PPIT

Each society forms a set of rules that establishes the boundaries of generally accepted behavior.
These rules are often expressed in statements about how people should behave, and they fit
together to form the moral code by which a society lives. Unfortunately, the different rules often
have contradictions, and people are sometimes uncertain about which rule to follow.
For instance, if you witness a friend copy someone else’s answers while taking an exam, you
might be caught in a conflict between loyalty to your friend and the value of telling the truth.
Sometimes the rules do not seem to cover new situations, and an individual must determine how
to apply existing rules or develop new ones. You may strongly support personal privacy, but
what rules do you think are acceptable for governing the appropriate use of company resources,
such as e-mail and Internet access?
The term morality refers to social conventions about right and wrong that are so widely shared
that they become the basis for an established consensus. However, individual views of what is
moral may vary by age, cultural group, ethnic background, religion, life experiences, education,
and gender. There is widespread agreement on the immorality of murder, theft, and arson, but
other behaviors that are accepted in one culture might be unacceptable in another. Even within
the same society, people can have strong disagreements over important moral issues. In the
United States,
for example, issues such as abortion, the death penalty, and gun control are continuously
debated, and both sides feel that their arguments are on solid moral ground.
Definition of Ethics: ‘Ethics is a set of beliefs about right and wrong behavior within a society’.
Ethical behavior conforms to generally accepted norms—many of which are almost universal.
However, although nearly everyone would agree that lying and cheating are unethical, opinions
about what constitutes ethical behavior often vary dramatically.
For example, attitudes toward software piracy—that is, the practice of illegally making copies of
software or enabling others to access software to which they are not entitled—range from strong
opposition to acceptance of the practice as a standard approach to conducting business.
The Difference Between Morals, Ethics, and Laws Morals are one’s personal beliefs about right
and wrong, while the term ethics describes standards or codes of behavior expected of an
individual by a group (nation, organization, profession) to which an individual belongs.
For example, the ethics of the law profession demand that defense attorneys defend an accused
client to the best of their ability, even if they know that the client is guilty of the most heinous
and morally objectionable crime one could imagine.
Law is a system of rules that tells us what we can and cannot do. Laws are enforced by a set of
institutions (the police, courts, law-making bodies). Legal acts are acts that conform to the law.
Moral acts conform with what an individual believes to be the right thing to do. Laws can
proclaim an act as legal, although many people may consider the act immoral—for example,
abortion.
The remainder of this chapter provides an introduction to ethics in the business world. It
discusses the importance of ethics in business, outlines what businesses can do to improve their
ethics, provides advice on creating an ethical work environment, and suggests a model for ethical
decision making. The chapter concludes with a discussion of ethics as it relates to information
technology.
Ethics has risen to the top of the business agenda because the risks associated with inappropriate
behavior have increased, both in their likelihood and in their potential negative impact. In the
past decade, we have seen the failure of major corporations such as Enron and WorldCom due to
accounting scandals. We have watched the collapse of financial institutions due to unwise and
unethical decision making over the approval of mortgages and lines of credit to unqualified
individuals and organizations. We have also witnessed numerous corporate officers and senior
managers sentenced to prison terms for their unethical behavior. Clearly, unethical behavior has
led to serious negative consequences that have had a major global impact. Several trends have
increased the likelihood of unethical behavior. First, for many organizations, greater
globalization has created a much more complex work environment that spans diverse cultures
and societies, making it much more difficult to apply principles and codes of ethics consistently.
For example, numerous U.S. companies have garnered negative publicity for moving operations
to third-world countries, where employees work in conditions that would not be acceptable in
most developed parts of the world. Second, in today’s recessionary economic climate,
organizations are extremely challenged to maintain revenue and profits. Some organizations are
sorely tempted to resort to unethical behavior to maintain profits. For example, the Peanut
Corporation of America allegedly shipped tainted products from its plant in Georgia, which led
to a salmonella outbreak in 2008 that killed at least eight people and sickened over 550 people in
43 states.7 Employees, shareholders, and regulatory agencies are increasingly sensitive to
violations of accounting standards, failures to disclose substantial changes in business
conditions, nonconformance with required health and safety practices, and production of unsafe
or substandard products. Such heightened vigilance raises the risk of financial loss for businesses
that do not foster ethical practices or that run afoul of required standards. There is also a risk of
criminal and civil lawsuits resulting in fines and/or incarceration for individuals.
Why Fostering Good Business Ethics Is Important
Organizations have at least five good reasons for promoting a work environment in which
employees are encouraged to act ethically when making business decisions:
1. Gaining the good-will of the community
2. Creating an organization that operates consistently
3. Fostering good business practices
4. Protecting the organization and its employees from legal action
5. Avoiding unfavorable publicity

Although each company’s value system is different, many share the following values:
• Operate with honesty and integrity, staying true to organizational principles • Operate
according to standards of ethical conduct, in words and action • Treat colleagues, customers, and
consumers with respect • Strive to be the best at what matters most to the organization • Value
diversity • Make decisions based on facts and principles
Research by the Ethics Resource Center found that only one in four organizations has a well-
implemented ethics and compliance program. The Ethics Resource Center has defined the
following characteristics of a successful ethics program:
• Employees are willing to seek advice about ethics issues. • Employees feel prepared to handle
situations that could lead to misconduct. • Employees are rewarded for ethical behavior. • The
organization does not reward success obtained through questionable means. • Employees feel
positively about their company

