Simon Rogerson
Centre for Computing and Social Responsibility
De Montfort University, UK
1. Introduction
It was James Moor (1985) who asserted that computers are "logically malleable" in the sense that "they can be shaped and moulded to do any activity that can be characterised in terms of inputs, outputs, and connecting logical operations". This might lead to policy vacuums caused by possibilities that did not exist before computers. In these situations there are often no useful analogies to draw upon for help. Maner (1996) explains that, "Lack of an effective analogy forces us to discover new moral values, formulate new moral principles, develop new policies, and find new ways to think about the issues presented to us." In such situations Gotterbarn (1992) suggests that professionals must be aware of their professional responsibilities, have available methods for resolving non-technical ethics questions and develop proactive skills to reduce the likelihood of ethical problems occurring. Those involved in information systems development are one group significantly affected by this ethically volatile situation
It is interesting to note that much of the work in this area has been concentrated in the philosophy and sociology disciplines with restricted input from the information systems and computer science disciplines. This may be the reason why Walsham (1996) has found that "... there is little published work which directly relates these [specific IS-related ethical] issues to more general ethical theory ...". The work has tended to be conceptual and more of a commentary on computer phenomena rather than an attempt to develop strategies to identify and address societal and ethical issues associated with information systems and the underpinning information technology (Rogerson and Bynum 1996).
The purpose of this paper is to draw upon the significant body
of research in computer ethics and use this to address some of the
ethical challenges associated with information systems development. SSADM
will be used as an illustrative example because it is felt that if ethical
enrichment can be achieved in a "hard" systems approach then it is likely
to be achievable in most approaches.
2. Information systems development
Turning to the overall development process, there are numerous methodological
approaches to information systems development. Few deal adequately with
the ethical dimensions of the development process. Avison (1995) criticises
the development methodologies, such as SSADM, Merise and Yourdon, that
are
adopted by most organisations today because they tend to stress formal
and technical aspects. He argues that, "The emphasis ... must move away
from technical systems which have behavioural and social problems to social
systems which rely to an increasing extent on information technology."
He suggests that the human, social and organisational aspects are often
overlooked. The consideration of this broader perspective only seems to
occur in the event of systems failure or under-performance. This issue
is addressed by Wood-Harper et al (1996) who identify a number of dilemmas
which a systems analyst might face when undertaking a systems development
activity using a methodological approach. These dilemmas are summarised
as:
Whose ethical perspective will dominate the study of the situation and
the development of the IS?
Will ethical viewpoints be included in the study?
What methodology should be used for the study?
What approach should the analyst use if there is an obvious conflict
of interests?
It is important to recognise that there are a few methodological approaches, notably ETHICS from Mumford (1983), Soft Systems Methodology from Checkland (1981) and Multiview from Avison and Wood-Harper (1990) that attempt to include consideration of ethical and societal issues. In evaluating ETHICS, Jayaratna (1994) suggests that, "[it] offers many design guidelines useful for the understanding and the design of human-centred systems, but ...does not offer models or ways for performing ... the steps. Nor does it offer any models for handling interpersonal and political conflicts." He concludes that, "ETHICS is committed to a particular ethical stance [and] does not offer any means of discussing or resolving many of the ethical dilemmas ... in systems development." This appears to be a recurrent criticism of such methodologies. Whilst it is laudable that ethical sensitivity is raised as an issue worthy of investigation, the manner in which investigation is undertaken and, ultimately, an ethically defensible position derived is vague.
Methodologies need to be enhanced to address these criticisms. It seems
clear that research is required into the generalised manner in which ethical
issues can be accounted for together with enhancement of specific methodologies.
This paper specifically addresses Wood-Harper's question, "Will ethical
viewpoints be included in the study?" The approach adopted here is to use
the relevant elements of a code of conduct to create an analytical tool
that can be used to identify where and how to ethically enrich an information
systems development approach. The code of the ACM has been chosen for this
purpose.
3. The ACM code of conduct as an analytical tool
Information systems practitioners will readily acknowledge they are professionals who use computers to resolve organisational problems. As professionals they should be willing to adhere to a professional code of conduct that embed the eight ethical meta principles regarding how computer professionals should conduct themselves (Rogerson 1996). The ACM is the largest professional computing body in the world. It is generally accepted that the ACM Code of Ethics and Professional Conduct is probably the most comprehensive and appropriate code yet devised to provide guidance in computing practice. It has practical and academic credibility given it was developed by a team comprising eminent computer scientists, philosophers and industrialists.
