Ethics and Information Technology 3: 9396, 2001. 2001 Kluwer Academic Publishers. Printed in the Netherlands.

Computer ethics: Future directions

John Weckert
ARC Special Research Centre for Applied Philosophy and Public Ethics, Charles Sturt University, Locked Bag 675, Wagga Wagga, NSW 2678, Australia E-mail: jweckert@csu.edu.au

Abstract. Changes in information technology lead to new topics and new emphases in computer ethics. The present article examines a variety of such issues, and argues that computer ethics must become more rigorous and develop a stronger theoretical base. The article concludes with a discussion of ways to make computer ethics more effective in bringing helpful changes to the world. Key words: bar codes, data matching, data mining, employee monitoring, global ethics, human-computer interface, internet regulation, privacy, responsibility, search engines Computer ethics as a distinguishable eld of study emerged at a time when computers were gaining signicance in the everyday lives of people. The ethical problems studied were, to a large extent, those related to stand-alone computer systems. Of primary concern were the responsibilities of computer professionals, especially software engineers, problems of software piracy, and the privacy of data stored in large databases. There were also concerns about the effects of computerizing the workplace on employment. Then, as now, the content of computer ethics was driven by current and pressing concerns. While these concerns still exist, the emphasis has changed and will continue to do so. The problems of growing concern relate to computer networks, and in particular to the Internet. Let us now look at several areas of growing concern. customers are known personally. When I enter my local coffee shop, for example, the owner knows which beans I normally want, and if they are not available he can tell me about suitable substitutes. And he knows that he does not have to grind the beans for me. If I shop at a large supermarket I may be able to get the same beans, but I cannot get the same service. There are too many customers for each to be known personally. Data mining can help to give at least the appearance that I am known by the supermarket management, so why is there a privacy concern? The concern with data mining is not that large amounts of personal data are collected and stored. It is additional to that. It is that rules and patterns are found in that data. But why does this matter? One argument is this: While I might be happy enough for various pieces of information to be in the public domain, for example, my name and address, telephone number, and so on, and the addresses of others, it does not follow that knowledge of certain associations between those addresses would nd me equally as nonchalant. It is one thing for the addresses to be in the public domain, it is quite another for associations between them to be there. I may be uncomfortable, for example, if it becomes public knowledge that mail is passing from address A to my address. Data mining nds associations, and this is where the problem or perceived problem lies. Consider another example. I am shopping in my supermarket, pre credit card and pre barcode. I go to the checkout, and notice that someone is sitting there writing down all of my purchases. Finally he wants my name and address. While I do not care much if others see me shopping, this scenario is a little disconcerting. I am not sure that I want a record of what I buy to be created. Suppose that I regularly buy chocolate, but

Privacy The issue of privacy will become even more important because of the technologys ability to gather, store, match and make inferences from data and information. This has undoubted benets but also serious costs in terms of loss of individual privacy and possibly autonomy. Data mining is of particular importance here. Data mining is the exploration and analysis of large amounts of data with the purpose of discovering meaningful and useful rules and patterns. In a business context these rules and patterns can be used for example, to target advertising, and identify valuable customers (and not so valuable). This seems benign enough, and perhaps can be seen as nothing more than giving large businesses the same knowledge of their customers as small businesses frequently have of theirs, where many or most

94

J OHN W ECKERT

at different times of the day, so that I meet different people at the checkout. Each such person knows that I buy chocolate, but none knows how much I buy. If a record is kept, this association between me and the chocolate can be easily discovered. Privacy concerns with data mining are chiey concerns with associations becoming public. But it is not just this. Many associations are in the public domain, but knowledge of them is only in the heads of people. My coffee shop owner knows my preferences in coffee beans, but those preferences are nowhere written down. This point is important, because it means that many, perhaps most, associations between different pieces of data, are forgotten, and forgetting has great value. Data mining not only nds associations but it stores them for future use and reference. My argument is not that this is necessarily morally wrong. I have attempted to nd where the problem, or supposed problem, lies, and my suggestion is that it is here. This is the area where more work is required in order to articulate what is acceptable and what is unacceptable data mining. Similar issues regarding associations and forgetting arise in other contexts. Recently a database, CrimeNet, containing criminal records amongst other things, has been established and made easily accessible on the Internet.1 It is asserted on their web site that any threat to close the site is a threat to the free ow of information in a democratic society, and a threat to your right to arm yourself with knowledge about criminals, criminal activities, con artists and scams. We believe CrimeNet can give people the knowledge to prevent themselves becoming future victims of crime. This sounds reasonable in some cases, but grossly unfair in others. While I would like to know that my children are not living next door to a convicted child molester, this also makes it extremely difcult for a reformed offender ever to lead a normal life again. In defense of the database it is said CrimeNet only publishes information that is on the public record. We simply collate it and make it accessible to the public. It has always been available, in collated form, to government agencies. The problem with this defense is that it does not follow from the fact that something is on the public record that it is morally justiable for it to be put in a form where it is readily accessible to all. It is one thing for this information to be on the public record but moderately difcult to access. It is quite another for it to be
1 http://www.crimenet.com.au

