INFORMATION TECHNOLOGY
and PUBLIC SAFETY

This document is a companion to another one that examines impacts of information technology on people.

Many applications of IT embody significant vulnerabilities for the organisations that operate the system, but also for their clients, and for third parties. Companies and government agencies have only themselves to blame if they fail to assess and manage the risk of harm to themselves and their employees. The focus in this document is on impacts on people generally.

There's a wide range of factors that result in risks to public safety. The following diagram lists them and shows their interactions.

Sources of Risk and Vulnerability

The kinds of people who can be affected by systems include:

• 'clients' of the system. These are of two sub-classes:
  • those who have a direct involvement with the organisation for whom the system is operated (as in the case of customers and debtors, suppliers and creditors, employees, welfare recipients and taxpayers); and
  • those who may be unaware of their association with the organisation and its system (as in the case of systems for criminal investigation and national security surveillance); and
• third parties who may be affected. It is useful to identify two sub-classes:
  • planned impacts. For example, statistical databases (relating to such matters as road use, disease, crime, insurance claims) are used by organisations to make decisions regarding local areas, and will therefore influence the lives of individuals who pass through that area, particularly those who live in them. The risk exists that errors (particularly systematic errors) in the original data, in processing, in information presentation and in interpretation of that information can result in inappropriate decisions. Similarly, an unnecessary release from a dam may result in unnecessary expense for people who live, or have businesses in, the flood-plain;
  • unplanned impacts. Dramatic instances include effluent wrongly emitted from a plant into a river, which may affect people and animal- and plant-life anywhere downstream; and people who live in close proximity to plants and installations whose operations are heavily dependent on computer-based systems, such as chemical factories and power-plants, and airports. However some such risks are not geographically constrained, since faulty automatic pilots can contribute to the escape of fuel or cargo into shipping lanes, and can bring an aircraft down anywhere.

Several different kinds of systems can impact public safety:

• data processing systems that deal with particularly sensitive data (e.g. medical, financial and criminal records systems);
• information systems that support decision-making that significantly affects people's lives (e.g. social security, tax, hospitals);
• systems that act directly on humans (e.g. in hospitals' intensive care wards, and robotic vehicles and machines); and
• systems that act directly on the environment of humans (e.g. automated control systems in chemical and power plants, buildings, mines and dams, and auto-pilots).

Bibliography

Here are some additional sources of information about IT impacts on public safety.

Risks Generally

Risks Forum Digest. Pick an issue and browse; then pick a theme such as aircraft accidents or Unix system security, and follow threads

Peter Ladkin's list of aircraft accidents in which software error was implicated

Responses

The Australian Computer Emergency Response Team

The U.S. Computer Incident Advisory Capability

The home-page of Nancy Leveson, a leading researcher and author in the area

The Code of Conduct of the Australian Computer Society, and the more detailed Code of Professional Conduct and Professional Practice

Robotics

A set of 'robot rules', i.e. laws which could be used to guide the design of systems which incorporate robotics

The only page that came up when I used Alta Vista to search for 'robotics' and 'safety'!!

Navigation

Go to Roger's Home Page.

Go to the contents-page for this segment.

Send an email to Roger

Last Amended: 18 May 1996

These community service pages are a joint offering of the Australian National University (which provides the infrastructure), and Roger Clarke (who provides the content).