CC2018

Legal, Social, ethical and Professional Issues in Systems Development – Part 2

Aims To have a better understanding of

the social, ethical (and to some extent legal) ‘surprises’ embedded in the development of computing systems

Associated professional responsibilities

Legislation

Last Week Privacy Data Protection Act, 1998 Information security 10 Commandments of computer

ethics Computer Misuse Act, 1990 Codes of Conducts (BCS, ACM)

Ownership and Intellectual Property Rights

“Intellectual Property Rights (IPR) concern the protection of all products created or designed by the human intellect – books, songs, poems, trademarks, blueprints … and software” (Davison, 2000, p.9)

Software developers concerned about protecting their intellectual investment (fair reward)

Legislation includes UK Copyright, Designs & Patents Act, 1988 (more on this later)

Consumer responsibilities and rights “To protect [developers] right to the fruit

of their endeavours, they claim that consumers have a duty both to pay the price [of product] and to respect the intellectual property contained within the product – by not stealing it. ….

…consumers may claim that they have the right to….expect that the product will be free of defects (bugs)”

(Davison, 2000, p.12)

Ethical issues: software ownership & sale

Kling, 1996, p.5: “To what extent are software vendors

obligated to accurately advertise their software capabilities and system requirements?

To what extent should software vendors be obligated to refund purchased software that a customer has found will not work as advertised on her computer systems” (Kling, 1996, p.5)

Ethical issues: software ownership & sale

For example: Landmark case of St Albans City &

District Council v. ICL (1995) For the first time there is firm indication

that software is goods hence: must be ‘fit for purpose’ under Sale of

Goods Act, 1979 Supply of Goods and Services Act, 1982 also

applies

Ethical issues: software ownership & sale

Case of St Albans City & District Council v. ICL (1995) also illustrates:

Difficulty that software company may have in satisfying ‘reasonableness test’ in relation to contractual terms excluding or restricting liability (for defective software). Unfair Contract Terms Act 1977

(Bainbridge, 2000)

In any case were ICL developers behaving in a ‘professional’ manner?

So… There are rights and

responsibilities of ownership This implies professional

responsibility and accountability Codes of conducts (BCS)

Competence and responsibility‘Intelligent’ information systems: deliberately attempt to emulate some aspect of

human performanceCurrent problems: Information systems have extended from clerical

and manual areas into those of professionals increased demand means that automated support

may have to take over some of the human professional’s functions

lack of experience in managing intelligent systems that deal in information/knowledge, rather than just data

Assigning responsibility Future intelligent systems may assume task

of issuing instructions to pilots on how to avoid a collision.

Problems: who is responsible? current policies and procedures are built to

support and monitor human capabilities Illustrates difficulties in assigning

responsibility but Davison argues those concerned with developing systems shouldn’t avoid sorting this out (Davison, 2000)

Responsibility Responsibility - however many layers of

automation, must still be ultimate human responsibility System specification - Originating

agency? Creation of software (writing and

testing) - Organisation contracted to supply software?

System in use - Users, if system pushed beyond agreed level of competence?

Professional Accountability “In general accountability lies at the root of vendor-

client relationships, and is therefore relevant to our professional behaviour in consulting or professional work…” (Davison, 2000, p.12-13)

“Accountability is important because it shows that high-quality work is valued, encourages professionals to be diligent and responsible in their practice….[and] because computer software is used throughout our society, and is an essential component of many life-critical systems..” (Davison, 2000, p.13)

Professional accountability “Through encouraging a strong sense of

professional accountability, we can attempt to ensure that those who are responsible for the safe functioning of these systems will do their utmost to ensure that systems are safe, and will minimise risks. Accountability runs a considerable risk of being eroded, however, when computers are made scapegoats for human failings or when developers of computer software deny any responsibility for the consequences of use of the software, even when this use is in accordance with the purpose for which the software was designed” (Davison, 2000, p.13)

Accountability and Liability Important to establish lines of

responsibility but separate ‘accountability’ and ‘liability to compensate’?

“An individual programmer or software designer may be responsible for a harm, but liability [may] more properly lie[s] with the employer, since it retains responsibility/ownership for the work of its employees” (Davison, 2000, p.17)

The self-employed developer has both accountability and liability

Legal Issues

Legislation What are major ethical issues in

Computing? Privacy, ownership, accessibility,

surveillance, computer crime, reliability etc

Professional practitioner needs to be aware of relevant legislation (laws) in relation to these issues

Legal issues are important to: Client or sponsor of an IT project IT project managers Anyone who produces assets (code etc.) Anyone who contributes to an IT project Anyone who uses software/ hardware/

computing technology whether for a project or not!

Legal Issues Areas: Intellectual Property Rights Contracts Licences (one way to protect IPR) Jurisdiction Patents/Trade Marks (one way to protect

IPR) Data Protection legislation (recap) Employment legislation Anti-discrimination legislation

Intellectual Property Rights (IPR)

These consist of a number of rights which give protection under the law to creators, performers and inventors

such as... copyright performance rights moral rights patents design rights trademarks

IPR - Copyright The Copyright Designs and Patents Act 1988

gives the copyright owner the following rights: the right not to have copies issues to the public the right

not to have the work performed, played or shown in public

the right not to have the work broadcast or included in a cable programme

the right not to have the work adapted

Unless you are the originator or owner of the copyright in a piece of work you may not do any of these things without the permission of the copyright owner (in most cases the originator).