available over the Internet. This again is an area that requires much more study.

Employee monitoring Recently there was an incident where employees lost their jobs because they allegedly used the companys computing equipment improperly. This case highlights another important issue: To what extent are employers morally entitled to monitor the activities of their employees? It appears that in the USA as many as two thirds of businesses monitor their employees. This has prompted the statement that many employers practice a credo of In God we trust, others we monitor! However, workplace privacy has tended to take a back seat, and recent announcements of more sophisticated surveillance software have caused hardly a ripple. Given the large proportion of our lives that most of us spend working, this seems surprising. When we arrive at work and switch on our computers, do we lose many of our rights to privacy? It would appear that many of us, both employers and employees, assume or accept that we do. But we should think about this a little more carefully. The common line is that employees work on equipment owned by their employers, and therefore the employers have the right to know all activities that are taking place on that equipment. This is dubious. If employees are doing things that use large amounts of computer resources, so that performance of the equipment is reduced, there is clearly a right for the employer to intervene. But what if no harm at all is being caused? For example, private emails are sent, web sites visited and material downloaded and stored on personal space on the disk, all without noticeable effect on the performance of the computer system or the employee. Does this matter? Surely not. Stopping employees from using computers at work for personal activities, providing that they are legal, when no harm is caused, is like children stopping friends from playing with their toys, simply on the grounds that they own them. It is quite petty. More worrying than prohibiting this, however, is the invasion of personal privacy necessary to prevent it. It is one thing to monitor an employees Internet activity, say, if there is evidence that he or she is doing something inappropriate perhaps illegal or is degrading the performance of the system. It is quite another thing to monitor in general, just to see what is happening when there is no evidence of any problem. This is an unjustied invasion of privacy. Prohibiting employees from having pornographic or offensive images on computer screens in public spaces is of course different. There is no invasion of privacy here,

C OMPUTER ETHICS : F UTURE DIRECTIONS

95

and such prohibition can be for the good of other employees. However, if the same material is downloaded or copied at work and stored in the employees own secure space on the disk for purely private use, it is no concern of the employer (provided system or employee performance is not degraded). This case is little different from a worker getting a legal pornographic magazine at work and keeping it in a briefcase, in company space. While this case was unfortunate for those concerned, it did raise important issues that are worthy of further examination.

Responsibility The recent so-called Love Bug computer virus highlights the need for more research on the question of responsibility. While the perpetrators of the virus have been roundly condemned in the press, and rightly so, the Microsoft company has also not escaped unscathed. It was suggested by some that Microsofts software is just not secure enough and that without much effort it could have been made more secure. Is this criticism fair? Without delving into this particular example, it could be argued generally that if software is not secure then the company producing it must also bear some of the responsibility if problems, such as virus attacks, occur. If airline security is lax, then it is not only hijackers who are culpable but also the airline. The same could be said of software companies and virus attacks. It is also arguable that some responsibility for damage or inconvenience lies with the users of the software. It may be convenient and even daring to use networks for various important and sensitive tasks, but it may not be very sensible, given the kind of technology in common use. If I use a system that I know to be vulnerable, it is not just the fault of others when I am harmed as a result. More study is required to understand the responsibilities of all the players.

to be treated fairly is not saying much that is useful. This has direct relevance for human computer interface (HCI) design. Certain interfaces may show bias, in that they are easy for some to use but difcult or impossible for others, as we have seen in cases of gender, physical disability, age and culture bias. Unfortunately, while it is easy to say that fairness in HCI design is obligatory, it is not so easy to say just what constitutes fairness and unfairness. If an interface employs language and images not easily understandable to some potential users, nor readily useable, while other language and images are readily available, then this could be called unfair and discriminatory. This could be the case, for example, if the interface favors young white males. But suppose that an interface is unusable to a group of potential users with a particular physical disability. Is such an interface unfair? This accusation has been leveled at the web site of an encyclopaedia because it is not accessible to the blind. It uses software, which makes it unreadable by any speech system. But is this situation really unfair? Well, it all depends. It is unfair and unjustiable if at little or no extra cost it could be made useable for this group of users. On the other hand, if the problem could be solved only at such expense that nobody would have the benet of the interface, then it does seem justiable. A rule of thumb something like the following, therefore, seems reasonable: A web site should be equally useable to all potential users except where the cost of implementing it would render the site unavailable to all.

