[AISWorld] [AJIS] New Section: Research on Applied Ethics (Cybersecurity)

Ajis Editor ajis.eic at gmail.com
Mon May 6 19:50:08 EDT 2019 

Hi,

The *Australasian Journal of Information Systems *has just published its
latest special section.

*Research on Applied Ethics (Cybersecurity)*
https://journal.acs.org.au/index.php/ajis/index



*Preface to Research on Applied Ethics (Cybersecurity)Matthew Warren,
Oliver Burmeister*
*Abstract*
This is the second special section on applied ethics for AJIS. As was the
case for the first special section on ethics, of the various submissions,
only three have been accepted for publication. This is not an indication
that little work is being done in relation to cybersecurity ethics, but
rather a reflection of the difficulty of getting published in a high
quality journal. A great deal of research is being done in the area of
ethics as regards cybersecurity, particularly in Europe as a result of the
recent toughening of its privacy legislation and the implications that has
for all manner of ethics and technology, from blockchain, to wearable
robots and through to cybersecurity. An overview of those three articles
follows, after which the guest editor backgrounds are described.



*Machine Learning, Ethics and LawSeumas Miller*
*Abstract*
Recent revelations concerning data firm Cambridge Analytica’s illegitimate
use of the data of millions of Facebook users highlights the ethical and,
relatedly, legal issues arising from the use of machine learning
techniques. Cambridge Analytica is, or was – the revelations brought about
its demise - a firm that used machine learning processes to try to
influence elections in the US and elsewhere by, for instance, targeting
‘vulnerable’ voters in marginal seats with political advertising. Of
course, there is nothing new about political candidates and parties
employing firms to engage in political advertising on their behalf, but if
a data firm has access to the personal information of millions of voters,
and is skilled in the use of machine learning techniques, then it can
develop detailed, fine-grained voter profiles that enable political actors
to reach a whole new level of manipulative influence over voters. My focus
in this paper is not with the highly publicised ethical and legal issues
arising from Cambridge Analytic’s activities but rather with some important
ethical issues arising from the use of machine learning techniques that
have not received the attention and analysis that they deserve. I focus on
three areas in which machine learning techniques are used or, it is
claimed, should be used, and which give rise to problems at the interface
of law and ethics (or law and morality, I use the terms “ethics” and
“morality” interchangeably). The three areas are profiling and predictive
policing (Saunders et al. 2016), legal adjudication (Zeleznikow, 2017), and
machines’ compliance with legally enshrined moral principles (Arkin 2010).
I note that here, as elsewhere, new and emerging technologies are
developing rapidly making it difficult to predict what might or might not
be able to be achieved in the future. For this reason, I have adopted the
conservative stance of restricting my ethical analysis to existing machine
learning techniques and applications rather than those that are the object
of speculation or even informed extrapolation (Mittelstadt et al. 2015).
This has the consequence that what I might regard as a limitation of
machine learning techniques, e.g. in respect of predicting novel outcomes
or of accommodating moral principles, might be thought by others to be
merely a limitation of currently available techniques. After all, has not
the history of AI recently shown the naysayers to have been proved wrong?
Certainly, AI has seen some impressive results, including the construction
of computers that can defeat human experts in complex games, such as chess
and Go (Silver et al. 2017), and others that can do a better job than human
medical experts at identifying the malignancy of moles and the like (Esteva
et al. 2017). However, since by definition future machine learning
techniques and applications are not yet with us the general claim that
current limitations will be overcome cannot at this time be confirmed or
disconfirmed on the basis of empirical evidence.



*Entrapment behind the firewall: the ethics of internal cyber-stingsMorgan
Luck*
*Abstract*
Internal cyber-attacks (cyber-attacks which occur from within an
organization) pose a serious threat to an organization’s security. One tool
that organizations can employ to help them detect such threats is the
internal cyber-sting. An internal cyber-sting involves an organization
enticing its members into performing a (controlled) internal cyber-attack
in order to apprehend them.  However, there is (rightly) considerable moral
consternation about employing such a tool; for it is deceitful and
undermines trust. The aim of this paper is to present four separate actions
that might be taken by organizations to strengthen their moral reason for
employing internal cyber-stings.



*The Importance of Ethical Conduct by Penetration Testers in the Age of
Breach Disclosure Laws.Georg Thomas, Oliver Burmeister, Gregory Low*
*Abstract*
Across the globe, there has been a noticeable increase in the adoption of
breach disclosure laws that are designed to protect the privacy of
individuals. To validate the security controls implemented by an
organisation to protect sensitive data, penetration testers are often
engaged to test the security of information systems and to report any
vulnerabilities. Using an interpretivist, constructivist approach, this
article reports on a pilot study that compares USA and Australian
approaches to ethical hacking. The need for regulation of ethical hacking
to help protect organisations from unethical conduct was a recurring theme.
With the changes in privacy regulations across the world, unauthorised
disclosure of personal and privileged information could result in
significant consequences. This paper explores the importance of ethical
conduct by penetration testers based on empirical research and the
potential for misuse of information.

-=-=-=-
*Call for Papers*

AJIS publishes high quality contributions to the global Information Systems
(IS) discipline with an emphasis on theory and practice on the Australasian
context.

Topics cover core IS theory development and application (the nature of
data, information and knowledge; formal representations of the world, the
interaction of people, organisations and information technologies; the
analysis, design and deployment of information systems; the impacts of
information systems on individuals, organisations and society), IS domains
(e-business, e-government, e-learning, e-law, etc) and IS research
approaches.

Research and conceptual development based in a very wide range of
epistemological methods are welcomed.

All manuscripts undergo double blind reviewing by at least 2 well qualified
reviewers. Their task is to provide constructive, fair, and timely advice
to authors and editor.

AJIS welcomes research and conceptual development of the IS discipline based
in a very wide range of epistemologies. Different types of research paper
need to be judged by different criteria. Here are some assessment criteria
that may be applied:

•       Relevance - topic or focus is part of the IS discipline.
•       Effectiveness - paper makes a significant contribution to the IS
body of knowledge.
•       Impact - paper will be used for further research and/or practice.
•       Uniqueness - paper is innovative, original & unique.
•       Conceptual soundness - theory, model or framework made explicit.
•       Argument - design of the research or investigation is sound;
methods appropriate.
•       Clarity - Topic is clearly stated; illustrations, charts & examples
support content.
•       Reliability - data available; replication possible.
•       References - sound, used appropriately, and sufficient –
appropriate AJIS articles referenced
•       Style - appropriate language, manuscript flows.

This journal provides immediate open access to its content on the principle
that making research freely available to the public supports a greater
global exchange of knowledge.

AJIS has been published since 1993 and appears in the Index of Information
Systems Journals, is ranked "A" by both the Australian Council of
Professors and Heads of Information Systems and the Australian Business
Deans' Council.

In addition to web distribution, AJIS is distributed by EBSCO, it is listed
in Cabell's International Directory and is indexed by EBSCO, Elsevier,
Scopus and the Directory of Open Access Journals.

Thanks for the continuing interest in our work,

Cheers
Associate Professor John Lamp
Editor-in-Chief, Australasian Journal of Information Systems
http://journal.acs.org.au/index.php/ajis/

Never mind “publish or perish,” “get visible or vanish”
(That slogan is licensed under a Creative Commons
Attribution-NonCommercial-ShareAlike 3.0 Unported License.)

More information about the AISWorld mailing list