CASE STUDIES

Case 1

Three years ago, Diane started her own consulting business. She has been so successful that she now has several people working for her and many clients. Their consulting work included advising on how to set up corporate intranets, designing database management systems, and management advising about security.

Presently she is designing a database management system for the personnel office of a medium-sized company. Diane has involved the client in the design process, informing the CEO, the director of computing, and the director of personnel about the progress of the system. It is now time to make decisions about the kind and degree of security to build into the system. Diane has described several options to the client. Because the system is going to cost more than they planned, the client has decided to opt for a less secure system. She believes the information they will be storing is extremely sensitive. It will include performance evaluations, medical records for filing insurance claims, salaries, and so forth.

With weak security, employees working on client machines may be able to figure out ways to get access to this data, not to mention the possibility of on line access from hackers. Diane feels on-line strongly that the system should be much more secure. She has tried to explain the risks, but the CEO, director of computing and director of personnel all agree that less security will do. What should she do? Should she refuse to build the system as they request?”

Answer:

Values and Ideals (Section 4.3, ACS Code of Ethics)

For the case presented, Diane had shown the following values and ideals:

• Priorities. Diane had placed the interest of the majority first, above her personal interest and the interest of her client.
• Competence. Diane had worked competently and diligently for her client by providing several options and recommending which options work best for her clients.
• Honesty. Diane had shown honesty by informing her client of the risks involved for a low cost option which offers lower security for a highly sensitive information.
• Social Implications. Diane had strived for the enhancement of the quality of life of her client and those who are affected of her work by recommending that her client to approve the creation of the system with higher security.
• Information Technology Profession. Diane took care of protecting and enhancing the integrity of the Information Technology profession by raising concerns to her client that higher security are necessary for the implementation of the system.

If I am on the place of Diane, the first thing that I would do is to advise my client that the system which they are requesting to built does have a conflict of interest against mine. I should explain to them that as a professional information technology practitioner, I must endeavor to preserve the confidentiality, integrity, and security of the information of others; that I must be able to preserve the continuity of information technology services and information flow in my care; and that I must consider and respect people’s privacy which might be affected of my work. If I am to build the system with low security, I will be risking sensitive information of majority of the users, for which might endanger my client, the users, and my company.

 As for this case, the following ethical standards should apply:

Priorities

• I must endeavour to preserve continuity of information technology services and information flow in my care.
• I must endeavour to preserve the integrity and security of the information of others.
• I must endeavour to preserve the confidentiality of the information of others.
• I must advise my client or employer of any potential conflicts of interest between my assignment and legal or other accepted community requirements.
• I must advise my clients and employers as soon as possible of any conflicts of interest or conscientious objections which face me in connection with my work.

Competence

• I must make myself aware of relevant standards, and act accordingly.
• I must accept responsibility for my work.

Social Implications

• I must consider and respect people’s privacy which might be affected by my work.

Case 2

Consider an HCI consultant with extensive experience in evaluating web sites and graphical user interfaces (GUI). She has just received an evaluation contract for a new accounting product made by Company A due to her prior experience with e commerce site evaluation.

The work involves assessing the training requirements and the usability of the system. During the initial configuration of her usability laboratory, she becomes aware that that software she is to evaluate contains a GUI already patented by a rival Company B, which she evaluated several weeks before. Under her contractual arrangements, she is not allowed to discuss the evaluation of a product with anyone outside the contract. She therefore has an obligation to Company B not to provide information regarding their product to anyone else without their permission. She has a similar obligation to Company A. Can she continue with the evaluation? If she cannot continue with the evaluation, how does she inform Company A of the patent violation? Does she have an obligation to let company B know Company A has copied their GUI?”

Answer:

As a professional information technology practitioner, the HCI consultant should not continue the evaluation until the patent infrigement issue is resolved. The first thing that she should do is to inform her immediate employer, the company A, of the patent infrigement; however, due to contractual arrangements from the previous employer, the company B, she should not disclose information regarding the company and its product. Rather, she can only inform company A that before she can continue with the evaluation, she must first help the two companies settle the infrigement. What she will do is to ask company A their permission to allow her to contact the affected company, and to allow her to share limited details regarding the patent infrigement. If her immediate employer allows her, she can go to company B and explain to them the current situation regarding the conflict of interest with company A. She would then ask for permission to allow her to inform her immediate employer regarding the patent infrigement, disclosing information of the company B, and limited information of the patent being infriged. If the company B would allow her to disclose any information, she would need to inform her immediate employer of the details of the infrigement, so that company A will evade a course of complication in the near future due to patent violations.

