Ethics for Computing Professionals PDF

Summary

These lecture notes provide an introduction to computer ethics and professional ethics, defining key terms like ethics, computer ethics, and professional ethics. It discusses the importance of understanding ethical principles related to technology usage. It also touches upon the idea of professional codes of ethics.

Full Transcript

Lecture 1 - Introduction

Ethics for Computing
Professionals

1

Quote: In view of all the deadly
computer viruses that have been
spreading lately, Weekend Update
Computer and would like to remind you: when you
link up to another computer, you’re
Internet Crime linking up to every computer that that
computer has ever linked up to. (Dennis
Miller, Saturday Night Live)

2

1
 Introduction

Ethics is a set of moral principles that
govern the behavior of a group or
individual
Computer Ethics is a set of moral
principles that regulate the use of
Computers
It is a new branch of Ethics that is
growing and changing rapidly as
computer technology also grows and
develops

3

What are Ethics?

Derived from the Greek word “ethos”, which means “custom”, “habit”, and “way of living”
Ethics is concerned with human conduct, i.e., behavior of individuals in society
Ethics is a system of morals of a particular person, religion or a group
Moral: means dealing with, or capable of, distinguishing between right and wrong, and
between just and unjust

4

2
 What are Ethics?

These rules are often
Each society forms a set of expressed in statements
Ethics is the set of beliefs
rules that establishes the about how people should
about right and wrong
boundaries of generally behave, and they fit together
behavior.
accepted behavior. to form the moral code by
which a society lives.

Virtues are habits that incline People’s virtues and vices
Ethical behavior conforms to
people to do what is help define their value
generally accepted social
acceptable, and vices are system – the complex scheme
norms, many of which are
habits of unacceptable of moral values by which they
almost universal.
behavior live

5

What are
Professional Ethics?

Professional ethics are a code of conduct
that govern how members of a profession
deal with each other and with third parties

6

3
 Professional Codes of Ethics

A professional code of ethics states the principles and core values that are essential to the work of a particular
occupational group.
Association of Computing Machinery ACM (founded 1947) has a code of ethics and professional conduct. See:
http://www.acm.org/constitution/code.html
Association of Information Technology Professionals AITP (founded 1996) – provides quality IT-related education,
information on relevant IT issues, and forums for networking with experienced peers and other IT professionals.
The AITP also has a code of ethics, see:
http://www.aitp.org/join/SCOH17CodeEthicsStdsCdt.pdf

7

Professional Codes of Ethics

Computer Society of the Institute of Electrical and Electronics Engineers (IEEE – CS)
(founded in 1946). The Software Engineering Code of Ethics and Professional Practice:
http://www.acm.org/serving/se/code.htm

Project Management Institute (PMI) – established in 1969. PMI Member Code of Ethics:
http://www.pmi.org/info/AP_MemEthStandards.pdf

8

4
 Why study Computer Ethics?

Wise and gentle people A professional must need Computer is an invention Computers are Ubiquitous You might not harm others
abide by the ethics to know about his/her that has put such a great (involved every where) knowingly or in ignorance
professional ethics impact on our social life
that no other invention
has or could done so far.
Ignorance of law does not spare
you from punishment

9

Why should we have a Professional Code of
Ethics?

A Professional Code of Ethics serves several functions:
Symbolizes the professionalism of the group
Defines and promotes a standard for external relations with clients and
employers
Protects the groups interests
Codifies members’ rights
Expresses ideals to aspire to
Offers guidelines in “gray areas”

10

5
 Computer Ethics

If Ethics is a set of moral (right, good, honest, descent) principles that govern the
behavior of a group or individual

Then, computer ethics is set of moral principles that regulate the use of computers.

Computer ethics is defined as the application of classical ethical principles to the use
of computer technology

Computer Ethics is a part of practical philosophy which deals with how computing
professionals should make decisions regarding professional and social conduct.

11

Aspects of Computer Ethics

Analysis of the nature Formulation and
of problems related to justification of policies
the social impact of needed to manage
computers computer technology

12

6
 Evolution of Computer Ethics

Intelligent Machines: The very first ethical concern about computer was
that computers might take over decision making from humans.
Large data repositories: Large organization’s data privacy and security
concern as well as accuracy of large calculations
Personal Computers: Democratizing aspects of personal computer

13

Evolution of Computer Ethics

Computer Networks: Issues of remote access through computer networks
Software as Valuable Property: Enormous market value of software was
recognized and all the ethical issues having to do with properties arose
like; ownership, how and who own, rights protection etc. along with that
issues of liability and responsibility
Commercialization of computing: computing games and hackers' issues

14

7
 Evolution of Computer Ethics

The Internet and World Wide Web: 1990’s Advent of internet, www,
computer involvement in telecom and media brought endless set of ethical
issues.
Computer plus visual media: Combination of computer technology with
wide Verity of visualization activities including medical imaging and
scientific models along with most sensitive the virtual reality.
Global computing trends: Grid computing, Distributed computing, Parallel
computing, and Cloud computing

15

Challenge for Computer Ethics

(The ethical issues have followed, rather than led, the technology.)
As the world of computers evolves, computer ethics continues to create
ethical standards that address new issues raised by new technologies
Some common issues of computer ethics including intellectual property
rights (such as copyrighted electronic content), privacy concerns, and how
computers affect society are unique in nature.

16

8
 Common Ethical Issues for IT Users

Software Piracy: a common violation occurs when employees copy software from their work
computers for use at home
Inappropriate Use of Computing Resources: some employees use their work computers to surf
popular Web sites that have nothing to do with their jobs.
“Half of Fortune 500 companies have dealt with at least one incident related to computer misuse
at the workplace over the past 12 months, according to a survey released today.
Corporations are taking the problem seriously and fired the offenders in 44% of the cases and
disciplined those responsible in 41% of the instances”.
(China Martens, Survey: Computer porn remains issue at U.S. companies, Computer-world, June
21, 2005
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=102664

17

Common Ethical Issues for IT Users

Inappropriate Sharing of Information:
Organizations stored vast amount of information that can be classified as
private or confidential.
Private data describes individual employees – for example, salary, attendance,
performance rating, health record.
Confidential information describes a company and its operations: sales,
promotion plans, research and development.
Sharing this information with unauthorized party, even inadvertently, has
violated someone’s privacy or created the potential that company information
could fall into the hands of competitors.

18

9
 Supporting The Ethical Practices of IT Users

Defining and Limiting the Appropriate Use of IT Resources
Companies must develop, communicate and enforce written guidelines that encourage
employees to respect corporate IT resources and use them to enhance their job performance.
Effective guidelines allow some level of personal use while prohibiting employees from
visiting objectionable Web sites or using company e-mail to send offensive or harassing
messages.

See: Widener University ITS Procedures:
http://www.widener.edu/Administration/Information_Technology_Services/Information/Procedure
s/6662/

19

Supporting The Ethical Practices of IT Users

Establishing Guidelines for Use of Structuring Information Systems to
Company Software Protect Data and Information
Company IT managers must provide clear rules Implement system and procedures that limit
that govern the use of home computers and data access to employees who need it.
associated software. Employees should be prohibited from accessing
The goal should be to ensure that employees the data about research and development
have legal copies of all software results, product formulae, and staffing
projections if they don’t need it to do their job

20

10
 Supporting The Ethical Practices of IT Users
Installing and Maintaining a Corporate Firewall
Firewall is a software or hardware device that serves as a barrier between a
company and the outside world and limits access to the company’s network
based on the Internet usage policy.
Firewall can be configured to serve as an effective detergent unauthorized Web
surfing by blocking access to specific, objectionable Web sites.
Firewall can serve as an effective barrier to incoming e-mail from certain Web
sites, companies or users
Can be programmed to block e-mail with certain kinds of attachments, which
reduces the risk of harmful computer viruses

21

11
 Lecture 2 - Introduction

Ethics for Computing
Professionals

1

ACM/IEEE Code of ethics - principles
PUBLIC - Software engineers shall act consistently with the public interest.
CLIENT AND EMPLOYER - Software engineers shall act in a manner that is in the best interests of
their client and employer consistent with the public interest.
PRODUCT - Software engineers shall ensure that their products and related modifications meet
the highest professional standards possible.
JUDGMENT- Software engineers shall maintain integrity and independence in their professional
judgment.
MANAGEMENT - Software engineering managers and leaders shall subscribe to and promote an
ethical approach to the management of software development and maintenance.
PROFESSION - Software engineers shall advance the integrity and reputation of the profession
consistent with the public interest.
COLLEAGUES - Software engineers shall be fair to and supportive of their colleagues.
SELF - Software engineers shall participate in lifelong learning regarding the practice of their
profession and shall promote an ethical approach to the practice of the profession.

