Session 2: Ethics Background
Ethics: The branch of philosophy dealing with values relating to human condue with respect to the rightness and
wrongness of actions (Webster)
Baase Ch. 10
Computer ethics includes ethical issues faced by a computer professional as part of the job. It includes relationships
with and responsibilities toward customers, clients, coworkers, employees. We also include issues faced by people
who are not computer professionals, but who manage, select, or use computers in a professional setting."
1) RULES: Deonological Theories: Emphasize duty and absolute rules, to be followed whether they lead to good or ill
consequences in particular cases. eg. "Do not lie". An act is ethical if it complies with ethical rules and is chosen for
that reason.
Immanuel Kant: Principle of Universality –
a)We should follow rules of behavior that we can universally apply to everyone.
b) Deontologists argue that logic or reason determines rules of ethical behavior, that actions are intrinsically good
because they follow from logic.
Kant's Categorial Imperative:
a)One must never treat people as merely means to ends, but rather as ends in themselves.
b) Took an extreme position: He argued if a person is looking for someone he intends to murder, it is wrong for you to
LIE to protect the victim.
2) CONSEQUENCES: Utilitarianism: a consequentialist theory, expressed by John Stuart Mill, to increase
happiness, or "utility".
"Act" Utilitarianism: Each action, we consider the impact on utility and judge the action by its net impact.
Problems: Impossible/difficult to determine all the consequences of an act.
Doesn't recognize or respect individual rights.
"Rule" Utilitarianism: applies the utility principle not to individual actions but to general ethical rules.
"Normative Ethics" Natural rights: Views ethical behavior as acting in such a way that respects a set of fundamental
rights of others, including the rights to life, liberty, and property.
"Descriptive Ethics" – Consequentialist theory/ Rules
1. What are two of Kant's important ideas about ethics?
- Principle of Universality (rules apply to everyone) - Categorial Imperative
2. What is the difference between act-utilitarianism and rule-utilitarianism?
- Based on outcome of action/ Based on outcome but to 'ethical rules'.
Session 3: Technology and Society
First step to understand TECHNOLOGY within society, not the ethics.
Creator of snowmobile Joseph-Armand Bombardier (1959) (Liss Jeffrey)
can have unintended consequences eg. Tools do not make the rules.
What is Technology:
Explicit knowledge or science, practices and skills of a community, artifacts and tools,
material economic forces, systems or environments.
Q: How have technologies mutually shaped humans and our societies?
- Ethics and values crucial, but dangers of premature moral judgments..... Question of Democracy.
Session 4: PRIVACY, FREEDOM OF INFORMATION, FREE SPEECH
Definitions associated with Privacy :
Confidentiality – personal information shall be protected
Data Security – Protection of data from accidental or intentional but unauthorized modification or disclosure.
Privacy - "The right to be left alone" (Warren and Brandeis)
Privacy Principles:
1. Accountability – whoever is collecting data that is correct/audit
2. Identify Purposes
3. Consent – Individual advised of the purpose for which the information will be used.
4. Limiting Collection
5. Limiting Use
5. Disclosure and Retention --- Shall not be used for purposes other than those for which it was collected.
6. Accuracy – up to date as necessary
7. Safeguards – personal information shall be protected by security safeguard
8. Openness – open about their practices with respect to management of personal information.
9. Individual Access – when required, individual should be informed of existence, use and disclosure of their personal
information. They shall also be able to correct information.
10, Challenging Compliance – should be able to address their concerns to a designated individual within the
organization.
11. Children and Personal Information.
Legislative Differences/Approaches
1. North America – common law, ephasis on persons, gov't data banks.
2. Europe – companies are seen as "person", emphasis on data security.
Privacy and Freedoms:
1. Privacy not an absolute right since it conflicts with free speech.
2. Freedom of access to information – protection of privacy implies right of an individual to access records
3. Free Speech – Electronic Frontier Foundation (ie. concerned about pornography, hate literature)
4. Freedom of the Press – openness in gov't considered crucial.
(Baase, Chapter 2)
Computer technology allows search and surveillance of huge numbers of people, often, without our knowledge.
Three Key aspects of Privacy ("The computer issue" that worries people most)
1. Freedom from intrusion – being left alone
2. Control of information about oneself
3. Freedom from surveillance (from being followed, watched).
Critics of privacy argue that it gives cover to deception, hypocrisy, and wrongdoing. It allows fraud. It protects the
guilty.
