panel

Towards an ethical code for information security?

Authors:

Steven J. Greenwald,

Richard ThiemeAuthors Info & Claims

NSPW '08: Proceedings of the 2008 New Security Paradigms Workshop

Pages 75 - 87

https://doi.org/10.1145/1595676.1595689

Published: 22 September 2008 Publication History

Abstract

Most computer scientists reflexively reject the idea of a malicious universe due to its conflict with the dominant scientific paradigm of a non-teleological impartially disinterested universe. While computer scientists might not view the universe as benign, neither do they view the universe as actively hostile. In addition, most scientist would take the view that a teleological universe equals paradigmatic heresy.

To this we say: feh!.

Outsiders call us "paranoid," but any sensible member of our field knows for a fact that the information security universe does act maliciously.

Our universe really does try to cause us harm.

Two of us (Snow and Greenwald) have recently given some thought to ethical notions in a somewhat related field; we realized that due to the paradigm-conflicting presence of a malicious universe, we may need a specialized code of ethics for the computer security field. We therefore assembled a group of experts with different viewpoints on this subject for a New Security Paradigms Workshop panel. We felt that NSPWwould provide the perfect venue to discuss this radical concept.

We gave the panel the charge of considering the mere notion of a specialized code of ethics for the field of cybersecurity. Do we really need or want a specialized code of ethics? We therefore had no interest, at least for the purposes of this panel, with the possible contents of such a specialized ethical code.

Our panelist positions run the gamut from "We desperately need a strong code of ethics" to "A specialized ethical code would cause great harm." Along with our positions, we report on the feedback we received from the NSPWprocess and what we learned.

References

[1]

ACM Council. ACM code of ethics and professional conduct, October 1992. http://www.acm.org/about/code-of-ethics.

[2]

AMS Council's Special Advisory Committee on Professional Ethics. Ethical guidelines of the american mathematical society, January 2005. http://www.ams.org/secretary/ethics.html.

[3]

S.M. Bellovin, M. Blaze, W. Diffie, S. Landau, P.G. Neumann, and J. Rexford. Risking communications security: Potential hazards of the protect america act. IEEE Security&Privacy, 6(1):24--33, January/February 2008. Available at http://www.crypto.com/papers/paa-ieee.pdf.

Digital Library

[4]

T. Bynum. A very short history of computer ethics. In J. Dorbolo, editor, American Philosophical Association's Newsletter on Philosophy and Computing, volume 99, pages 163--165, Newark, Delaware, USA, Spring 2000. The American Philosophical Association, University of Delaware. Available at http://www.apaonline.org/publications/newsletters/v99n2_Computers_05.aspx.

[5]

H. Celine. Celine's laws of chaos, discord, and confusion. In R. Wilson, editor, The Illuminati Papers, pages 118--125, Berkeley, California, 1997.

[6]

P. Davis. Codes of ethics and their limitations. SIAM News, 40(9), November 2007. Book Review of Computer Ethics: A Global Perspective by Stamatellos, G.

[7]

J. Diamond. Collapse : How Societies Choose to Fail or Succeed. Penguin, December 2005.

[8]

K. Dukier. Ensuring (and insuring?) critical information infrastructure protection. In 2005 Rueschlikon Conference on Information Policy. The Rueschlikon Conference, September 2005.

[9]

R. Ford and S. Gordon. Cent, five cent, ten cent, dollar: hitting botnets where it really hurts. In NSPW '06: Proceedings of the 2006 workshop on New security paradigms, pages 3--10, New York, NY, USA, 2007. ACM.

Digital Library

[10]

S. Greenwald, K. Olthoff, V. Raskin, and W. Ruch. The user non-acceptance paradigm: Infosec's dirty little secret. In Proceedings of the 2004 New Security Paradigms Workshop, pages 35--43, Nova Scotia, Canada, September 2004.

Digital Library

[11]

K. Górniak-Kocikowska. The computer revolution and the problem of global ethics. Science and Engineering Ethics, 2(2):177--190, June 1996.

[12]

D. Halperin, T.S. Heydt-Benjamin, B. Ransford, S.S. Clark, B. Defend, W. Morgan, K. Fu, T. Kohno, and W.H. Maisel. Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero-power defenses. In Proceedings of the 29th Annual IEEE Symposium on Security and Privacy, May 2008. Outstanding Paper Award.

Digital Library

[13]

IEEE Board of Directors. IEEE Code of Ethics, February 2006. http://www.ieee.org/portal/pages/iportals/aboutus/ethics/code.html.