The last section, Compliance with the code, advocates that members should: uphold and promote the principles of the code (4.1) and treat violations of this code as inconsistent with membership in the ACM (4.2). The guidelines clearly explain that the future of the computing profession depends on both technical and ethical excellence and consequently any violation has to be considered as unprofessional practice. The severity of unprofessionalism is open to debate.
The code can be used to identify the ethical areas that should be considered during an IS development project. The code has been analysed and the following extracts relate directly to systems development activity. These can then been used to measure how methodologies cater for ethical considerations and can be used in deciding how methodologies might have to be modified.
These are extracts taken from the guidelines section of the published ACM Code of Ethics and Professional Conduct
1. GENERAL MORAL IMPERATIVES.
1.1 Contribute to society and human well-being.
... When designing or implementing systems, computing professionals
must attempt to ensure that the products of their efforts will be used
in socially responsible ways, will meet social needs, and will avoid harmful
effects to health and welfare. ...
1.2 Avoid harm to others.
... To minimize the possibility of indirectly harming others, computing
professionals must minimize malfunctions by following generally accepted
standards for system design and testing. Furthermore, it is often necessary
to assess the social consequences of systems to project the likelihood
of any serious harm to others. If system features are misrepresented to
users, co-workers, or supervisors, the individual computing professional
is responsible for any resulting injury.
In the work environment the computing professional
has the additional obligation to report any signs of system dangers that
might result in serious personal or social damage. ...
1.7 Respect the privacy of others.
Computing and communication technology enables the collection and exchange
of personal information on a scale unprecedented in the history of civilization.
Thus there is increased potential for violating the privacy of individuals
and groups. It is the responsibility of professionals to maintain the privacy
and integrity of data describing individuals. ...
2. MORE SPECIFIC PROFESSIONAL RESPONSIBILITIES.
2.1 Strive to achieve the highest quality, effectiveness and dignity
in both the process and products of professional work.
... The computing professional must strive to achieve quality and to
be cognizant of the serious negative consequences that may result from
poor quality in a system.
2.4 Accept and provide appropriate professional review.
Quality professional work, especially in the computing profession,
depends on professional reviewing and critiquing. Whenever appropriate,
individual members should seek and utilize peer review as well as provide
critical review of the work of others.
2.5 Give comprehensive and thorough evaluations of computer systems
and their impacts, including analysis of possible risks.
Computer professionals must strive to be perceptive, thorough, and
objective when evaluating, recommending, and presenting system descriptions
and alternatives. ...
2.8 Access computing and communication resources only when authorized
to do so.
... Individuals and organizations have the right to restrict access
to their systems so long as they do not violate the discrimination principle.
...
3. ORGANIZATIONAL LEADERSHIP IMPERATIVES.
3.1 Articulate social responsibilities of members of an organizational
unit and encourage full acceptance of those responsibilities.
Because organizations of all kinds have impacts on the public, they
must accept responsibilities to society. Organizational procedures and
attitudes oriented toward quality and the welfare of society will reduce
harm to members of the public, thereby serving public interest and fulfilling
social responsibility. ...
3.2 Manage personnel and resources to design and build information systems
that enhance the quality of working life.
Organizational leaders are responsible for ensuring that computer systems
enhance, not degrade, the quality of working life. When implementing
a computer system, organizations must consider the personal and professional
development, physical safety, and human dignity of all workers. Appropriate
human-computer ergonomic standards should be considered in system design
and in the workplace.
3.4 Ensure that users and those who will be affected by a system have
their needs clearly articulated during the assessment and design of requirements;
later the system must be validated to meet requirements.
Current system users, potential users and other persons whose lives
may be affected by a system must have their needs assessed and incorporated
in the statement of requirements. System validation should ensure compliance
with those requirements.
3.5 Articulate and support policies that protect the dignity of users
and other s effected by a computing system.
Designing or implementing systems that deliberately or inadvertently
demean individuals or groups is ethically unacceptable. Computer professionals
who are in decision making positions should verify that systems are designed
and implemented to protect personal privacy and enhance personal dignity.
