Computers, Information Technology, the Internet, Ethics, Society and Human Values
Philip Pecorino, Ph.D.
Queensborough Community College, CUNY
Chapter 8 Crime and Misbehavior
Presentation of Issues
Readings on Computer Crime MIT Open Source
"Cyberstalking: A New Challenge for Law Enforcement and Industry," U.S. Dept. of Justice
Misuse and abuse of and by Search Engines
"The Power of Google," by Christina Buu-Hoan
Attempting to promote etiquette and proper conduct
"Toward an Ethics and Etiquette for Electronic Mail", by Norman Z. Shapiro and Robert H. Anderson
"Ethical Web Agents" by David Eichmann
Practical hints for users on how to avoid computer crime: Dr. R. Standler,
Summary Based On Computer Ethics Third Edition by Deborah Johnson Chapter 4 Ethics And The Internet I: Online Ethics (Kimberly Beuther CUNY 2006)
In Deborah Johnson’s book, she addresses the issue of hackers and hacking. She uses the term hacker as it has become more recently known, a person who illegally gains access, and attempts to wreak havoc. She indicates that while hacking is illegal and a nuisance to computer users, there are some who attempt to defend it. Johnson indicates that there are three excuses used most in defending hacking. However, Johnson takes apart these reasons and explains why hacking is still wrong.
First, she addresses the issue of hackers breaking in as a way to call attention to lapses in security. Though this seems like a legitimate reason, no one would accept someone breaking into their car or home in an attempt to prove that there are vulnerabilities in their security systems. She also suggests that all of the time and effort being exerted to catch a hacker could be spent improving the Internet. While it is important to address vulnerabilities in computer systems, Johnson says that hacking is certainly not the answer. A user should try to bring light to the problems by alerting a network administrator, not by sending viruses, or accessing files.
Secondly, there are many who think that breaking into a system is acceptable; they believe that as long as no harm has been done, the hacker will benefit, because they will become more knowledgeable about computer systems. While this seems to indicate that there is a benefit here to the hacker, but nothing else has been harmed, Johnson believes upon further considering this argument, it too lacks substance. Even though no apparent harm may have been caused, invasion of someone’s privacy is still harmful. The hacker may also pose physical harm, if they are tampering with a system where medical information is stored, the system may not respond in a timely manner, and critical minutes could be lost. She also indicates that while many believe that the hacker is gaining knowledge, this is not an excuse to break into computer systems. The risks to others outweigh the benefit to the hacker.
Lastly, Johnson addresses the argument that the hacker can keep the government in check, by keeping watch over the information that the government collects on the everyday citizen. Since they are able to break into the systems, then they are able to see if the government is illegally obtaining information, and they can expose them to the public. However, Johnson says that this is just a form of vigilantism. It is not prudent for people to tolerate the activities of the hacker in order to keep the government from engaging in illegal activities. Johnson expresses the belief that there are much better ways to ensure that the government is not violating anyone’s rights. She says that there could be a group that has the authority to monitor the government’s practices when it comes to obtaining information. Whatever the solution, hacking is not one of them, because the risks posed by hackers may be far greater than those posed by the government.
In conclusion, Johnson has given several reasons why hacking is unethical, from the amount of energy that has to be focused when they gain illegal access to a computer system, to the invasion of privacy, and finally, to the possible harm they can do. None of the reasons given in defense of hacking are acceptable, hacking is unethical, and Johnson says that this is the reason why it should be illegal.
There are crimes that are committed on the internet such as stalking, theft and extortion, which Johnson briefly discusses in her book. While the Internet changes the way crimes like these are done, Johnson says that these are still the same old crimes, but the Internet is just the instrument being used to accomplish them.
These crimes, she says are illegal and unethical, the same way they are illegal and unethical when they do not involve computers. These crimes will ultimately cause harm to whomever they are aimed at. Even though these crimes can be broader in scope when the criminal utilizes the Internet, they are still based on “common criminal motives”.(Johnson,2001)
Netiquette is something like the online version of etiquette, where one abides by certain rules of Internet interaction. In Deborah Johnson’s book, she takes a look at two violations of netiquette, flaming, and spamming. She explains that it is important to have a degree of decorum online, so that there are not a lot of rules and laws created governing Internet behavior. Netiquette basically embodies the same type of behavior that people should practice when they are offline.
