen, Z. and Papamanthou, C., 2016. Hawk: The blockchain model of cryptography and privacy-preserving smart contracts. In: 2016 IEEE symposium on security and privacy (SP). IEEE, pp.839–858.

LI, X. and ZHANG, R., 2008. How Can an Ethics of Responsibility for the Techological Age be Possible——On the Principles of Responsibility of Hans Jonas and Its Practice [J]. Science Economy Society, 1, p.019.

Low, K.C.P., 2009. Confucian Ethics & Social Responsibility-The Golden Rule & Responsibility to the Stakeholders.

Mason, R.O., 2017. Four ethical issues of the information age. In: Computer Ethics. Routledge, pp.41–48.

McKee, R., 2013. Ethical issues in using social media for health and health care research. Health Policy, 110(2–3), pp.298–301.

Ong, A. and Collier, S.J., 2008. Global assemblages: Technology, politics, and ethics as anthropological problems. John Wiley & Sons.

Shields, R., 2008. Toward a religious ethics of information communication technology. International Review of Information Ethics, 9, pp.20–26.

Shrader-Frechette, K., 2012. Science policy, ethics, and economic methodology: some problems of technology assessment and environmental-impact analysis. Springer Science & Business Media.

Slade, S. and Prinsloo, P., 2013. Learning analytics: Ethical issues and dilemmas. American Behavioral Scientist, 57(10), pp.1510–1529.

Smith, H.J., Dinev, T. and Xu, H., 2011a. Information privacy research: an interdisciplinary review. MIS quarterly, 35(4), pp.989–1016.

Smith, H.J., Dinev, T. and Xu, H., 2011b. Information privacy research: an interdisciplinary review. MIS quarterly, 35(4), pp.989–1016.

Tavani, H.T., 2011. Ethics and technology: Controversies, questions, and strategies for ethical computing. John Wiley & Sons.

Uhl, D.M.A., 2012. Vision assessment: shaping technology in 21st century society: towards a repertoire for technology assessment. Springer Science & Business Media.

Verbeek, P.-P., 2011. Moralizing technology: Understanding and designing the morality of things. University of Chicago Press.

Yue, X., Wang, H., Jin, D., Li, M. and Jiang, W., 2016. Healthcare data gateways: found healthcare intelligence on blockchain with novel privacy risk control. Journal of medical systems, 40(10), p.218.