2

1
 The security of IT used in business is
very important

Computer and Although, the necessity of security is
Internet Crime obvious, it often must be balanced
against other business needs and
IT Security Incidents issues

IT professionals and IT users all face a
number of ethical decisions regarding
IT security:

3

What could be done to deal with the increasing number of IT-related
security incidents, around the world?

To deal with the incidents, the Computer Emergency Response Team Coordination
Center (CERT/CC) was established in 1988 at the Software Engineering Institute
(SEI) – federally funded research and development center at Carnegie Mellon:
Study Internet Security vulnerabilities
Handle Computer Security Incidents
Publish Security Alerts
Research long-term changes in networked systems
Develop information and training
Conduct ongoing public awareness campaign
FBI Cyber Program, Internet Crime Complaint Center
http://www.fbi.gov/cyberinvest/cyberhome.htm

4

2
 Ethics

Computer Ethics
Special Responsibilities Facing Computer Professionals
and Users
Maintaining relationships with and responsibilities toward
customers, clients, coworkers, employees, and employers.
Making critical decisions that have significant consequences
for many people.
Determining how to manage, select, or use computers in a
professional setting.

Q: Describe an ethical scenario for one of the categories, above.

5

Ethical Guidelines
for Computer Professionals
Additional Guidelines for the Computer Professional
Understand Success
Understand what success means—developers (especially) and users of computer
systems must see beyond simply writing code to complete a task.
Design for Real Users
To provide useful systems, real users must be included in the design stage.

Q: Give an example of a system for which consultation with real users in the
design stage would be important.

6

3
 Ethical Guidelines
for Computer Professionals
Additional Guidelines for the Computer
Professional (cont’d)
Thorough Planning and Scheduling
Pay attention to details—do a thorough and careful job when
planning and scheduling a project and when writing bids.
Test With Real Users
To provide safe systems, real users must be included in the
testing stage.

Q: Give an example of a system that has a straightforward user interface. A
confusing interface. Would testing with real users improve the confusing one?

7

Ethical Guidelines
for Computer Professionals
Additional Guidelines for the Computer
Professional (cont’d)
Evaluate Re-use of Software
Don’t assume existing software is safe and re-usable.
Candidness
Be open and honest about capabilities, safety, and limitations
of software.
Protect
Require a convincing case for safety.

Q: Describe a software program or computer system for which you think
these guidelines were not followed.

8

4
 Cases

Analyzing a Professional Ethical Scenario
Brainstorming phase
List risks, issues, problems, consequences.
List all the stakeholders.
List possible actions.

Q: What is the purpose of this stage?

9

Cases

Analyzing Professional Responsibilities (cont’d)
Analysis phase
Identify the responsibilities of the decision-maker.
Identify the rights of stakeholders.
Consider the impact of the action options on the stakeholders.
Find sections in codes of ethics that apply. Categorize each
potential action or response as ethically obligatory, ethically
prohibited, or ethically acceptable.
Consider the ethical merits of each option and select one.

Q: What is the value of this stage?

10

5
 Other Ethical dilemmas you may
encounter

1. Disagreement in principle with the policies of senior
management
2. Your employer acts in an unethical way and releases a
safety-critical system without finishing the testing of the
system
3. Participation in the development of components for
military weapons or biogenetic systems

11

Collective Ethical Responsibility of Computer
Professionals?
New technologies bring benefits as well as problems like:
Electricity and current shock, Motor vehicles and air pollutions, organs
transplantation and theft, nuclear power and nuclear waste, and computers
and their abuses.
They seem to pose ethical issues which require to be evaluated.
Computer professionals have a collective responsibility to ensure that
computing serves humanity well.

12

6
 Computer Ethics and Policy Vacuum
A typical problem in computer ethics arises because there is a policy
vacuum about how computer technology should be used.
Computers provide us with new capabilities and these in turn give us
new choices for action.
A central task of computer ethics is to determine what we should do in
such cases, i.e., to formulate policies to guide our actions.
Computer ethics includes consideration of both personal and social
policies for the ethical use of computer technology.

13

Computer Ethics and Policy Vacuum
James Moor argues that computer and IT creates innumerable
opportunities which left us with choices about whether and how to
pursue these opportunities, and we find a vacuum of policies on how
to make these choices.
With each new innovation or application, new policy vacuums have
been created.

14

7
 Examples:
Word Processor is a beneficial and good software that offers several
features for writing official letters, making documents and many
more.
But like other technologies, its many good features can be used in unethical
way as well.
Let's suppose we are trying to formulate a policy for protecting
computer programs.
A number of issues arise:

15

Questions that arise:
A number of questions which do not have obvious answers emerge.
What is a computer program?
Is it really intellectual property which can be owned or is it more like an idea,
an algorithm, which is not owned by anybody?
If a computer program is intellectual property, is it an expression of an idea
that is owned (traditionally protectable by copyright) or is it a process that is
owned (traditionally protectable by patent)?
Is a machine-readable program a copy of a human-readable program?
These questions must be answered in order to formulate a useful
policy for protecting computer programs.

16

8
 Computer Ethics and Policy Vacuum
For Example: Is it ethical for a company with a Web site to place a
cookie on the hard drive of those who visit their site?
Is data mining morally acceptable?
Are internet domain names be distributed in a fair way?
Is it right for an individual to electronically reproduce and alter/edit
an artistic image that was originally created by someone else?

17

Computer Ethics and Policy Vacuum
Should surgery be performed remotely with medical imaging
technology?
Should computer graphical recreation of incidents be allowed to be
used in courtrooms?

18

9
 Overcoming the policy vacuum
(Reasoning by Analogy)
Reasoning by analogy:
It involves looking for familiar situations comparable to the one involving
computer and IT,
Then either accepting the equivalence of certain actions or identifying the
significant differences between the cases.

19

Analogy in Computer Ethics
Reasoning by analogy:
For Example: Conceptualizing the case of computer hacking and
comparing it with steeling a file from an office cabinet.
Your comparative Moral judgment:
1. Are the above two acts same?
2. If not, what are the differences?
3. How will you suggest to punish on these acts?

20

10
 Analogical reasoning is dangerous
Argument: Hacking is morally permissible because it provides a
service by identifying and revealing the flaws and vulnerabilities in
computer system
Comparable Argument: It is like setting a fire in a shopping mall in
order to show the flaws in the fire protection system
Your comparative Moral judgment:
1. Is this analogy right or wrong?
2. Which act (Hacking OR setting a fire ) is right or wrong? And on what
bases?

21

Analogical reasoning is dangerous
Comparable differences in the given example:

1. Setting fire in the mall puts individual lives at risk, While computer
viruses generally don’t.
2. Both actions cause property damage, but in most cases damage
caused by computer viruses is easily repairable.
3. Damage caused by fire could be limited whereas data corruption
through virus could produce immeasurable damage

22

11
 Analogical reasoning is dangerous
A direct comparison of such arguments is not only wrong but
dangerous as well. And we can not reach to the right decision in a
simple/ straightforward way.
What to do then?
Never compare computer-based and non-computer-based cases in just one
go – instead analyze it
While giving reasoning by analogy it is important to identify the differences as
well as similarities between computer based and non-computer-based cases

23

Computer used in Social Context
Computer and IT is developed and used in a social context rich with
moral, cultural, Economic, and political ideas.
Therefore to use the computer technology we need to consider the
environment e.g., business, home, educational institute, criminal
justice system, medicine, science, social relations etc.,
See human purposes and interests, institutional goals, social relationships,
traditions, social conventions, regulations and so on.

