On-Line Consent to the Disclosure of Personal Data

AUTHOR

Michael McChrystal and Alison Barnes (US)

ABSTRACT

The principle of consent has driven much of the debate about how to reconcile the significant efficiencies permitted by electronic transmittal of personal data and the important dignitary interests that are threatened by electronic data transfers. The subject’s consent to data disclosure presumptively resolves any concerns about protecting the dignity and autonomy of the individual. The most influential public policy statements governing the transmittal and use of personal data all emphasize consent as a key element in protecting human rights. (Examples: OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data, European Union Directive on Personal Data, United States Privacy Act of 1974.)

We contend that the reliance on consent as the primary safeguard of dignity and autonomy often is overstated. Entities that seek (or perhaps insist on) transfers of personal data usually represent that consent is like a toggle switch – it is either on or off, given or withheld. From a legal and ethical perspective, this seriously oversimplifies the issues involved. For consent to enhance the dignity interests of the individual and contribute to personal autonomy, it must be informed and voluntary. Both of these requirements may impose significant transaction costs. In addition, consent also should be subject to limitations. For example, an individual should be able to condition consent by authorizing the release of only a portion of the data, by restricting the transfer of data to one purpose only, or by imposing the condition that the source or subject of the data is kept confidential. Information practices rarely implement this more complex understanding of consent to disclose personal data.

Thus, while the principle of consent is legally and rhetorically highlighted, the simplified version of consent that predominates information practices often fails to deliver the dignitary objectives it purports to achieve. We begin, then, with a look at what an idealized regime of consent looks like. This will include a discussion of particular web sites and the mechanisms of consent they use. One purpose of this paper is to outline the features of a strong process for granting or withholding consent.

A second objective of the paper follows from the recognition that some online transactions cannot (or will not) include procedures for the strong form of consent to data disclosure. This may be due to transaction costs, public policy decisions, or market phenomena. Even in these cases, however, important dignitary benefits can be achieved if care is taken in designing the process through which the consent occurs. Thus, a second purpose of this paper is to discuss these imperfect-consent cases.

Even when it is flawed, the process of obtaining consent can serve important functions if it orders interpersonal relationships and affirms societal values that promote responsible and conscientious action on the part of the persons involved. Such a process is properly termed a ritual, i.e., a prescribed sequence of actions and words intended to invoke powerful emotional and social forces. Rituals consist of acts, and often also words, that convey meaning in addition to any specific information exchanged. The procedure for obtaining consent may be valuable if its ritual content contributes to the integrity of the relationships involved, and this is true even if the consent is uninformed or otherwise flawed.

The law utilizes rituals extensively, reflecting the common understandings of society about the importance of certain transactions. Contemporary illustrations include the oath preceding sworn testimony, the use of notaries and seals, and the formalities required to execute a will.

The procedure for obtaining consent to disclose personal data, we contend, can include a number of important features that enhance its ritual nature. The potential benefits of ritualistic consent procedures are significant. The need to obtain consent speaks to the importance of the data and the importance of the transaction. If formal consent is required for disclosure, then the data itself must be both important and confidential. Thus, the ritual of consent affirms the autonomy and dignity of the individual. The ritual centers on a decision and act by the data subject. Moreover, holding the data confidentially must be an important responsibility, and so the stature and trustworthiness of the service provider is recognized.

In summary, this paper will discuss the legal nature of consent as a complex concept that enhances individual dignity and autonomy. We also propose to discuss the extent to which information practices comport with this more complex understanding of consent. Finally, we propose to develop the theme that even when information practices fall short of the ideal, they may serve important dignitary objectives if they are structured as rituals that reaffirm the human rights of data subjects.

Liberty, Equity, and Security in Network

AUTHOR

Yasunari HARADA, Takeo TATSUMI, Noriaki KUSUMOTO and Joji MAENO (Japan)

ABSTRACT

1. Background

Introduction of computers and networks into work places and schools are changing the way learning is delivered, conducted and evaluated. Interactive training systems can customize not only the delivery but also the content to be learned based on the current needs of the learner.However, there does not seem enough attention on the legal and ethical ramifications of privacy concerns regarding learner profiles and learning histories that accumulate on those systems. In order for the systems to function with adequate personalization, accumulation
of activity records is indispensable. If learners are to migrate from one system to another, exchange of such records among those systems have to be ensured.However, if such records are exchanged without any limit, learners’ privacy is severely compromised.