Privacy scholar Alan Westin describes the factors to be balanced as follows:
a)Safeguarding personal and group privacy, in order to protect individuality and freedom against unjustified intrusions
by authorities.
b)Collecting relevant personal information essential for rational decision making in social, commercial and government
life.
c)Conducting the constitutionally limited government surveillance of people and activities necessary to protect public
order and safety.
Personal information: includes any information relating to or traceable to an individual person.
2.1.2 Risks of the Technology
Invisible information gathering – describes collection of personal information about someone without the person's
knowledge.
-Person has no opportunity to consent or withhold consent for its collection and use.
- examples: satellite surveillance, automatic identification of a person's telephone number when they call 1-800.
Websites can collect information, we are not aware of just what information a particular site is collecting.
An ISP (Internet Service Provider) manages the connection between a user and the site he/she is visiting, thus the ISP
"Knows " every site we visit.
Cookies are files a Web site stores on each visitor's computer that gathers information about the visitor's activity. At
first, cookies were controversial because the very idea that web sites were storing files on the user's hard drive without
the user's knowledge was startling. Websites often don't inform visitors when they are being used.
Secondary Use of Personal Information. The use of information for a purpose other than the one for which it was
supplied. It is difficult for individuals to control their personal information if it is collected by on business,
organization, or government agency and shared with or sold to others.
Examples of Secondary Use:
1. Computer Matching means combining and comparing information from different databases.
2. Computer Profiling means using data in computer files to determine characteristics of people most likely to engage
in certain behavior.
Global Positioning System (GPS) Technology, satellites, and computer chips make it possible to track our
movements and determine a person's current location. "Big Brother is Watching You".
The Privacy Act of 1974 and the Computer Matching and Privacy Protection Act of 1988 are the main laws that
regulate the federal government's use of personal data.
Privacy Act of 1974:
1) Restricts the data in federal government records to what is "relevant and necessary" to the legal purpose fo which it
is collected.
2) Requires federal agencies to publish a notice of their record systems in the Federal Register so that the public may
learn about what databases exist.
3) Allows people to access their records and correct inaccurate information.
4) Requires procedures to protect the security of the info in the database.
5) Prohibits disclosure of information about a person without his or her consent.
Computer Matching and Privacy Protection Act of 1988- requires government agencies to follow a review process
before doing computer matching for various purposes.
The Internal Revenue Service (IRS) uses computers to match tax data on individuals and small businesses with a
variety of federal and state government records. It scans vehicle registration records for people who own expensive
cars and boats.
Government Agencies, (IRS, FBI, INS) buy personal information from private information service companies. Thus
they "outsource" collection of information it would be controversial and possibly illegal for them to collect themselves.
Several studies found that government agencies don't adequately protect personal information often in violation of laws
passed to protect privacy and reduce government abuse of data. The General Accounting Office (GAO) is Congress'
"watchdog agency.". One of its task is to monitor the government's privacy policies.
Using face-recognition system
Should international events such as Olympics, which are sometimes terrorist targets use such systems? Should
technologies be used only to catch terrorists and suspects in serious crimes, or should they be used in public places to
screen people with unpaid parking tickets. Should people be informed about when cameras are in use?
2.3 Consumer Information.
If you enter a contest, warranty questionnaire, info about you will be entered into a database made available to direct
marketers. Children on the Web – safety issues.
Principles for data collection and use
1) Informed consent: Business must inform consumers about what information they are collecting and how they will
use it.
Opt-Out policy : One must check a box on a contract, to request removal from distribution lists.
Opt-In policy: Personal information is NOT distributed to other businesses unless the consumer has explicitly checked
a box permitting disclosure.
Privacy Principles for Personal Data:
1. Collect only the data needed.
2. Inform people when data about them being collected, what is collected, and how it will be used.
3. Offer a way for people to opt out from mailing lists and from transfer of their data to other parties.
4. Provide strong protection for sensitive data. eg. Use an opt-in policy for disclosure of medical data.
5. Keep data only as long as needed.
6. Maintain accuracy and security of data.
7. Provide a way for people to access and correct data stored about them.
Designers of databases with personal information should not use the Social Security Number as the record identifier
unless there is a compelling reason to do so. Proposed National ID cards would contain a(on a magnetic strip), a
person's name, photo, SSN, etc.
Samuel Warren and Louis Brandeis – argued that privacy was distinct from other rights and needed more protection.
The Inviolate Personality: Take the position that people have the right to prohibit publication of facts about themselves
and photographs of themselves.