24

12
 Challenges
Increasing complexity increases vulnerability:
The computing environment has become very complex
Networks, computers, OS, applications, Web sites, switches, routers and
gateways are interconnected and driven by hundreds of millions of lines of
code
The number of possible entry points to a network expands continually as more
devices are added, increasing the possibility of security breaches

25

Challenges
Higher computer user expectations:
Time means money
Help desks are under intense pressure to provide fast
responses to user’s questions.
Sometimes forgets to verify user’s identities, or to check
authorization to perform a requested action

26

13
 Challenges
Expanding and changing systems introduce new risks:
Businesses had moved from an era of stand-alone computers to a network era
– personal computers connect to networks with millions of other computers all
capable of sharing information.
E-commerce, mobile computing, collaborative work groups, global business
It is increasingly difficult to keep up with the pace of technological change,
successfully perform an ongoing assessment of new security risks, and
implement approaches for dealing with them

27

Challenges
Increases reliance on commercial software with known vulnerabilities:
Exploit is an attack on an information system that takes advantage of a
particular system vulnerability. Often, this attack is due to poor system design
or implementation.
Once a vulnerability is discovered, software developers create and issue a
“fix” or patch to eliminate the problem. Users are responsible for obtaining
and installing the patch. Any delay in installing a patch exposes the user to a
security breach.
A rate of discovering software vulnerabilities exceeds 10 per day, creating a
serious work overload for developers who are responsible for security fixes.

28

14
 Challenges: Increases reliance on commercial software with
known vulnerabilities:

A zero-day attack take place BEFORE the security community or a
software developer knows about a vulnerability or has been able to
repair it.
http://www.computerworld.com/securitytopics/security/hacking/story/0,10801,90447,00.html?f=x583

Malicious hackers are getting better and faster at exploiting flaws.
The SQL Slammer worm appeared in January 2004, eight month after
the vulnerability it targeted was disclosed:
http://www.computerworld.com/softwaretopics/software/groupware/story/0,10801,89637,00.html

29

Challenges: Increases reliance on commercial software with
known vulnerabilities:

In August 2005, the ZOTOB computer worm began targeting
corporate networks that run Windows 2000, less than a week after
Microsoft released a critical patch addressing the vulnerability
http://www.cnn.com/2005/TECH/internet/08/16/computer.worm/index.html

In an attempt to avoid further attacks and the ultimate zero-day attack,
computer security firms and software manufactures are paying hackers
to identify vulnerabilities before they can be exploited.
http://www.businessweek.com/magazine/content/05_34/b3948022_mz011.htm?chan=tc

30

15
 Lecture 3

Ethics for Computing
Professionals

1

Outline

Professional Ethics
Professional Ethics for computing
Differentiating Professional and Occupational roles
Computer Professional Role
Characteristics of Profession
Professional Relationships
Code of Ethics an example
Issues with code of ethics

2

1
 Professional Ethics

Provides rules on how
Principles that govern
a person should act
the behavior of a
towards other people
person or group in a
and institutions in such
business environment.
an environment.

3

Scenario-1: “Developer-A got engaged
with a project involved in designing a
system to monitor radar signals and
launch nuclear missiles in response to
these signals (involves equipment of mass
destruction). There he detected some
flaws in the system of making fine
distinctions e.g., between small aircraft
Scenario - 1 and a missile, as well as flaws in security.
He reported these flaws to the higher
management in order to keep the
equipment safe, but they refused
because they were already behind
schedule and exceeding budget.”

In Your opinion? What should
Developer-A do?

4

2
 Scenario-2
“Developer-B as consultant of a toy
manufacturing company describes some
security options for designing a sensitive
database of company employees. Which
she think is of core importance. But the CEO
and Line management didn’t agree for more
security due to exceeding budget.”

In Your opinion? What should Developer-B
do?

5

Suitable Ethical Decision
for both developers A & B
The developer should suggest the
higher management to employ more
programmers along with further
promotion of automated software
development and complete the work by
adopting crash programming strategy
and to save their credibility with a little
financial loss.

6

3
 Professional Ethics -
Definitions
Professional Ethics concerns one's conduct of
behavior and practice when carrying out professional
work, e.g., consulting, researching, teaching and
writing
Professional ethics is the ethical norms, values, and
principles that guide a profession and the ethics of
decisions made within the profession.
Professional ethics is the set of rules governing the
conduct, transactions, and relationships within a
profession and among its publics.

7

Types of Roles
While defining professional ethics ‘roles’ are required to be
differentiated as:

Professional
Occupational

8

4
 Professional roles carry with them socially
recognized power or privilege /special
rights and special responsibilities. For
Professional Role example role of a doctor, engineer, lawyer
etc.
(Qualification Doctors making decisions about
treatment for their patients,
related): Lawyers deciding the best strategy for
defending a client,
Architects deciding on the design of a
building

9

Occupational Roles (Job related):

Occupational roles do not allow or require that the role-holder act outside
ordinary morality. For example
sales personal,
construction workers,
Office secretaries etc.

10

5
 Managers (use computers and applications)

Librarian (Administers library database etc.,) Graphic
artists (Performs on computer graphics etc.,)

Identify Engineers (Other than Computing; use CAD, CAM etc.)
computing Security experts (Use and write security SW) Teachers
(Computing and others)
professionals?
Researchers (Computing and others) Computer
venders (SW installation etc.,)

Internet Services Providers (configure servers etc.,)

11

Generally a computer professional do not
acquire any special, socially recognized power or
privilege by virtue of being a computer
professional as like doctor, architect, journalist
Computer etc.,
Professional Whereas, they have special powers and
privileges by virtue of their efficacy
Role (effectiveness or power to affect the world) skill,
and knowledge and the positions they hold in
the organization.

12

6
 Profession

A profession is a career founded upon specialized
educational training, the purpose of which is to supply
objective counsel and service to others, for a direct and
definite compensation, wholly apart from expectation of
other business gain. [WikiPedia]

13

Profession vs. Occupation
Profession Occupation
1. Specialized Education 1. General Education of a particular
level
2. Specialized Training related with 2. Job related Training
education
3. Social Function 3. Job related function

4. Allow or require to act outside 4. Do not allow or require to act
ordinary morality outside ordinary morality
5. A direct or definite compensation 5. Salary against service
for a service
6. More autonomy in daily work 6. Less autonomy to take decision

7. Require membership of formal 7. Do not require to be member of a
organization formal organization

14

7
 Characteristics of Profession
Professions are often associated with the following set of
characteristics:
1. Mastery of an esoteric (ambiguous, obscure ) body of knowledge,
usually acquired through higher education.
1. A member of the profession needs this body of knowledge in order to practice;
those who do not master the knowledge cannot do the work.

2. Autonomy in practice (at individual and collective levels).
1. Rather than being regulated by outsiders, the profession sets its own admission
standards and standards of practice.
2. Members of professions generally have more autonomy in their daily work.

15

Professional Relationships

Professional Ethics must take into accounts:

Relations between employer and employee

Relations between professionals and clients

Relation between professional and society

Relations among professionals

Specialized technical details of the profession

16

8
 Relations between Employer and Employee

On getting a job an employee:
 Explicitly accepts some hiring conditions like salary, working hours
etc.