Flaming is incendiary language that is used via email or while chatting. Johnson explains that while flaming is similar to a loud argument offline, it can never be physical, because those involved are not in close proximity to one another. However, Johnson says that flaming can still be harmful; these offensive words can still have a distressing effect on the receiver.
Johnson indicates that spamming is also a violation of netiquette. Spamming is the Internet version of junk mail. Johnson says that while spam may be a great marketing tool, because it can reach thousands of people, it is also considered to be a nuisance to many people who use the Internet.
In conclusion, while spamming and flaming are not illegal, Johnson believes that these behaviors can be considered unethical. In order to keep the government from imposing regulations about online behavior, Johnson believes that the rules of netiquette should be followed. It is beneficial to everyone to act in a civilized manner, just as they should when they are offline.
References-Johnson, Deborah G. 2001. “Ethics And The Internet I: Ethics Online” pp 81-108 in Computer Ethics Third Edition. Upper Saddle River NJ; Prentice Hall
The Moral Issues: Applying Ethical Principles and the Dialectical Process
In approaching the questions, issues, problems and dilemmas posed by the situations presented by developments in computer technologies there is a need to analyze the situation and identify the key elements and values that may be involved and the ethical principles that can be brought to bear. An argument needs to be developed in support of the position that is to be advanced as the preferred position on the moral question. That position is then examined by others who hold different values or hold the same values in a different order and who would apply ethical principles in a different manner, rejecting one or another for reasons which should be given. The process continues until there are enough people who think that one position is the best of the alternatives. Given the nature of the original problem or question and the size of the populace who hold the one position of the majority there may be social policies or even legislation that would result.
Why is hacking wrong? Why is planting a virus wrong? The arguments would need to be made that leads to the conclusion that such behavior is morally wrong. That argument would make use of ethical principles that attempt to establish the basis for what is considered to be good and the violation of which would constitute a moral wrong or a morally incorrect act.
People value their privacy and they value their property and they value not being disturbed by uninvited and unwanted intrusions. Thus, there are many people who would argue that those who send out worms, trojans, viruses, adware and the like are doing something that is morally incorrect.
People value their lives and health and thus they would argue that any possible harms to lives and health, physical or mental, is not morally correct. Viruses and other computer coding that is introduced into computers and information networks that cause malfunctioning or halts to the operation of the computers and networks can result in producing physical and mental harms depending on what those computers and networks were being relied upon to do. Hacking as an uninvited intrusion into a computer or computer system or network may be responded to as an invasion of privacy or a violation of property rights by people who would then argue that such actions are morally incorrect using ethical principles that respect or utilize such values as are closely held and believed to be opposed by the actions of hackers.
Using the principle of utility any behavior or act that leads to anything less than the maximizing of the satisfaction of interests or the happiness of the greatest possible number of people would be morally incorrect. Many of the most popular troublesome and harmful behaviors that people speak about are easily demonstrated to be other than serving the interests of the greatest possible number of people. Worms, viruses, trojans, adware and such are not liked by many people at all. They present difficulties and loss of time and financial resources for many , many people.
Using the Categorical Imperative of Immanuel Kant an act that can not be willed to become a act that all people should repeat with all others would be an act that is not morally acceptable. Again any act that would treat people as merely a means to an end and particularly to someone else's end would not be morally correct.
Using Rawls principles of maximizing liberty and access to opportunities and minimizing differences as principle for determining the moral good would lead to the conclusion that many of the actions described or listed in this chapter are morally incorrect because they are invasions of the liberty of others as they do invade the space of others, make use of their property and create greater differences rather than minimizing them.
