Answer & Explanation:The ReviewThe review is to be written as an essay that reflects your understanding of issues with Professional Practice. It is up to you what aspects, issues or arguments you put forward but they must be relevant to Professional Practice as it pertains to Information Systems and must be grounded in current literature. The essay is an academic paper and all claims and assertions must be adequately substantiated with appropriate evidence. You are expected to use other literature and references, preferably from current journal papers, to substantiate your argument in the review. All references must be appropriately cited and referenced. The essay must be relevant academically and indicate implications for practice. The style and form of the essay should be consistent with review articles published in IS journals.The most important aspect of the essay is that it must reflect your own thinking and understanding of Professional Practice in the Information Systems Industry. Please be aware of the plagiarism and collusion policies established by FIT and Monash University.Attached the instructions of the assignment and the article that you’ve to review it. Please read the instructions carefully because the last time you did work for me and my lecturer gave me pass only which means your work is not good enough to get an excellent grade as I requested. In this assessment you need to go through the article and discuss the strength, weaknesses, etc.Also when you finish it I’ll send it straight away to my lecturer to get some feedback and comments what is good and what needs to be modified or changed because I want to get excellent in this assessment.Please read the instructions carefullyi need excellent grade in this.. please A++ work.thank you.
1_s2.0_s0963868716301287_main.pdf
new_assignment_4__critical_review_sem_2_ver_2.docx
Unformatted Attachment Preview
Journal of Strategic Information Systems xxx (2016) xxx–xxx
Contents lists available at ScienceDirect
Journal of Strategic Information Systems
journal homepage: www.elsevier.com/locate/jsis
The paradoxical effects of legal intervention over unethical
information technology use: A rational choice theory
perspective
Mohamed Hédi Charki a,⇑, Emmanuel Josserand b, Nabila Boukef c
a
EDHEC Business School, 24 Avenue Gustave Delory, Roubaix 59057, France
University of Technology Sydney, PO Box 123, Broadway, NSW 2007, Australia
c
SKEMA Business School, Avenue Willy Brandt, 59777 Lille, France
b
a r t i c l e
i n f o
Article history:
Received 6 November 2014
Accepted 26 May 2016
Available online xxxx
Keywords:
Unethical information technology use
(UITU)
Rational choice theory (RCT)
Intervention
Visibility
Interpretive and case study
a b s t r a c t
While the IS literature offers rich insights into the kinds, causes and consequences of
unethical information technology use (UITU), we know little about the degree to which
legal intervention may mitigate UITU. Our research aims at understanding how legal intervention could mitigate UITU by influencing the cost-benefit analysis in determining the
decision to commit such unethical use of IT. Our contributions are twofold. First, we provide testable propositions on the role of legal intervention. Second, we offer an innovative
take on intervention – conceived as a multi-mechanism process that adapts to UITU as well
as to the way IT users negotiate the IT artifact.
Ó 2016 Elsevier B.V. All rights reserved.
Introduction
While IT1 use has provided huge economic and social benefits, these advantages have been tainted by unethical information
technology use (UITU). Research suggests that UITU causes harm (Chatterjee et al., 2012) and leads to losses for business and
society (Leonard and Cronan, 2001), not to mention challenges for managers (Bush et al., 2010). This calls for the IS community
to find a solution and explains why the topic of ethics has such importance for the Strategic Information Systems (SIS) literature,
as acknowledged by senior Information Systems (IS) scholars (Desouza et al., 2006; Mingers and Walsham, 2010). Notwithstanding this importance, our knowledge on the way to address UTIU remains limited.
Accordingly, IS and ethics scholars have called for a clearer understanding of how to address UITU (Bush et al., 2010;
Chatterjee et al., 2012; Stylianou et al., 2013). One of the solutions envisaged is intervention in the form of codes of conduct
(Oz, 1992). However, there is evidence that management – or third-party-implemented codes of conduct – is inefficient in
regulating UITU (Harrington, 1996; Healy and Iles, 2002). Despite such evidence, there is still a dearth of empirical research
exploring the extent to which other forms of intervention can remedy the problem. In particular, Gattiker and Kelley’s (1999)
call for the study of legislative intervention remains unanswered. Since intervention has been deemed effective (Jasperson
⇑ Corresponding author.
E-mail addresses: [email protected] (M.H. Charki), [email protected] (E. Josserand), [email protected] (N. Boukef).
We abbreviate the following terms in this paper: information technology (IT), unethical information technology use (UITU), rational choice theory (RCT),
and online reverse auction (ORA).
1
http://dx.doi.org/10.1016/j.jsis.2016.07.001
0963-8687/Ó 2016 Elsevier B.V. All rights reserved.