Contracts

A contract consists of the offer, consideration, and acceptance. These are legal terms to explain the essential parts of a contract A contract is a legally binding agreement

between two or more parties which begins with an offer from one party but needs a sign from the other party to show their

willingness to accept the terms of that offer (acceptance), and

consideration which is normally in the form of payment

ContractsImportant contracts which may effect IT

projects are:

Project contract which is often formed from the original project proposal

Employment contracts

Contracts for third parties (such as suppliers)

Licences (one way to protect IPR)

A licence is a special permission to do something on or with someone else’s property which could be legally prevented if you did not have the licence

If you are involved in an IT project you will come across various licences on a daily basis

The software, tools, libraries, operating system and some hardware that you use to create your project will probably be governed by licence agreements

Licences The work the project team creates may have

to be protected through the use of a licence (in the project contract) and the product which the project creates such as a web site, a DVD, or an IT system may contain a licence about its usage by the end-user

So you will have to abide by licences created by other people and you will also have to consider creating licences to protecting the work of your project team and your client’s business

Jurisdiction

Every country has laws which govern that country, and when you are in a country you should abide by those laws in business and in your personal life

Jurisdiction is about which laws prevail - which law applies to you?

Jurisdiction

This is not a problem with contracts where the buyer and seller are both in the UK

If a project involves the Internet or requires worldwide publication or distribution, jurisdiction is very important

Some countries and US states will apply their jurisdiction to an on-line sale even if neither the buyer, seller or user is resident in that country

Jurisdiction Once you publish through the

Internet you are open to legal action from any country

Most of these actions concern consumer protection legislation, but certainly libel and defamation actions are becoming more common

Another issue is taxation You need to know which jurisdiction applies

and which set of taxes you have to pay

Patents/Trade Marks (one way to protect IPR)

A patent is a legal protection which is given to the inventor of a product or process for a limited time

Once patented, another person cannot use or sell the invention without permission or licence from the inventor

The patent only relates to the UK, and lasts for up to 20 years

You may need to protect your invention using the Patent law of many different countries

Patents / Trade Marks

The Patent Office is the UK body responsible for Copyright, Designs, Patents and Trade Marks.For more information on these topics, view the web site of the Patent Office:

http://www.ipo.gov.uk//

Data Protection legislation

Data protection is another issue which is important to an IT project manager, and others involved in the project

Under English law, anyone who controls data (information) about a person who is still living, may have to register under the Data Protection legislation as a data controller

The legislation is there to protect an individual’s privacy

Data Protection legislation

Information held about a person must be: fairly and lawfully processed processed for limited purposes adequate, relevant and not excessive accurate not kept longer than necessary processed in accordance with subject's rights secure not transferred to countries without adequate

protection

Data Protection legislation

The Information Commissioner enforces and oversees the Data Protection legislation (Data Protection Acts)

more details can be found on the following web site: http://www.ico.gov.uk/

Employment legislation As an IT manager it is necessary to know

the employment rights and duties as they apply to you and your workers

In a middle-sized to large company there will normally be a Human Resources (Personnel) department and Finance/Payroll to assist with this

This may not always be the case in a small company

Responsibility and competence Responsibility

the idea that individuals, organisations, and societies are free moral agents who act wilfully with intentions, goals, and ideas;

consequently they can be held accountable for their actions…

Competence Sufficiency of qualification, adequacy

Employment legislation Other rights are also protected such as the right to

belong to a Trade Union, minimum wage, and the right to maternity and paternity leave and pay

Know your own employment contract - Who owns the copyright of the code you produce?

Department of Trade and Industry’s website has a guide to Teleworking, and further information on employment and business issues: www.dti.gov.uk

Anti-discrimination legislation

Anti-discrimination legislation is there to protect each person’s rights not to be discriminated against on the grounds of Race, Sex and Disability.

The UK has also recently passed legislation concerning sexuality, and religion

and there is the possibility of gene discrimination in the future…

Service providers have to take reasonable steps to make their services (including public web sites) accessible to all. Check out the UK Government’s guide to Disability: http://www.disability.gov.uk/

Web Accessibility People with various disabilities can use the Web. They can perceive, understand, navigate, and

interact with the Web and contribute to the Web. Essential components:

content - the information in a Web page or Web application, including: text, images, and sounds; code or markup language that defines structure, presentation, etc.

Web browsers, media players, and other "user agents“ assistive technology such as screen readers and alternative

keyboards. Web Content Accessibility Guidelines: http://www.w3.org/WAI/intro/wcag.php

References and further reading

In addition to the websites mentioned above here are some other reference sources:

Bainbridge, D., (2000). Introduction to Computer Law. 4th Edition. Pearson Education Limited

Baase, S. A. (2000) Gift of Fire: Social, Legal and Ethical Issues in Computing. Prentice Hall

Davison, R.M., (2000), Professional Ethics in Information Systems: A Personal Perspective, Communications of the Association for Information Systems, Vol. 3, (8), April.

Johnson, D.G. (2001) Computer Ethics – third edition, Prentice Hall

Kling, R., (1996) Beyond Outlaws, Hackers and Pirates: Ethical Issues in the Work of Information and Computer Science Professionals. Computers and Society, Jun, pp. 5-15.