IT Students and Computer Ethics: Making the Case for Further Training and Ethical Development Belle Woodward Bellew@siu.edu Information Systems and Applied Technologies Southern Illinois University Carbondale Carbondale, IL 62901, USA Wendy Ceccucci Wendy.Ceccucci@quinnipiac.edu Information Systems Management Quinnipiac University Hamden, Connecticut 06518, USA Michael Whitney Witny23@siu.edu Information Systems and Applied Technologies Southern Illinois University Carbondale Carbondale, IL 62901, USA Abstract This study examines the computer ethics of information technology students. Students and Ethics IT faculty were given short scenarios in which they were to evaluate, based on a 5 point Likert scale, if they considered the actions ethical or a computer crime. They were then asked if they would act in an ethical manner if placed in the same situation. The students’ answers were then compared to the answers supplied by the IT faculty. Results indicated that IT students were less able than their faculty to identify or distinguish ethical behaviors from unethical ones. Additionally, students reported a greater likelihood of acting in unethical ways regardless of their abilities to identify ethical/ unethical behaviors. These results suggest that IT students need more training in IT ethics. Keywords: ethics, unethical behavior, information technology students 1. INTRODUCTION Computer and Internet usage are a part of students’ daily routine, in part because students today have grown up with the technology. It is integrated into their daily communication habits and has become a technology as ordinary as the telephone or television (Jones, 2002). According to Burst Media’s July 2007 online survey of 439 college students, 33 percent of students spend more than 10 hours per week online and 19.6 percent spend more than 20 hours per week online. A report by Educause found that the students spent an average of about 18 hours a week, for any purpose — and, on the extreme end, some 6.6 percent of respondents (mostly male) say they spend more than a full-time job’s worth of 40 hours online a week (Guess, 2007). This increase in technology use has raised several ethical issues. For one, the Internet offers a wall of invisibility and anonymity, and, according to Albers-Miller (1999), “when there is a lack of fear of punishment, people do engage in inappropriate behavior’’ (Albers-Miller, 1999). These moral and ethical issues related to Information Technology can be categorized into two areas: (1) unethical behavior leading to immoral acts such as virus creation and software piracy and (2) lack of awareness about information technology security and information technology-related crimes (Siponen & Kajava, 1999). There has been a lot of media attention on software piracy and the illegal downloading of music, which is especially prevalent among college-age students. In a survey by the Gallup Poll (2003), for instance, 83 percent of young people said that downloading music for free was morally acceptable while a poll sponsored by the Business Software Alliance found that only 29 percent of young people think illegal copying is wrong (Ishizuka, 2004) . Students generally felt that copying commercial software and downloading music from the Internet was acceptable. The use of pirated software is pervasive at universities and may even be happening in classrooms (Kruger, 2003). Several studies found that students viewed making copies of protected software as socially and ethically acceptable (Oz, 1990), (Cohen, 1989), (Solomon, 1990). Kini considered softlifting, illegal copying of software for personal use, even more prevalent in universities than in the general population (Kini, Rominger, & Vigayaraman, 2000). A survey sponsored by the Business Software Alliance indicated that 52 percent of university student respondents in the United States and 25 percent of academics believed that the use of pirated software (swapping or downloading digital copyrighted files such as software, music, and movies without paying for them) was acceptable, even in the workplace (2006). Such results are troubling because ethical issues raised by information processing in business extend to confidentiality of data, software piracy, hacking, and stealing the property of others. It has been difficult to determine why there is so much software piracy. Numerous theoretical constructs concern motivation for stealing software, including social factors, perceived consequences or beliefs, habits, affect, facilitating conditions, and individual intention (Limayem, 2004). One study found that the gross domestic product is inversely related to levels of software piracy. In other words, the hypothesis that those who cannot pay for software steal it is less significant (Gopal, 1997) (Seung Kyoon Shin, 2004). Nevertheless, these ethical and moral issues are among the most socially important aspects of information processing. The question of whether or not American students hold different attitudes and perceptions toward software piracy in comparison with students from other nations has not yet been established, but other factors that may influence computer ethics are gender and age. For instance, Wood and Glass found that female students were less likely to allow