Any violation of these articles or simply ignoring to address the issues
contained in them is deemed to be unprofessional. These 11 articles together
with the guideline extracts provide way to review systems development
methods to ascertain whether they promote professionalism and where the
most ethically charged areas might be.
4. An overview of SSADM Version 4
SSADM is now used as an illustrative method to further discussion of the ethics of information systems development. Structured Systems Analysis and Design Method (SSADM) is a set of procedural, technical and documentation standards for information systems development (Skidmore, Farmer and Mills 1994). SSADM comprises five core modules; feasibility study, requirements analysis, requirements specification, logical systems specification and physical design module. The position of these modules in the development life cycle is shown in Figure 1 (Skidmore, Farmer and Mills 1994). SSADM adopts a product oriented approach where each element, be it a module, stage or step produces predictable outputs from given inputs
Figure 1 Position of SSADM in the systems development life cycle
4.1 Core modules
Each of the five self contained modules has a set of objectives.
feasibility study
to determine whether a systems can be developed to meet defined business
and technical objectives within specified financial and operational constraints
requirements analysis
to determine the application scope
to establish how to integrate IT with other needs
to form an overall view of system costs and benefits
to confirm the viability of continuing further
to gain user ownership of the requirement
requirements specification
to produce a complete specification that informs the subsequent logical
systems specification
logical systems specification
to enable management to select the technical environment that offers
the best value for money
to provide an independent non-procedural specification of system functionality
physical design module
to develop a physical design that defines data, processes, inputs and
outputs whilst incorporating installation standards
to form the basis for system construction
4.2 Modelling perspectives
There are three modelling perspectives within SSADM
Functions - This is an attempt to capture the user's view of system
processing. Techniques used include data flow modelling.
Events - These are business activities that trigger processes to update
system data. Techniques involved include entity life histories and effect
correspondence diagrams
Data - This is a description of the data used in the system utilising
a logical data model.
4.3 Products
Products are defined within a Product Breakdown Structure hierarchy
(PBS), the top level of which has three elements Management Products, Technical
Products and Quality Products. These three categories are designed to be
complementary to ensure that a high quality solution is provided in a managed
and controlled way (CCTA 1990). Management products are used in planning
and controlling the project, technical products document how the project
proposes to realise the project objectives and quality projects demonstrate
how quality has been built into the system.
5. Reviewing SSADM
Winter, Brown and Checkland (1995) explain that computer-based information
systems are systems that serve purposeful human actions. They argue that
there is a very heavy emphasis on the serving information system in the
systems development life cycle with, in the main, only limited and implicit
account taken of the purposeful human action or the so-called served system.
This is particularly the case in the "hard" systems thinking approaches
of structured methods that are highly technical and rational. In examining
SSADM, Winter, Brown and Checkland found no explicit organisational activity
model and that it appeared to accept without question the image, activities
and performance aspects of the organisation in question. Furthermore, they
were critical of SSADM's concept of information requirements was concerned
with the information required for the information system to function rather
than the information needed by the people undertaking organisational activities.
The areas of criticism align with
several of the articles in the subset from the ACM code. Therefore
a method needs to address effectively these areas before it can be considered
to be a professional approach. Clearly the authors have reservations about
SSADM and therefore there has to be reservations over it being a professional
approach unless modified in some way or used in conjunction with a complementary
method to overcome its own shortcomings.
The approach adopted by Winter, Brown and Checkland is organisationally
oriented. It does not appear to go beyond the environs of the organisation.
Potential well-being of many individuals is likely to be at risk unless
an ethically sensitive horizon is established for the scope of consideration.
Issues beyond the horizon are deemed not to influence the project or be
influenced by the project. The scope of consideration is an ethical hot-spot
that is influenced by the identification and involvement of all stakeholders
including those beyond the organisational boundary (Rogerson 1996). It
is this that is particularly addressed in articles 1.1, 1.2 and 3.4 of
the ACM code. This is an area not effectively covered by SSADM and it is
unclear whether distant stakeholders will be identified let alone involved.
The implications of such restricted stakeholder involvement on achieving
a socially and ethically sensitive approach are obvious.