The ethics officer tries to establish an environment that encourages ethical decision making
through the actions described in this chapter. Specific responsibilities include: • Responsibility
for compliance—that is, ensuring that ethical procedures are put into place and consistently
adhered to throughout the organization • Responsibility for creating and maintaining the ethics
culture that the highest level of corporate authority wishes to have • Responsibility for being a
key knowledge and contact person on issues relating to corporate ethics and principle
IT Professional
A profession is a calling that requires specialized knowledge and often long and intensive
academic preparation. Over the years, the United States government adopted labor laws and
regulations that required a more precise definition of what is meant by a professional employee.
The U.S. Code of Federal Regulations defines a person “employed in a professional capacity” as
one who meets these four criteria:
1. One’s primary duties consist of the performance of work requiring knowledge of an advanced
type in a field of science or learning customarily acquired by a prolonged course of specialized
intellectual instruction and study or work.
2. One’s instruction, study, or work is original and creative in character in a recognized field of
artistic endeavor, the result of which depends primarily on the invention, imagination, or talent
of the employee.
3. One’s work requires the consistent exercise of discretion and judgment in its performance.
4. One’s work is predominantly intellectual and varied in character, and the output or result
cannot be standardized in relation to a given period of time.

The Emergence of Computer Crimes

The known history of computer crimes is not as old as computing is. One can perhaps say that
the history of computer crimes started with the invention of the computer virus. Thinking along
these lines, therefore, we will track the development of the computer virus. The term virus is a
Latin word which means poison. For generations, even before the birth of modern medicine, the
term had remained mostly in medical circles, meaning a foreign agent injecting itself in a living
body, feeding on it to grow and multiply. A computer virus, defined as a self-propagating
computer program designed to alter or destroy a computer system resources.
The rate of cyber vandalism, both reported and unreported, is on the rise because of the
following factors.
1. Cyberspace infrastructure and communication protocols are inherently weak.
2. The average user in cyberspace has very limited knowledge of the computer network
infrastructure, its weaknesses and gapping loopholes.
3. Society, as a whole, is increasingly becoming irreversibly dependent on an infrastructure
and technology that it does not fully understand.
4. There are no long-term, let alone immediate, plans or mechanisms in place to better
educate the public.
5. There is a high degree of complacency in a society that still accords a “Wiz Kid” status
to cyberspace vandals.
6. The only known and practiced remedies are patching loopholes after an attack has
occurred.
7. The price of this escalating problem is not yet known.
8. Reporting is voluntary and haphazard.
9. The nation has yet to understand the seriousness of cyber vandalism.

If we as a society are concerned about individual as well as collective security, privacy, and civil
liberties, we need to start finding solutions. A good national cyberspace security policy is needed
to
(i) make everyone aware of the vulnerability and consequences of a cyberspace
attack on their well-being,
 (ii) ensure that everyone is well equipped to safely deal with a cyber attack in this
technology-driven and fast-changing society,
(iii) help put in place a set of mechanisms to detect, prevent, and handle any cyber
attack,
(iv) devise a legal and regulatory framework to handle cyberspace’s social
consequences

Internet
Internet is a global network of computers, owes its development to the invention of four
technologies: telegraph, telephone, radio, and computers. History has it that the Internet
originated from the early work of J.C.R. Licklider of the Massachusetts Institute of Technology
(MIT) on “galactic networks.” Licklider conceptualized a global interconnected set of computers
with communication channels between them through which programs and data could be accessed
quickly by any computer from any computer. Licklider left MIT to head the computer research
program at the Department of Defense’s Defense Advanced Research Projects Agency
(DARPA) in 1962. A year before, at MIT, researcher Leonard Kleinrock had written what is
believed to be the first published work on packet switching theory. This work created the
momentum for the concept of a packet-switching network.
World Wide Web, as we know it today, had its humble beginning in concepts contained in Tim
Berners-Lee’s 1989 proposal to physicists calling for comments. Berners-Lee, a physicist-
researcher at the European High-Energy Particle Physics lab—the Conseil Europeenne pour la
Recherché Nucleaire (CERN), Switzerland—wrote the proposal called HyperText and CERN, to
enable collaboration between physicists and other researchers in the high-energy physics
research community. Three new technologies were incorporated. They were:
(1) HyperText Markup Language (HTML) based on hypertext concepts, to be used to write web
documents;
(2) HyperText Transfer Protocol (HTTP), a protocol to be used to transmit web pages between
hosts;
(3) a web browser client software program to receive and interpret data and display results.
His proposal also included a very important concept for the user interface. This browser-
supported interface was based on the concept that it would be consistent across all types of
computer platforms to enable users to access information from any computer. The line-mode
interface was developed and named at CERN in late 1989. It came to be known as the World
Wide Web or WWW.
Moral Decision Making
Human action results from a decision process. Because every human action follows a subscript,
the decision-making process follows a subscript as well. A decision is morally good if the result
from it is good. A good moral decision embodies nearly all moral theories and usually takes into
consideration the following:
1. all the facts surrounding the situation, taking into account the interests of all parties involved,
and
2. the moral principles involved and how they will affect all others involved.
Combining 1 and 2 implies there must be reasoning and impartiality in any moral decision.
Moral and ethical theorists have outlined four ways of ensuring reason and impartiality in moral
decision making:
1. The use of rational intuition of moral principles, which helps us perceive moral principles
such as the notion of justice and deciding what is good.
2. The use of reason to determine the best way to achieve the highest moral good.
3. The ability to distinguish between primary and secondary moral principles. Primary moral
principles are more general; secondary principles are more specific and are generally deduced
from the primary ones.
4. The rational calculation of the consequences of our actions. The calculation should tell us
whether the action is good or bad depending on the consequences.