2. Conflicting interests and stakes: some examples

2.1. Learners’ perspective

A subscribed learner of a particular web-based training system arrives at a certain level but find the system somewhat less attractive than another with the same or similar subject matter, she/he may want to switch to the
new one, but certainly would not want to start the new courses from scratch. Users of those systems need certain information to be transferred from one system to another if they want the freedom of choice among those systems. Also, good achievers in a system, working diligently and constantly getting good scores, would like to be able to present some certified records of learning when they apply for a job or a higher school, because such information may place them in a favorable position in the selective process and/or lead to have certain mandatory training/courses waived after employment/admission. On the other hand, poor performers would have little reason for wanting to have their scores or records disclosed to someone else.

2.2. Teachers

When there are more than two systems that provide testing and/or training for a given set of students, teachers in charge of that group are faced with several kinds of additional tasks. First, they have to register their students or have the students register themselves to the multiplicity of systems under consideration. Then, they have to instruct the students on potential security concerns of those systems and how to safeguard their privacy as best they could. Third, they have to keep track of activities their students would conduct with these systems. Fourth, they have to consider how or to what extent they could safeguard themselves against outside scrutiny.

2.2. School administrators

Not only would school administrators want to know which student is performing excellent, OK, or poorly, but they would naturally want to know which teacher or which program is effective in helping students perform better.
So, they would want to know everything about each student and about each teacher/program. However, would they like to have their school performance known to the world in general?

School district, local government and national
government builds up on this hierarchy. What details should be reported to what level of this administrative hierarchy is an educational, political, financial,
social and cultural issue to which there should be different answers depending on the society in which this takes place. We should not impose a universal solution, and a system implementation that presupposes one particular solution cannot achieve a universal adoption.

2.4. Contents/Service providers

Once system designers and their management are convinced that massive data accumulation of learner responses such as response time, all the wrong and right choices to a particular multiple-choice type of questions, actual input key sequences or input voice responses to an open question, and so on so forth for all the items in a given test or a given assignable unit for all the
registered users is not only indispensable for a
continued improvement and survival of their systems, they would begin to store and accumulate everything about the learner and their learning, including the history of activities that their subscribed learners are engaged in during training or examination, and whatever the system designers and their management might fancy would be relevant and helpful in some unforeseeable future time. This is a potential cause of privacy concern for the learners, because service providers may advertise privacy protection policies, but once those private entities go bankrupt, what happens to the most valuable assets of those companies is predictable from our experiences in recent years.

3. Toward a possible solution of the problem

In the arena of online learning, we are beginning to understand that we have a serious problem, similar to those that we find in e-commerce and online transactions of medical information. We need interchange of information, but we have to make sure privacy of each individual concerned is respected and protected. This, in principle, is a contradiction and there may be no universal solution, because different societal needs may give different weight on conflicting demands of different stakeholders in this landscape.

Online Hypertext Learning and the Transformation of Higher Education

AUTHOR

Martha M. Smith (US)

ABSTRACT

Higher education is one of the most conservative of our social institutions. Yet in the last several decades, colleges and universities have faced enormous pressures from within and without. Shrinking budgets, demands to keep up with information and communications technologies (ICT’s), changing student demographics with an increase in non-traditional and distance students-these realities have upset the familiar balance of power on many campuses. With many commercial providers now entering the marketplace, the competitive scene is changing. Some traditional schools are even trying to capitalize on a hoped for a financial windfall from online distance education. This paper uses the contrast between traditional classroom-based linear learning and Internet-based hypertext learning as a focus and metaphor to examine the ethical dimensions of the transforming challenges of ICT’s in higher education. The empirical basis for the study is the growth of distance learning programs in Library and Information Science and the needs of adult pre-professional students in LIS master’s programs, the roles of the faculty, and prospects for the scholarly research apparatus that underpins the continuing emergence of new disciplinary configurations.

The following description of linear and hypertext learning styles has been developed in observations and interviews with LIS students. It demands much further study, but in the tradition of grounded theory, gives a start for testing observations and moving toward generalizations.

