A framework for the ethical impact assessment of information technology
- 1.8k Downloads
This paper proposes a framework for an ethical impact assessment which can be performed in regard to any policy, service, project or programme involving information technology. The framework is structured on the four principles posited by Beauchamp and Childress together with a separate section on privacy and data protection. The framework identifies key social values and ethical issues, provides some brief explanatory contextual information which is then followed by a set of questions aimed at the technology developer or policy-maker to facilitate consideration of ethical issues, in consultation with stakeholders, which may arise in their undertaking. In addition, the framework includes a set of ethical tools and procedural practices which can be employed as part of the ethical impact assessment. Although the framework has been developed within a European context, it could be applied equally well beyond European borders.
KeywordsEthical impact assessment Ethical issues Ethical tools Respect for autonomy Nonmaleficence Beneficence Justice
The author acknowledges with thanks the thoughtful and detailed comments of the three anonymous reviewers as well as those of Guido van Steendam, professor of ethics at the University of Leuven, which have helped improve this paper. This paper is based in part on work undertaken by the author in two projects funded under the European Commission’s Seventh Framework Programme: SENIOR (Social Ethical and Privacy Needs in ICT for older People: a Dialogue Roadmap, grant agreement no. 216820) and PRESCIENT (Privacy and emerging fields of science and technology: Towards a common framework for privacy and ethical assessment, grant agreement no. 244779). The views in this paper are those of the author alone and are in no way intended to reflect those of the European Commission.
- Article 29 Data Protection Working Party, Recommendation 3/97: Anonymity on the Internet (WP 6), Adopted on 3 December 1997. http://ec.europa.eu/justice_home/fsj/privacy/.
- Article 29 Working Party, Opinion on data protection issues related to search engines, 00737/EN, WP 148, Adopted on 4 April 2008. http://ec.europa.eu/justice_home/fsj/privacy/workinggroup/wpdocs/2008_en.htm.
- Beauchamp, T. L., & Childress, J. F. (2001). Principles of biomedical ethics (5th ed.). New York: Oxford University Press.Google Scholar
- Beekman, V., et al. (2006). Ethical bio-technology assessment tools for agriculture and food production, Final Report of the Ethical Bio-TA Tools project, LEI, The Hague, February. http://www.ethicaltools.info.
- Boddy, Dr Ken, LOCOMOTION Ethical Study Report, Deliverable D 3.3, Final Version, September 2004. http://cordis.europa.eu/search/index.cfm?fuseaction=proj.document&PJ_LANG=EN&PJ_RCN=6099060&pid=37&q=6AF6FCCDA9FE6C99B48B10861AFEBDDA&type=sim.
- Clarke, R. (2007). Introduction to dataveillance and information privacy, and definitions of terms, Aug. http://www.rogerclarke.com/DV/Intro.html.
- European Commission, Ageing well in the Information Society, Action Plan on Information and Communication Technologies and Ageing, An i2010 Initiative, Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions, COM (2007) 332 final, Brussels, 14 June 2007.Google Scholar
- European Commission, Communication on the precautionary principle, COM (2000)1, Brussels, 2 Feb 2000.Google Scholar
- European Commission, Commission earmarks €1bn for investment in broadband—Frequently Asked Questions, Press release, MEMO/09/35, Brussels, 28 January 2009. http://europa.eu/rapid/pressReleasesAction.do?reference=MEMO/09/35.
- European Commission, The European Research Area: New Perspectives, Green Paper, COM(2007) 161 final, Brussels, 4 Apr 2007.Google Scholar
- European Commission, European i2010 initiative on e-Inclusion: “To be part of the information society”, Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions, COM (2007) 694 final, Brussels, 8 Nov 2007.Google Scholar
- European Council resolution on e-Inclusion, exploiting the opportunities of the information society for social inclusion, 2001/C 292/02, OJ 18 Oct 2001.Google Scholar
- European Group on Ethics in Science and New Technologies (EGE), Opinion No. 20 on Ethical Aspects of ICT Implants in the Human Body, Adopted on 16 March 2005.Google Scholar
- European Parliament and Council, Directive 2001/20/EC of 4 April 2001 on the approximation of the laws, regulations and administrative provisions of the Member States relating to the implementation of good clinical practice in the conduct of clinical trials on medicinal products for human use, OJ L 121/34, Brussels, 1 May 2001.Google Scholar
- European Parliament and Council, Directive 2002/22/EC of 7 March 2002 on universal service and users’ rights relating to electronic communications networks and services (Universal Service Directive), Official Journal L 108 of 24 April 2002.Google Scholar
- European Parliament and Council, Directive 2006/24/EC on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC, 15 March 2006.Google Scholar
- European Parliament and Council, Directive 95/46/EC of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, OJ L281/31 of 23 Nov 1995.Google Scholar
- Flanagan, M., Howe, D. C., & Nissenbaum, H. (2008). Embodying values in technology: theory and practice. In J. van den Hoven & J. Weckert (Eds.), Information technology and moral philosophy (pp. 322–353). Cambridge: Cambridge University Press.Google Scholar
- Goldberg, I., Hill, A., & Shostack, A. (2001). Trust, ethics, and privacy. Boston University Law Review, 81, 101–116.Google Scholar
- Helft, M. (2010). Critics say Google invades privacy with new service. The New York Times, 12 Feb. http://www.nytimes.com/2010/02/13/technology/internet/13google.html.
