Ethics Assignment Evaluation Of Real-Time Data Breach Using ACS Code Of Ethics
“An essential characteristic of a profession is the need for its members to abide by a code of ethics.” ACS Code of Ethics – 2014
ICT professions require standard ethical behaviours in working environments. Australian Computer Society has outlined the Code of Ethics of certified ICT professions. This Code of Professional Conduct (the Code) has six core ethical values and provides the associated requirements for professional conduct in ICT job roles. ACS requires its members to abide by these values, and act with responsibility and integrity in all of their professional dealings.
The learning outcomes covered by this task include:
- Describe the practices used in real-world research including legal, commercial and ethical frameworks.
- Make decisions based on social, cultural and ethical issues, and understand the values expounded in professional practices in diverse contexts.
In this ethics assignment, you are required to:
- Read the six core ‘ACS code of Ethics’ and its associated requirements
- Read the ‘ACS Code of Professional Conduct Case Studies’
- Search for a real life case scenario where there was a dilemma of ethical value in ICT industry or profession.
- Provide the following information about the incident of interest:
- Description of the incident
- Must also include the references to the sources of information
- What was the ethical issue?
- What ICT profession or activity was involved?
- What ACS code of Ethics and their associated requirements can be applied to the situation? Make reference to the ACS code of Ethics document provided.
The present ethics assignment sheds light on the case of data breach that has become one of the most important and challenging crime to handle by cyber experts. In these times, ICT plays a significant role in professional and personal life. The ICT platforms are largely used for higher efficiencies and reaching out to the customers or the client in less time . This report aims at presenting the ethical and professional conduct thorough evaluation of real-time data breach while also applying the Australian Computer Society Code of Ethics.
About the Incident
The case incident has been taken from Case 26 that relates to the security holes in the systems of the business partners. Company X had signed the agreement with Company Y, through this business agreement both the companies agree to access the client data. In company Z, a software programmer named Faizal was allocated the task of developing the software program that is entitled to handling the access and retrieval of a record from each firm's database. After the software of discovered Faizal discovered that the systems of Company Y had serious security due to which the hackers could easily obtain information about the client and others. The security threat of Company X would also hamper the systems of Company Y. He reported to the manager and explained to him the significance of it. However, the manager did notrespond to the claims of Faizal and told him to continue working on the project. When the software was run for the first time, no security threats or difficulties were anticipated (Case Study 26). Thus, the manager was only concerned about proper completion of work, thereby ignoring the threats from the servers of Company X. This was an ethical dilemma for Faizal as working on the project would sacrifice the codes of ICT ethics while refusing the orders of the manager will be termed as disobeying of the orders given by the supervisors.
The ethical issue, in this case, was the lack of disclosure of potential threats in the ICT infrastructure. Company X should also have adopted or monitored. The ethical issue is that the manager should have reported the disclosure of Faizal to his reporting authority. Instead, he encouraged Faizal to continue working on the project. It was unethical conduct as the manager should have looked into the matter and understood the significance that Faizal talked about. According to the ACS code of ethics, the public interest is always kept above personal benefits.
It was depicted that IoT if not managed correctly will invite dangers of ethical issues for the organization and individuals as well. It is the responsibility of the ICT professionals for protecting the technical solutions while also updating the IoT that further includes encryption techniques, ID management, privacy technologies, and others . The parties involved in storing and collecting personal information about individuals or communities should adapt regulatory mechanisms that include the consent of the consumers, accountabilities of the transactions, safe and secured storage, and collection of data. The parties and the companies are responsible for maintaining social procedures like public awareness, disclosure, and others for protecting and preserving public trust in ICT .
The profession of software development and data protection was involved in this case. Both companies deal with storing and collecting client data . The software has been developed so that both companies can access the records of the customers. Software is tailor-made and is designed according to the needs of the organization . In this case, Software designed X was competent but the system of Company Y had a major security threat. The companies should design software that warnings and access in the information network are directly informed to the highest authorities of the firm . In this scenario, Company Y did not work on the protection of its system due to which several people could be impacted if data would be breached by hackers.
Analysis As per ACS codes
As per the data breach analysis discussed, ACS code can be used as a reference for a better understanding of the values that could have been applied by the manager when the matter was reported by Faizal.
The primacy of the Public Interest-
According to the investigation, Facebook was penalized for sharing the data while Dr. Kogan also showed the non- disclosure agreements. In this case, the manager was majorly responsible for ignoring the disclosure provided by the Faizal. The security hole will impact both the organizations and public interests as well. Also, the personal interests were kept above the public welfare which in turn violates the primacy of interests. The principles that were violated as per ACS Codes are
- Endeavoringfor preserving the integrity
- Respecting Intellectual properties
- Endeavoring in preserving the confidentiality and privacy of others.
Breach of public trust is strictly prohibited in the ACS code of conduct.In this view, the manager was not honest as he was only concerned with the proper functioning of the software and ignored the related impacts from it. ACS values which that can be applied are
- Rejecting the offers of bribery or inducement.
- Distinguishing the options available amongst the personal and professional circumstances.
- Not attempting to enhance one's reputation on the cost of the others.
The Enhancement of Quality of Life
The ICT infrastructure aims to enhance the life of the individual and the societies as a whole. This value was also ignored by the manager as his decision would sacrifice privacies and customer records which might impact the quality of life of individuals associated with the organizations. The values applicable are
- Recognizing the role of ICT in improving the lives of people.
- Promoting and protecting the people that might be directly impacted by the work.
ACS aims for improving public confidence in the ICT industry. Thus, the Societal members are implied for maintaining the professional standards for improving and enhancing the image of the industry, especially in workplace settings. Professionalism was not followed by the manager and Company X as they practiced activities that will lead to the destruction of the image of the ICT profession. ACS values that were applicable are
- Refraining from activities that tarnish the professional image.
- Undertaking Actions against the members that are engaged on the contrary to the code.
- Having pride in the profession while protecting and promoting professionalism in ICT.
In this view, the ICT security threats in the partner company were observed due to which personal data could be easily traced by the hackers. The unethical practices violated ACS values that are public interests, quality of life, honesty, andcompetence.
1. D.Popescul, & M.Georgescu, “Internet of Things–some ethical issues”. The USV Annals of Economics and Public Administration, vol. 13, no. (2 (18)), pp. 208-214. 2013.
2. G. Sharma, X. Bao, &L. Peng, “Public participation and ethical issues on e-governance: A study perspective in Nepal”, ethics assignment Electronic Journal of e-government, vol. 12, no. 1, pp. 82. 2014
3. K. J.Wakunuma, & B. C. Stahl, “Tomorrow’s ethics and today’s response: An investigation into the ways information systems professionals perceive and address emerging ethical issues”, Information Systems Frontiers, vol. 16, no. 3, pp.383-397.2014
4. N.M. Hassan, O.M. Olaniyi, A.Ahmed, &E.M. Dogo, “Wireless sensor networks for remote healthcare monitoring in Nigeria: Challenges and way forward.” In 2013 IEEE International Conference on Emerging & Sustainable Technologies for Power & ICT in a Developing Society (NIGERCON) IEEE.2013 July, pp. 182-187.
5. V.Rubin, I.Lomazova, & W. M. V. D. Aalst, “Agile development with software process mining”, In Proceedings of the 2014 international conference on software and system process, 2014, May, pp. 70-74.
6. W. W.Bauder, P. A.Quinlan, R. L.Banfill, K. R.Fletcher, G. A. Bauder, R. G.Sasser, & T. H. Johnson, “U.S. Patent No. 8,904,342. Washington, DC: U.S. Patent and Trademark Office”, pp. 1-20. 2014