All sorts of information are made accessible at the tip of one’s fingers and can be retrieved in a short period of time through the amazing Internet technology, computerized or electronically processed data system. What used to be data, like records or public documents, gathered for weeks or days can now be obtained in minutes or seconds. What used to be information for selected or privileged few intellectuals are now exposed to the public regardless of state, race, ethnical culture, sex or status, not to mention a few restricted information that are confined to certain age levels, or those that are sensitive to security and privacy.
This paper, therefore, argues that employees have the right to maintain their privacy in the workplace and if surveillance equipments in corporations are not regulated, employees are in danger of becoming dominated by an all-seeing, all-knowing “big brother. ” Surveillance and Monitoring in the Workplace The scope of social control has become a critical issue because organizations now have so many new tools, including computerized databases, aerial surveillance cameras, DNA testing, and highly sensitive listening devices at their disposal.
Civil libertarians and advocates of due process are troubled that the government can use this new technology to monitor the behavior and actions of employees. The new surveillance techniques operate on a number of levels. Computers are used in extensive data retrieval systems to cross-reference people and activities. Some employers also monitor emails. The act of monitoring an email shows demeaning attributes of an employer resulting in future ill-effects.
This would mean failure to build a strong pool of employees, discontinuity of good work, disruption of harmonious relationship among employees, quarrelsome and suspicious attitudes, absenteeism, malingering, poor performance and late attendance. These acts surely and clearly defy the laws of man that invading one’s privacy is illegal and unacceptable. Employers need to respect employees so that there is peaceful coexistence. In fact, even employees in teams need to decide where to place the veil of privacy around their internal proceedings. If everything is kept confidential, others will wonder.
If the dirty laundry is aired, the credibility of the team and the integrity of its processes may suffer significantly. The team has to achieve a balance appropriate to its specific circumstances. Usually teams make a decision not to report any personal opinions, differences, or conflicts that members have inside the team. Some even get more protective and refuse to report anything that will hurt the team or make it look bad. The ethics in the workplace has a lot to do with the decisions made both by its leaders and staff. Often, the employees just follow what their managers do.
It is a case of “following the leader” that ultimately makes the job of managers a transparent looking-glass where people measure their own ethical standards. Hackworth maintains that the leader of an organization makes him ultimately responsible for the culture of his organization – including the ethical culture (Hackworth, M. 1999). This should not come as a surprise because people emulate their boss’s behavior as well as his actuations. According to Philip Agre and Marc Rotenberg’s Technology and Privacy: The New Landscape, privacy is the “capacity to negotiate social relationships by controlling access to personal information.
As laws, policies, and technological design increasingly structure people’s relationships with social institutions, individual privacy faces new threats and new opportunities. ” (Agre ; Rotenberg, 1997). Of course there are systems to regulate or monitor good Internet practices. However, recent developments reveal that, organizations are concerned to protect their IT resources more including data that are both stored or transmitted in a network because of the many anomalies on privacy and security.
With the availability of an array of new information technologies (especially computers and videos), enormous concern has been expressed about invasions of privacy at the organizational level. A few of these privacy issues include drug testing, honesty testing, confidentiality of medical and psychological counseling records, managerial monitoring of email and work performed on computers and access to credit records. Video monitoring is an example of the use of one technology that has become widespread, despite the negative reaction many people have to the idea of having everything they do recorded on tape.
For example, at hundreds of Dunkin’ Donuts shops, the walls have ears that can hear conversations between customers as they wait in line to be served, as well as monitor conversations among employees. Franchise owners believe that this form of intrusion is necessary to increase security and keep employees on their toes. But some employees and customers have expressed concerns. People react in a similar way when they hear about software programs designed to keep track of people’s Internet travels. (Lyons, 1997, 37-40). Studies reveal that the US Congress is still considering a number of bills that impact the Internet.
There are rules being developed to protect the Internet users accordingly. Debates in Congress are taking place that include the following issues: “(1) whether to continue the moratorium on Internet taxation; (2) whether and how to revamp regulations to increase the availability of high-speed connections to the Internet; (3) and how to protect the privacy of Internet users” (Bridis, 2003). Corporate Espionage Some of the ways in which companies provide solutions to this is in utilizing some behavior-based assessment system that assesses the organization’s vulnerability to these scrupulous acts.