6. Ethics and SSADM
The ethical enhancement of SSADM is a considerable task that is beyond the scope of this paper. The discussion is confined to making some suggestions as to how that task might be achieved. It is clear that a combination of teleology and deontology should be used. This is because teleological approaches focus on outcomes whilst deontological approaches focus on actions. White (1993) explains that together, "they reveal a wide array of internal and external factors of human actions that have moral consequences. Although these two outlooks conflict in theory, they complement one another in practice. ... each acts as a check on the limitations of the other."
With this in mind it is important to address both the process and product of SSADM. The PBS provides the impetus to address issues in a certain way. The completeness of these products needs to be considered given their powerful influence in the development. Consideration must also be given to how the systems developers should think when undertaking the various development tasks. The SSADM culture promotes technological and economic thinking but not ethical thinking explicitly. The new version 4+ appears to be moving to a more balanced view with more emphasis on business orientation and the inclusion of user culture in the systems development template (Hall 1995).
6.1 Changing the structure
It is now recognised that quality should permeate the whole the information systems development process and not simply be considered at discrete points within the process. This is reflected in SSADM by the inclusion of a quality products set comprising a number of files that demonstrate quality has been built into the system (CCTA 1990). Product descriptions are part of this set. There are products descriptions for all the products specified in SSADM. The details includes quality criteria against which the product can be checked. Product descriptions are used to monitor progress and success of the project.
Including quality in each description ensures it permeates the whole
process and promotes a quality culture throughout the development team.
Similarly ethical and societal consideration should permeate the whole
process. It follows that each product description should include ethical
and social criteria to promote this awareness and consideration. This might
be systematically addressed by using the ACM articles to form the ethical
criteria for products within each of the core modules. This is illustrated
in Table 1 which shows which articles apply to each of the modules.
SSADM CORE MODULES
ACM clauses feasibility study requirements analysis requirements specification
logical systems specification physical design
1.10 X X X
1.20 X X
1.70 X X X
2.10 X X X X X
2.40 X X X X X
2.50 X X X
2.80 X X
3.10 X X X
3.20 X X X X X
3.40 X X X X X
3.50 X X
Table 1 Mapping ACM articles onto the core modules
For example, one of the products from stage 4, technical systems options within logical systems specification is the application style guide. This sets the standards for the user environment within the particular project and includes ergonomic details and system based requirements. The ethical criteria for this product based on the appropriate ACM articles might be:
Does the system avoid harm to users and other individuals? (1.2)
Is the application style such that it privacy of individuals is not
compromised? (1.7)
Does the guide satisfy the quality criteria? (2.1)
Has a walkthrough of the application style taken place? (2.4)
Is the working environment enhanced? (3.2)
Has the guide been discussed with representatives of all groups directly
and indirectly affect by the system? (3.4 & 3.5)
It is suggested that the top level of the PBS is extended to include Ethics Products. In this way ethically issues would be explicitly considered within the SSADM method. These would comprise enhanced product descriptions described about plus appropriate outputs from the ethical instruments within SSADM. Three examples of these instruments are now briefly outlined.
6.2 Example instruments
The move from the current data flow diagram to the required logical data model is a demanding process from requirements analysis through requirements specification to logical systems specification. The process logically reduces the requirements definition by removing data redundancy and irrelevancy. This is done from an economic and technological standpoint, (and possibly legal). The question of whether items are redundant from ethical and societal standpoints need also to be addressed. There is also the issue of ethical and societal verification of data item inclusion. Both might be addressed by developing a criterion reference model that enables the ethically and socially charged items be systematically identified. A course of action can then be chosen based on balanced and comprehensive information.
An approach that could be incorporated both in the feasibility study
and requirements analysis modules of SSADM is that suggested by Rogerson
and Bynum (1995). They developed a four perspectives model, based
on Aristotle's model of ethical decision making, for the preliminary analysis
and decision making at the beginning of any systems development project.
This entails the integration of ethics, based upon the concepts and guidelines
already outlined, in two different ways. A comprehensive analysis is undertaken
from four perspectives; technical , economic, legal and ethical. The four-perspectives
analysis is the major input to the decision
making process which in turn results in a tentative action plan. It
is essential that an ethical control loop exists providing the opportunity
to review the decision made. A feedback loop based on the outcome of the
action is inappropriate as it will then be too late to influence that outcome.