As for this case, the following ethical standards should apply:

Priorities

• I must advise my client or employer of any potential conflicts of interest between my assignment and legal or other accepted community requirements.
• I must advise my clients and employers as soon as possible of any conflicts of interest or conscientious objections which face me in connection with my work.

Competence

• I must make myself aware of relevant standards, and act accordingly.
• I must respect and protect my clients’ and employers’ proprietary interests.
• I must accept responsibility for my work.
• I must advise my clients and employers when I believe a proposed project is not in their best interest.
• I must go beyond my brief, if necessary, in order to act professionally.

Social Implications

• I must endeavour to understand, and give due regard to, the perceptions of those affected by my work.

Information Technology Profession

• I must do what I can to ensure that the corporate actions of the Society are in accordance with this Code of Ethics.

Ethics and Professionalism

Ethics and Professionalism are two different words, yet they go together to create norm of ethical behavior. The term “ethical behavior” is applied to citizen’s conduct in professional matters and is judged in comparison to the standards of profession, which are formally expressed in statements called “codes of ethics”.

Organization: PhilNits - Davao

• The Philippine National Information Technology Standards Foundation, Inc., or PhilNITS, is a non-stock, non-profit, non-government organization that is implementing in the Philippines the Information Technology standards adopted from Japan, with the support of the Department of Trade and Industry (DTI) of the Philippines and the Ministry of Economy, Trade and Industry (METI) of Japan. It was initially known as the Japanese IT Standards Exams of the Philippines Foundation, Inc. (JITSE-Phil), and was registered as such with the Securities and Exchange Commission on April 10, 2002 and set up its office at the Penthouse of the Prince Bldg, in Rada Street, Legazpi Village, Makati city.It is being organized as an exclusive club to promote a culture of excellence among knowledge workers dedicated to the study and use of technology for the improvement of the quality of life of the Filipino. *PhilNITS is a member of the IT Professionals Examination Council (ITPEC).

Code of Ethics

The Philippine National IT Standards (PhilNITS) Foundation, Inc., commits to achieve its vision of making the Philippines an industry leader in global IT, through the development and implementation of an internationally recognized and accepted standard, guided by the following principles:

1) Uphold the utmost integrity of the PhilNITS implemented certification exams.

2) Maintain an unbiased and vendor-neutral perspective.

3) Promote its relevance and significance through the active collaboration with all sectors (academe, industry and the government).

 Goal

• To establish an internationally recognized and accepted standard with which to measure the competency level of IT Engineers/Professionals in the country and have it adopted and implemented nationwide by Industry, Government and Academe in their selection process.
• To develop a workforce of Certified IT Professionals that are qualified and eligible for work not only in Japanese companies here and abroad but also in multinational companies anywhere in the world.
• To help in establishing a strong middle class of qualified Filipino IT Professionals in the Academe, the Industry and Government, with good and moral work ethics, who will bring the country out of the quagmire of poverty.
• To establish world leadership in I. T.

Current Certifications

• The ITPEC certification exams (known locally as PhilNITS certification exams) are administered throughout the day with the first half involve fundamental IT concepts and terms while the second half require the examinee to develop and trace the output of a computer program.

Projects

• Conducting free training courses on IP, FE & AP/SW for teachers and commercial trainers. Usually funded by grants from AOTS, CICC, IPA, METI and JETRO.
• Conducting free summer training of teachers, a joint undertaking with the Philippine Society of IT Educators (PSITE) and the Philippine Accrediting Association of Private Schools, Colleges and Universities (PAASCU). PAASCU is providing the venue and PhilNITS is providing the lecturers (from the PhilNITS Society).
• Providing training using the e-learning system donated by Japan.
• Guiding and helping in the development of the PhilNITS Society, an organization formed whose only criterion for membership is being PhilNITS-certified, in any exam category.
• Conducting software and hardware training. Customized training and assessment also available.
• Conducting Systems Development for Outsourced Projects. Work is done by Bridge Software Engineers that know Japanese.