Please cite this article in press as: Charki, M.H., et al. The paradoxical effects of legal intervention over unethical information technology
use: A rational choice theory perspective. J. Strateg. Inform. Syst. (2016), http://dx.doi.org/10.1016/j.jsis.2016.07.001
2
M.H. Charki et al. / Journal of Strategic Information Systems xxx (2016) xxx–xxx
et al., 2005) and shown to influence the ethics of decision-making (Bommer et al., 1987; Leonard et al., 2004), we pose the
following research question:
How can legal intervention mitigate UITU by influencing the cost–benefit analysis that determines the decision to commit
UITU?
For this purpose, we build on Gray (2008), and contend that intervention is a formalized enactment that a commonly
agreed-upon third party develops in order to influence the behaviors of IT users in such a way as to ensure a specific course
of action in line with the ethical norms of the larger community.
To pursue our aim, we borrowed the theoretical lens of rational choice theory (RCT) from the field of criminology. RCT
provides a valuable framework for analyzing deviant behaviors such as UITU since it explores the contexts that inhibit or
foster such behavior (Cornish and Clarke, 1986; McCarthy, 2002; Paternoster and Simpson, 1996). Given the exploratory nature of our investigation, we opted for a qualitative design rooted in an interpretive epistemological stance.
We purposefully selected the case of the ethically controversial technology of ORAs. Beall and colleagues define an ORA as
an ‘‘online, real-time dynamic auction between a buying organization and a group of pre-qualified suppliers who compete
against each other to win the business to supply goods or services that have clearly defined specifications for design, quantity, quality, delivery, and related terms and conditions. These suppliers compete by bidding against each other online over
the Internet, using specialized software by submitting successively lower priced bids during a scheduled time period” (Beall
et al., 2003, p. 7). The technology provides a sensitizing empirical setting for our research question. Indeed, ORAs have been
identified by academics (Charki et al., 2011; Emiliani, 2005), practitioners (Atkinson, 2003) and legal experts (Van Eecke and
Skouma, 2006) as the technology that has led to the most serious unethical usages of IT.
Our study offers two main theoretical contributions to the IS literature. First, we provide testable propositions regarding
the role of legal intervention, and discuss its expected complex and paradoxical effects on UITU and IT use more generally.
According to the intervention being investigated, we also offer an innovative take on it as a dynamic, multi-mechanism process that can adapt to UITU as well as to the way IT users negotiate the IT artifact.
Theoretical background
In this section, we further elaborate on the research gap by detailing why legal intervention might be an effective mode of
intervention in relation to UITU and then presenting RCT, our theoretical lens for the empirical study.
Intervention and UITU
Jones (1991) provided one of the most widely used definitions of unethical behavior: ‘‘a decision that is either illegal and
or morally unacceptable to the larger community” (p. 367). The specific concept of UITU was first introduced in the IS literature by Chatterjee (2005), who drew on the seminal work of Mason (1986) to suggest that UITU refers to the violation of one
or more pillars associated with ethics in the information age: privacy, accuracy, property, and access. However, IS research
deals with a broad range of UITU that falls within Jones’s (1991) broader definition and includes computer abuse (Straub and
Nance, 1990), software piracy (Moores and Chang, 2006), unethical use of sales technology (Bush et al., 2010), breaches of
privacy and intellectual property (Stylianou et al., 2013), deceiving suppliers (Charki et al., 2011) and computer abuse in
organizations (Straub and Nance, 1990). Accordingly, we define UITU as technology use that is either illegal or morally unacceptable to the larger community. This is consistent with definitions that describe unethical IT behaviors as abuse related to
the use of IT (Straub and Nance, 1990).
In the context of organizations, intervention with respect to UITU often takes the form of business codes.2 In the case of IT
use, business codes are seen as a necessary intervention to promote good business practices (Payne and Landry, 2005). Issued by
IT managers and/or other senior managers, they aim to clarify responsibilities (Johnson and Mulvey, 1995; Oz, 1992) and influence behavior (Leonard and Cronan, 2001). However, despite initial enthusiasm (Oz, 1992), research has indicated that they
have a limited impact on UITU. Harrington (1996), for example, found that both generic codes and specific IS codes in nine
US-based organizations had no impact on computer abuse: employees lacked awareness of the codes or the codes were in conflict with sub-group norms. Healy and Iles (2002) concluded that business codes were ineffective in regulating UITU because
ethical IT use was considered by users to be secondary to efficient operations.