another student to make an illegal copy of commercial software than male students were, and Harris and Weaver found that this attitude extended to ethical issues in computer use as well (Wood & Glass, 1995-96) (Harris & Weaver, 1994-95). Sources indicate that students in general have a greater tendency towards pirating software and other intellectual property (Kruger, 2003) (Kini R. B., 2004). In particular, Kini et al. (2000) found that younger consumers were more accepting of the use of pirated software. However, it is not necessarily the college environment that promotes the downloading of software. Another study looking at non-university subjects came to the same conclusion, that “young professionals have no scruples about copying software illegally” (Peace, 2003). A study by Freestone and Mitchell (2004) found Generation Y consumers were more permissive of piracy because many reasoned that they were doing no direct harm to sellers, and were victims of inflated music prices (Freestone & Mitchell, 2004). Overall, a lack of a strong moral intensity may be the culprit in regards to such attitudes. Kini et al. (2004) asserted that moral intensity regarding software piracy is related to the extent of software piracy (Kini R. B., 2004). While computer ethics in the broadest sense can be understood as that branch of applied ethics which studies and analyzes such social and ethical impacts of information technology, a more formal definition of computer ethics is a moral philosophy concerning the ethical dilemmas involved in areas of information processing (Vincent & Meche, 1999). Yet despite such moral implications, one study found that there was no significant correlation between student attitudes and their school’s religious affiliation or lack thereof (Siegfried, 2004). Furthermore, Harrington (1989) showed that moral reasoning did not seem to have any impact on university students’ participation in illegal copying of software. 2. METHODOLOGY One method of evaluating how students make ethical decisions is to confront them with ethical dilemmas or situations (Lovisky, 2007). After an extensive review of the literature, an existing survey instrument designed by Harris was selected to evaluate the ethical decision of information technology students (Harris, 2000). The survey was distributed and completed by 198 students in various classes in the information systems program of a Midwestern university. The students were ensured of the confidentiality of their responses and all surveys were completed anonymously. The survey, used to measure ethical decision making, contained 22 vignettes; some vignettes had two scenarios for a total of 26 items. These ethical vignettes were used to determine students’ evaluation of various ethical situations. This survey instrument was similar to the one designed by Harris (2000). It is referred to as the Ethics in Information Technology (IT) Survey and was used with the author’s permission. In the vignettes, an individual is presented with a scenario and required to make a choice for a particular action. The students were asked to evaluate the individual’s response to the situations presented. They were to mark a number on a Likert scale indicating whether they felt the individual’s action was ethical (0), acceptable (1), questionable (2), unethical (3), or computer crime (4). The descriptors of the scale are described as: • Ethical - There is no question that the action is correct in every sense of the word. Ethically, morally, and legally, this is proper behavior. • Acceptable - The action is acceptable to you, although you may have some doubts due to morals or other beliefs. • Questionable - There is some question as to the moral or ethical aspects of the action. The action truly belongs in the "gray area" of human behavior. • Unethical - The action is contrary to moral and ethical standards, although not a crime. This is truly unacceptable behavior. • Computer Crime - The action is unethical and illegal, and the person responsible should be prosecuted for a criminal act (Harris, 2000). The researchers in this study added a reflective component to the original survey. The new component consisted of the students marking whether or not they would perform the action described in the scenario. Approval for this study was obtained from the Human Subjects Review Board at the researchers’ university. The survey was then completed by eight faculty who taught I.T. ethics at the Midwestern University. Their instructions were to complete the survey based on how an expert in ethics would evaluate the scenarios and not answer the questions based on their own personal ethics. The results of the faculty’s survey were used as a benchmark to compare the students’ scores with. The reliability of the scores that resulted from the administration of the Ethics in IT survey was assessed by calculating Cronbach’s alpha. The value (0.816) indicated a high level of reliability. 3. RESEARCH QUESTIONS Using an extended version of Harris’ Ethics in Information Technology (IT) Survey, a series of questions were developed: 1. Is a typical IT student able to recognize and identify whether certain situations are ethical or a computer crime when performed by others? 