Moral codes
Moral codes are rules or norms within a group for what is proper behavior for the members of
that group. Although different cultures have different codes, and we have established that
morality is relative to time, there have been some timeless and culture-free (moral) codes that
have been nearly universally observed. Such codes include this partial list created by the
astronomer Carl Sagan:
1. The Golden Rule: “Do unto others as you would have them do unto you.”
2. The Silver Rule: “Do not do unto others what you would not have them do unto you.” Great
men like Mahatma Gandhi followed this rule almost to the letter.
3. The Bronze Rule: “Repay kindness with kindness.” This rule is widely observed because of its
many varying interpretations. Some people think it says, “An eye for an eye,” yet others think of
it as a “carrot-and-stick” rule. However you interpret it, it seems to support the vendetta
syndrome.
4. The Iron Rule: “Do unto others as you like, before they do it unto you.” This rule, if followed
by a leader, can create dictatorships. It seems to say, “He who is on the floor cannot make rules”
or “Do it if you can get away with it.”
5. The Tin Rule: “Pay homage to those above you and intimidate those below you.” This is what
many call the bully rule.
6. The Nepotism Rule: “Give precedence in all things to close relatives, and do as you like to
others.” This rule legitimizes corruption.

Because most of these rules seem vindictive, corruptible, dictatorial, and abusive, Sagan
proposes the following as what seems to be a good culture-free and timeless universal set of
moral codes:
1. Be friendly at first meeting.
2. Do no envy.
3. Be generous; forgive your enemy if he or she forgives you.
4. Be neither a tyrant nor a patsy.
5. Retaliate proportionately to an intentional injury (within the constraints of the rule of the law).
6. Make your behavior fair (although not perfectly) clear and consistent