However, while business codes have been shown to have a limited effect on UITU, we contend that the potential of legal
intervention is more significant. Indeed, Gattiker and Kelley (1999) called on legislators to find ways to enforce intervention,
notably in situations where UITU is not perceived by perpetrators as abusive. Indeed, legal intervention has been depicted as
an important determinant in many ethical decisions (Bommer et al., 1987). Here, the power at the source of the intervention
is also a key factor in its effectiveness (Jasperson et al., 2005). At the same time, legal intervention has been portrayed as
particularly influential in determining ethical actions (Leonard et al., 2004) and unethical decisions (Bommer et al., 1987)
through the rules and norms it enunciates.
2
The literature uses different terms, such as ‘‘code of conduct,” ‘‘code of ethics,” and ‘‘business code.” In line with Kaptein and Schwartz (2008), we refer to
this intervention mechanism as a ‘‘business code.”
Please cite this article in press as: Charki, M.H., et al. The paradoxical effects of legal intervention over unethical information technology
use: A rational choice theory perspective. J. Strateg. Inform. Syst. (2016), http://dx.doi.org/10.1016/j.jsis.2016.07.001
M.H. Charki et al. / Journal of Strategic Information Systems xxx (2016) xxx–xxx
3
Rational Choice Theory as a theoretical lens
The central premise of RCT (Cornish and Clarke, 1986; McCarthy, 2002; Paternoster and Simpson, 1996) is that the decision to commit a deviant act is understood as the outcome of a cost–benefit analysis by individuals who attempt to maximize
their well-being as they compare the benefits of the deviant act with the cost of the penalties and social outcomes that may
ensue (Paternoster and Simpson, 1996; Piquero and Hickman, 2002).
More precisely, McCarthy (2002) explains that a decision to offend on the part of self-interested individuals is influenced
by people’s preferences, their attitude to risk, and their assessment of an illegal opportunity’s availability, cost and benefits
versus a legitimate opportunity’s availability, cost, and potential for realizing the same or comparable returns. Taken
together, these parameters influence the likelihood of a crime occurring. This likelihood is greater when the utility of the
crime is greater than its associated costs. Conversely, the likelihood of a crime occurring will be lower when its costs outweigh its expected utility (Paternoster and Bachman, 2001). Moreover, RCT theory delineates the different types of cost associated with crime in terms of punishment. These costs include legal sanctions (Nagin, 1998), economic costs such as loss of
income (Grogger, 1991), and other costs such as guilt, shame (Grasmick and Bursik, 1990) and social rejection (Nagin, 1998).
RCT suggests that crime can be prevented not by changing offenders but by changing aspects of the context in which offenses
typically occur—in our case, by legal intervention.
Insights gained from RCT have already made a significant contribution to the IS and security literature. For instance, Li
et al. (2010) found that employees’ intention to comply with Internet use policy is influenced more by the probability of
an offense being detected than by the severity of the penalties likely to be imposed. In another example, Bulgurcu et al.
(2010) found that employees’ overall assessment of the consequences of abuse is based on their assessment of the benefits
and costs of compliance and the cost of non-compliance; this assessment explains their attitude towards compliance with
the organization’s information security policy.
Building on this review of RCT in Criminology and its application in the IS literature, we contend that three main principles of RCT are fundamental to our analysis of UITU. First, offenders’ actions are consistent with the maximization of their
utility. This is assessed ex-ante as they weigh up and compare the costs and benefits linked to the deviant behavior in question. Second, the appraisal and resulting choices are made on the basis of imperfect information about both the costs and the
benefits of the crime carried out in a context of uncertainty. Third, offenders make their decisions at individual level. Introducing RCT allows us to fine-tune our research objective. In order to understand how legal intervention could mitigate UITU,
we build on interviews with the various actors to understand the extent to which legal intervention influences the cost–benefit analysis that determines the decision to commit such UITU.
Methodology
Numerous articles have exposed the extensive UITU linked to ORAs. These include allowing unqualified suppliers to bid,
obliging suppliers to honor unfairly low bids, misrepresenting facts and phantom bidding, threatening incumbent suppliers
with the choice of bidding or losing their contract, and including buyers as bidders (e.g., Charki and Josserand, 2008;
Emiliani, 2005; Giampietro and Emiliani, 2007; Tassabehji et al., 2006).
In this paper, our research question examines how legal intervention can mitigate UITU. More precisely, our aim is to
understand how legal intervention can influence the cost–benefit analysis that determines the decision to commit UITU.
Given the exploratory nature of our question, a qualitative approach seemed to be a logical choice, particularly since the
study examines real, hard-to-access data on unethical usage of IT associated with the very sensitive arena (Dickson-Swift
et al., 2009) of buyer–supplier relationships, in which the financial stakes are high.