2. If a student is placed in a situation, would they hypothetically react ethically, even if they knew it was unethical? 3. Is there a correlation between perceptions of actions performed by others and reported personal ethical behavior in the same provided scenario? 4. RESULTS An analysis of the descriptive statistics of the students’ characteristics revealed that the average age of the participants was 24.163 (standard deviation = 5.88) and the average credit hour accumulation for students was 85. In addition, 78 percent were male and 22 percent were female. In consideration to the population, this sample was found to be an appropriate representation. Participants were requested to complete an Ethics in IT survey which contained 22 ethically based vignettes related to information technology practices. Each vignette consisted of one or two ethical actions (i.e., software piracy) made by information technology professionals, resulting in a total of 29 items. Participants were asked to evaluate each ethical action with a 5-point Likert scale and indicate whether they perceived it as ethical (0), acceptable (1), questionable (2), unethical (3), or a computer crime (4). The summation of these responses, hereafter referred to as the Ethical Discretion (ED) score, had a possible range from 0 to 116. The lower scores indicate a greater propensity towards deeming actions taken in the vignettes as to be ethical (i.e., there was nothing wrong). The higher score indicates a greater sensitivity to ethical decision making, in other words, participants identified unethical actions, such as creating and deploying a virus, and indicated them as unethical. The results of the 22 vignettes (7 with two responses) are summarized in Table 1 at the end of this article. The table is sorted by the greatest difference between student’s responses and the benchmark. A second score, hereafter known as the Ethical Decision Making (EDM) score, was based on respondents’ indication as to whether or not they would hypothetically perform the same action described in the vignettes. This score was obtained by adding corresponding scores from each of the 22 vignettes on a scale of 0-1, (0= No, 1=Yes). This score suggests the possible ethical actions and behaviors a participant might portray in their daily lives. A person scoring at the lower end of the scale exhibits a lower propensity towards hypothetical ethical decision making, whereas one scoring at the higher end displays a higher level of hypothetical ethical decision making. In other words, a low score suggests a person that would not participate in illegal activities and a high score suggests one that would, hypothetically. 5. ETHICS IN IT SURVEY RESULTS Question 1: Is a typical IT student able to recognize and identify whether certain situations are ethical or a computer crime when performed by others? Ethical Discretion (ED) scores for all students ranged from 7 to 98 with 69.75 as the average and a 58 median. In an effort to ground the student scores with a baseline, faculty of the department were also surveyed. In regards to faculty Ethical Discretion, their scores ranged from 58 to 99 and had an 82.13 average and a 78.5 median. According to this benchmark, we have evidence to argue that the sensitivity or ability to distinguish unethical behaviors from ethical ones among students is poor. More so, the teachers’ group scored 18 percent higher than that of the students’ group, (82.13-69.75)/69.75. This indicates that there might be a disparity between what the instructors perceive as ethical and how well they are influencing their students. Although students were able to rank the criminal and unethical situations at the top of the list; the relatively low average score of some items indicated they still did not recognize all scenarios that were in fact computer crime (such as providing inaccurate information to external auditors and burning DVDs to sell). In essence, they realized that these actions were more wrong than others, but they did not recognize them to be criminal. When it related to more questionable situations, such as the interpretation of policy and relationships between employees and management, the students were less able to recognize unethical behavior. Therefore, this reinforces the need for ethical training and education in increasing student awareness to discipline specific ethical dilemmas. Question 2: Would the typical IT student hypothetically react the same way if placed in the same scenarios? At the end of each vignette, the students were asked to evaluate that action by indicating whether they would behave similar to the person in the scenario or not; 0 represented no and 1 represented yes. The lowest possible Ethical Decision Making score (EDM) on the Ethics in IT survey was 0 and the highest 26. The EDM scores for all students ranged from 4 to 26; the average was 17.4 with the benchmark’s average being 5. The comparison between the students’ group and the benchmark group, teachers’ group, gives us a 248% difference. Expectedly, the teachers’ group has a lower value in this variable. This also values our selection for the benchmark target group. On average, 13 percent of the students, if able to identify an action as questionable, unethical or a computing crime, would commit the act regardless. Students