Pure Ethical Egoism can be used to support an argument that the behavior of hackers, spammers, and those sending viruses, trojans, trojans, adware and such are morally correct. But Ethical Egoism is not capable of resolving moral conflicts and providing society with a basis for social life and progress.
Reflections on Crime and Misbehavior by Lindsey Pehrson CUNY SPS 2009
Cybercrime and unethical misbehavior are two of the most prevalent, and often most undetected forms of questionable activity present in modern society. They take on a myriad of forms that include everything from hacking, computer voyeurism, fraud, unauthorized altering/deletion of data, malicious code, viruses, worms, Trojan Horses, cyber-stalking, parasitic computing, denial-of-service attacks, sniffing and spoofing, to name just a few. According to analyses such as that by ly Ronald B. Standler’s in his "Crime and Puzzlement", it is clear that there are three main sectors of crimes which are unique to the creation of computers and not merely new renditions of previous crimes that have been reformatted to fit the medium. The first area is that of unauthorized access to or use of a computer. This type of crime can involve everything from stealing someone’s username and password, to getting access to their computer through a backdoor Trojan Horse program via the Internet, to altering/deleting data remotely, to denial of service attacks. Without the computer this form of crime was not possible, nor did it exist.
The second category of new cyber crime is the creation and release of malicious code or computer programs in the form of viruses, worms, Trojan horses, etc. These plagues have been developed and formatted solely to be released onto Third Wave technology via computer terminals and their various electronic (e-mail) and physical (hardware) components. The third activity that computers have made possible is cyber stalking and harassment. Through this process, individuals can track their prey remotely, using personal data obtained involuntarily (or voluntarily by trickery). This is one area where there are numerous possibilities for damage, and unfortunately, it is also one of the most difficult cybercrimes to stop. This is primarily because the laws have not caught up with the technology (and the fact that many law enforcement agencies are not as well versed in information technology as they should be to properly investigate and resolve the crime). There are other crimes which do occur online, but they are not new in nature. Applying computers in the process, again, just changes the method for accomplishing these tasks.
According to Standler, it is estimated that the damage caused by these poisonous programs totals over $500,000,000.00 a year. With so much economic turbulence caused, it is easy to think these activities would be easy to track and their creators readily punished. However, this is not the case. Despite the complexities which make each of these things unique, the one thing that all of them have in common is their ambiguous definitions, which make them hard to identify as criminal or merely unethical, and even harder to prosecute. Furthermore, it is this same vagueness that leaves members of the legal system questioning what categorizes behavior as immoral? What makes it illegal? Can something be legal and immoral, or moral but illegal? When does behavior cross the line into the criminal? And, how do we identity the exact actions which are wrong without allowing spillover that penalizes otherwise proper conduct?
The Internet was intended to be a medium used for the free exchange of information and ideas. Anything that cyber users from engaging unreservedly in these activities online can be readily identified as unethical. When that behavior puts someone in danger, or tampers with the freedom of speech or right to protection from unlawful search (both rights granted in the United States Constitution) it is deemed criminal. For example, individuals that snoop around online looking into files which are not their own, sneaking peeks at other’s personal information are acting as voyeurs. Though their activities would be considered questionable (based on the Bill of Rights, society frowns on invasion of privacy by anyone), it is hard to always categorize them as criminal, unless of course those documents are identified and confidential.
When someone chooses to take their viewing a step further and alter websites they have stepped into the criminal and unethical realm. These people are behaving as censors, denying freedom of speech to those whose opinions they do not care for. Too often perpetrators cloak themselves in the idea that they are only attacking “bad” companies or people (bad by their own standards). But, as Ronald B. Standler points out, in a democracy, one person alone can not serve as the prosecutor, judge, jury and executioner, behaving as a one man army determining what is best for the entire group. We do not give any single individual this much power to make decisions for the public. Even the President’s choices for society have a system of checks and balances which require representatives of the people to weigh in before too much damage can be done. Additionally, criminal tampering with public services or systems can threaten public safety. This is demonstrated in the February 21, 2000 attacks that shut down e-commerce sites across the net, bringing online retail to a complete standstill, proving the increasing threat cyber crime poses to safety on the Internet. (This example is merely one of numerous inconveniences cyber users have faced due to criminal and unethical behaviors).