 Conditions of law are binding without specifying

 Conditions of employee’s union apply
 Moral conditions which depicts ethics and that can not be anticipated
at an early stage gets binding automatically. E.g., mutual respect of
employer and employee; honesty; Loyalty

17

Relations between Professional and Client

Both client and professional get into contract with mutual
understanding
Because most of the time, client totally depends upon professional
therefore ‘trust’ is must.
Disparity (inequality) in knowledge and expertise of the parties in
client-professional relationship is important.
This disparity can be handled through different models like: Agency,
Paternalism, Fiduciary/ trust

18

9
 Relations between Professional and Client

 Agency model: The professional is to act as the agent of the
client and simply implement what the client requests. Here the
implication is that the client retains all decision-making
authority. (Stock broker)
 Paternalistic model: The client transfers all the decision-
making power to the professional. (Doctor, Lawyer, Software
Engineer)
 Fiduciary/Trust model: The client retains decision making
authority but makes decisions on the basis of information
provided by the professional. (Honest computer professional)

19

Relation between Professional and Society

Use of special powers and privileges by virtue of their
efficacy (worth), skills, and knowledge and the positions of
professionals
It is only for the benefit of society and in public interest.

20

10
 Relations among Professionals

This relationship must be on the basis of mutual respect
(e.g., Egoless programming in XP)
Always for the benefit of the organization and the society
in general. (colleagues working on same domain)

21

Ethics for Computing
Professional

A computing professional must understand
Cultural, social, legal, and ethical issues in
computing, his responsibility and possible
consequences of failure

22

11
 a statement of the shared commitment of
the members

Expresses the experience of professional
members and their consensuses.

Code of Ethics
Statements for public as well as for
members of a profession.

To establish public interest

23

It sensitize members to issues that they might
not be aware of.

Code of ethics may be a statement of agreed
upon rules or standards

Code of Ethics
It may be used as a mechanism for educating
or socializing.

States the principles and core values that are
essential to the work of a particular
occupational group.

24

12
 Code of Ethics

 Association of Computing Machinery ACM (founded 1947) has a code of ethics and
professional conduct:
http://www.acm.org/constitution/code.html
 Association of Information Technology Professionals AITP (founded 1996) – provides
quality IT-related education, information on relevant IT issues, and forums for
networking with experienced peers and other IT professionals. The AITP also has a code
of ethics:
http://www.aitp.org/join/SCOH17CodeEthicsSt dsCdt.pdf

Computer Society of the Institute of Electrical and Electronics Engineers (IEEE – CS) (founded in
1946). The Software Engineering Code of Ethics and Professional Practice:
http://www.acm.org/serving/se/code.htm
Project Management Institute (PMI) – established in 1969. PMI Member Code of Ethics:
http://www.pmi.org/info/AP_MemEthStandard s.pdf

25

Properties of Professional Code
of Ethics
Professional code of ethics:
Symbolize professionalism
Protect group interests
Specify membership etiquette
Inspire good conduct
Educate and discipline members
Foster external relations
Enumerate principles, express ideals
Put forth rules, offer guidelines
Codify rights

26

13
 Engineering Ethics

Engineering is an important and learned profession. Therefore, Engineers are expected to exhibit the
highest standards of honesty and integrity
Services provided by engineers require:
Honesty
Impartiality
Fairness
Equity

27

A legal system is not a
complete and correct guide
to moral behavior
Codes of ethics are mostly
voluntary
May encounter situations for
Problems with which the code makes no
explicit recommendations
Codes of Ethics Goodness cannot be defined
through a list of Dos and
Don'ts
You must use your internal sense
of ethics. Always listen to the
bell that rings inside you.

28

14
 Lecture 4 – Internet and Ethics

Ethics for Computing
Professionals

1

Outline

Internet and Computer Ethics (a discussion-
based approach)

Unique features of Internet

Prose and Cons of Internet

Categories of Problematic behavior of Internet

Netiquettes and Ethical Rules

2

1
 Internet and Computer Ethics

 Internet has generated an endless array of ethical
issues.
 Ethical issues surrounding computer and information
technology are new species of generic moral problems.

Moral Problems like: Breaking in, Stealing, being a
nuisance, disruption, Slander, Fraud, Stalking, Bullying
etc

3

Internet and Computer Ethics

 Internet: A collection of interconnected networks
– looks like a single, unified network (Carrying
ethical issues related with networks)

 Internet is a worldwide source of communication.
Its technology is quite different in several aspects
from the other prevailing sources of
communication like: telephone, radio, television,
ordinary mail.

 Due to its different nature the internet has
raised new ethical as well as other issues

4

2
 Internet as source of communication: Special
features
 Internet as a mean of communication is revealed
to have three morally significant characteristics:

1. Unusual Scope: It has an unusual scope in that it
provides for many-to-many interactive communication
on a global scale

2. Anonymity: It facilitates a certain kind of anonymity
(Hidden appearance, name, age etc.,)

3. Reproducibility: It has reproducibility (making copies
and spread to infinite number of people or places)

5

Pros and Cons of Internet

+ Internet makes life easier in some ways

Internet creates problems sometimes

+ Internet enhances and improves certain
aspects of our lives

Internet diminishes certain other aspects of our lives

+ Internet brings social benefits

Internet brings social costs

6

3
 Pros and Cons of Internet

Internet brings individuals from across the
globe closer together, in principle increasing
the potential for tolerance and peace.
Internet intensifies economic competition among nation-states
which intern increases the potential for conflict

Internet extends the power and reach of
individuals, governments, and businesses
Internet extends the power and reach of criminals and terrorists

7

Pros and Cons of Internet

+ Internet increases the potential for individuals
to be informed

- Internet increases the potential for individuals
to be mis-informed and manipulated

+ Internet provides a new arena for
entertainment and sociability

- Internet provides a new arena for those whom
would exploit, harass, stalk, and suffering others

8

4
 Problematic behavior of Internet

 The problematic behavior of Internet can be
categories into three categories:
1. Behavior that is explicitly declared illegal:
Hacking and Cracking
Hacking: It refers to unauthorized breaking into
the security of a network or other’s computer
Cracking: It refers to subset of illegal behaviors
that involve unauthorized access to internet or
other’s computers and aim at disruption and
damage.
It involves acts like: intentionally sending malware,
DOS attack, unauthorized taking control of a web site

9

Problematic behavior of Internet

2. Behavior that is illegal but here the core
character of criminal act predates the Internet
(use of internet for other crimes) e.g., Cyber
stalking, Fraud, harassment, terrorism etc.

3. Behavior that is not explicitly declared illegal
but framed as a matter of civil behavior or
‘netiquette’. E.g., Not remaining truthful

10

5
 Netiquette

Netiquette: A set of informal social
conventions specifying how to behave when
interacting on the internet

 Violation of netiquettes may be considered
unethical but they are not illegal

Issues like Flaming, Spamming can be
curtailed through Technological and Social
policy approaches

11

Ethical rules for netiquette

Dark Mountain’s Ethical rules for netiquette:
1. Be polite,
2. Be patient
3. Don’t break any laws
4. Be positive
5. Be truthful
6. Be honest
7. Be humble
8. Be Careful

12

6
 Problematic behavior of Internet

Netiquettes can also be applied through
Policy approaches like:

(1)By the use of technology e.g., Cryptography,
Parental control, Spoofing

(2)Through social values

13

7
 Lecture 5 – Privacy and Ethics

Ethics for Computing
Professionals

1

Outline
Privacy and Computer Ethics
(a discussion-based approach)

Defining ‘Privacy’

‘Computers and Privacy’ issues

Information Privacy

2

1
 Privacy and Ethical issues
 Privacy is, perhaps, the most important of the
ethical issues surrounding CS & IT

 Privacy breaches raise ethical issues therefore
privacy is required to be addressed on ethical
grounds.

3

Privacy
 Privacy refers to personally identifiable
information about an individual or an
organization

 Privacy does not mean absolute freedom from
observation Rather Privacy means “state of
being free from unsanctioned intrusion”

 Financial and medical institutions treat privacy
as part of their compliance requirements

4

2
 Various Aspects of Privacy
 Privacy is a risk management issue (managing
the risk of exposure of private thing to un-sanctioned
entities.)

 Privacy overlap with other concepts such as
freedom or liberty, autonomy, and secrecy

5

Various Aspects of Privacy
 Privacy can be interpreted in two different ways:

1) Privacy as Instrumental good: Privacy is valuable
because it leads to something else(act as instrument
or as a weapon).

