Home Page
Site Contents

Ethical Computing

By Sarah Gordon
E-mail:[email protected]

This article was first prepared for the Summer, 1995 issue of the Command Software Systems Newsletter. © Copyright 1995, Command Software Systems. This document may not be reproduced in whole or in part, stored on any electronic information system, or otherwise be made available without prior express written consent of Command Software Systems, Inc.

Why should you, the corporate MIS director, be concerned with ethics? Unethical acts like piracy, misappropriation of company resources and theft of proprietary data are the obvious reasons. They can cost your company money. Less obvious are the reasons you should be concerned with ethics in computing for people who aren't your employees. We are talking about computing ethics for children. Yes, children.

Why is there a need for a new type of ethics for children? Aren't children already taught ethics from an early age? This is true; we teach them not to steal classmates' books or peek over their shoulders at test time. But today's children work with computers and email. They download files from networks and copy them from each others' disks. When is copying proper? When is it not? We adults are still working out rules for acceptable behavior in these things; how can we expect our children to know?

Destruction of property is not as easy to define, because property itself is not that easy to define anymore. It has always been wrong to steal a piece of candy. What constitutes stealing computer code or computer time? How many young people do you think know the answer to this question? Do we practice what we preach?

Most developers of the new technologies probably did not have hacking, phreaking and virus writing in mind as uses for their creations. What has happened to cause the proliferation of these activities? One reason is thought to be the speed with which the technology has developed. Other technologies have had time to develop ethical models which benefit the society while utilizing the technology. People were able to keep in touch with the developments of the technology and society could mirror the slowly developing paradigms associated with the technology. With computing, however, its not so simple. Many parents don't understand what their children are learning, or the implications of the knowledge. It is thought by many that one of the main ways children learn is by their parents' examples. It follows if they have no, or limited exposure to how to use computers responsibly from their primary care givers, they are not learning responsible behaviour. Its not that they are learning irresponsible behaviour. Its that they are learning nothing. When the new situations then arise in the course of their daily activities they have to decide for themselves what is "right", what is ethical. On what do they base the decisions?

Knowledge is good. Learning how to use it to benefit society is good. Developing ethical models which enable children to grow up learning to use technologies responsibly is good. Now, educators are taking a serious look at activities like virus writing, and asking some serious questions. This is also good, and very important. We can't sit idly by and expect our children to figure out for themselves what is right and wrong, with little or no guidance from us until they reach high school or college age. Considering the power of the technology, and the increasingly early ages at which children are exposed to this power, we must begin to instill good computing values and habits now so that they can learn to make ethical decisions. In the long run, it will benefit everyone. If we don't do it, we will all suffer.

My research on virus writers illustrated there is nothing to indicate that young people who write viruses are "unethical people". To the contrary, they exhibit well within the norms for their age groups. How then can we explain their anti-social behaviours? They themselves state they simply did not realise how wrong it was. They did not associate their computer programs with actual damage or loss. More than one has stated "IF" he had known that it was really affecting real people, he never would have done it.

About the Author

Sarah Gordon's work in various areas of IT Security can be found profiled in various publications including the New York Times, Computer Security Journal and Virus Bulletin. She is a frequent speaker at such diverse conferences as those sponsored by NSA/NIST/NCSC and DEFCON. Recently appointed to the Wildlist Board of Directors, she is actively involved in the development of anti-virus software test criteria and methods. She may be reached as [email protected]