In the haze of indistinctness, the one thing that is clear is that computers have revolutionized crime, both creating new avenues for it and revamping previous ones. Everything from stealing intellectual property, committing fraud, unleashing viruses, and performing acts of cyber terrorism can be done with a computer and an Internet connection. While some acts are more harmless than others, it is clear that cyber actions, whether criminal or merely unethical, need to be addressed. Of course, that means an ongoing battle between the ambiguity of laws online and the freely available tools (over 1900 websites offer them) to help assist the curious would-be thief or snoop with their endeavors to crack computers or hack like a pro.
Cybercrime and misbehavior trigger numerous questions about human values. First, in the United States we live in a democratic nation where society believes that information should be free (hence the Freedom of Information Act), and that the right to say and think what we want should be protected. This includes what we type to each other online, or write in emails. By extension, in the Third Wave digital age, there has been a push by members of the legislature and educational boards to make access to computers unlimited and total, particularly to school age individuals or those without the means to afford computers. Second, in a post civil rights movement era, we strive not to pre-judge others regarding their backgrounds, color or sexual orientation. Third, the actions of society are dictated by a common code of etiquette which continually re-shapes and redefines itself with every generation. These rules of morality are what allow us to function as a group, creating relationships with others. Without them, we would splinter into disjointed factions. Online, this code of conduct is identified as Netiquette. These ethical guidelines have specific regulations against conduct which is not illegal, but still immoral. (This includes principles against flaming and spamming).
Individuals internationally, and especially in democratic nations, value privacy, private property, and safety and security. These different but critical boundaries of a culture are what allow for the deep and meaningful connections, and keep us capable of functioning freely with one another. They facilitate trusting in our fellow man, while still ensuring our own protection. Removing any of these elements would completely alter the way individuals behave, thereby shifting the fiber with which each civilization is woven. In the physical world, violations of privacy, such as unauthorized search and seizure, are dealt with through very specific legislation. Unfortunately, in the cyber realm, though it is also comprised of the same international members of human society, it does not have the same definitions of these critical communal components. This means that when users are confronted with these violations of personal safety and security through malicious programs like worms, viruses, Trojan Horses, denial-of-service attacks, adware/spyware and the like, they are often left without proper channels to obtain real ethical or legal recourse.
So why is it so hard to transform the laws of the physical world and extend them to cyberspace? As noted, cyberspace has both created new crimes, and allowed for the reformation of older ones. This has caused us to rethink the relation between the tangible and intangible. For example, is electronic intrusion in the form of snooping through emails the same as physically trespassing? In both cases you are entering an unauthorized area. Trespassing is illegal. Given the similarities, does this mean electronic intrusion should be as well? What about using a data channel that does not belong to you to send information? First, it raises the question of who owns the channel. It also makes us wonder if someone can claim a specific data pathway for personal use, even if they choose to never use it, leaving it as an empty portal that could be better used for something else. And, who owns the Internet? Does anyone actually have the right to own something which was intended as a free enterprise? Third, how do we begin to treat property that has no physical shape and can be replicated innumerably without end? What about the issue of hacking? We can not see who is doing it, and often times we can not trace their location. Prosecution becomes very hard. It becomes clear very quickly that what seems like it should be a simple transference of legality takes on numerous new questions because of the fluid nature of the Internet.
There is another issue present here, as ethicist and writer John Perry Barlow points out. Human beings face an enduring conflict between being afraid and trusting. Trust in each other is necessary for society to function and thrive, and yet it is the very thing that when given blindly lands us in trouble more often than we care to admit. Increasingly, people are arming themselves with doubt and mistrust. They are living in fear, avoiding hope so that they can, in turn, avoid crisis. The Internet further stirs this emotion; it is a world of the unknown. What is Barlow’s answer to the quandary? Humans should comfort those that are afraid. That is his only solution. But can we really assuage well-founded fears by simply comforting them away? How do we combat solid reasoning that shows we perhaps ought to fear the Internet’s inhabitants?