Value of privacy lies in its connection to something
else like “you are using my computer therefore
breaching my privacy” (Here computer itself is used as
instrument because of data inside it is taken as private on
behalf of the person)

6

3
 Various Aspects of Privacy
For example as an instrumental good:

 “Privacy is necessary for democracy”; (Freedom of
thought i.e. democracy can not be observed if individuals
are constantly being observed)

 “We have to have privacy to have relationships of
intimacy and trust”.

7

Various Aspects of Privacy
2) Privacy as Intrinsic(fundamental) good: When
privacy is presented as a good in itself, it is
presented as a value in and of itself.

Autonomy (self sufficiency) is fundamental to what it
means to be human, to our value as human beings.
And autonomy is inconceivable without privacy. This
means that if privacy is lost the autonomy is lost.

8

4
 Information and Privacy
 Information about an individual seems to be a
fundamental precondition for establishing a
relationship with that individual because:

People need to control information about
themselves in order to maintain a diversity of
relationships like: with parents, brothers and
sisters, spouse, friends, teachers, employers,
casual acquaintances, etc.

If everything of yours is open to all then
diversity would not be possible. You would
have similar relationship with all.

9

Information and Privacy
 Computer and Information Technology has provided
new and valuable sources to keep information which
could be private.

 It has changed record-keeping activity in the
following ways:

1) It has made a new scale of information gathering
possible

2) It has made new kinds of information possible
(e.g., transaction generated information (TGI))

Purchase through credit card, telephone call, Entry Exit intelligent highway.
Every where the data is being generated and used

10

5
 Information and Privacy
3) It has made a new scale of information
distribution and exchange possible

4) The effect of erroneous information can be
magnified

5) Information about events in one’s life may
endure (continue) much longer than ever before

11

Information and Privacy
 It is said that it is due to information handling
ability of computer that privacy breaches gets
happen that raise ethical issues.

But in actual it is individuals and organizations that
are creating, gathering, exchanging, and using
information.

 Under this scenario for better ethical solutions we
at first need to explore the uses of information and
then the use of computer for these uses.

12

6
 Information and Privacy
 Those (government and private agencies) who use
private information argue that they use it for:
 Making better decisions in the benefit of others.
 On the other hand who’s information are being used feel
discomfort and fear of getting miss-use of their information.

13

Class Discussion

The biggest threat to your privacy
is You? Your own bad self……..?

14

7
 Class Discussion
The biggest threat to your privacy is You? Your
own bad self……..?

Because at first hand it is you who has to:

declare privacy norms at various levels through
your personal actions

mitigate the privacy risk by adopting various
technological and policy measures

15

Class Discussion

Should there be proper legislation
for controlling information privacy
breach?

16

8
 Privacy Protection
 Following measures can be taken for better privacy
protection:

1. Broad Conceptual Changes and Legislative
Initiatives: Think of privacy as a social good and
exercise democracy

2. Technology: Building of technology with the
perspective of not breaching privacy OR use
technology for reducing privacy breach.

17

Privacy Protection
3. Role play of computer professionals: For example
legislation by ACM

i. To minimize the data collected

ii. To limit authorized access to the data

iii. To provide proper security for the data

iv. To determine the required retention period of the data

v. To ensure proper disposal of the data

18

9
 Privacy Protection
4. Implementation of institutional policies: Every
organization must be made responsible to draw its
own privacy policy.

5. Personal actions: Defining privacy protection rules
for its own and for others related.

19

10
Lecture 6 – Intellectual and Property
Rights

Ethics for
Computing
Professionals
Ethical Issue
 How to grant Intellectual property
rights (Copy right, Patent, Trade
secrecy) to HW as well as SW
claimants?

 How to deal with using property righted
things in research, innovation, and
creativity?
Property Rights and Ethics
Outline
True nature of software

Thinking of software as intellectual
property

Owning a software

Law making about software products
True nature of software
 Computer as combination of hardware
and software

 Nature of the software as compare to
other items
Owning software
 Although a piece of SW that is being used by
millions, it is not owned by any of them!
Instead, it is said to be owned by the maker/
developer of the SW

The makers let us use their SW but keep the
ownership to themselves. When we buy a SW
package, we do not really buy it – we just buy a
license that allows us to use it, the ownership
stays with the maker
Owning various aspects of software
One can own the following aspects of a program:

 The “source code” which is written by the
programmer(s) in a high-level computer language.

 The “object code”, which is a machine-language
translation of the source code.

 The “algorithm”, which is the sequence of machine
commands that the source code and object code
represent.

 The “look and feel” of a program, which is the way
the program appears on the screen and interfaces
with users.
Owning software
 There are essentially four types of intellectual
property rights relevant to software:

1. Patents,

2. Copyrights,

3. Trade Secrets, And

4. Trademarks

 Patents, copyrights and trade secrets can be used to
protect the technology itself whereas Trademarks
protect the names or symbols used to distinguish a
product in the marketplace.
Owning software (Patent)
 “A patent provides an exclusive legal monopoly
granted by a sovereign state for a limited period of
time (20 years is US) on the use of the patented item
in exchange for detailed public disclosure of an
invention.” It is a reward for the time and effort
expended in creating the invention (a solution to a specific
technological problem and is a product or a process).

 A patent gives right to exclude others on making,
using, selling or offering for sale, and importing
products
Owning software (Patent)
Once a patent for an invention is granted,
subsequent "independent" (i.e., without access to
the patented technology) development of the
invention by another inventor is still considered
infringement.
Owning software (Patent Law)
 Patents can be obtained for ideas, systems, methods,
algorithms, and functions embodied in a software
product: editing functions, user-interface features,
compiling techniques, operating system techniques,
program algorithms, menu arrangements, display
presentations or arrangements, and program
language translation methods.

 Applications or implementations of ideas can be
owned, but abstract ideas, mathematical algorithms,
mental steps, or laws of nature can not be owned
Thinking of software as intellectual
property
Whether current legal tools are adequate for computer
software?

Should computer software be owned at all? (open
source vs. proprietary)

Should it be treated as property? (Program, Algorithm,
Data)

- Intellectual property laws treat each aspect of
software in different way.

- WTO is involved in making the law about software as
intellectual property
Owning software (Copyright)
Copyright (Protect Expression) includes exclusive
right to copy the software, create derivative or
modified versions of it, and distribute copies to
the public by license, sale or otherwise.

Copyright protection arises automatically upon
the creation of an original work of authorship.
There is no need to "apply" for a copyright or
register the copyrighted work in order for
protection to exist.
Owning software (Copyright)
 Generally, the duration of a copyright is the
author's life plus Seventy years (from 1998).

In the case of software created by an
employee during the course of his or her
employment, the resulting "work made for
hire" would be protected by copyright law for
seventy-five years from publication.
Owning software (Copyright law)
Copyright Law: Expression of ideas can be owned
but not the ideas themselves

In the case of software, copyright law would
protect the source and object code, as well as
certain unique original elements of the user
interface.

The law also protects against indirect copying,
such as unauthorized translation of the code
into a different programming language.
Owning software (Copyright law)
For Example: idea of introducing touch screen
system can not be owned. But how to
implement it, can be owned
Owning software (Trade Secrecy)
 A trade secret is any formula, pattern,
compound, device, process, tool, or mechanism
that is not generally known or discoverable by
others, is maintained in secrecy by its owner,
and gives its owner a competitive advantage
because it is kept secret.

 A trade secret can theoretically last for as long
as its owner uses reasonable efforts to keep it
secret and someone else doesn't independently
create or "discover" it. These are subject to
theft.
Owning software (Trade Secrecy
law)
Main Features of Trade secrecy:

(1)have novelty,

(2)represent an economic investment to the
claimant/applicant,

(3)have involved effort to keep the
information a secret,

(4)the company must show that it made some
technical effort to keep the information a
secret.
Owning software (Trademark law)
Trademark: Trademark law governs the use of a
device (including a word, phrase, symbol,
product shape, or logo) by a manufacturer or
merchant to identify its goods and to
distinguish those goods from those made or
sold by another. (https://www.bitlaw.com/trademark/index.html)
Owning software (Trademark law)
A mark shall be registered for a period of ten (10)
years. It may be renewed indefinitely for the
same period if it has been used within the five
(5) years prior to each expiry for the marketing
of a good, the provision of a service or as part
of the designation of an activity.