Aside from this, they also provide a detailed report explaining the specific vulnerabilities and providing recommendations for mitigation. For example, the company, “Psynapse Technologies corporate security assessment services complement and accompany the Corporate Espionage Instrument as a customized consultation for companies’ specific organizational environment. ” Security experts are called upon to elicit a balanced and exhaustive evaluation of the organizational and behavioral components of an organization to enhance the overall protection of any organization.
They are able to look into the physical, procedural and administrative factors that may be causing these lapses in information dissemination. Today, companies hire the services of these people so that important information will not leak out of the company into the competitor’s lap. Aside from on-sire assessment, these security assessors also provide companies with a customized report on points of vulnerability, organizational risk and threat assessment and even provide them with a customized consultation if need be (Corporate Security). Risk Management
Risk management is a process where organizations systematically address the risks attaching to their activities with the goal of achieving sustained benefit within each activity and across the portfolio of all activities. The focal point of good risk management is the identification and treatment of these risks, an integral component of any organization’s strategic management. It organizes the understanding of the potential upside and downside of all factors that can affect the organization while increasing the chance of success, and reducing the chance of failure (Stoneburner et al.
Risk Management Guide for IT Systems) Similarly, risk management should address methodically all the risks surrounding the organization’s past, present and future activities. It must be integrated into the culture of the organization with an efficient policy and a program led by senior management. It should translate the strategy into tactical and operational objectives, assigning responsibility throughout the organization with each manager and employee taking part in the management of risk. This is one element in their job description (GAO Executive Guide).
IT security practitioners are responsible for proper implementation of security requirements in their IT systems. Practitioners include database administrators, computer specialists, security analysts, and other closely related job positions. As changes occur in the existing IT system environment, the IT security practitioners must support or use the risk management process to identify and assess new potential risks and implement new security controls as required to safeguard their IT systems. The personnel of an organization are the users of IT systems.
The utilization of the IT systems according to an organization’s policies and guidelines is vital to protecting the organization’s IT resources. In order to lessen risk to the IT systems, it is important that system and application users are to be provided with security responsiveness training. For that reason, the IT security trainers must be aware of the risk management process so that they can develop appropriate training materials and incorporate risk assessment into training programs to educate the organization’s IT system end-users. (Stoneburner et al. Risk Management Guide for IT Systems)
Successful risk management entails a reporting and review structure to guarantee that risks are effectively identified and assessed and that appropriate controls and responses are in place. Standard audits of policy and compliance must be implemented and standard performance reviewed to identify opportunities for improvement. It should be taken into account that dynamic organizations generally operate in dynamic environments. Changes in the organization and the environment in which it operates must be identified and appropriate modifications incorporated to systems.
Similarly, the monitoring process must also provide assurance that there are appropriate controls in place for the organization’s activities and that the procedures are implemented. Any monitoring and review process should also determine whether 1) the measures adopted resulted in what was intended, 2) the procedures adopted and information gathered for undertaking the assessment were appropriate, and 3) improved knowledge would have helped to reach better decisions and identify what lessons could be learned for future assessments and risk management. Stoneburner et al. Risk Management Guide for IT Systems) Conclusions Considering that these issues are still being given much attention, one can say that the government, particularly Congress, views the huge potential of the Internet technology to influence people in countless ways, be they information, knowledge, education, communication, and a lot more. The Internet technology can do more ways than one in spreading progress and development in people’s lives within a nation and across the globe.
However, such huge potential can put danger to a number of lives if not properly regulated and controlled to a certain extent by the government. It can be a tool used for abusive practices or unlawful and dangerous schemes considering that it is too open to free communication and transfer of technology. If not properly monitored, unlawful elements can further their plans and atrocious acts can proliferate without being caught or held liable for their own crimes.
Indeed technology is here to stay and will continue to progress for people to use for their own advantage, yet it could be a dangerous tool to perpetrate unlawful or criminal acts to achieve dangerous ends. It is but right that the US government must take pro-active measures to monitor, regulate and ensure that the Internet technology is properly used to attain such valued purposes for which it is intended and thus protect the interests of individuals in the workplace.