Judith Jarvis Thomson: Is there a right to privacy?
Our rights to our person include the right to decide who may listen to us. If someone uses binoculars to see your
magazine from a building, that person is violating your right to exclude others from seeing it.
Warren focus on how information is used (publication). Thomson focuses on how it is obtained.
Four Levels of control incorporated into low (Requiring Specific consent Policies)
1. Businesses and organizations must clearly state their policy for use of personal information.
2. Businesses must provide an opt-out option.
3. Businesses must provide an opt-in policy.
4. Businesses must obtain consumer consent for each individual secondary use, disclosure, or transfer of their personal
information.
Session 5: Legislation about Privacy and Freedom of Information.
USA:
1970 Fair Credit Reporting Act
1974 Privacy Act Ammendments to the 1966 Freedom of Information Act
1978 Right to Financial Privacy Act
1984 Cable Communication Act, 1988, Video Privacy Protection Act.
1991 Telephone Consumer Protection Act.
Canada Federal Gov't.
Session 6:
Session 7:
Session 8:
Session 9:
Session 10:
Session 11:
Session 12:
Session 25: What Computers Can't Might, Shouldn't Do:
History of AI
1) John McCarthy's most famous contributions to Artificial Intelligence is the organization of the Dartmouth
Conference (1956), at which the name "Artificial Intelligence" was coined. The Dartmouth Conference, titled the
"Dartmouth Summer Research Project on Artificial Intelligence" was a two-month long summer conference.
McCarthy's goal was to bring together all of the people he knew of who had shown interest in computer intelligence
(with Minsky, Shannon, Newall) . Although McCarthy initially saw the conference as a failure (no one really liked the
idea of spending two whole months at a the conference, so people came and went as they pleased, making it hard for
McCarthy to schedule regular meetings), in the years after the conference, artificial intelligence laboratories were
established across the country at schools like Stanford, MIT, and Carnegie Mellon. 1 Another of McCarthy's great
accomplishments is the creation of the LISP (List Processing) language. LISP soon became the language of choice for
many AI programmers and various versions of LISP are still being used today, forty years later.
The following are some aspects of the artificial intelligence problem discussed in the Dartmout Conference:
1 Automatic Computers
If a machine can do a job, then an automatic calculator can be programmed to simulate the machine. The speeds and
memory capacities of present computers may be insufficient to simulate many of the higher functions of the human
brain, but the major obstacle is not lack of machine capacity, but our inability to write programs taking full advantage
of what we have.
2. How Can a Computer be Programmed to Use a Language
It may be speculated that a large part of human thought consists of manipulating words according to rules of reasoning
and rules of conjecture. From this point of view, forming a generalization consists of admitting a new word and some
rules whereby sentences containing it imply and are implied by others. This idea has never been very precisely
formulated nor have examples been worked out.
3. Neuron Nets
How can a set of (hypothetical) neurons be arranged so as to form concepts. Considerable theoretical and experimental
work has been done on this problem by Uttley, Rashevsky and his group, Farley and Clark, Pitts and McCulloch,
Minsky, Rochester and Holland, and others. Partial results have been obtained but the problem needs more theoretical
work.
4. Theory of the Size of a Calculation
If we are given a well-defined problem (one for which it is possible to test mechanically whether or not a proposed
answer is a valid answer) one way of solving it is to try all possible answers in order. This method is inefficient, and to
exclude it one must have some criterion for efficiency of calculation. Some consideration will show that to get a
measure of the efficiency of a calculation it is necessary to have on hand a method of measuring the complexity of
calculating devices which in turn can be done if one has a theory of the complexity of functions. Some partial results on
this problem have been obtained by Shannon, and also by McCarthy.
5. Self-lmprovement
Probably a truly intelligent machine will carry out activities which may best be described as self-improvement. Some
schemes for doing this have been proposed and are worth further study. It seems likely that this question can be studied
abstractly as well.
6. Abstractions
A number of types of ``abstraction'' can be distinctly defined and several others less distinctly. A direct attempt to
classify these and to describe machine methods of forming abstractions from sensory and other data would seem
worthwhile.
7. Randomness and Creativity
A fairly attractive and yet clearly incomplete conjecture is that the difference between creative thinking and
unimaginative competent thinking lies in the injection of a some randomness. The randomness must be guided by
intuition to be efficient. In other words, the educated guess or the hunch include controlled randomness in otherwise
orderly thinking.
In addition to the above collectively formulated problems for study, we have asked the individuals taking part to
describe what they will work on. Statements by the four originators of the project are attached.