The transfer of a registered mark shall be valid in
respect of third parties once the mark has been
registered with the National Directorate of
Industrial Property.
Questions?
Ethics for Computing Professionals
COMP-401
Computer Ethics and
Accountability
 IEEE - Code of Ethics (as ready
reference)
 In recognition of importance of our technology in
affecting the quality of life we commit ourselves to
conduct of the highest ethical and professional
manner and agree to:

1. accept responsibility in making decisions
consistent with safety, health, and welfare of
the public
2. avoid real or perceived conflicts of interest
3. be honest and realistic in stating claims or
estimates
4. reject bribery in all forms
5. improve understanding of technology, its
application, and potential consequences
6. maintain and improve our technical competence
and undertake technological tasks for others only
if qualified
 IEEE - Code of Ethics (cont.) (as
ready reference)
7. seek, accept, and offer honest criticism of technical
work

8. acknowledge and correct errors

9. credit properly the contributions of others

10. treat all persons fairly regardless of race, religion,
gender, disability, age, or national origin

11. avoid injuring others, their property, reputation, or
employment by false or malicious action

12. assist colleagues and co-workers in their
professional development and to support them in
following this code of ethics
Class Discussion

Should there be Accountability
for Violation of Computer

Ethics? How?
Contents
Some Key Terms

Why Accountability in CS & IT

Various relationships of computing
people and accountability

Software as Product or Service

Diffusion of Accountability

Moral responsibility
Key Terms
 Accountable

1.- “Person (which could be a collective unit such as
a government, agency or legal person such as a
corporation) is the appropriate agent to respond
for an event or incident or Situation.”

2.- “Required to render account: answerable”

 Responsible - “Being a source or a cause”
Responsibility
Role Responsibility: Equal to Duty. It refers to
what individuals are expected to do according
to their social roles.

Causal Responsibility: An individual is responsible
for an untoward [not favorable] event. The
individual was the cause of the event. Not only
applicable to human being but to animals and
nature forces
Responsibility
 Blameworthy: The attribution of responsibility
is made in basis of judgment that a person did
something wrong and his or her wrongdoing led
to an unfavorable event. In this case
circumstances can prevent someone for being
blameworthy
Responsibility in software
Software Buying and Selling:

Responsibility in software: Manufactures, Stores and
Salespeople, Contractual Relationship:

 License Agreement

 Warranties and liabilities

 Torts: Any Wrongful act other than breach of
contract for which a civil action may be brought
Software as Product Or Service
Unlike other things software is intangible and
considered as intellectual property

 Mass marketed software will be a product (It
imposes strict responsibility on the producer),

 customized software is considered a service (It
fixes liability on the act of negligence at both
producer’s and user’s end)

 If the software was bought and then tailored, it
will be a combination of a product and a
service.
Diffusion of Accountability
It is a phenomenon whereby a person is less likely
to take responsibility for action or inaction
when other bystanders or witnesses are
present.

Moral responsibility is more difficult to decide than
Legal responsibility.

Diffusion appears most in moral responsibility.
Diffusion of Accountability
For example,

Diffusion of responsibility could explain why you
might not put in as much effort on a group
project as you would on an individual project

Why (because your classmates are also
responsible for doing the work).
Diffusion of Accountability
Factors that contributed to diffusion of
responsibility:

a) The scale and complexity of the computer
systems

b) The “many” hands involved in developing,
distributing and using them

c) The way in which computer systems sometimes
mediate human decision making
Moral Responsibility
How individual moral responsibilities should be
placed?

Moral responsibility tends to be shared: many
engineers are responsible for the safety of the
products that they design, not just a
designated safety engineer


Placing Moral Responsibility
Strict Liability

strict liability is the imposition of liability on a
anyone without a finding of fault

Utilitarian view

determines right from wrong by focusing on
outcomes....

To act in a manner that will increase
happiness/wellbeing

which provides maximum benefit to the largest
number of people
 Placing Legal Responsibility
An individual or an organization can be legally
responsible, or liable, for a problem.

That is, the individual could be charged with a
crime, or the organization could be liable for
Damages
Responsibilities to the Public

The Engineer’s most important obligation is to
ensure the safety, health, and welfare of the
public.

Engineers have a special obligation to ensure the
safety of the objects that they produce.

guarantee the safety of the public
improve the quality of life of those who use
computers and information systems.
enhance the public’s understanding of
computing
contribute their technical knowledge to
discussions about public policies regarding
computing.
Responsibilities to Employers
Most computing professionals work for
employers. Professionals often have access to the
employer’s proprietary information such as trade
secrets

