Ethical Issues of Computer Networks 1 Computer Network Ethics • Ethics – The study of what it means to “do the right thing” – Assume people are rational and make free choices – Rules to follow in our interactions and our actions that affect others • Computer Network Ethics resulted from the growth of the Internet – A branch of professional ethics – How computing professionals should make decisions regarding professional and social conduct 2 Rapid Pace of Change • Computer and the Internet • Cell Phones • Social Networking – Facebook, MySpace • Collaboration – Wikipedia • E-commerce and Free Stuff – Online books, games, online videos 3 Issues Resulted From These rapid Changes • • • • • Hacking and Crimes Identity Theft and Credit-Card Fraud Privacy and Anonymity Intellectual Property and Copyright Censorship 4 Hacking and Crimes • Network security issues resulted from the growth of the Internet and of E-commerce • The term “hacking” has changed over time • Examples – – – – Defaced Web pages Computer viruses and worms Scam emails and phishing attacks Hacktivism: the use of hacking to promote a political cause – Unauthorized access to sensitive information 5 Hacking and Crimes (Con’t) • Is it ethical to break into a system without permission – Security professionals inform the software company responsible for the software to close security holes before making a public announcement • Is “harmless hacking” harmless? – It is difficult to distinguish a non-malicious hacker from a thief or terrorist – It takes efforts and costs to stop the intrusion 6 Hacking and Crimes (Con’t) • The law – The Computer Fraud and Abuse Act (CFAA) passed in 1986 • Covers government computers, financial and medical systems, and activities that involve computers in more than one state, including computers connected to the Internet – The USA PATROIT Act • Expands the definition of loss to include the cost of responding to an attack, assessing damage and restoring systems 7 Hacking and Crimes (Con’t) • A variety of methods for catching hackers – Law enforcement agents read hacker newsletters and participate in chat rooms undercover – They can often track a handle by looking through newsgroup archives – Security professionals set up ‘honey pots’ which are Web sites that attract hackers, to record and study – Computer forensics is used to retrieve evidence from computers 8 Identity Theft and Credit-Card Fraud • We do our banking and investing on the Web – Risks: It is possible to steal our identity, e.g., credit card numbers, SSN, account numbers, etc. • Example – Phishing emails to confirm information about your account and password – Pharming to lure people to fake Web sites – Trojan horse may track keystrokes and send them over the Internet – Online resumes and job hunting sites may reveal SSN, work history, birth dates, and other information that can be used in identity theft – E-commerce has made it easier to steal card numbers and use without having the physical card 9 Identity Theft and Credit-Card Fraud (Con’t) • Responses to Identity Theft: – Authentication of e-mail and Web sites – Use of encryption to securely store data, so it is useless if stolen – Authenticating customers to prevent use of stolen numbers, may trade convenience for security – In the event information is stolen, a fraud alert can flag your credit report; some businesses will cover the cost of a credit report if your information has been stolen 10 Privacy • Consider one example: – Computerized record systems for customers in a community clinic – for routine Web access and email communication – The sensitivity of the information in the records – The inappropriate release of the information can result in embarrassment • Key aspects of Privacy – Freedom from intrusion – Control of information about oneself – Freedom from surveillance 11 Example 1– Location Tracking • GPS, cell phones, RFID, etc. enable the development of many new applications – Provide where a person is at a particular time • These applications provide many benefits • These applications also pose potential threats to privacy • Pros and cons 12 Example 2 – Telephone Communication Wiretapping • 1934 Communications Act prohibited interception of messages • 1968 Omnibus Crime Control and Safe Streets Act allowed wiretapping and electronic surveillance by law-enforcement (with court order) • Telephone Records and Privacy Protection Act of 2006 made it a federal crime to obtain someone’s telephone records without the person’s permission • Pros and cons 13 Example 3 – Internet Bots and Privacy • Internet bots – Software applications running automated tasks over the Internet – Web spidering • Many applications • Internet bots may also be used for malicious purposes • Pros and cons 14 Anonymity • For people who advocate anonymity – Protecting privacy – Protecting against identity theft and consumer profiling – Protecting against oppressive governments • For people who against anonymity – People should take responsibility for their opinions and statements – Potential to shield criminal activity and incompatible with online netiquette – U.S. and European countries working on laws that require ISPs to maintain records of the true identity of each user and maintain records of online activity for potential use in criminal investigations 15 Intellectual Property and Copyright • Intellectual Property – The intangible creative work, not its particular physical form – Protected by copyright and patent law – Copyright holders have exclusive rights to • To make copies • To produce derivative works, such as translations into other languages or movies based on books • To distribute copies • To perform the work in public (e.g. music, plays) • To display the work in public (e.g. artwork, movies, computer games, video on a Web site) 16 Intellectual Property and Copyright (Con’t) • Computer and communications technologies raise challenge to intellectual-property protection – Storage of all sorts of information in standard formats (e.g. graphics, video and audio files) – High-volume, relatively inexpensive digital storage media – Scanners – Compression technologies – The Web – Broadband Internet connections – Peer-to-Peer technology 17 Intellectual Property and Copyright (Con’t) • Putting the digital content on the Internet – Unauthorized copying and sharing of computing software, music, and video files continue at a huge rate – Search engines and online libraries • Negotiate contracts with intellectual-property owners to provide digital content 18 Copyright Law and Significant Cases • Sony v. Universal City Studios (1984) – Supreme Court decided that the makers of a device with legitimate uses should not be penalized because some people may use it to infringe on copyright – Supreme Court decided copying movies for later viewing was fair use – Arguments against fair use • People copied the entire work • Movies are creative, not factual 19 Copyright Law and Significant Cases (cont.) • Sony v. Universal City Studios (1984) (cont.) – Arguments for fair use • The copy was for private, noncommercial use and generally was not kept after viewing • The movie studios could not demonstrate that they suffered any harm • The studios had received a substantial fee for broadcasting movies on TV, and the fee depends on having a large audience who view for free 20 Censorship of the Internet • We need to make the Internet safe for the people – E.g. Pornographic pictures shared among minors and children – Cyberporn • The Child Online Protection Act (COPA) – Passed in 1998 – It is a federal crime for commercial Web sites to make available to minors materials “harmful to minors” as judged by community standards – Found to be unconstitutional 21 Censorship of the Internet • Children's Internet Protection Act of 2000 (CIPA): – Requires schools and libraries that participate in certain federal programs to install filtering software • Filters – Blocks sites with specific words, phrases or images – Parental control for sex and violence – Updated frequently but may still screen out too much or too little – Not possible to eliminate all errors – What should be blocked? 22 Employee Monitoring • Electronic monitoring capabilities – Computer network, Telephone network, digital camera, etc. • For employer – To evaluate individual employee and to measure and increase productivity • For employee – Complain dignity, independence, privacy and confidence 23 Whose Law Rule the Web? • Different countries have different law ruling the Web – Content control/censorship (including politics, religion, pornography, criminal investigations and trials, etc.) – Intellectual property – Gambling – Hacking/Viruses – Privacy – Commerce (advertising and sales) – Spam • Some countries ban all or certain types of access to the Internet 24 Reference • Sara Baase, “A Gift of Fire: Social, Legal, and Ethical Issues for Computing and the Internet,” Third Edition, Prentice Hall, ISBN 0-13601918-3, 2007. 25