Cyber-security, Privacy and Ethics of IS

As companies attempt to enhance the value of their services to customers, a commonly used strategy involves the use of more user data to provide better targeting, personalization, and product recommendation. Despite this positive intent, the collection and storage of more user data comes with heavy corporate responsibilities towards data security, user privacy, and ethical data usage. The improper handling of user data has serious business implications with possible legal, social, and even political consequences. For example, the Cambridge Analytica data scandal showcased the extent of damages that improper data usage can cause, and the negative backlash imposed on a business’s operations and revenues. Under this backdrop, companies in the digital era are faced with the non-trivial task of striking a fine balance between executing data analytics initiatives and ensuring sufficient security/privacy protection. This problem is faced by wide set of stakeholders across industries, as the use of IT systems and user data is ubiquitous and has permeated across almost all aspects of our lives (spanning from government to banking, health to retail management, just to name a few). Moreover, the proliferation of social media and mobile technologies intensifies the concerns of data breaches, user privacy, and information security, yet companies are forced to rely on these platforms and data to stay updated to user needs and remain competitive.

At the same time, with increased online access and usage, a new set of illegal activities and morally questionable practices are now enabled by the Internet. Criminals are finding new ways online to conduct illegal activities like online fraud, identity theft, cyber terrorism, piracy, and transactions of illegal products/services (drugs, sexual solicitation, human trafficking, child pornography). With the democratization of content sharing and access in the online medium, harmful and inappropriate content have begun to fill the online space (e.g., online suicide content such as ‘Blue Whale’ game, live streaming of crimes on social media, hate motivated ideologies, revenge porn, cyberbullying, cyberthreats). More recently, we see the emergence of undesirable outcomes such as discrimination and the spread of fake news on the digital medium. Despite these trends, policies and regulations are not up to date in curbing these new issues. These worrying trends bring important questions to the MIS community: Should online content remain unregulated? Who should be responsible for the screening of inappropriate content online (site owners, user community, or third party government agencies)? What are core guidelines and policies with regards to content/information sharing on online avenues?

As a response to these challenges, this track seeks contributions that attempt to 1) provide a better understanding of the potential security/privacy/ethical issues that may arise from data usage, 2) consequences of these issues on business, social, legal, or political outcomes, 3) possible solutions to address the concerns of cyber-security, user privacy and ethical data usage, and balance these issues with corporate initiatives for enhancing value to users. Given the said challenges are underexplored in emerging online contexts (e.g., AI applications, blockchain technologies, Internet-Of-Things, crowdsourcing/crowdfunding platforms, sharing economy, smartphone apps, social media/networking), we highly encourage the submission of works that are based on these domains. At the same time, we are open towards works that deepen our knowledge of these issues in traditional contexts (e.g., health, finance, banking, ecommerce, online marketing). Submitted manuscripts can draw on any theoretical backgrounds (including but not limited to psychology, economics, sociology, criminology, or computational sciences) and methodological approaches (analytical work, experiments, qualitative studies, design science, and so forth).

Track Chairs:
Jason Chan
Seung Hyun Kim
Hanna Krasnova