Professional must keep this information
confidential.
Professional must also honor intellectual
property owned by the employer
The professional does not have the right to
profit from independent sale or use of this
intellectual property
Ethics for Computing
Professionals
Computer Crimes
Objectives
1. Describe trends in computer crimes and protection against viruses and denial-of-service attacks.
2. Understand techniques to combat “cracker” attacks.
3. Understand the history of computer crimes.
4. Describe several different cyber-attacker approaches and motivations.
5. Identify the professional’s role in security and the tradeoffs involved.
6. Develop measures to be taken both by individuals themselves and by organizations (including government)
to prevent identity theft.
Computer Crime – what is it?
A computer crime is a crime like any other crime, except that in this
case the illegal act must involve a computer system either as an
object of a crime, an instrument used to commit a crime, or a
repository of evidence related to a crime.
With the Internet, the scope of computer crimes has widened
Its an illegal act that involves a computer system or computer-related
system such as any mobile device, satellite, or other
telecommunication system that connects one or more computers or
computer-related systems.
Examples
Intrusions into Public Packet Networks
Network integrity violations
Privacy violations
Industrial or fi nancial espionage
Pirated computer software
Computer-aided fraud
Internet/e-mail abuse
Using computers or computer technology to commit murder,
terrorism, hacking, and many other crimes.
Reasons of Computer Crimes and Resources
Used
Computer crimes target computer resources for a variety of
reasons:
Hardware such as computers, printers, scanners, servers, and
communication media
Software that includes application and special programs, system
backups, diagnostic programs, and system programs such as
operating systems and protocols
Data in storage, transition, or undergoing modification
Categories of Computer Crimes
Human blunders, errors, and omissions – known as Malfunctions
Intentional threats
Viruses
Source of almost all computer crimes are viruses and hacking.
They become one when used together
The term virus is derived from the Latin word virus that means poison
Computer virus is a self-propagating computer program designed to
alter or destroy a computer system’s resources.
It attaches itself to software, grows, reproduces many times, and
spreads in the new environment.
Hacking
Hacking, as a computer attack technique, utilizes the Internet working between
computers and communication devices.
As long as computers are not interconnected in a network, hacking cannot take
place.
The first notable system penetration attack actually started in the mid-1980s
As the Internet grew, hacker activities increased greatly
The first headline-making hacking incident involving a virus took place in 1988
when a Cornell graduate student created a computer virus that crashed 6000
computers and effectively shut down the Internet for 2 days
The period between 1980 and 2001 saw sharp growth in reported incidents of
computer attacks. Two factors have contributed to this phenomenal growth:
the growth of the Internet and the massive news coverage of virus incidents.
Types of Computer Systems Attacks
Penetration
Denial-of- service attacks
Penetration
A penetration attack involves breaking into a computer system using
known security vulnerabilities to gain access to a cyberspace
resource.
Intruder has full access to all that system’s resources.
Allows an intruder to alter data files, change data, plant viruses, or install
damaging Trojan Horse programs into the system.
These attacks can be local on a LAN on which the program is run, or global on
a WAN such as the Internet
Sources of Penetration Attacks
Insider Threat. For a long time, penetration attacks were limited to inhouse
employee-generated attacks to systems and theft of company property.
Hackers. Hackers penetrate a computer system for a number of reasons,
including the thrill of the challenge, bragging rights in the hacker
community, and illicit financial gain or other malicious purposes.
Criminal Groups. A number of penetration attacks come from insiders and
hackers with youthful intents, there are several attacks that originate from
criminal groups
Hactivism. motivated attacks on computer systems, usually web pages or e-
mail servers of selected institutions or groups by activists. A group with a
cause overloads e-mail servers and hacks into web sites with messages for
their causes.
Denial of Service
Denial-of- service attacks, commonly known as distributed denial of
service (DDoS) attacks, are a new form of computer attacks.
They are directed at computers connected to the Internet.
Affect the system by diminishing the system’s ability to function; are
capable of bringing a system down without destroying its resources.
typically aim to exhaust the network bandwidth, its router processing
capacity, or network stack resources, thus eventually breaking the
network connectivity to the victims;
Costs and Social Consequences
In nearly all countries there is no required reporting mechanism in
government agencies, even the private sector, to detect intrusions
and report such intrusions.
In the private sector, there is very little interest in the reporting of any
system related intrusions.
It is reported in some studies that a majority of all e-attacks are
generated and started by inside employees, which makes the job of
detection and reporting very murky
Many nations have no required and trained security agencies to fight
e-attacks.
Reasons for Growth of Cyber Crimes
Rapid technology growth.
Easy availability of hacker tools.
Anonymity
Cut-and-paste programming technology.
Communications speed.
High degree of internetworking
Increasing dependency on computers.
Lack of Cost Estimate Model for Cyberspace
Attacks
As the prices of computers and Internet-able mobile devices plummet and
Internet accessibility becomes global, cyber attacks are likely to skyrocket.
Cost estimating cyber attacks in this changing environment is becoming
increasingly very difficult.
Even in a good environment, estimates of cyber attack crimes are difficult.
The efforts to develop a good cost model is hindered by a number of
problems.
It is very difficult to quantify the actual number of attacks.
There has been no conclusive study to establish a valid figure that can at least give us
an idea of what it is that with which we must cope.
90 % of all computer attacks both reported and unreported are perpetrated by
insiders which are rarely reported even if they are detected.
Social and Ethical Consequences
it is difficult to estimate the actual costs of e-attacks on physical
system resources.
Psychological effects. These effects depend on the attack motive and may result
in long-lasting psychological effects such as hate
Moral decay. There is a moral imperative in all our actions. When human actions,
whether bad or good, become frequent, they get normal
Loss of privacy. After headline-making e-attacks that wreaked havoc on global
computer systems, there is a resurgence in the need for quick solutions to the
problem that seems to have hit home.
Trust. Along with the loss of privacy, trust is lost. Individuals once attacked lose
trust in a person, group, company, or anything else believed to be the source of
the attack or believed to be unable to stop the attack.
Computer Crime Prevention Strategies
Preventing computer crime is not a simple thing to do because to do
that one needs to understand how these crimes are committed and
who is involved in these crimes.
To prevent such crimes, therefore, we need to focus on three entities
in the game:
The computer as a tool used to commit the crimes,
the criminal who is the source of the crime,
and the innocent victim of the crime.
Protecting Your Computer
Physical Protective Measures
Procedural and Operational Protective Measures
Anti-Virus Protection
Physical Protective Measures
Install surface locks, cable-locking devices, and fiberoptic loops to
prevent equipment theft.
Locate the computer and data storage away from outside windows
and walls to prevent damage from external events.
Install strong doors and locks to the computer room to prevent
equipment theft and tampering.
Reinforce interior walls to prevent break-ins. Extend interior walls to
the true ceiling.
Restrict access to computer facilities to authorized personnel
Procedural and Operational Protective
Measures
Classify information into categories based on importance and
confidentiality
Install software access control mechanisms.
Design audit trails into your computer applications
Establish procedures for recovering your operating system if it is
destroyed
Review automated audit information and control reports to
determine if there have been repeated, unsuccessful attempts
Encrypt confidential data stored in computers or transmitted over
communication networks.
Anti-Virus Protection
Do not bring disks in from outside sources.
Scan demo disks from vendors, shareware, or freeware sources for
viruses.
Restrict use of electronic bulletin boards.
Scan downloaded fi les for viruses. Avoid downloading executable
files.
Make regular backups to aid in recovery.
The Computer Criminal
Pass Computer Crime Prevention Laws
Enforcement of Criminal Laws
Moral Education
Pass Computer Crime Prevention Laws
Local and national governments should pass laws directed
toward computer crimes including:
computer tampering, computer fraud, and other computer crimes.
So that if a person commits a computer crime offense, when
knowingly and without the authorization of a computer’s owner,
or in excess of the authority granted that person, if found guilty,
should serve a court sentence consonant to the extent of his or
her crime.
Enforcement of Criminal Laws
We cannot fight computer crimes, whether or not we have laws on
the books, unless those laws can be enforced.
Thus, one way of reducing computer crime is to aggressively enforce
computer crime laws with just but stiff sentences that send a
message to would-be criminals that they will pay the price if they
perpetuate computer crimes.
Moral Education
There is a need for computer ethics education that includes an ethical
framework which may make the would-be criminal reflect on the
pending act.
Computer ethics education, just like all types of education, is a long-
time investment especially in the youth, not only to build their
character but also to guide their actions throughout their lives.
The Innocent Victim
Personnel Policies
Monitor activities of employees who handle sensitive or confidential data
Change security password codes to block further access by employees who
leave or are fired.
Establish rules for computer use by employees, including removal of disks or
printed output.
Educating the Computer User
Need to educate the user to be aware of possible sources of computer crime
and what to do if and when one becomes a victim of a computer crime.
Ethics for Computing
Professionals
Cyberbullying
Objectives
1. Understand circumstances surrounding cyberbullying.
2. Understand the legal defi nition of cyberbullying.
3. Describe the different types of cyberbullying.
4. Learn about the evolution of cyberbullying in tandem with the evolution of online social media.
5. Learn the evolving legislation landscape of cyberbullying.
6. Recognize the difficulties and effects of cyberbullying.
7. Be able to identify and recognize the victims of cyberbullying.
8. Acquire the techniques and skills of handling cyberbullying.
9. Recognize the difficulties of managing cyberbullying.
Background
a social network is a theoretical mesh network, where each node is an individual,
a group, or an organization that independently generates, captures, and
disseminates information
Individual nodes must collaborate to propagate the information in the network.
The links between nodes represent relationships and social interactions
Many online social network groups have become established
The rapid growth of the Internet, and fast access to online services, contributed
to the creation of an exciting, seemingly unlimited virtual environment in which
anything is possible with the least effort.
Anonymity and telepresence are almost assured, creates a certain degree of
individual confidence that may sometimes reach realms of danger
Cyberbullying
Cyberbullying is an action of harming or harassing an individual or
individuals, mostly in the online social network environment, which we
refer to most commonly in the public commons as social media, but also
via any other digital networks, in a repeated and deliberate manner.
Actions that use information and communication technologies to support
deliberate, repeated, and hostile behavior by an individual or group, that is
intended to harm another or others.
Use of communication technologies for the intention of harming another
person.
Use of Internet service and mobile technologies such as Web pages and
discussion groups as well as instant messaging or SMS (short message
service) text messaging with the intention of harming another person.
Cyberstalking
Stalking, is defined as unwanted and/or obsessive attention given to
an individual or group by a perpetuator or perpetuators.
Cyberstalking, a cousin of cyberbullying, then is digital stalking,
usually using online media.
Cyberstalking comes in many versions, including but not limited to,
sending threatening messages to the victim, monitoring the victim,
extortion , false accusations, altering a victim’s information, identity
theft, and the list goes on.
The actions of a cyberstalker are usually repeated, persistent, and
often illegal.
Cyber Harassment
to harass is to continuously and persistently annoy someone: to
create an unpleasant or hostile environment for that individual,
especially by uninvited and unwelcome verbal or physical conduct,
and also to make repeated attacks against a victim [ 3 ].
Based on these definitions, then harassment is the act of doing one or
more of the foregoing, intended for disturbing, tormenting, or
annoying the victim.
When these acts are done by a person or a group of people using
online digital technology, then we have cyber harassment.
Types of Cyberbullying
Harassment
Flaming
Exclusion
Outing
Masquerading
 Harassment
harassment is the act of knowingly, purposely and repeatedly annoying;
creating an unpleasant or hostile environment, especially by uninvited and
unwelcome verbal or physical conduct; and making repeated attacks against
the victim.
Flaming
Flaming is “burning fiercely inside and emitting flames” by someone as a way
to express annoyance. In online networks and in social media, this may
involve exchanged e-mails, instant messaging, or chat rooms among the
parties involved. So if it is directed to an individual by a person or group of
people, it is a form of harassment.
 Exclusion
Exclusion harassment is slightly more difficult to defi ne, but it involves the
intentional exclusion of an individual or a group by another individual or group from
an online space for the purpose of using that space to harass the victim(s).
Outing
Outing is the unwanted and uncalled-for online display in the public commons of a
victim’s information and other attributes for no other purpose than harassment.
Masquerading
Because the digital online environment supports anonymity and telepresence, both
of which can enable an individual or a group to hide their true identity, to acquire
false identities, and to masquerade online with the intention of harassing others,
online environments support masquerading as a form of cyberbullying.
Areas of Society Most Affected by
Cyberbullying
Although the growth and popularity of communication technologies
has equally affected all of us, user preferences of these technologies
is stratified by a number of factors including age group, income level,
and geographic location.
Cyberbullying is more prevalent in school-age youth and in the
working communities, especially among white-collar workers.
Legislation Against Cyberbullying
With more awareness and better reporting, direct bullying activities
had been declining, until the Internet brought in a medium that
supported both the anonymity and telepresence of the bully.
So, anonymity , telepresence, and the ubiquity of the use of mobile
technology have all led to a rapid growth of the vice, thereby
increasing the number of victims and indeed even the number of
suicides of young victims.
Federal Laws
Cyberbullying is a vice that affects all social strata and income levels.
There have been many efforts for legislations to mitigate it.
However, even if no federal law directly addressing cyberbullying has
been passed, there are some cases where bullying overlaps with
discriminatory harassment.
State Laws
There is a patchwork of state-sponsored cyberbullying laws.
A great resource to learn about cyberbullying laws and legislations at
the state level is the Cyberbullying Research Center
For the time being, all these laws, whether state or local ordinances,
are simply directing school districts to have a bullying and harassment
policy, without stating the actual content of such policies.
International Laws
The rapid growth of the Internet, which has quickly engulfed the
globe, and the plummeting prices of Web-enabled smart mobile
devices that are bringing the rest of humanity into cyberspace, have
made cyberbullying into a global problem.
So, the desire to contain it is also global. Although the need is there
and is growing, only a few countries and regions have passed
legislation to combat it.
Among these are the European Union (EU), Canada, Australia, Spain,
UK, France , and Germany, but it is slow going.
Effects of Cyberbullying
cyberbullying is bullying using a new Internet supported medium.
Statistics from different countries are showing that the vice is
growing, hampered only by massive awareness campaigns, and hence
is affecting more and more people.
Similarly to all forms of bullying, cyberbullying affects everyone—the
bully, the victim, and the bystanders—although in different ways.
Thus, the effects vary by the type of bullying, the techniques used,
and the role one plays in the bullying cycle.
Kids Who are Bullied
Kids who are bullied are more likely to experience:
Depression and anxiety, increased feelings of sadness and loneliness, changes
in sleep and eating patterns, and loss of interest in activities they used to
enjoy. These issues may persist into adulthood.
Health complaints
Decreased academic achievement—by GPA and standardized test scores—
and school participation. They are more likely to miss, skip, or drop out of
school.
Kids Who Bully Others
Kids who bully are more likely to
Abuse alcohol and other drugs in adolescence and as adults
Get into fights, vandalize property, and drop out of school
Have criminal convictions and traffic citations as adults
Be abusive toward their others