2) Bar Hillel (1960) : dealt with the way natural language communication can be made possible with computers ,
namely through used the concept of machine translation. Needed to find a way to make computer translation of
language possible. Dealt with semantics (meaning of words) and context used, "The pen is in the box" , "The box is in
the pen" mean two different things even though they have similar structure.
Can a machine think:
Turing Test: A person sites in a room, with a device that allows him to ask questions to two respondents in another
room, a Person, and a Machine. Both are asked questions by the interrogator, and both answer. The goal is to decide
whether the "thing" in the other room is a machine or a person.
Turing believes that a machine can "fool" a human
Dijkstra – says it doesn't matter, it depends what you mean by "think". Like asking if a submarine can swim.
This depends if you mean if you mean by swim "float" or "exercise movement in water".
Recent Forms:
Machine learning, intellgent agents known as "BOTS", voice recognition, facial recognition.
Thesis: Machines can equal or even out perform humans, but only when the subect of discourse is sufficently narrow.
(machine translation works well for weather forecasts).
Views of Self and World – Descartes " I think therefore I Am" , what is uniquely human, is consciousness necessary,
and what is it? Perhaps we need self awareness suggested by Edelman.
How to understand the CONTEXT that language is being used: Chomsky "Time flies like an arrow", PROBLEMS with
speech recognition – how to recognize homonyms ("They're there with their.... theories").
Ethical Imperatives: Limitations – legal, and moral judgements.
Azimov's laws for Robots.
First Law:
A robot may not injure a human being, or, through inaction, allow a human being to come to harm.
Second Law:
A robot must obey orders given it by human beings, except where such orders would conflict with the First Law.
Third Law:
A robot must protect its own existence as long as such protection does not conflict with the First or Second Law.
Billy Joy's concern in Why the future doesn't need us: Our most powerful 21st-century technologies - robotics,
genetic engineering, and nanotech - are threatening to make humans an endangered species.
Moore's Law (1965), Gordon Moore (one of 3 founders of Intel) made a prediction: the capacity of integrated
circuits (computer chips) over the next decade would double every 18 to 24 months.
Session 24: Computers and Weapon Systems
Session 23: Professionalism, Ethical Codes, Licensing.
ACM – Association for Computing Machinery : ACM is the world's oldest and largest educational and scientific
computing society. Since 1947 ACM has provided a vital forum for the exchange of information, ideas, and
discoveries. Today, ACM serves a membership of computing professionals and students in more than 100 countries in
all areas of industry, academia, and government.
Who Governs it? Membership is the vital component of the organization, out of which emerges a very special class of
ACMers called volunteers. Volunteers serve on the ACM Council, boards, committees, task forces and other subgroups
that comprise ACM's governing structure.
(IEEE –Computer Society) The Institute of Electrical and Electronics Engineers is a global technical professional
society serving the public interest and members in electrical, electronics, computer, information & other technologies.
The ACM and IEE Computer Society developed the Software Engineering Code of Ethics and Professional Practice,
and the ACM Code of Ethics and Professional Conduct.
CIPS(Canadian Information Processing Society) provides leadership in information systems and technologies by
developing and promoting quality standards and practices, research, certification, and professional development while
safeguarding the public interest.
CIPS Code of Ethics and Professional Practice.
1) To the public: I will endeavour at all times to protect the
public interest . I will strive to promote understanding of
information systems and their application. I will not represent
myself as an authority on topics in which I lack competence.
2) To myself and my profession: I will guard my
competence and effectiveness as a valuable possession. I
will work to maintain them despite changing circumstances
and requirements. I will demonstrate the highest personal
standards of moral responsibilities, character, and integrity
when acting in my professional capacity.
3) To my colleagues: I will treat my colleagues with integrity
and respect their right to success. I will contribute to the
information systems profession to the best of my ability.
4) To my employer and/or clients: I will give conscientious
service to further my employer's and/or client's legitimate
best interests through management's direction.
5) To my employees and contracted staff: I will observe
their obligation to uphold the Code of Ethics of the
professional societies to which they belong.
6) To my students: I will provide a scholarly education to
my students in a supportive and helpful manner.
- Subdivided into Standards of Conduct:
- Enforcement procedures for those who break the code of ethics, detailed appeal procedure.
- Appeal Procedure must meet conditions: Must be against a single individual, written on paper, and site which clause
of the standard of conduct, individual has broken... National President decides if there is a hearing etc...