Cyberspace makes us afraid because it changes our ability to control. In a world full of uncertainties and terror, we have come to believe our neighbor is out to get us more than he genuinely wants to help. We build ourselves networks armed with firewalls. When someone breaches these boundaries we react, possibly overreacting more often than not. Built on this foundation of fear for its own security, the government created Operation Sun Devil. They reacted out of apprehension for the unknown, the same product which cyberspace generates on a continual basis in new and challenging forms. It is a world without clear laws, where we can not see our potential opponents, but are merely left to perceive them and interpret their actions as either innocuous or malicious. John Perry Barlow experienced the epitome of this conundrum between fear and faith through his initial online encounters with hackers Acid Freak and Phiber Optik. By observing their deeds and interacting with them online, he built them into two monstrous punks with no redeeming moral qualities. Shockingly, he discovered they were merely two curious teenage boys out for the thrill of testing their cyber skills. He developed a soft spot for them, and thereby began to take a different view of their once-insidious deeds. Suddenly, he began to rethink punishment. It raises the question should these boys’ lack of intent make them less accountable for the near $4 million dollars in damages their computer mischief caused? According to the law, mans rea (criminal intent) is needed to fully prosecute a case. Should these boys be let off the hook of prosecution because they didn’t have mal-intent?
Barlow came to respect these boys after getting to know them, allowing their often trouble-inducing curiosity to win him over. Not surprisingly, the FBI felt very differently about the matter. Their job is to protect against threats, meaning that, depending on the severity of the crime, 14 year old boys and their families are treated with the same tough demeanor as hardened adult criminals. During Operation Sun Devil, Barlow saw this hardened FBI attitude as over the top and unnecessary roughness, of course, before he took the time to know Freak an Optik, he was ready to through the book at them too. During the maneuver, the FBI seized not only all computer equipment in these boys’ care, they also took just about every piece of electronic equipment in their homes as well. To Barlow, this act, regardless of intent, was a clear violation of the Fourth Amendment. It did not help matters that neither teen saw any of his equipment again. Furthermore, Barlow believes that by treating these boys (and any cyber hacker for that matter) as criminals, they are going to eventually act with all the malice we believe them to possess. Could it be that it is our view of hackers that makes them rise to the stereotype and be inherently threatening?
Giving it careful thought, it is clear that our judicial system, though it claims intent to be important, does not always allow a lack of it to help those that commit crimes walk away without punishment, particularly if someone has been injured. As a society we value and need this sense of just satisfaction for wrongdoings. When our loved one dies at the hands of someone, even accidentally, we tend to want “justice” for it. Without the promise that it will be granted to us, we would crumble into lawlessness, taking our own revenge. No man is perfect or completely unselfish. Eventually our fear for ourselves and our families is going to require that we enforce penalties if the moral or legal code is broken. And, it has been shown that crime is a progression. This means that anything we let a child get away with today has the chance to escalate into larger acts with greater mischievousness over the years. Therefore, at some point we must act, but when exactly should we take a stand? What should the consequences be? And, how do we decide what punishment is enough?
Here we face the heart of the matter: what separates a criminal act from a merely unethical one? Is it intent? Is it the manner of the act itself? There are numerous possibilities and no blanket response which will cover all misconduct. Even more puzzling is the question of whether we should take ethical violations into consideration when writing the law of cyberspace. To answer this query we need to explore the questionable acts which cyberspace has facilitated. Arguably, the biggest behaviors in question are hacking and altering websites, spoofing websites and parasitic computing.
Hacking seems in itself an escapade of exploration, something democracy firmly supports. That is of course, until it encroaches on the civil liberties of another person. One thing hackers have been known for is altering data, such as hospital records containing patient information. This act can determine if someone gets the right treatment and lives, or gets the wrong care and dies. When “hacking” is discussed, killing another human being through hacking may not be the first thing we think of, but it can happen. Murder is illegal in the physical world, therefore, it seems like a topic worthy of legal attention in the cyber one as well.