Linear Learning Style

Familiar
Systematic
Print-based
Teacher/Professor-based
Conservative

Hypertext Learning Style

Unfamiliar
Serendipitous
Web-based
Student/Peer-based
Innovative

The Internet and distance learning software make it possible for higher education to be global in ways that were not possible before. New ways of teaching, conducting research, publishing, and communicating within scholarly circles raise many issues concerning academic freedom; intellectual property rights and sharing; tenure and promotion; student plagiarism and other misuses of data and systems; and accreditation and other measures of quality. These ethical issues challenge all who are associated in higher education. Using a five-point model (Access, Ownership, Privacy, Security, and Community) from my previous work on information ethics, this presentation seeks to describe some of the key dilemmas now faced in learning, teaching, and research and to suggest in what ways ethical analysis and reflection might contribute to institutional discourse. A distinction is made here between ethical analysis and the moral context in which ethical thinking takes place. For purposes of this discussion, I assume that institutions function within a moral environment which can be described and analyzed using the traditions and methods of philosophical and ethical thinking. The topics in the model divide the issues into five categories noted below. These categories are useful to structure reflection and also to demonstrate the conflicts among them. For example, access to certain information may compromise ownership or privacy. Community building through information sharing may diminish the capacity for owners to secure their intellectual property rights.

On ACCESS: How can hypertext learning enhance access to education for more people, particularly for working adults? Should institutions provide access to appropriate ICT equipment, courseware systems, skill building, and learning resources? What must be done to protect access to unfiltered web resources? Can online hypertext learning be interactive enough to compensate for the loss of the face-to-face experience?

On OWNERSHIP: What is the proper role for copyright in the university and in scholarly publishing? Who owns online courses, syllabi, and other faculty-created resources? Can higher education be delivered by the “Professor in a Box”? Can faculty members sell their intellectual property to the highest bidder? What do the Open Source movement and the Open Source philosophy mean to faculty, students, and administrators? What role should faculty unions have in protecting faculty intellectual property rights?

On PRIVACY: What privacy safeguards can be in place to preserve academic freedom for faculty and privacy protection for students to encourage open discussion? What data gathering and statistical methods are appropriate to improve quality while protecting privacy? Should certain kinds of information (medical, legal, financial) receive special care?

On SECURITY: Is there adequate security for personal data? What encryption tools are needed in education systems? Are there sufficient redundancies to keep systems secure and reliable? What about the challenges of national security and governmental efforts to use various systems to increasing surveillance?

On COMMUNITY: What is needed to build a global intellectual community in cyberspace? How can the dominance of English be balanced by multi-language sites and resources? How should issues such as Information Democracy and the Digital Divide be addressed in higher education?

Other general questions emerge from the specific issues.

  • How is the digital, hypertext environment transforming the moral landscape of higher education? Can a better understanding of moral agency counteract the tendency toward an attitude of technological determinism?
  • What are the conflicting values held by stakeholders (students, faculty, administrators, boards and governing agencies, society)?
  • What strategies might be employed to resolve differences and balance interests?
  • How can institutions of higher education maintain the strengths of the traditional linear styles while embracing the advantages of new hypertext styles?
  • Is there a way to define a socially responsible role for higher education within the larger society?
  • What curricular, programmatic, and administrative changes might be made?

Article 19 of the Universal Declaration of Human Rights proclaims the right to free access to information by any means and across all borders. Article 26 deals with education. Section 2 calls for a high standard: “Education shall be directed to the full development of the human personality and to the strengthening of respect for human rights and fundamental freedoms. It shall promote understanding, tolerance and friendship among all nations, racial or religious groups, and shall further the activities of the United Nations for the maintenance of peace.” Looking at these in relation to higher education, will it be possible to move toward new normative understanding? Is there a linear morality that is being replaced by a hypertext morality? How can we contribute to making such a transformation inclusive and responsible?