Bystanders
Kids who witness bullying are more likely to
Have increased use of drugs
Have increased mental health problems, including depression and anxiety
Miss or skip school
Dealing with Cyberbullying
Awareness
Legislation
Community Support
Awareness
Find ways of developing massive education campaigns about what
cyberbullying is, who is affected, and its consequences, which may include
death.
Broad mass and targeted education campaigns are essential. These mass
awareness education campaigns are meant to focus on targeted audiences.
For example, if the audience is a school or school going children,
techniques must be found to deliver the message in quantities and
proportions that are relevant and acceptable to the targeted age group.
If it is targeted to a work environment, the delivery techniques of the
message are different.
Legislation
Mass education and awareness programs, however targeted they are,
can go only so far in the absence of policies, statutes, and laws with
corresponding enforcement.
Thus, legislation at either the state or federal level is necessary, at
least for schools.
In businesses, the best approach is for the companies to draw up
operating policies that involve guidelines of behavior for all workers.
Such company policies must be enforced to be effective.
Community Support
Communities should also become involved in cyberbullying reduction
and prevention.
Cyberbullying public awareness activities must be included in
community public activities, especially those directed to youth in the
community.
Part of the package of community cyberbullying awareness
campaigns should include some form of reporting. Without it, the
efforts are not likely to succeed.
Ethics for Computing
Professionals
Ethical, Privacy, and Security Issues
in the Online Social Networks – Part A
Learning Objectives
1. Understand computer networks, social networks and online social networks.
2. Understand privacy issues affecting online social networks.
3. Discuss privacy issues in social networks.
4. Discuss ethical issues in online social networks.
5. Discuss security issues in online social networks.
6. Discuss the limitations of the legislation network to manage online social, privacy, and security issues.
Brief Introduction – Types of Networks
A computer network is a distributed system consisting of loosely coupled computing elements
and other devices. In this configuration, any two of these devices can communicate with each
other through a communications medium.
A social network is a theoretical network in which each node is an individual, a group, or an
organization that independently generates, captures, and disseminates information and also
serves as a relay for other members of the network.
Individual nodes must collaborate to propagate the information in the network.
The links between nodes represent relationships and social interactions among individuals, groups, organizations, or
even entire societies.
Online social networks (OSNs) are social networks with underlining electronic communication
infrastructure links enabling the connection of the interdependencies between the network
nodes
Types of Online Social Networks
Chat Network
Blog Network
Instant Messaging Network (IMN)
Online Social Networks (OSNs)
Ethical and Privacy Issues in Online Social
Networks
Privacy is a human value consisting of a set of rights including:
solitude, the right to be alone without disturbances;
anonymity , the right to have no public personal identity;
intimacy, the right not to be monitored;
reserve, the right to control one’s personal information, including the
dissemination methods of that information.
These rights are part of our moral and ethical systems.
With the advent of the Internet, privacy has gained even more value
as information has gained value.
The value of privacy comes from its guardianship of the individual’s
personal identity and autonomy.
Ethical and Privacy Issues in Online Social
Networks
Autonomy is important because:
humans need to feel that they are in control of their destiny.
The less personal information people have about an individual, the more
autonomous that individual can be, especially in decision making.
People challenge one’s autonomy depending on the quantity, quality, and value of
information they have about that individual.
People usually tend to establish relationships and associations with
individuals and groups that will respect their personal autonomy ,
especially in decision making.
Personal identity is a valuable source of information.
Unfortunately, with rapid advances in technology, especially computer and
telecommunication technologies, it has become increasingly difficult to protect
personal identity.
Privacy Issues in OSNs
Privacy can be violated, anywhere including in online social network
communities:
through intrusion , misuse of information, interception of information, and
information matching.
In online communities, intrusion, as an invasion of privacy, is a
wrongful entry, or acquiring of information or data belonging to other
members of the online social network community.
While online, we inevitably give our information to whomever asks
for it to obtain services.
Ther