were more likely to consciously act unethically when it was in regards to the copying and use of software and music or sharing computer resources. In addition, 48 percent of the students who identified that downloading and using shareware without paying for it was questionable, unethical or a crime would still download and use the software regardless. One scenario asked the students to identify the ethics of making a backup copy of a CD even when specifically not permitted. Here, 66 percent of students found this action either ethical or acceptable. Of the remaining percentage, over half of those students would make a backup of the CD even though they thought it was questionable or unethical. Interestingly, 65 percent of the students indicated that the use of another student’s account to download music from file-swapping sites like Kazaa and Napster would be considered questionable or unethical. Yet, 68 percent of all the students indicated that they would use the other student’s account. Surprisingly, 21 percent of the students identified the action as questionable but would still do it anyway. When considering if the typical IT student would hypothetically react the same way if placed in the same scenarios, it is alarming to discover the amount of students that would do the same. Even more so, there exists a group that identifies an action as questionable or unethical, yet they still choose to perform the same action. This alone is a strong indication that further ethical development opportunities are needed in the educational track. Question 3: Is there a correlation between perceptions of actions performed by others and reported personal ethical behavior in the same provided scenario? Table 2: Perception and Action Correlations ED EDM ED Pearson Correlation 1 .485(**) Sig. (2-tailed) .000 N 198 198 EDM Pearson Correlation .485(**) 1 Sig. (2-tailed) .000 N 198 198 ** Correlation is significant at the 0.01 level (2-tailed). As presented in Table 2, there was a positive relationship between the Ethical Discretion (ED) score and the Ethical Decision Making (EDM) score which does not differ from the researchers’ expectations. In addition, the Ethical Decision Making (EDM) questions that were given an “ethical” or “acceptable” response by the student are those that the researchers would expect the students to have answered a “yes” (meaning the student would agree he/she would do the same thing as described in the scenario) and on the corresponding Ethical Discretion (ED) questions and the answers “unethical” and “computer crime” would be clearly mapped with a “no” in the corresponding ED questions. In order to further examine the relationship among EDM and ED, a new variable was created to represent the expected score for EDM questions purely based on the ED question scores. Consequently, it is even more straightforward to create a “difference” variable to represent the numerical difference between the EDM score and the expectation score for each student. So another part of the sensitivities towards the ethical issues a student has can be studied in depth. Although the correlation results between the “difference” variable and the age, gender and GPA variables are not highly significant, the negative signs of the correlation coefficient for both age and weighed GPA indicate a consistency between the EDM answers and ED answers. As the age or weighted GPA increase, students will rely more on their judgment on the IT criminal issues to guide their behavior. On the other hand, students who are lacking in these two factors will be less reliable for their ethical decision making. For example, as they believe that the person’s action is unethical in the certain scenario, they can still take the risk to do the same thing; whereas, when sometimes they think those actions are acceptable, they will choose not to do that. The contradiction reveals the dubitation and lack of sensitivity they have under the circumstances. Table 3: Difference Correlations Difference Age Pearson Correlation -.023 Sig. (2-tailed) .752 N 190 Gender Pearson Correlation .035 Sig. (2-tailed) .635 N 190 Weighed GPA Pearson Correlation -.084 Sig. (2-tailed) .252 N 189 ** Correlation is significant at the 0.01 level (2-tailed). 6. SUMMARY Computers have become an integral piece of our society, so much so that a large portion of a student’s life is spent sitting alone in front of a computer. There is no officer in the domain, no patrol at the gateway. Students are left alone to decide if the low hanging fruit is worth taking, all the while knowing that the chance of getting caught is next to nothing. Do they identify that taking the fruit is wrong? Does that knowledge influence their final decision? This is what researchers were interested in investigating. So, did the students know that taking the fruit was wrong? Well, yes and no. When confronted with an ethical action that was blatant such as creating a virus, they consistently identified that the action was on the illegal side. However, when an action was not so blatant, such as violating policy by using company email to send a message critical of management, then students indicated such actions more on the acceptable side. As a comparison, the baseline group did not find such actions as acceptable. Here, it