For this reason a feed forward loop is included which evaluates the tentative
decision before the action takes place. This ethical evaluation provides
a prediction of the likely outcome should action be undertaken. A predicted
unethical outcome will result in a re-consideration of the project definition
or the four-perspectives analysis or both. A series of analytical iterations
could take place until the ethical feed forward analysis predicts an ethically
acceptable outcome of the proposed practical action.
Given the scientific nature of SSADM that encourages rational logic, it is worth considering how ethical modelling might be incorporated. The SSADM process is based on logical decomposition that identifies the "best" way of satisfying a user requirement. It is oriented to the end product with the analytical journey simply being the means to that end result. A consequentialist approach is attractive in this context. Indeed it might be possible to develop an ethical modelling approach based on Bentham's hedonistic calculus. The seven aspects in the calculus used to compare relative outcomes can be reinterpreted in terms more appropriate for information systems development as:
the value of the benefit
the duration of the benefit
the degree of certainty in benefit realisation
when the benefit will be realised
whether the system will lead to secondary or indirect benefits
the individuals, business and communities affected
This teleological approach has merit in that it links the ethical character
of actions to their practical outcome. However this can be extremely difficult.
As White (1993) points out, "a full account of an action's results means
not only careful analysis of the immediate consequences to all involved
and astute discernment of the quality and comparative value of the sensations
experienced, but also an uncovering of the subtle, indirect, far-reaching,
and long term results as well". This is particularly relevant for IS where
it is usually the case that systems interact resulting in long term synergistic
effects that are difficult to predict and measure.
7. Conclusion
This paper has discussed the ethical problems associated with information
systems development. Little research has been undertaken in this
area to date. It is has been demonstrated that approaches like SSADM do
not encompass ethical considerations effectively. The ACM code has been
used to identify where and how SSADM could be modified and some examples
were used to illustrate this approach. This is only the beginning
. Ethical enrichment of development methods must
be carefully undertaken and validated through field work. Only then
will there be an increase in ethically sensitive information systems
.
References
Avison, D E, (1995) What is IS? An inaugural lecture delivered at the
University of Southampton, 3 Nov 1994.
Avison, D E, Wood-Harper, A T, (1990) Multiview: an exploration in
information systems development, Alfred Waller.
CCTA, (1990) SSADM version 4 reference manual: volume 4 dictionary,
NCC Blackwell
Checkland, P B, (1981) Systems thinking, systems practice, Wiley.
Gotterbarn, D, (1992) The use and abuse of computer ethics, in : Bynum,
T W, Maner, W, Fodor, J L, (eds) (1992) Teaching Computer Ethics, Research
Center on Computing and Society, Southern Connecticut State University,
pp 73-83.
Hall, J, (1995) How is SSADM4.2 different from SSADMV4?, SSADM4+ for
academics, CCTA & International SSADM User Group Workshop, Leeds Metropolitan
University.
Jayaratna, N, (1994) Understanding and evaluating methodologies, McGraw-Hill.
Maner, W, (1996) Unique ethical problems in information technology,
Science and Engineering Ethics, Volume 2 No 2, pp137-155.
Moor, J, (1985) What is computer ethics?, Metaphilosophy, Vol 16 No
4, pp 266-279.
Mumford, E, (1983) Designing participatively, Manchester Business School.
Rogerson, S, (1996) The ethics of software development project management,
PASE'96 conference, University of Westminster, UK., 1-2 February.
Rogerson, S, Bynum, T W, (1995) Towards ethically sensitive IS/IT projected
related decision making, submitted to COOCS'95
Rogerson, S, Bynum, T W, (1996) Information Ethics: The Second Generation,
UK Academy for Information Systems conference, UK.
Skidmore, S, Farmer, R, Mills, G, (1994) SSADM version 4 models and
methods, second edition NCC Blackwell.
Walsham, G, (1996) Ethical theory, codes of ethics and IS practice,
Information Systems Journal, Vol 6, pp 69-81.
White, T I, (1993) Business ethics: a philosophical reader, Macmillan.
Winter, M C, Brown, D H, Checkland, P B, (1995) A role for soft systems
methodology in information systems development, European Journal of Information
Systems, Vol 4 No 3, pp130-142
Wood-Harper, A T, Corder, S, Wood, J R G, Watson, H, (1996) How we
profess: the ethical systems analyst, Communications of the ACM, Vol 39
No 3, March, pp69-77.