We are living in an era in which we routinely deal with issues such as privacy, digital security, identity theft, spyware, phishing, Internet pornography and spam. These costly and time consuming concerns were completely foreign to the American public only a few years ago. State and federal privacy and security legislation is evolving with the intention of protecting the general citizenry from harm and organizations from financial loss and civil or criminal lawsuits. Organizations, particularly information systems professionals within organizations, are being called upon to deal with these issues and institute controls to minimize risk.
This paper will examine the growing issue of malicious digital risks from both a legal and ethical perspective. The relationship of these risks to the core values and ethical conduct of the information systems professionals in our organizations will be explored. A cost-benefit perspective will be used to discuss the effect of legislation on organizations and society at large. Finally, the content of university level curricula designed to address these issues will be suggested.