Impact of social media on individualism and collectivism and culture

The widespread availability of the Internet has increased the number of people who spend 40 or
more hours a week online. Some psychologists claim there are a vast number of Internet addicts.
Others say these fears are overblown. In the last section of this chapter, we discuss this issue and
evaluate the problem of excessive Internet use from an ethical point of view. 3.2 Spam The
growth of email has been phenomenal—well over a billion people now have email accounts.
Every day about 300 billion email messages are sent. Unfortunately, a significant percentage of
this traffic consists of unsolicited bulk email, or spam. Why is spam called spam? Brad
Templeton, chairman of the board of the Electronic Frontier Foundation, traces the term back to
the SPAM sketch from The Final Rip Off by Monty Python’s Flying Circus, in which a group of
Vikings drown out a cafe conversation by loudly and obnoxiously repeating the word “spam”. In
a similar way, legitimate email messages can get “drowned out” by spam.
CASE STUDY
Ann is an accountant at Acme Corporation, a medium-sized firm with 50 employees. All of the
employees work in the same building, and Ann knows all of them on a first name basis. In fact,
Ann distributes paychecks to Acme’s employees at the end of every month. Ann’s 10-year-old
daughter is a Girl Scout. During the annual Girl Scout cookie sale, Ann sent an email to all of the
other Acme employees, inviting them to stop by her desk during a break and place orders. (There
is no company rule prohibiting the use of the email system for personal emails.) Nine of the
recipients were happy to get Ann’s email, and they ordered an average of four boxes of cookies,
but the other 40 recipients did not appreciate having to take the time to read and delete an
unwanted message; half of them complained to a coworker about Ann’s action. Did Ann do
anything wrong?
KANTIAN ANALYSIS
According to the second formulation of the Categorical Imperative, we should always respect the
autonomy of other people, treating them as ends in themselves and never only as the means to an
end. The story provides evidence that Ann was not simply “using” her coworkers as the means to
her end of making money for the Girl Scouts. She didn’t misrepresent what she was doing. She
didn’t force anyone to buy the cookies or even read the entire email; employees not interested in
Girl Scout cookies could simply delete Ann’s message as soon as they read the subject line.
Some people who received the email freely chose to buy some cookies. Therefore, what Ann did
wasn’t strictly wrong. On the other hand, if Ann had found a way for those people interested in
hearing about the Girl Scout cookie drive to “opt in” to her announcement, those people not
interested in purchasing Girl Scout cookies would not have been bothered by her email. An “opt
in” approach would have been better because it would have shown more respect for the
autonomy of Ann’s coworkers.
ACT UTILITARIAN ANALYSIS
We will do our evaluation in terms of dollars and cents, quantifying the benefits and costs of
Ann’s action. Let’s begin with the benefits. A box of cookies costs $4 and provides $3 of profit
to the Girl Scouts. Someone who buys a box of Girl Scout cookies understands it is a fund-
raising activity and is happy with what he receives for $4. Since the cost of $4 is matched with
$4 of benefit, they cancel each other out in our analysis, and we do not have to worry about this
factor anymore. The average employee who participated in the sale purchased four boxes of
cookies. Nine employees participated, which means Ann sold 36 boxes of cookies and provided
$108 of benefit to the Girl Scouts. Now let’s look at the harms. The principal harm is going to be
the time wasted by Acme’s employees. Ann took orders and made deliveries during coffee or
lunch breaks, rather than on company time, so our focus is on the 40 employees who did not
appreciate getting Ann’s solicitation. It’s reasonable to assume that they spent an average of 15
seconds reading and deleting the message. That adds up to 10 minutes of lost productivity. Half
of the employees spent 5 minutes complaining about what Ann did with a coworker. You can
imagine the typical conversation. “What makes her so special?” “How does she get away with
this kind of thing?” “If I did this for my kid, I’d get in trouble." Taking both the employee’s time
and the coworker’s time into account, Acme loses 10 minutes of productivity for each
conversation. Multiplying 10 minutes by 20 conversations gives us 200 minutes. The total time
wasted equals 210 minutes or 3.5 hours. Assume the average Acme employee makes $20 per
hour. The cost of the lost productivity is 3.5 hours times $20 per hour or $70. The benefit of
$108 exceeds the cost of $70, so we may conclude that Ann’s action was good. We should note,
however, that all of the benefit went to the Girls Scouts and all of the cost was borne by Acme
Corporation. It would be perfectly reasonable if the owners of Acme Corporation concluded that
this kind of activity was not in the best interests of the company and created a new policy
forbidding the use of company email for cookie drives and other fund-raisers.
RULE UTILITARIAN ANALYSIS
What would be the consequences if everyone used the company email system to solicit donations
to their favorite causes? All the employees would receive many more messages unrelated to
business. There would be plenty of grumbling among employees, lowering morale. Reading and
deleting these solicitations would waste people’s time, a definite harm. It’s unlikely that any one
cause would do well if everyone was trying to raise money for his or her own charity. There is a
good chance the owner would become aware of this problem, and a logical response would be to
ban employees from sending out this kind of solicitation. Because the harms are much greater
than the benefits, it is wrong to use the company email system to solicit donations to a charity.
SOCIAL CONTRACT THEORY ANALYSIS
Acme Corporation does not have a prohibition against using the company’s email system for
personal business. You could say that by sending out her email solicitation, Ann was exercising
her right to free speech. Of course, she did it in a way that many people might find obnoxious,
because even if they did not choose to read her entire message, they had to take the time to scan
the subject line and delete it. Unlike spammers, however, Ann did not disguise her identity as the
sender, thereby providing unhappy recipients with the opportunity to respond to her email and
voice their disapproval of her solicitation. If many of the 40 people who did not appreciate
receiving her email sent a reply communicating their displeasure, then Ann got a taste of her own
medicine by having to wade through a bunch of unwanted email messages, and she may choose a
better method of advertising the Girl Scout cookie drive next year. From a social contract theory
point of view, Ann did nothing wrong.
VIRTUE ETHICS ANALYSIS
Good coworkers exhibit many virtues, including honesty, dependability, fairness, friendliness,
and respect for coworkers. Three virtues that seem particularly important for this case study are
honesty, fairness, and respect. Ann demonstrated honesty by being completely straightforward
about the Girl Scout cookie drive with her fellow employees. However, it wasn’t fair or
respectful for Ann to use the email system to promote her own daughter’s fund-raiser when other
employees have not used email for similar solicitations for their children. Ann clearly exercised
poor judgment when she sent the email, since half of the company’s employees felt the need to
complain about it. Looking at this scenario from a completely different angle, we consider Ann
in her role as a parent. Good parents want what is best for their children, and Ann was
undoubtedly thinking of her daughter’s welfare when she decided to sell the Girl Scout cookies
at her workplace. Perhaps her daughter has a quota to meet, or perhaps nice prizes are given to
those who sell enough boxes of cookies. Viewed in this light, Ann’s actions seem consistent with
those of a loving parent. However, parents are also supposed to teach their children how to
develop into capable and independent adults. Ann could have used the cookie sale as an
opportunity to teach her daughter some of those lessons. After all, her daughter is 10 years old,
certainly old enough to handle many of the tasks. Instead, Ann ran the entire cookie sale
operation herself and simply handed her daughter the proceeds. We conclude Ann demonstrated
many, but not all, of the characteristics of a good coworker and a good parent in this episode. If
Ann wanted to help her 10-year-old daughter sell cookies, fine, but she should have found a way
for her daughter to play a more active role in the cookie sale at Acme Corporation. For example,
her daughter could have come in after school one day to deliver the cookies to the people who
ordered them and collect their payments. In this way Ann’s daughter could have gained the
satisfaction of knowing she had contributed a good portion of the time and effort needed to
achieve the desired result. Furthermore, Ann should have found another way to advertise the sale
that respected her workplace’s culture of keeping the email system free from solicitations.
SUMMARY
Although the analyses of Ann’s action from the perspectives of these five ethical theories
reached different conclusions, it is clear she could have taken another course of action that would
have been much less controversial. Since Ann has only 49 coworkers, it would not have been too
difficult for her to find out who wanted to be notified the next time the Girl Scouts were selling
cookies. She could have put a sign-up sheet on her desk or the company bulletin board, for
example. By notifying only those people who signed up, Ann’s emails would have been solicited
and personal. She could still take advantage of the efficiency of the email system without anyone
objecting that she was “using” coworkers or contributing to lost productivity, meaning there
would be much less chance of the company instituting a policy forbidding the use of its email
system for fund-raising activities. Finally, Ann could have found a way to share the work with
her daughter.

CODES OF ETHICS
The main domains in which ethics is defined are governed by a particular and definitive regiment
of rules called “codes of ethics.” These rules, guidelines, canons, advisories, or whatever you
want to call them, are usually followed by members of the respective domains. Depending on the
domain, ethical codes can take any of the following forms:
1. Principles, which may act as guidelines, references, or bases for some document.
2. Public policies, which may include aspects of acceptable behavior, norms, and practices of a
society or group.
3. Codes of conduct, which may include ethical principles
4. Legal instruments, which enforce good conduct through courts.
Although the use of codes of ethics is still limited to professions and high-visibility institutions
and businesses, there is a growing movement toward widespread use. The wording, content, and
target of many codes differ greatly. Some codes are written purposely for the public; others are
targeting employees, and yet others are for professionals only. Reproduced here is the ACM
Code of Professional Conduct.
Association of Computing Machinery (ACM) Code of Ethics and Professional Conduct
On October 16, 1992, ACM’s Executive Council voted to adopt a revised Code of Ethics. The
following imperatives and explanatory guidelines were proposed to supplement the Code as
contained in the new ACM Bylaw 17.
Preamble
Commitment to ethical professional conduct is expected of every member (voting members,
associate members, and student members) of the Association for Computing Machinery (ACM).
This Code, consisting of 24 imperatives formulated as statements of personal responsibility,
identifies the elements of such a commitment. It contains many, but not all, issues professionals
are likely to face. Section 1 outlines fundamental ethical considerations, while Section 2
addresses additional, more specific considerations of professional conduct. Statements in Section
3 pertain more specifically to individuals who have a leadership role, whether in the work place
or in a volunteer capacity, for example with organizations such as ACM. Principles involving
compliance with this Code are given in Section 4.