- International Organization for Standardization, ISO/IEC 15408, Information technology—Security techniques—Evaluation criteria for IT security, First edition, International Organization for Standardization, Geneva, 1999.Google Scholar
- Johnson, B. (2009). Finland makes broadband access a legal right. The Guardian, 14 Oct. http://www.guardian.co.uk/technology/2009/oct/14/finland-broadband.
- Kirkpatrick, C., & Parker, D. (Eds.). (2007). Regulatory impact assessment: towards better regulation?. Cheltenham, UK: Edward Elgar.Google Scholar
- Lyon, D. (2003). Surveillance as social sorting: privacy, risk, and digital discrimination. London: Routledge.Google Scholar
- Maiese, M. (2003) Principles of Justice and Fairness, Beyond Intractability.org, July. http://www.beyondintractability.org/essay/principles_of_justice/.
- Mepham, T. B. (2005). Bioethics: An introduction for the biosciences. Oxford: Oxford University Press.Google Scholar
- Moor, J. H. (1985). What is Computer Ethics? In T. W. Bynum (Ed.), Computers & Ethics (pp. 266–275). Oxford: Blackwell.Google Scholar
- Moor, J. H. (1997). Towards a theory of privacy in the information age. Computers and Society, 27, 27–32.Google Scholar
- Nissenbaum, H. (2004). Privacy as contextual integrity. Washington Law Review, 79(1), 101–139.Google Scholar
- Organisation for Economic Co-operation and Development (OECD), Guidelines on the Transborder Flows of Personal Data, Paris, 23 Sept 1980. http://www.oecd.org/document/18/0,3343,en_2649_34255_1815186_1_1_1_1,00.html.
- Renn, O. (2008). Risk governance: coping with uncertainty in a complex world. London: Earthscan.Google Scholar
- Rowe, G., & Frewer, L. J. (2005). A Typology of Public Engagement Mechanisms. Science, Technology & Human Values, 30(2), 251–290. http://sth.sagepub.com/cgi/content/abstract/30/2/251.
- Skorupinski, B., & Ott, K. (2002). Technology assessment and ethics. Poiesis & Praxis, 1, 95–122.Google Scholar
- Sollie, P., & Düwell, M. (2009). Evaluating new technologies: Methodological problems for the ethical assessment of technology developments. Dordrecht: Springer.Google Scholar
- Stern, P. C., & Fineberg, H. V. (Eds.). (1996). Understanding risk: Informing decisions in a democratic society. Washington, DC: Committee on Risk Characterization, National Research Council, National Academy Press.Google Scholar
- Treasury Board of Canada Secretariat, Privacy Impact Assessment Guidelines: A framework to Manage Privacy Risks, Ottawa, 31 Aug 2002.Google Scholar
- UK Information Commissioner’s Office (ICO), Privacy Impact Assessment Handbook, Version 2.0, June 2009. http://www.ico.gov.uk/for_organisations/topic_specific_guides/pia_handbook.aspx.
- US National Research Council, Committee on Risk Perception and Communications, Improving Risk Communication, National Academy Press, Washington, D.C.,1989. http://www.nap.edu/openbook.php?record_id=1189&page=R1.
- Vedder, A., & Custers, B. (2009). Whose responsibility is it anyway? Dealing with the consequences of new technologies. In P. Sollie & M. Düwell (Eds.), Evaluating new technologies. Dordrecht: Springer.Google Scholar
- Verbeek, P.-P. (2009). The moral relevance of technological artifacts. In P. Sollie & M. Düwell (Eds.), Evaluating new technologies: methodological problems for the ethical assessment of technology developments (pp. 63–79). Dordrecht: Springer.Google Scholar
- von Schomberg, R. (2007). From the ethics of technology towards an ethics of knowledge policy & knowledge assessment. Working document from the European Commission Services, Jan.Google Scholar