is evident that unless the action is blatant with a higher possibility of legal trouble, then the students do not perceive ethical actions as being inappropriate. This raises the question as to why? Is it due to their culture, their education? Obviously, further research can help to uncover the reasons behind this discrepancy. Would the students have taken the fruit if in a similar situation? Startlingly, they would, and at a much higher rate than would be expected. So much so that they would do it at a rate of 238 percent more than the baseline group would. It was alarming to discover that even when they rated something on the unethical side of the spectrum, they would still perform the same action. Such a thing screams for further ethical development opportunities in the post-secondary environment. Not doing so might be considered educational malpractice. REFERENCES Albers-Miller, N. D. (1999). “Consumer Misbehaviour: Why People buy Illicit Goods.” Journal of Consumer Marketing, 16 (3), 273–287. Business Software Alliance (BSA). (2006). Fourth Annual BSA and IDC Global Software Piracy Study. Retrieved June 5, 2006, from HYPERLINK "http://www.bsa.org/globalstudy" Cohen, E. A. (1989). “College students believe piracy is acceptable.” CIS Educators Forum Proceedings, 2-5. Freestone, O., & Mitchell, V. (2004). “Generation Y Attitudes Towards E-ethics and Internet-related Misbehaviors.” Journal of Business Ethics, 54, 121-8. Guess, Andy (1997) “Students ‘Evolving’ Use of Technology”, Retrieved Aug 2008, from Inside Higher Ed: www.insidehighered.com/news/2007/09/17/it Gopal, R. a. (1997). “Preventive and deterrent controls for software piracy.” Journal of Management Information Systems, 14 (4), 29-47. Harris, A. (2000), “IS Ethical Attitudes Among College Students: A Comparative Study,” Proceedings of ISECON 2000 (Philadelphia, PA), pp. 801-807. Harris, A., & Weaver, A. (1994-95). “A Comparison of IS Ethics Attitudes Among College Students.” Journal of Computer Information Systems, 60-64. Husted, B. (2000). “The Impact of National Culture on Software Piracy.” Journal of Business Ethics, 26, 197–211. Ishizuka, K. (2004). “Kids: Stealing digital data OK.” School Library Journal, 50 (8), 18. Jones, S. (2002, June). “The Internet Goes to College: How Students are Living in the Future with Today's Technology.” Retrieved 2008, from http://www.pewinternet.org/PPF/r/71/report_display.asp: Kini, R. B. (2004). “Shaping of moral intensity regarding software piracy: A comparison between Thailand and U.S. students.” Journal of Business Ethics, 91-104. Kini, R., Rominger, A., & Vigayaraman, B. (2000). “An empirical study of software piracy and moral intensity among university students.” Journal of Computer Information Systems, 40 (3), 62-72. Kruger, R. (2003). “Discussing cyberethics with students is critical.” Social Studies, 94, 188. Limayem, M. K. (2004). “Factors motivating software piracy: a longitudinal study.” IEEE Transactions on Engineering Management, 51 (4), 414- 425. Lovisky, G. T. (2007). “Assessing mangers’ ethical decision making: an objective measure of managerial moral judgement.” Journal of Business Ethics, 3, 263-86. Oz, E. (1990). “The attitude of managers-to-be toward software piracy.” OR/MS Today, 17 (4), 24-6. Peace, A. G. (2003). “Software piracy in the workplace: a model and empirical test.” Journal of Management Information Systems, 20 (1), 153-77. Seung Kyoon Shin, R. D. (2004). “Global Software Piracy Revisited: Beyond Economics.” Communications of the ACM, 47 (1). Siegfried, R. M. (2004). “Student attitudes on software piracy and related issues of computer ethics.” Ethics and Information Technology, 6, 215-222. Siponen, M. T., & Kajava, J. (1999). “Computer Ethics—The Most Vital Social Aspect of Computing: Some Themes and Issues Concerning Moral and Ethical Problems in Information Technology.” (www/ifi.uio.no/isis20/proceedings/12.htm.). Solomon, S. a. (1990). “The effect of demographic factors on attitudes toward software piracy.” Journal of Computer Information Systems , 30 (3), 41-6. Vincent, A., & Meche, M. (1999). “Ethics in Information Processing.” Encyclopedia of Business, 2nd ed. Wood, W., & Glass, R. (1995-96, Winter). “Sex As a Determinant of Software Policy.” Journal of Computer Information Systems, 37-43. TABLE 1 – INFORMATION TECHNOLOGY VIGNETTES The scenarios have been shortened from the original survey. (0 = Ethical, 1 = Acceptable, 2 = Questionable, 3 = Unethical, and 4 = Computer Crime) Scenario Mean Benchmark Diff. A woman purchases the latest upgrade of a word processing program she owns. The license says that the old version is to be discarded or kept only for backup purposes. She loads the old version on her secretary’s computer since she does not have a word processing program. (q4) 1.78 2.88 1.1 The employee who has access to the code of the registered innovative business model offers to give it to a friend for her company to use. Anyone who wanted to use the technology was to get permission from the company and pay them a royalty. (q21b) 2.8 3.75 0.95 A branch bank employee realizes he has accidentally overdrawn his checking account and will have to pay $25. He changes the account status until he makes a deposit so no overdrawn check charges will be assessed. (q2) 2.8 