The Code is supplemented by a set of Guidelines, which provide explanation to assist members
in dealing with the various issues contained in the Code. It is expected that the guidelines will be
changed more frequently than the Code.
The Code and its supplemented Guidelines are intended to serve as a basis for ethical decision
making in the conduct of professional work. Second, they may serve as a basis for judging the
merit of a formal complaint pertaining to violation of professional ethical standards. It should be
noted that although computing is not mentioned in the moral imperatives section, the Code is
connected with how these fundamental imperatives apply to one’s conduct as a computing
professional. These imperatives are expressed in a general form to emphasize that ethical
principles which apply to computer ethics are derived from more general ethical principles. It is
understood that some words and phrases in a code of ethics are subject to varying interpretations,
and that any ethical principle may conflict with other ethical principles in specific situations.
Questions related to ethical conflicts can best be answered by thoughtful consideration of
fundamental principles, rather than reliance on detailed regulations.
1. GENERAL MORAL IMPERATIVES
As an ACM member I will...
1.1 Contribute to society and human well-being.
1.2 Avoid harm to others.
1.3 Be honest and trustworthy.
1.4 Be fair and take action not to discriminate.
1.5 Honor property rights including copyrights and patents.
1.6 Give proper credit for intellectual property.
1.7 Respect the privacy of others.
1.8 Honor confidentiality.

2. MORE SPECIFIC PROFESSIONAL RESPONSIBILITIES

As an ACM computing professional I will...
2.1 Strive to achieve the highest quality, effectiveness, and dignity in both the process and
products of professional work.
2.2 Acquire and maintain professional competence.
2.3 Know and respect existing laws pertaining to professional work.
2.4 Accept and provide appropriate professional review.
2.5 Give comprehensive and thorough evaluations of computer systems and their impacts
including analysis of possible risks.
2.6 Honor contracts, agreements, and assigned responsibilities
2.7 Improve public understanding of computing and its consequences.
2.8 Access computing and communication resources only when authorized to do so.

3. ORGANIZATIONAL LEADERSHIP IMPERATIVES

As an ACM member and an organizational leader, I will...
3.1 Articulate social responsibilities of members of an organizational unit and encourage full
acceptance of those responsibilities.
3.2 Manage personnel and resources to design and build information systems that enhance the
quality of working life.
3.3 Acknowledge and support proper and authorized uses of an organization’s computing and
communications resources.
3.4 Ensure that users and those who will be affected by a system have their needs clearly
articulated during the assessment and design of requirements; later the system must be validated
to meet requirements.
3.5 Articulate and support policies that protect the dignity of users and others affected by a
computing system.
3.6 Create opportunities for members of the organization to learn the principles and limitations
of computer systems.

4. COMPLIANCE WITH THE CODE

As an ACM member, I willl...
4.1 Uphold and promote the principles of this Code.
4.2 Treat violations of this code as inconsistent with membership in the ACM.