Qualitative designs are widely accepted in the IS literature (Myers and Avison, 2002) and in situations where researchers
need to capture rich and subtle patterns of complex detail in order to draw closer to the actors’ interpretations (Denzin and
Lincoln, 2011). Galliers and Land (1987) drew the IS community’s attention to the fact that the research method needs to
take the complexity of the real world into account if the results are to be useful and applicable. Thus, we wanted to go
beyond the perspective of IT users alone and to understand the world from the viewpoint of those studied (Pratt, 2009). More
specifically, in order to make sense of our results, we used an interpretive approach (Walsham, 1995), since the interpretation of the effects of intervention is deeply entrenched in the actors’ contexts and the subjective comprehension of ORA technology. Embedding this approach in a single case-study design enabled us to grasp the ORA technology as a system of
understanding of the social interactions between actors (Klein and Myers, 1999). Single case studies are well accepted in
the IS literature (e.g., Berente and Yoo, 2012; Sarker et al., 2012; Seidel et al., 2013). From an IT artifact standpoint, we examined ORAs from the ‘‘ensemble” view, in which the technology is embedded in a complex and dynamic social context
(Orlikowski and Iacono, 2001). This ‘‘ensemble” view incorporates the social influences that shape the way different groups
engage with the technology, and in so doing it enables interpretive researchers to see reality as an inter-subjective construction of shared human cognitive construction (Walsham, 1995).
Context
As the principle of contextualization is highly important to facilitate understanding of the subsequent results (Klein and
Myers, 1999), we present a detailed overview of our context, while positioning it in the realm of information ethics.
Please cite this article in press as: Charki, M.H., et al. The paradoxical effects of legal intervention over unethical information technology
use: A rational choice theory perspective. J. Strateg. Inform. Syst. (2016), http://dx.doi.org/10.1016/j.jsis.2016.07.001
4
M.H. Charki et al. / Journal of Strategic Information Systems xxx (2016) xxx–xxx
The field of information ethics is relatively new as it has only existed since the late 1940s (Rogerson, 2011). Since that
time, it has benefitted from increased scholarly attention in recent years due to the proliferation of a range of ethical challenges, such as IS misuse (D’Arcy et al., 2009) and information security policy violations (Siponen and Vance, 2010). Citing
the work of Moor (1985) and Rogerson (2011) argued that a policy vacuum regarding the social and ethical use of IT is one of
the major problems in the field of information ethics. This provides additional legitimacy to our inquiry on the role of legal
intervention to mitigate UITU.
At the same time and notwithstanding the diversity of ethical challenges associated with the wide array of digital technologies, it is difficult to gather all forms of UITU in one unique empirical context. Accordingly, we decided to focus on an
acute and revealing case of ORA technology, which we expected to prove interesting since it represents one of the most severe cases of UITU that exist. It provided us with the basis for a theoretical contribution that could make sense in other contexts of UITU.
Initially, the ORA technology was hailed by its creators as useful for buyers and suppliers alike. It was presented to buyers
as a means of widening their sourcing horizons (Daly and Nath, 2005), reducing administrative and logistical costs (Hur et al.,
2007), and enhancing purchasing performance (Jap, 2003). Suppliers were told that it would provide access to new markets,
compress time to market, and reduce transaction costs (Smart and Harrison, 2003).
From a technical standpoint, ORA technology is administered by an online market maker that provides a technical platform to host the online bidding event. In this case, the platform is called Agentrics.3 The most famous concept of an online
auction is that of eBay, with an online forward auction where a single supplier solicits ascending online bids from buyers. However, the ORA concept is based on what is known as a Dutch auction, in which a number of pre-selected professional suppliers
are invited to an online auction by professional buyers. Prices are put forward in a descending manner until the best price (from
the buyer’s vantage point, i.e., the lowest bid) is reached, with no additional bids from other suppliers after the time limit. This
practice has been used in virtually every major industry, including the retail and automotive industries (Jap, 2007).
Despite its initial promise, the ORA system has been misappropriated and now bears the dubious honor of being the technology that is most widely associated with unethical IT use (Giampietro and Emiliani, 2007). This naturally triggered numerous negative reactions in the business press. The case is revealing because it is a morally intense issue with high stakes for
the IT users (both buyers and suppliers) concerned (see Table 1 for details on UITU before, during and after ORAs).
With regard to our research question, we noted that the practice of allowing unqualified suppliers, phantom bidders or
even the buyers themselves to bid was the most commonly cited and damaging UITU for suppliers.
Our study was located in France where, as in other contexts, many anomalies had been noted in the use of ORA technology. As UITU …
Purchase answer to see full
attachment