Ethically speaking, ethical egoists justify the morally good as that which benefits themselves most. Therefore, hacking for personal pleasure or gain is completely acceptable, as is changing any data encountered. This is, however, the only theory that completely promotes hacking and altering data as a morally proper option. From a Utilitarian perspective, that which benefits or satisfies the interests of the largest number of people is the morally correct thing to do. Internationally, privacy and security, and the right to own property, have been shown to be held as important values by large percentages of the population. By inference, it would be fair to say that respecting an individual’s right to privacy online, to keeping their information accurate, and protecting them from unfair intrusions by packet sniffers, hackers or anyone else would make the largest number of people happy. Similarly, in the Rawlsian view, the most ethical course of action is the one which maximizes liberty and minimizes disparities or injustice. This means that, if given the option to be a hacker or be hacked without knowing which group one actually falls into, most people would outlaw hacking in order to protect themselves. Furthermore, hacking into someone’s files and changing their data places power into the hands of a select few and directly opposes the Principle of Justice. Not to mention, if someone ends up dying because of what a hacker has changed, their liberty is completely stripped away. By the standard’s of Kant’s Categorical Imperative, using others as a means to an end is ethically verboten. Hackers use the information of others for their own curious and selfish purposes, whether they seek the chance to look at data which is not their own, or to replace what they find with their own ideas and words This act treats other people as a means to satisfying your own selfish ends and should therefore not be allowed.
Website spoofing involves the fraudulent creation of a web page or email address, intended to look like an identical replica of the original for the purpose of capturing individuals’ passwords or private information such as credit card numbers or bank accounts. From the ethically egoist point of view, faking identity and tricking others into giving you the information you seek is completely ethical if it makes you happy. This, of course, is the only theory which allows for unabashed employment of this tactic. From the Utilitarian ideal, doing what is right for the largest number of people is the most morally upright option. The majority of the population values their privacy. As Philip Zimmermann, the inventor of Pretty Good Privacy, once pointed out, if they didn’t, they would send all mail on postcards instead of in concealed envelopes. As such, it can be fairly inferred that these individuals would not want to be tricked into giving away private details about themselves. Therefore, the Utilitarian viewpoint frowns on spoofing as well.
Rawl’s Theory of Justice would ethically frown on the very nature of spoofing as well. If one had the option of either being tricked into giving personal data, or being the person who got to collect all the data and use it for whatever personal gain possible but did not have the knowledge of which group he would fall into, it is guaranteed that he would want to create greater balance in this equation. This means preventing one side from holding all the power. Furthermore, Kant’s Categorical Imperative would seem to agree with the Rawlsian viewpoint that spoofing is unethical. As with hacking, using people as a means to your own personal end is a direct violation of Kant’s principles, making spoofing something which can not gain any solid ethical ground.
Parasitic Computing is another behavior which once again causes us to revisit the foundation of values behind the Internet’s inception before we can properly delve into its ethical or moral attributes. One of the main goals of the Internet was to create an environment where computing did not rely on a single distributed computer that would control others. Rather, the net would be created and disseminated from multiple points. In this method when something breaks down, there are still numerous servers ready, willing and able to supply the information. Parasitic computing is the antithesis of the Internet. With its implementation, segments of the Internet would be turned back into a controlled environment where one computer does the thinking and the rest respond with their individual parts. If the main computer breaks down, everything would come to a standstill and who knows what type of mid-problem damage would be done.
From the ethical egoist point of view, if you were the one running the distributed computer, using other computers to accomplish the task you need done is the morally good option. Unfortunately, this is the only ethical theory which fully supports parasitic computing. To Utilitarians, whatever satisfies the interests of or makes the largest number of people happy is morally appropriate. Having your computer used without your knowledge or authorization does not tend to make people very happy. In fact, it can make people very angry. Therefore, it seems to serve the desires of the largest group to prevent parasitic computing from going into full effect. Similarly, in Kant’s Categorical Imperative, one of the main principles states that human being should not use others as a means to an end. Utilizing a computer which is not yours, without asking, then applying it to do work for your own benefit is considered using others a means to your own end. Therefore, Kant’s theory would frown on parasitic computing.