GUIDELINES
1. GENERAL MORAL IMPERATIVES As an ACM member I will...
1.1 Contribute to society and human well-being.
This principle concerning the quality of life of all people affirms an obligation to protect
fundamental human rights and to respect the diversity of all cultures. An essential aim of
computing professionals is to minimize negative consequences of computing systems, including
threats to health and safety. When designing or implementing systems, computing professionals
must attempt to ensure that the products of their efforts will be used in socially responsible ways,
will meet social needs, and will avoid harmful effects to health and welfare. In addition to a safe
social environment, human well-being includes a safe natural environment. Therefore,
computing professionals who design and develop systems must be alert to, and make others
aware of, any potential damage to the local or global environment.
1.2 Avoid harm to others.
“Harm” means injury or negative consequences, such as undesirable loss of information, loss of
property, property damage, or unwanted environmental impacts. This principle prohibits use of
computing technology in ways that result in harm to any of the following: users, the general
public, employees, employers. Harmful actions include intentional destruction or modification of
files and programs leading to serious loss of resources or unnecessary expenditure of human
resources such as the time and effort required to purge systems of computer viruses. Well-
intended actions, including those that accomplish assigned duties, may lead to harm
unexpectedly. In such an event the responsible person or persons are obligated to undo or
mitigate the negative consequences as much as possible. One way to avoid unintentional harm is
to carefully consider potential impacts on all those affected by decisions made during design and
implementation. To minimize the possibility of indirectly harming others, computing
professionals must minimize malfunctions by following generally accepted standards for system
design and testing. Furthermore, it is often necessary to assess the social consequences of
systems to project the likelihood of any serious harm to others. If system features are
misrepresented to users, co-workers, or supervisors, the individual computing professional is
responsible for any resulting injury. In the work environment the computing professional has the
additional obligation to report any signs of system dangers that might result in serious personal
or social damage. If one’s superiors do not act to curtail or mitigate such dangers, it may be
necessary to “blow the whistle” to help correct the problem or reduce the risk. However,
capricious or misguided reporting of violations can, itself, be harmful. Before reporting
violations, all relevant aspects of the incident must be thoroughly assessed. In particular, the
assessment of risk and responsibility must be credible. It is suggested that advice be sought from
other computing professionals.
1.3 Be honest and trustworthy.
Honesty is an essential component of trust. Without trust an organization cannot function
effectively. The honest computing professional will not make deliberately false or deceptive
claims about a system or system design, but will instead provide full disclosure of all pertinent
system limitations and problems. A computer professional has a duty to be honest about his or
her own qualifications, and about any circumstances that might lead to conflicts of interest.
Membership in volunteer organizations such as ACM may at times place individuals in situations
where their statements or actions could be interpreted as carrying the weight of a larger group of
professionals. An ACM member will exercise care to not misrepresent ACM or positions and
policies of ACM or any ACM units.
1.4 Be fair and take action not to discriminate.
The values of equality, tolerance, respect for others, and the principles of equal justice govern
this imperative. Discrimination on the basis of race, sex, religion, age, disability, national origin,
or other such factors is an explicit violation of ACM policy and will not be tolerated. Inequities
between different groups of people may result from the use or misuse of information and
technology. In a fair society, all individuals would have equal opportunity to participate in, or
benefit from, the use of computer resources regardless of race, sex, religion, age, disability,
national origin, or other such similar factors. However, these ideals do not justify unauthorized
use of computer resources nor do they provide an adequate basis for violation of any other
ethical imperatives of this code
1.5 Honor property rights including copyrights and patents.
Violation of copyrights, patents, trade secrets, and the terms of license agreements is prohibited
by law in most circumstances. Even when software is not so protected, such violations are
contrary to professional behavior. Copies of software should be made only with proper
authorization. Unauthorized duplication of materials must not be condoned.
1.6 Give proper credit for intellectual property.
Computing professionals are obligated to protect the integrity of intellectual property.
Specifically, one must not take credit for other’s ideas or work, even in cases where the work has
not been explicitly protected, for example by copyright or patent.
1.7 Respect the privacy of others.
Computing and communication technology enables the collection and exchange of personal
information on a scale unprecedented in the history of civilization. Thus there is increased
potential for violating the privacy of individuals and groups. It is the responsibility of
professionals to maintain the privacy and integrity of data describing individuals. This includes
taking precautions to ensure the accuracy of data, as well as protecting it from unauthorized
access or accidental disclosure to inappropriate individuals. Furthermore, procedures must be
established to allow individuals to review their records and correct inaccuracies. This imperative
implies that only the necessary amount of personal information be collected in a system, that
retention and disposal periods for that information be clearly defined and enforced, and that
personal information gathered for a specific purpose not be used for other purposes without
consent of the individual(s). These principles apply to electronic communications, including
electronic mail, and prohibit procedures that capture or monitor electronic user data, including
messages, without the permission of users or bona fide authorization related to system operation
and maintenance. User data observed during the normal duties of system operation and
maintenance must be treated with strictest confidentiality, except in cases where it is evidence
for the violation of law, organizational regulations, or this Code. In these cases, the nature or
contents off that information must be disclosed only to proper authorities.
1.8 Honor confidentiality.
The principle of honesty extends to ‘issues of confidentiality of information whenever one has
made an explicit promise to honor confidentiality or, implicitly, when private information not
directly related to the performance of one’s duties becomes available. The ethical concern is to
respect all obligations of confidentiality to employers, clients, and users unless discharged from
such obligations by requirements of the law or other principles of this Code.

2. MORE SPECIFIC PROFESSIONAL RESPONSIBILITIES

As an ACM computing professional I will...
2.1 Strive to achieve the highest quality, effectiveness, and dignity in both the process and
products of professional work. Excellence is perhaps the most important obligation of a
professional. The computing professional must strive to achieve quality and to be cognizant of
the serious negative consequences that may result from poor quality in a system.
2.2 Acquire and maintain professional competence. Excellence depends on individuals who
take responsibility for acquiring and maintaining professional competence. A professional must
participate in setting standards for appropriate levels of competence, and strive to achieve those
standards. Upgrading technical knowledge and competence can be achieved in several ways—
doing independent study, attending seminars, conferences, or courses—and being involved in
professional organizations.
2.3 Know and respect existing laws pertaining to professional work
ACM members must obey existing local, state, provincial, national, and international laws unless
there is a compelling ethical basis not to do so. Policies and procedures of the organizations in
which one participates must also be obeyed. But compliance must be balanced with the
recognition that sometimes existing laws and rules may be immoral or inappropriate and,
therefore, must be challenged. Violation of a law or regulation may be ethical when that law or
rule has inadequate moral basis or when it conflicts with another law judged to be more
important. If one decides to violate a law or rule because it is viewed as unethical, or for any
other reason, one must fully accept responsibility for one’s actions and for the consequences.
2.4 Accept and provide appropriate professional review.
Quality professional work, especially in the computing profession, depends on
professional reviewing and critiquing. Whenever appropriate, individual members should
seek and utilize peer review as well as provide critical review of the work of others.

