Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd
Upload
34 views

Informatics: Lecture 11 - Legal & Ethical Issues

This document discusses several current legal and ethical issues related to informatics including: 1) The case of Gary McKinnon who was accused of hacking into US military computers but did not break any UK laws and whether he should be extradited. 2) Adrian Smith who was demoted for opinions expressed on his private Facebook page and subsequently won a case against his employer. 3) Questions around who owns individuals' data collected by corporations and governments and how accessible, private and secure this data is. 4) Issues of cyberbullying, cyberstalking, and libel online between individuals. 5) The challenges of cyber warfare between governments including malware implantation and questions over what constitutes an act of

Uploaded by

Colin
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
34 views

Informatics: Lecture 11 - Legal & Ethical Issues

This document discusses several current legal and ethical issues related to informatics including: 1) The case of Gary McKinnon who was accused of hacking into US military computers but did not break any UK laws and whether he should be extradited. 2) Adrian Smith who was demoted for opinions expressed on his private Facebook page and subsequently won a case against his employer. 3) Questions around who owns individuals' data collected by corporations and governments and how accessible, private and secure this data is. 4) Issues of cyberbullying, cyberstalking, and libel online between individuals. 5) The challenges of cyber warfare between governments including malware implantation and questions over what constitutes an act of

Uploaded by

Colin
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 30

Informatics

Lecture 11 Legal & Ethical Issues

Introduction
Some legal aspects of Informatics
have been dealt with in another
module for example:
Data Protection
Freedom of Information
Regulation of Investigating Powers
Computer Misuse

Introduction
This lecture will therefore focus
more on the current issues in terms
of the law and ethics
Fortunately there is always plenty of
material to choose from

Current Issues
Should Gary
MacKinnon be
extradited to the
US even though he
has not broken
any UK law?

Current topics
Lord McAlpine sued
people who tweeted
allegations about him
that are untrue. He
also asked Google to
remove links that
point to the false
allegations

Current topics
Adrian Smith was demoted because
of opinions that he voiced on his
private Facebook pages concerned
with gay marriage. He won an action
against his employer.

Current topics
There are reports of Wikipedia
entries being altered by
organisations to improve their image
Some large retailers are now
offering to give their customers easy
access to the data that they hold
about them

Themes
There is potentially so much to
consider that we must try organise
the material in some way:
Corporate/Individual
Government/Individual
Individual/Individual
Government/Government

Corporate/Individual
Companies now hold a lot of
information about us through our
normal daily activities and it is
increasingly common for this data to
be shared and mined by the
organisations for business
intelligence

Corporate/Individual
Shopping routine and major
purchases
Banking/Credit cards
Entertainment TV habits etc.
Travel routine and holidays
Insurance life/car/house/etc.
Utilities etc. etc.

Corporate/Individual
Plus of course our online activities:
Facebook/Twitter/Flickr etc.
Email
Browsing
Texts
Phone calls
Etc. etc.

Corporate/Individual
Some obvious questions arise:
Who owns this data
How easy is it to access and check
What if its wrong
Who else can access this data
governments? (e.g. to spot that
you are buying the ingredients for
a bomb)

Corporate/Individual
Of course the
individual can fight
back and groups can
form to campaign
against injustices
arising from
corporate power hactivism

Corporate/Individual
Unfortunately hacktivist groups such
as Anonymous have no way of
policing themselves and they are the
judge of what is deemed suitable
action or where to attribute blame
the case of Amanda Todd is an
example.

Government/Individual
Of course our local and national
government holds a huge amount of
data about us:
Births/Deaths/Marriages
Schooling
Census (every 10 years)
Employment income tax and NI

Government/Individual
National Health Service records
Driving license and car tax
Council tax
Voting registration
Jury service
Police records
CCTV and Traffic Master

Government/Individual
ISP data
Passport control and travel
Surveillance data obtained with a
court order (by seemingly almost
anyone)
Employment if relevant e.g.
military or police or civil service

Government/Individual
Again many questions arise from
this:
Who owns the data
Is it accessible to you
What if its wrong
Do the different sources get shared
Is the data sold..

Individual/Individual
Within this category there are
obviously a number of potential
aspects to consider:
Libel on Twitter, Facebook, blogs
etc.
Cyber bullying
Cyber stalking

Individual/Individual
Libel it is increasingly obvious
that people do not regard online
activities as being subject to the
law. For this reason people are
committing libel on Facebook and
Twitter as we have seen.

Individual/Individual
Cyber bullying telling lies,
offensive or distressing language.
Uploading photos or fakes. Once
again people often behave very
differently online. This problem is
becoming increasingly serious and
governments are taking steps to
deal with it.

Individual/Individual
Cyber stalking the online
equivalent of the conventional
problem. Can involve a wide range
of actions which in themselves are
not illegal but escalation is the
usual outcome unless action is
taken

Government/Government
We are dealing here in effect with
Cyber Warfare
Cyber War Richard A Clarke

Government/Government
It is now perfectly feasible, with
nation-scale resources, to implant
dormant malware into control and
supervisory systems (SCADA).
In this way the infrastructure of an
entire country can be compromised
on command:

Government/Government
Electricity grid
Communications
Water distribution
Food distribution
Air traffic control
Road haulage
Shipping and ports

Government/Government
Financial systems and banking
Media broadcasts
Broadband networks
Radar defence systems
Sewage
Flood defences
Weather networks

Government/Government
We already have evidence of the
capability (Stuxnet and Flame) and
we assume that the malware has
already been implanted in many
systems in many countries:
Worst effect = EU and US
Least effect = N. Korea and China

Government/Government
This situation raises many ethical
and political problems which are
only now being addressed:
Is it an act of war to activate the
malware
Is it an act of war to implant but
not activate the malware

Government/Government
Is it an act of war to have someone in the
target country ready to implant the
malware
What is regarded as an appropriate
response to an act of cyber war a kinetic
war?
What is regarded as an appropriate action
to defend oneself destroy the malware in
the attacking country before its deployed?

Government/Government
What is the cyber war equivalent
of a peace treaty or ceasefire
What is the cyber war equivalent
of a Strategic Arms Limitation
Treaty (count the viruses?)
Etc. etc.

You might also like