In the Rawlsian point of view, the goal is to be in line with the Principle of Justice, maximizing liberty and access to opportunities while minimizing the differences which separate people. Parasitic computing is an enormous violation of liberty. It relies on taking the computation efforts of private computers and harnessing them, without informing their owners, thereby diminishing the freedom of choice these individuals should have. Furthermore, the person who has control over the distributed computer would possess an unfair advantage because they maintain total control. Given the option, if someone did not know whether they were going to be in control or merely someone whose computer processing abilities were stolen from, they would choose to make things more equal and do away with distributed parasitic computing. In conclusion, it is apparent that the core principles of parasitic computing are a clear violation of the original intent of the Internet to be a free enterprise that allows for free flow of information. True, there have been abuses of this freedom through numerous cybercrimes, but that does not mean we should embrace parasitic computing as a inevitability. Anything which would seek to turn the Internet into a series of segmented networks controlled by a single device should be cast aside in favor of freedom of the Internet.
Despite all of the ethical arguments against these types of criminal and unethical misconducts online, there are still a few defenses which criminals have employed in order to justify the merits of these behaviors, attempting to make them less illegal and more ethical. First, one of the key arguments used by Acid Freak and Phiber Optik was that they were merely exposing network flaws in operating systems and application software that jeopardize the public at large, doing more of a good deed than a disservice. Therefore, their actions should not be punishable. This argument can be immediately countered by the fact that no matter what the flaws, the amount of economic damage their malicious programs do can not be justified. Furthermore, regardless of any societal benefit, hackers are intruding on unauthorized territory, plain and simple. That is a violation of the law.
Similarly, a second argument is that it is the victim’s fault if they are infected by a worm or virus, that they are foolish for not taking advantage of all security patches which may be available for their systems. Foremost, blaming someone who can not afford, is not aware of or has not installed the best, most expensive security techniques possible does not justify targeting them for an attack. That is the same as saying that when a woman is walking down the street and someone snatches her purse that it is her fault for not buying one with a built in alarm system. This viewpoint is merely a deflection of blame that should be placed back on perpetrators of crime.
A third argument for the justification of computer crime says that it is alright to invade another person’s files, as long as you do not change or delete anything. In a democracy, this idea can be immediately rebutted. We have been granted a right against unlawful search and seizure by the Constitution. This means that anyone who does not have proper authorization has no right to look at someone else’s hard drive, emails or any other personal data. Along the same irrational reasoning, a fourth point criminals try to make is that they did not know how damaging the virus or worm was, it just happened to get out and cause chaos. Common sense says that if a person has enough computer knowledge and expertise to be able to develop a program which can do the amount of damage viruses, worms, Trojan Horses and the like cause, they are well aware of what their software is capable of and should be held accountable. Furthermore, if they were not able to control it, they had no business creating it in the first place. And, accident or not, it is there creation and therefore it is their responsibility.
In the end of our exploration of crime and misconduct, though there is still a sea of ambiguity to navigate, it is clear that, though we have not answered all of our questions about what is ethical and what is illegal, it is imperative that we continue to strive to find what we seek. Those actions which are unethical must be diminished with stronger ethical guidelines and peer pressure from cyber users. Activities which are criminal must be thoroughly defined and explained so that laws which will protect the cyber public can be written and enforced to their fullest. For, without a sense of right and wrong on the Internet, it is only a matter of time before our sense of fear wins out over our faith, thereby destroying the communities of the intangible realm we have worked so hard to build over the past few decades, causing our free enterprise to crumble into a world of greed and tight-fisted ownership.
Web Surfer's Caveat: These are class notes, intended to comment on readings and amplify class discussion. They should be read as such. They are not intended for publication or general distribution. firstname.lastname@example.org @copyright 2006 Philip A. Pecorino
Last updated 11-2006 Return to Table of Contents