ACM Code of Ethics and Pofessional Competence: General Moral Imperatives, Maintain competence, respect
laws, human rights, enviornment.
Organixational Imperatives: Being accountable, responsible fair. Compliance with the Code: Voluntary as a
condition of membership.
1.1 Contribute to society and human well-being. This principle concerning the quality of life of all people affirms an
obligation to protect fundamental human rights and to respect the diversity of all cultures
1.2 Avoid harm to others. principle prohibits use of computing technology in ways that result in harm to any of the
following: users, the general public, employees, employers. Harmful actions include intentional destruction or
modification of files and programs leading to serious loss of resources or unnecessary expenditure of human resources
such as the time and effort required to purge systems of "computer viruses."
1.3 Be honest and trustworthy. The honest computing professional will not make deliberately false or deceptive
claims about a system or system design, but will instead provide full disclosure of all pertinent system limitations and
problems.
1.4 Be fair and take action not to discriminate.
1.5 Honor property rights including copyrights and patent. Violation of copyrights, patents, trade secrets and the
terms of license agreements is prohibited by law in most circumstances. Even when software is not so protected, such
violations are contrary to professional behavior. Copies of software should be made only with proper authorization.
Unauthorized duplication of materials must not be condoned.
1.6 Give proper credit for intellectual property.
1.7 Respect the privacy of others.
there is increased potential for violating the privacy of individuals and groups. It is the responsibility of professionals to
maintain the privacy and integrity of data describing individuals. This includes taking precautions to ensure the
accuracy of data, as well as protecting it from unauthorized access or accidental disclosure to inappropriate individuals.
Furthermore, procedures must be established to allow individuals to review their records and correct inaccuracies.
1.8 Honor confidentiality.
Professional Organizations: Practioners work directly with public (protection of public a concern).
Licensing : Scientific societies may have associated licensing organizations with examinations.
Canada: ISP Institute for System Professionals, British Computer Society
USA: ICCP Institute for Computer Professionals
Software Engineering Code of Ethics and Standards of Conduct
-contain eight principles related to the behavior of and decisions made by professional software engineers, educators,
managers.
Principle 1: PUBLIC – software engineers shall act consistently with the public interest, accept full responsibility for
their own work.
Principle 2: CLIENT AND EMPLOYER –software engineers shall act in a manner that is in the best interest of their
client and employer, consistent with the public interest.
Principle 3: PRODUCT – ensure that their products meet the highest professional standards possible.
Principle 4: JUDGMENT: shall maintain integrity and independence in their professional judgment.
Principle 5: MANAGEMENT: shall subscribe to and promote an ethical approach to the management of software
development and maintenance: effective procedures for promotion of quality and reduction of risk.
Principle 6: PROFESSION: shall advance the integrity and reputation of the profession consistent with the public
interest: promote public knowledge of software engineering.
Principle 7: COLLEAGUES – shall be fair to and supportive of their colleagues.
Principle 8: SELF – participate in lifelong learning regarding the practice of their profession and shall promote an
ethical approach to the practice of the profession.: Improve their ability to create safe software, further their knowledge.
http://www.acm.org/serving/se_policy/selep_main.html#qa
Licensing (ACM is Against certification, and voluntary licensing) : One of the central purposes of licensing is to provide
assurances to the public that a licensed person is competent at their professional duties. In the case of software engineering, a license
would be interpreted as an authoritative statement that the licensed engineer would be capable of producing software systems of
consistent reliability, dependability, and usability. The ACM Council concluded that our state of knowledge and practice is too
immature to give such assurances
Finally, the PE licensing mechanism is inappropriate for software engineering because its exam structure would preclude many of the
most qualified software engineers from becoming licensed. ACM is opposed to any process that could prevent highly qualified
software engineers, including many ACM members, from professional practice for which they are qualified.. PE's take 8 hour exam
from Accreditation Board for Engineering and Technology. Requires knowledge of chemistry, and thermodynamics. Are in multiple
choice format: not suitable for software engineering.
Session 22: Cybercrime Countermeasures
Denial-of-service attack – 2000 , Yahoo,eBay,Amazon,CNN shut down their sites for few hours. In this attack , hackers,
overload the target site with hundreds of thousands of requests for web pages and other information. The requests generated
by programs planted on numerous other systems to disgusie their origin; it is also called a "distributed denial of service
attack". Attack traced to 15 year old Canadian (mafiaboy). "Script Kiddies" refers to kids who obtained scripts by more
knowledgable hackers.