Ethical Issues in Virtual Organizations

AUTHOR

Mario Arias Oliva, Mar Souto Romero and Gustavo Matias Clavero

ABSTRACT

Organization designs have been determined during the last decades by classical scientific principles made by Taylor (1911). But nowadays, the new global and digital environment shows quite different conditions. The classical industrial stable mass production is not suitable any more (Wigand et al, 1997). Because of this we find that the ways of organizing activities based on conventional design paradigms are not adequate enough in order to fit with new environmental conditions. New organization design are appearing, such as the virtual forms. But what does it means exactly to organize in a virtual way?. An organization that sells through internet, Could be considered a virtual one?. Virtual organization is a buzzword, but there are no much scientific research about how to define a virtual organization, what are the key characteristics . A paradigm shift is taking place (Tapcott, Caston1993), and when a scientific revolution is occurring, crisis is a necessary precondition (Kuhn, 1962). During a crisis situation, scientific community try to find new evidences that sustain current paradigm. Incremental improvement occurs, but finally the core of the theory suffer a dissolution. Before the dissolution of the theory, practitioners with direct contact with reality are the first movers, leaving the current paradigms looking for a new framework that fits properly with real conditions (Applegate, 1994). At the present time, we are in this situation. It is difficult to assert that a new paradigm has arrived, as well as traditional ones are not longer enough. This paper aim to define a theoretical model about what a virtual organization design is. In the defined framework, we include some ethical issues that should be taking into consideration when a business design process is made. The ethical dimension of organizing can be reach in many different ways, such as trust. A virtual organization can be composed by a group of companies (Sieber, 1998), a network of independent enterprises (Bultje, van Wijk, 1998), units inside an organization (IMPACT, 1998), a legally network of independent enterprises with economic interdependencies (Sidow, 1996). In traditional environment the regulation inside an organization was easer to determine, due to the internal character of decisions and control processes with an establish hierarchy and authority. In this context, the ethical dimension was about behavior inside the enterprise. But according to new design forms, the control and decision process are crossing more than one enterprise, making more complex the regulation process. It is necessary to shift the regulation from hierarchies to other types of mechanism as self adjustments. Sometimes organizations sign up explicit agreements, but in many ones they work on the basis of implicit agreements (Rottering, 1993). That could provoke opportunistic behaviors. In that circumstances, the ethical issues are critical in the performance of an enterprise that is organize in a virtual way, and ethical considerations should be made during the organization design process. In this paper we will analyze those ethical considerations from the point of view of business organization design, focusing on information technology based virtual forms.

REFERENCES

TAYLOR F., (1911). The Principles of Scientific Management. Harper and Row. New York.

WIGAND R., PICOT A., REICHWALD R., (1997). Information, Organiaztion and Management. Expanding Markets and Corporate Boundaries. Wiley. West Sussex, Uk.

IMPACT PROGRAMME (1998). The IMPACT Programme, Exploring the Wired-Up World – Best Practice in Managing Virtual Organizations, The Report of Working Group 4 of Project ACHIEVE, http://www.achieve.ch.

TAPSCOTT D., CASTON A., (1993). Paradigm Shift. The new promise of information technology. McGraw Hill. New York.
KUHN, T., (1962). The Structure of Scientific Revolution. University of Chicago Press. Chicago.

APPLEGATE L., (1994). Managin in an Information Age: Transforming the Organization for the 1990s, en Baskerville R, Smithson S, Ngwenyama O, DeGross J.I. Elsevier Science B.V. North Holland.

SIEBER P., (1998). Viertuelle Unternehmen in der IT-Branche, die Wechselwirkung zwischen Internet-Nutzung, Organisation und Strategy, Berner betriebswirtschafliche, Band 19, Bern, Stuttgart, Wien, Velag Paul Haupt, p. 258.

BULTJE RENE, VAN WIJK JACOLIENE, (1998). Taxonomy of Virtual Organizations, based on definitions, characteristics and typology, in VoNet: The Newsletter @ http://www.virtual-organization.net, 2, pág 16.

SYDOW J., (1996). Erfolg als Vetrauensorganisation? En Office Management, 7-8, pág 10-13.

ROTERING J., (1993). Zwischenbetriebliche kooperation als alternative Organisationsform. Schäffel-Poeschl. Stuttgart.