3.75 0.95 A girl downloads files and uses her DVD burner to make albums for her friends which she sells for $5 apiece. (q22b) 2.95 3.88 0.93 An employee of a company gives a friend the code of a registered innovative business model used by his company, and the friend decides to use the technology (q21a) 2.97 3.75 0.78 An employee sends messages critical of management, even though the company policy states that email is to be used only for company business and may be reviewed by managers (q6a) 1.03 1.75 .72 A graduate student is writing a college paper on the effects of computer viruses. She writes a short program that would release a PEACE message through email exchange. The message would not affect the receivers’ data but would interrupt their screen. She does it just to see how fast a simple, non-destructive virus can spread. (q8) 2.3 3 .7 A manager of a company enters the email to review messages sent to ensure that the system is not being used for private purposes (the policy states that managers may review the mail of subordinates). When he finds two employees sending messages to other employees critical of management he reprimands them. (q1a) 1.32 2 0.68 A programmer is asked to write a program which will generate inaccurate information for external auditors. When he questions the manager, the manager tells him he must write the program or be reassigned to a lower position(q9a) 2.34 3 .66 A man downloads a shareware program which requires anyone using it to register and pay a small fee. He uses the program every day and decides not to register it (q3) 2.37 3 0.63 A man creates a virus to force users to register for a shareware program he created. (q13) 3.43 4 0.57 A girl downloads music from file-swapping sites. She uses another person’s account to download several hundred songs. (q22a) 2.19 2.75 0.56 Felicia’s company has purchased a spreadsheet program for her to use on the job. The license agreement says that the program is licensed to her machine. She makes a copy and loads it on her machine at home. Felicia doesn’t feel guilty because she will never be using both programs at the same time. (q12a) 1.86 2.38 .51 A company had to cut employees’ hours, so they encouraged them to get part-time jobs. The employee uses his current company’s computer to create databases for the clients of the new business, who pay him for his services. (q15) 2.38 2.88 0.5 A non-student of a university asks a student to let him use her password to gain access to the school’s computer on which he plays games for several hours a week during the summer.(q7b) 2.26 2.63 0.37 A programmer for a loan company finds an error. He estimates that 25-50 cents is added to each bill per month. He decides not to report the error. (q11) 3.02 3.38 0.36 A manager tells a programmer working for him to write a program that he knows will generate inaccurate information for the company’s external auditors. (q9b) 3.2 3.5 0.3 A salesperson believes she is not being paid the same as the other salespeople. She figures out how to access the payroll records on the main computer and reviews them; she concludes she is getting paid appropriately and no other use of the information was made. (q14) 2.86 3.13 0.27 A manager of a company who has no policy on the use of email enters the email system and reviews mail messages sent by subordinates to ensure that the email is not being used for private purposes. When he finds an employee has sent hundreds of SPAM messages to political donors, he reprimands him. (q10b) 1.75 2 0.25 A manager of a company fires an employee for frequently viewing pornographic Website even though the company allows the use of the Web for limited personal use. (q18a) 1.27 1.5 0.23 A student changes the data in a file needed in a class competition to favor his team; just before the results are due to the professor, he changes the data back to its original value and his team wins. (q5) 3.03 3.25 0.22 A website designer posts a seal that says “Approved by the BBB” and a seal indicating the “Fisher-Price” trademark on the website to increase sales without permission to use their names. (q20) 3.29 3.5 0.21 A student of a university gives his password to someone who is not a student so he can use it for whatever purpose he wants. (q7a) 2.3 2.5 0.2 A company allows its employees to use the web for limited personal use. Two employees are found to be frequenting pornographic sites. The manager subsequently fires him. Evaluate the ethical actions of the manager. (q19a) 2.18 2.38 .19 In a company that has no policy on the use of email, an employee sends hundreds of SPAM messages to political donors.(q10a) 2.51 2.63 0.12 A person is asked to create a Web site to collect personal information from internet surfers. He is aware the company sells the data to advertisers for a profit and they may use it to send SPAM and sexually explicit mailings to unwitting people. He goes ahead and creates the site.(q17) 2.62 2.38 -0.25 An employee of a company that allows the use of the Web for limited personal use visits pornographic sites frequently. (q18b) 2.64 2.38 -0.27 An employee sends messages critical of management even though the company policy states that email is to be used only for company business and may be reviewed by managers. (q1b) 2.16 1.63 -0.5