Other issues These are not the only areas that will attract increased attention from computer ethicists in the future. More attention will be paid, for example, to search engines and other intermediaries on the Internet. If we rely on these intermediaries to help us locate information, some assurance of fairness will be needed in the way in which information is located and displayed. Global ethics also will become more important, particularly with the emphasis on electronic commerce. We will need to work harder to nd what is common between cultures, and then build on those commonalities. More effort, I suspect, will be spent on considering how we want computer technology to be used. Information technology should make life easier for all, and not just for a favored few, and it certainly should not threaten life or the quality of life. But this raises the question of restrictions being placed on research and development, something that is anathema to many. Regulation of the Internet will require much more careful examination

Equity and the human-computer interface That all people should be treated fairly seems difcult to dispute. Denying someone a job or a place at a university purely on the basis of race, gender or religion seems blatantly unfair. However discrimination is common. Employers discriminate against the lazy, universities against those with low academic ability, and football selectors against those with little football ability. Why do these latter examples seem fair, or at least justied, and the former not? Because in the second examples the factors used for discriminatory behavior are relevant while those in the rst are not. This shows that merely saying that all people ought

96

J OHN W ECKERT

as that medium plays a larger role in communication, entertainment, business and so on. Recently it was pornography on the Internet that attracted attention, and currently Internet gambling has made the headlines. Undoubtedly this regulation debate will continue to arouse ire on both sides.

Future computer ethics practice We have seen that the content of computer ethics will change in the future in response to new problems. There must also be some changes in the way in which computer ethics is practiced. Computer ethics must become more rigorous and develop a stronger theoretical base. In general ethics and in more mature applied elds, such as environmental ethics previous work is built upon or examined to a greater extent than it currently is in computer ethics. In computer ethics it is not common to nd papers which examine, say, Xs argument on Internet content regulation, and then build on that examination. Most papers refer little to other works on the same topic, and examine them even less. Simultaneously there must be a closer liaison between theoreticians and practitioners. Computer ethics without theory is mere consciousness raising useful, but not sufcient on its own. Theoretical studies remote from professional practice can be mere intellectual exercises, again useful, but insufcient if they do not engage in real-life issues. If computer ethics is to be taken seriously and is to affect real life, there must be a rigorous and theoretically sound examination of practical problems, and it must propose answers within the parameters of the available technology. This leads to another change in emphasis. While there has been some cooperation between computing professionals, philosophers, lawyers and others, much more is needed. A number of disciplines should cooperate to a much greater extent if thoroughly analyzed and practical answers are to be provided. At a minimum, computing professionals and academics, philosophers, psychologists, sociologists and lawyers

will be required to work together to examine and hopefully solve many of the ethical problems raised by information technology. The relationships between some of the required disciplines can be seen by considering Internet content regulation. Philosophers examine the foundations of freedom of speech, expression and information, and arguments for and against them, and then apply these general principles to the applied question. But some arguments in this area rely on empirical investigations about the consequences of various sorts of content upon individuals and groups. For example, do violent computer games make children more violent or not? These kinds of investigations are the work of social scientists. In addition, the input of lawyers is important in the formulation and drafting of laws that are workable. Finally, but certainly not least in importance, is the expertise supplied by computing professionals. Can Internet content be regulated in a way that does not seriously limit the Internets usefulness? Without such cooperation, progress will be limited.

The effectiveness of computer ethics Finally, a word on the usefulness of computer ethics. How can it have an effect? First, and most obviously, those working in computer ethics need to be involved in policy making, at the levels of Government, professional bodies such as the Australian Computer Society, and businesses. Second, there must be involvement in the education of computing professionals and users. Third is the Socratic role: Computer ethicists should continually question what is happening in the world of Information Technology. In particular there must be questioning of what seems obvious. This can be annoying, but it is an important part of the task. Questioning encourages thinking, and this heightens awareness of problems, and hopefully, makes more people just a little worried. Computer ethics is not a panacea for the worlds problems, but it is a valuable endeavor if it ethically challenges IT professionals and users.