Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations

On the Role of Human Morality in Information System Security: From the Problems of Descriptivism to Non-Descriptive Foundations

On the Role of Human Morality in Information System Security: From the Problems of Descriptivism to Non-Descriptive Foundations
View Sample PDF
Author(s): Mikko T. Siponen (University of Oulu, Finland)
Copyright: 2002
Pages: 17
Source title: Ethical Issues of Information Systems
Source Author(s)/Editor(s): Ali Salehnia (South Dakota State University, USA)
DOI: 10.4018/978-1-931777-15-5.ch019



This chapter argues, following the scholars of the first category, that human morality has a role as a means for ensuring security. But to achieve this goal solid theoretical foundations, on which a concrete guidance can be based, are needed. The existing proposals (e.g., Kowalski, 1990; Baskerville, 1995; Dhillon & Backhouse, 2000) do not suggest any theoretical foundation nor concrete means for using ethics as a means of ensuring security. The aim of this paper is to propose a framework for the use of ethics in this respect. To achieve this aim, a critique of the relevance of ethics must be considered. The use of human morality as a means of ensuring security has been criticized by Leiwo and Heikkuri (1998a, 1998b) on the grounds of cultural relativism (and hacker ethics/hacking culture). If cultural relativism is valid as an ethical doctrine, the use of human morality as a means of protection is very questionable. It would only be possible in certain “security” cultures, i.e., cultures in which security norms have been established–if at all. However, the objection of Leiwo and Heikkuri (1998a, 1998b) is argued to be questionable. We feel that cultural relativism has detrimental effects on our well-being and security. Things might be better if the weaknesses of cultural relativism were recognized. This paper adopts the conceptual analysis in terms of Järvinen (1997, 2000) as the research approach. An early version of this paper was presented at an international conference on information security (IFIP TC11, Beijing, China, 2000). The chapter is organized as follows. In the second section, the possible ethical theoretical frameworks are discussed. In the third section, the objections to the use of ethics as a means of protection based on cultural relativism (descriptivism) are explored. In the fourth section, an alternative approach based on non-descriptivism is suggested. The fifth section discusses the implications and limitations of this study. The sixth section summarises the key issues of the chapter including future research questions.

Related Content

Ben van Lier. © 2018. 21 pages.
Jose-Luis Perez-Trivino. © 2018. 18 pages.
Gabriel R. Ricci. © 2018. 20 pages.
Tommaso Bertolotti, Selene Arfini, Lorenzo Magnani. © 2018. 14 pages.
Francesco Albert Bosco Cortese. © 2018. 31 pages.
Lambèr Royakkers, Peter Olsthoorn. © 2018. 18 pages.
John Forge. © 2018. 11 pages.
Body Bottom