2.5 Give comprehensive and thorough evaluations of computer systems and their
impacts, including analysis of possible risks.
Computer professionals must strive to be perceptive, thorough, and objective when
evaluating, recommending, and presenting system descriptions and alternatives.
Computer professionals are in a position of special trust, and therefore have a special
responsibility to provide objective, credible evaluations to employers, clients, users, and
the public. When providing evaluations the professional must also identify any relevant
conflicts of interest, as stated in imperative 1.3
As noted in the discussion of principle 1.2 on avoiding harm, any signs of danger from systems
must be reported to those who have opportunity and/or responsibility to resolve them. See the
guidelines for imperative 1.2 for more details concerning harm, including the reporting of
professional violations.
2.6 Honor contracts, agreements, and assigned responsibilities. Honoring one’s commitments
is a matter of integrity and honesty. For the computer professional this includes ensuring that
system elements perform as intended. Also, when one contracts for work with another party, one
has an obligation to keep that party properly informed about progress toward completing that
work. A computing professional has a responsibility to request a change in any assignment that
he or she feels cannot be completed as defined. Only after serious consideration and with full
disclosure of risks and concerns to the employer or client, should one accept the assignment. The
major underlying principle here is the obligation to accept personal accountability for
professional work. On some occasions other ethical principles may take greater priority.
A judgment that a specific assignment should not be performed may not be accepted. Having
clearly identified one’s concerns and reasons for that judgment, but failing to procure a change in
that assignment, one may yet be obligated, by contract or by law, to proceed as directed. The
computing professional’s ethical judgment should be the final guide in deciding whether or not
to proceed. Regardless of the decision, one must accept the responsibility for the consequences.
However, performing assignments against one’s own judgment does not relieve the professional
of responsibility for any negative consequences.
2.7 Improve public understanding of computing and its consequences. Computing
professionals have a responsibility to share technical knowledge with the public by encouraging
understanding of computing, including the impacts of computer systems and their limitations.
This imperative implies an obligation to counter any false views related to computing.
2.8 Access computing and communication resources only when authorized to do so.
Theft or destruction of tangible and electronic property is prohibited by imperative 1.2: “Avoid
harm to others.” Trespassing and unauthorized use of a computer or communication system is
addressed by this imperative. Trespassing includes accessing communication networks and
computer systems, or accounts and/or files associated with those systems, without explicit
authorization to do so. Individuals and organizations have the right to restrict access to their
systems so long as they do not violate the discrimination principle. No one should enter or use
another’s computing system, software, or data files without permission. One must always have
appropriate approval before using system resources, including communication ports, file space,
other system peripherals, and computer time.

3. ORGANIZATIONAL LEADERSHIP IMPERATIVES

As an ACM member and an organizational leader, I will...
3.1 Articulate social responsibilities of members of an organizational unit and encourage
full acceptance of those responsibilities.
Because organizations of all kinds have impacts on the public, they must accept responsibilities
to society. Organizational procedures and attitudes oriented toward quality and the welfare of
society will reduce harm to members of the public, thereby serving public interest and fulfilling
social responsibility. Therefore, organizational leaders must encourage full participation in
meeting social responsibilities as well as quality performance.
3.2 Manage personnel and resources to design and build information systems that enhance
the quality of working life. Organizational leaders are responsible for ensuring that computer
systems enhance, not degrade, the quality of working life. When implementing a computer
system, organizations must consider the personal and professional development, physical safety,
and human dignity of all workers. Appropriate human–computer ergonomic standards should be
considered in system design and in the workplace.
3.3 Acknowledge and support proper and authorized uses of an organization’s computing
and communications resources. Because computer systems can become tools to harm as well
as to benefit an organization, the leadership has the responsibility to clearly define appropriate
and inappropriate uses of organizational computing resources. While the number and scope of
such rules should be minimal, they should be fully enforced when established.
3.4 Ensure that users and those who will be affected by a system have their needs clearly
articulated during the assessment and design of requirements. Later the system must be
validated to meet requirements. Current system users, potential users, and other persons whose
lives may be affected by a system must have their needs assessed and incorporated in the
statement of requirements. System validation should ensure compliance with those requirements.
3.5 Articulate and support policies that protect the dignity of users and others affected by a
computing system. Designing or implementing systems that deliberately or inadvertently
demean individuals or groups is ethically unacceptable. Computer professionals who are in
decision-making positions should verify that systems are designed and implemented to protect
personal privacy and enhance personal dignity
3.6 Create opportunities for members of the organization to learn the principles and
limitations of computer systems. This complements the imperative on public understanding
(2.7). Educational opportunities are essential to facilitate optimal participation of all
organizational members. Opportunities must be available to all members to help them improve
their knowledge and skills in computing, including courses that familiarize them with the
consequences and limitations of particular types of systems. In particular, professionals must be
made aware of the dangers of building systems around oversimplified models, the improbability
of anticipating and designing for every possible operating condition, and other issues related to
the complexity of this profession.