[14]

(ISC)². Code of Ethics, 1998-2008. https://www.isc2.org/cgi-bin/content.cgi?category=12l.

[15]

T. Kuhn. The Structure of Scientific Revolutions. University of Chicago Press, 1970.

[16]

N. Machiavelli. The Prince. 1515.

[17]

Marquis de Sade. Justine (Les infortunes de la vertu). 1791.

[18]

Rabbi Yosef Karo of Safed. Shulchan Aruch. Yoreh De'ah, Chapter 6, Mixing Meat With Milk, ca. 1560. Available from http://www.torah.org/advanced/shulchan-aruch/classes/chapter6.html.

[19]

G. Shaw. Annajanska, the Bolshevik Empress. 1917.

[20]

N. Weiner. Cybernetics: or Control and Communication in the Animal and the Machine. Technology Press, New York, New York, 1948.

[21]

N. Weiner. The Human Use of Human Beings: Cybernetics and Society, Second Edition Revised. Doubleday Anchor, Garden City, New York, 1954. This later edition appears better and more complete from a computer ethics point of view.

[22]

A. Whitehead. Symbolism: Its Meaning and Effect. Fordham University Press, 1927.

[23]

L. Winner. Who will we be in cyberspace? The Network Observer, 2(9), September 1995.

Cited By

Chukuka BLocasto MAlphonce CTims JCaspersen MEdwards S(2016)A Survey of Ethical Agreements in Information Security CoursesProceedings of the 47th ACM Technical Symposium on Computing Science Education10.1145/2839509.2844580(479-484)Online publication date: 17-Feb-2016
https://dl.acm.org/doi/10.1145/2839509.2844580
Greenwald S(2009)High Assurance Digital ForensicsProceedings of the 2009 Fourth International IEEE Workshop on Systematic Approaches to Digital Forensic Engineering10.1109/SADFE.2009.17(54-61)Online publication date: 21-May-2009
https://dl.acm.org/doi/10.1109/SADFE.2009.17

Recommendations

From ethics washing to ethics bashing: a view on tech ethics from within moral philosophy
FAT* '20: Proceedings of the 2020 Conference on Fairness, Accountability, and Transparency

The word 'ethics' is under siege in technology policy circles. Weaponized in support of deregulation, self-regulation or handsoff governance, "ethics" is increasingly identified with technology companies' self-regulatory efforts and with shallow ...
Moral luck and computer ethics: Gauguin in cyberspace

I argue that the problem of `moral luck' is an unjustly neglected topic within Computer Ethics. This is unfortunate given that the very nature of computer technology, its `logical malleability', leads to ever greater levels of complexity, unreliability ...
From information security to cyber security

The term cyber security is often used interchangeably with the term information security. This paper argues that, although there is a substantial overlap between cyber security and information security, these two concepts are not totally analogous. ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

NSPW '08: Proceedings of the 2008 New Security Paradigms Workshop

August 2009

144 pages

ISBN:9781605583419

DOI:10.1145/1595676

General Chairs:
Matt Bishop
University of California, Davis, USA
,
Christian W. Probst
Technical University of Denmark, Denmark
,
Program Chairs:
Angelos Keromytis
Columbia University, USA
,
Anil Somayaji
Carleton University, Canada

Copyright © 2008 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

ACM: Association for Computing Machinery

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 September 2008

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Panel

Conference

NSPW '08

Sponsor:

ACM

NSPW '08: 2008 New Security Paradigms Workshop

September 22 - 25, 2008

California, Lake Tahoe, USA

Acceptance Rates

Overall Acceptance Rate 98 of 265 submissions, 37%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
1,108
Total Downloads

Downloads (Last 12 months)13
Downloads (Last 6 weeks)3

Reflects downloads up to 22 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Chukuka BLocasto MAlphonce CTims JCaspersen MEdwards S(2016)A Survey of Ethical Agreements in Information Security CoursesProceedings of the 47th ACM Technical Symposium on Computing Science Education10.1145/2839509.2844580(479-484)Online publication date: 17-Feb-2016
https://dl.acm.org/doi/10.1145/2839509.2844580
Greenwald S(2009)High Assurance Digital ForensicsProceedings of the 2009 Fourth International IEEE Workshop on Systematic Approaches to Digital Forensic Engineering10.1109/SADFE.2009.17(54-61)Online publication date: 21-May-2009
https://dl.acm.org/doi/10.1109/SADFE.2009.17

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten