An organisational internet use policy (IUP) is a recognised deterrent to manage insider internet misuse. However, IUPs have proven ineffective against this threat, perhaps because of their neglect of the ethical issues involved. An important part of setting an IUP involves the resolution of key ethical dilemmas when employer and employee perspectives conflict. This paper explores the ethical issues that must be addressed when developing an organisational IUP. It draws on a conceptual analysis and an interpretive study of five medium-size and large organisations in Australia and North America. The paper provides a set of key ethical issues for an IUP and compares and contrasts the employer and employee perspectives. It highlights the need to balance the employer and employee perspectives when setting an IUP. Other implications for theory and practice are discussed.
Keywords: internet misuse, internet use policy, IUP, information security management, ethical issues