4. COMPLIANCE WITH THE CODE

As an ACM member I will...
4.1 Uphold and promote the principles of this code. The future of the computing profession
depends on both technical and ethical excellence. Not only is it important for ACM computing
professionals to adhere to the principles expressed in this Code, each member should encourage
and support adherence by other members.
4.2 Treat violations of this code as inconsistent with membership in the ACM. Adherence of
professionals to a code of ethics is largely a voluntary matter. However, if a member does not
follow this code by engaging in gross misconduct, ACM may be terminated.
This Code and the supplemental Guidelines were developed by the Task Force for the Revision
of the ACM Code of Ethics and Professional Conduct: Ronald E. Anderson, Chair, Gerald Engel,
Donald Gotterbarn, Grace C. Hertlein, Alex Hoffman, Bruce Jawer, Deborah G. Johnson, Doris
K. Lidtke, Joyce Currie Little, Dianne Martin, Donn B. Parker, Judith A. Perrolle, and Richard S.
Rosenberg. The Task Force was organized by ACMISIGCAS and funding was provided by the
ACM SIG Discretionary Fund. This Code and the supplemental Guidelines were adopted by the
ACM Council on October 16, 1992
Objectives of Codes of Ethics Different domains and groups of people formulate different codes
of ethics, but they all have among them the following objectives:
1. Disciplinary:
By instilling discipline, the group or profession ensures professionalism and integrity of
its members.
2. Advisory: The codes are usually a good source of tips to members and offer advice and
guidance in areas where there are fuzzy moral issues.
3. Educational: Ethical codes are good educational tools for members of the domain, especially
the new ones who have to learn the do’s and don’ts of the new profession. These codes are also a
good source of renewal for the older members needing to refresh and polish their possibly
waning morals.
4. Inspirational: Besides being disciplinary, advisory, and educational, the codes should also
carry subliminal messages to those using them to inspire them to be “good.”
5. Publicity: One way for professionals to create a good clientele is to show that they have a
strong code of ethics and, therefore, their members are committed to basic values and are
responsible.

What are the key points of code of conduct defined by IEEE for the software engineers?

1. PUBLIC – Software engineers shall act consistently with the public interest.
2. CLIENT AND EMPLOYER – Software engineers shall act in a manner that is in the best
interests of their client and employer consistent with the public interest.
3. PRODUCT – Software engineers shall ensure that their products and related modifications
meet
the highest professional standards possible.
4. JUDGMENT – Software engineers shall maintain integrity and independence in their
professional judgment.
5. MANAGEMENT – Software engineering managers and leaders shall subscribe to and
promote
an ethical approach to the management of software development and maintenance.
6. PROFESSION – Software engineers shall advance the integrity and reputation of the
profession
consistent with the public interest.
7. COLLEAGUES – Software engineers shall be fair to and supportive of their colleagues.
8. SELF – Software engineers shall participate in lifelong learning regarding the practice of their
 profession and shall promote an ethical approach to the practice of the profession.

OPT IN:
Opt-in is an inbound marketing approach whereby a marketer solicits a potential customer's
permission to send them promotional or other types of content about a brand. It is also known as
permission marketing
OPT OUT
Opt-out means an action of users refusing/withdrawing consent in response to a particular event
or process. Not choosing to subscribe to newsletters, unticking a previously ticked checkbox, not
consenting to save personal details, rejecting the use of cookies, etc
PATENT
A patent for an invention is granted by government to the inventor, giving the inventor the right
to stop others, for a limited period, from making, using or selling the invention without their
permission.
➢ Protects inventions or discoveries
➢ Patent rights are just like copyright rights
➢ In many countries, patent protection rights like those of copyrights are provided for by the
constitution.
➢ It is contract between inventor/discoverer and government.
➢ Government gives the exclusive rights to make, use, or sell their invention or discovery for a
specific period of time.

COPYRIGHT
Copyright is a type of intellectual property that protects original works of authorship as soon as
an author fixes the work in a tangible form of expression
The owner of a copyright has five principal rights:
1. The right to reproduce the copyrighted work
2. The right to distribute copies of the work to the public
3. The right to display copies of the work in public
4. The right to perform the work in public
5. The right to produce new works derived from the copyrighted work

FAIR USE
The right given to a copyright owner to reproduce a work is a limited right. Under some circumstances,
called fair use, it is legal to reproduce a copyrighted work without the permission of the copyright holder.
Examples of fair use include citing short excerpts from copyrighted works for the purpose of teaching,
scholarship, research, criticism, commentary, and news reporting.

Digital rights management (DRM) is the management of legal access to digital content.
Various tools or technological protection measures (TPM) like access control technologies, can
restrict the use of proprietary hardware and copyrighted works. DRM technologies govern the
use, modification and distribution of copyrighted works (e.g. software, multimedia content) and
of systems that enforce these policies within devices. DRM technologies include licensing
agreements and encryption
One approach to DRM is to encrypt the digital content so that only authorized users can access it.
Another approach is to place a digital mark on the content so that a device accessing the content
can identify the content as copy protected
Criticisms of Digital Rights Management
• Any technological “fix” is bound to fail
• DRM undermines fair use
• DRM could reduce competition
• Some schemes make anonymous access impossible

Intellectual Property Right Protection

Protection of intellectual property and trade secrets can be done
• Patents. Patents protect an invention or a technical product or process. ...
• Copyright. Copyright protects works of literature, scholarship, science and art. ...
• Neighbouring rights. ...
• Trademarks. ...
• Design rights. ...
• Database rights. ...
• Trade name law. ...
Etc.

Data mining can be performed on the different types of data in a large organization:
Such as
Relational Database: A relational database is a collection of multiple data sets formally
organized by tables, records, and columns from which data can be accessed in various ways
without having to recognize the database tables.
A very large database, (originally written with very large data) is a database that contains a very large
amount of data, so much that it can require specialized architectural, management, processing and
maintenance methodologies.

Big data mining (BDM) is an approach that uses the cumulative data mining or extraction
techniques on large datasets / volumes of data. It is mainly focused on retrieving relevant and
demanded information (or patterns) and thus extracting value hidden in data of an immense
volume.

Censorship is the attempt to suppress or regulate public access to material considered offensive
or harmful. Historically, most censorship has been exercised by governments and religious
institutions. For example, Roman censors banished the poets Ovid and Juvenal for their writings.
Direct censorship has three forms:
government monopolization,
prepublication review,
and licensing and registration.
Perhaps the most common form of censorship is self-censorship: a group deciding for itself not
to publish material. In some countries a publisher may censor itself to avoid persecution.