Open Source Networks In Industry

AUTHOR

Paul B. de Laat

ABSTRACT

The open source software movement has grown into a threat for corporate software development. In this article, the ways are explored in which firms try to come to terms with the processes that are characteristic of open source development. It is argued that they have opened up several new kinds of networks that apply open source principles. Unavoidably, these developments touch upon ethical questions. On the one hand, the clash of corporate and hacker work cultures does not turn out to be necessarily counterproductive. On the other, the principles of open source as a movement can be seen to come under severe strain.

The challenges of teaching ethics in a multi-cultural university setting

AUTHOR

Kim Munro and Kathy Munro (South Africa)

ABSTRACT

This paper explores the challenges of teaching ethics in Information systems to two diverse groups of students, in an entry level course at a large, multi-cultural, urban, South African university. The objective is to identify and determine the prior ethical values and norms of students coming from a range of cultural, language, age and class backgrounds. The two respondent groups are younger students (full-time students, age 18 to 21) and somewhat older, adult students (part-time programme for age category primarily 25 to 40 years). We will then explore how pre-existing ethical values to business operations can shape the curriculum design of an ethics component in Informations Systems at first year university level.

Via the case study method, this paper provides an insight into the relationship between prior ethical values and the subsequent curriculum course design focusing on ethics. This paper should be of relevance to other societies and academics grappling with similar cultural challenges in teaching ethics courses.

It is vital that Information Systems students are provided with some type or kind of ethical training as part of their tertiary education. The extent of the knowledge base of Information Systems graduates (or Bachelor of Commerce graduates with Information Systems majors) and their potential responsibility as Information Systems professionals make these professionals prime targets to engage in unethical conduct with massive and potentially disastrous implications for business success in a developing economy. Ethics education in the computing field of higher education has been acknowledged as an essential component in the curriculum. In South Africa most information systems and computer science departments at universities have lecture programmes to make students aware of ethical issues in the computing field, but there is debate about the extent and positioning of ethics education in the curriculum.

There is a wide array of different sub-cultures and races in South Africa. Although South Africa since 1994 functions as a non-racial democracy, the legacy of apartheid, past educational deprivation, the colonial past and the persistence of linguistic divisions continue to shape cultural perspectives. English is the language of communication and instruction at the University of the Witwatersrand, although at a national level eleven official languages are recognised. Local students at the University of the Witwatersrand come from white, black, asian (South African Indian), coloured and chinese backgrounds. A further emerging significant group comprises of students from other African countries who now study at the university (students coming from Zimbabwe, the D R C, Angola, Malawi, Botswana and Mocambique). Most full-time students enter the university as recent school leavers with little business experience. The principal age category is 18 to 21 years old.

In 2000 the University of the Witwatersrand introduced a new programme aimed at widening access to degree studies by opening evening, part-time courses to mature adult, working students. These students are somewhat older, with variable business experience. Information Systems was one of a select number of courses available to these students. A high-percentage of the students registered for Information Systems on the part-time programme are already working in the Information Systems field, however have not obtained a degree, and have decided to return to university in a part-time capacity to obtain one.

During the past two years there has been considerable debate about the appropriate positioning and extent of the teaching of ethics in the curriculum. There has been a limited exposure to ethical issues through the structure of most textbooks. The curriculum is heavily shaped by American textbook contents and do not necessarily address the unique African perspective. Most introductory level textbooks in the computing field have one chapter on ethics, however in second and third year, as the subject becomes more specialised, ethics education is neglected. The authors seek to argue that cultural and classroom diversity impel teachers of Information systems to foreground the teaching of ethical issues from the first year of study through to the Honours (fourth) year of study.

This paper aims to establish whether cultural, familial, age, linguistic differences and diversity in business experience impacts on initial attitudes to ethics in the practice of information systems. A written questionnaire administered to 200 full-time students and 60 part-time students at first year level registered for the Information Systems course will provide the basis for a statistical and qualitative analysis of students entry-level ethical values and norms. This data will inform the argument that ethical issues should be taught in a coherent and consistent manner at all levels of teaching. It will discuss the differences in ethical attitudes of part-time versus full-times students, and suggest mechanisms of instruction to cover all the necessary aspects of ethics in Information Systems. Moreover, it will add to the current base of research on the teaching of ethics and highlight the topics that should be emphasised more strongly than others in university ethics courses.