Over the past few years, the all-encompassing and intrusive nature of technology and its use in society has reignited a debate over digital ethics.
Recent action taken by activists, concerned investors and employees only represents the tip of the iceberg. Pressure from these groups will intensify as they begin to take direct and decisive action against organizations that misuse and abuse the technologies they develop, purchase, or supply to others. Concerns around unethical practices will force the creation of stricter regulations and laws focusing on responsible technology use, with corporate governance obligations extending to ethical approaches to technology. Those who fail to meet these obligations will be exposed.
Technology such as Artificial Intelligence (AI), robotics and autonomous devices may become enablers of unethical behavior, including cyber-warfare, manipulation of behavior or invasive surveillance of citizens. These technologies will have the capability to exacerbate social inequalities, enable criminal activity, or promote abusive regimes. Those who already hold strong views around social justice and environmental issues will turn their attention towards the ethical development and use of technology and information.
Activists and pressure groups will target governments and organizations perceived to be using technology unethically, prompting a societal backlash that threatens brand reputation. Concerned employees will increasingly leak intellectual property, become whistle-blowers, or withdraw labor, causing significant operational damage to organizations.
What is the Justification for This Threat?
The pervasiveness of digital technologies and capabilities to store and process colossal amounts of data have led to a growing unease about the relationship between technology providers and the governments that use them. For example, during the Hong Kong riots in 2019, a debate was sparked when an Australian organization provided the Hong Kong police with AI facial recognition technologies used to quell pro-democracy protests.
Increasing visibility of the intrusive nature of new and emerging technologies has already led to employees taking an ethical stand. In one prominent example, Google employees refused to support a military project owing to ethical issues raised. Apple also had high profile privacy issues relating to unlocking iPhones, where law enforcement acted when access to devices was prevented. Ethical concerns around the use of digital technologies in abusive domestic relationships have also already surfaced and will accelerate with the adoption of IoT devices in the home.
Following the European Union Directive 2006/46/EU, companies listed in the EU are required to publish a corporate governance statement that relates to ethical issues. While these statements have often focused on ethics related to employment, environmental issues and supply chain provenance, the impact of digital technologies is fast becoming a point of debate and the need for organizations to adopt, and deliver upon, a code of digital ethics is becoming urgent.
Innovative technologies are increasingly providing ethical challenges to societies, from individual privacy concerns to weaponized nation-state attacks on critical services and infrastructure. The pace of technology evolution far exceeds the capability of governments and global bodies to agree and enforce an ethical framework, and so the burden will fall to those companies who are at the cutting edge or early adopters of those technologies.
There remain unresolved questions related to what constitutes digital ethics. Ethical norms vary across the world and for a global organization, adopting an ethical stance that reflects its entire employee and investor base is all but impossible. Notwithstanding these challenges, organizations will need to tackle difficult questions related to the use of new and emerging digital technologies or face actions by insiders, whistle-blowers, and outside groups; all with the potential to cause significant reputational damage and the loss of business.
How Should Your Organization Prepare?
With digital ethical abuse at the forefront of societal debate, organizations should ensure that they are acting appropriately. Ethical practices should transcend from the mission statement down to the very last employee, ensuring that trust between the organization and relevant stakeholders is maintained.
In the short term, organizations should evaluate the information supply chain in the context of ethical boundaries. Additionally, they should formulate a code of ethics related to information and technology, considering the norms and values associated with the regions in which the organization operates.
In the long term, including a digital and technological component in corporate governance models, frameworks, and policies. Introduce the code of digital ethics into corporate governance frameworks and policies. Finally, incorporate ethical dimensions into information risk assessments, ensuring that confidentiality, availability, and integrity controls are deployed appropriately
About the Author
Steve Durbin is Managing Director of the Information Security Forum (ISF). His main areas of focus include strategy, information technology, cybersecurity, digitalization, and the emerging security threat landscape across both the corporate and personal environments.