Posted at 10.14.2018
This assignment I based after an article published online on the 15th of May 2009 by popular computing Magazine PC Pro (see appendix A). This article discussed Gary McKinnon who has been accused of hacking lots of USA (US) NASA, Army, Navy, Section of Defence, and Air Force systems. His US prosecutors insist he was performing with malicious intention and that he caused damage well worth over $700, 000. McKinnon denies operating with malicious objective or that he triggered that much damage, citing that his drive was to search for evidence of hidden knowledge free gas, anti-gravity and UFO technology. McKinnon has stated that the network security was weak and he could gain access anticipated to network administrators failing woefully to use secure passwords on high level administrative accounts. Once inside, McKinnon used readily available software called RemotelyAnywhere to take control of machines. The research study recognizes that his search became an habit which got over his life.
The Gary McKinnon case sprung to the news in 2001, the press frenzy surrounding the truth would support the tagline of 'the biggest armed forces hack of all time'. The situation has been open for over nine years now and the finish is not yet in sight; indicating that the legalities within the situation are both sophisticated and by no means, easy to dissever. The extensive and drawn-out press coverage increases the complexity of the problems surrounding the truth.
This case study has been chosen firstly as it protects an extremely current concern in hacking. It could seem that hacking instances would only upsurge in the future as more nations cross the digital divide. Electronic crime is difficult to authorities and further problems occur out of international offences. The type of electronic communication and the removal of physical restrictions provide complexities in electronic digital criminal offense and the control of borderless technology. This case study has been chosen as it is particularly exposed to honest questioning as laws does not adequately resolve this case.
This case study has been chosen for honest and legal analysis not just for the high profile. Numerous stars can be discovered in this case to give a solid base to apply a pragmatic research of honest issues though the direction of honest frameworks. Primary celebrities in this case are determined as the Gary McKinnon and the network administrators in charge of security. Secondary stars have been discovered as the designers of RemotelyAnywhere, the program which allowed McKinnon to regulate machines so easily and the US military who were the owners of the networks and data stored there. In the same way, these actors provide a basis to identify legal issues natural within the research study. You will discover sufficient recommendations to argue that laws and regulations have been busted by both major actors in cases like this.
Technology strides on through the digital era where in fact the other aspect of the world is obtainable at our fingertips and only four billion IP addresses aren't fulfilling needs. Because of this, it cannot be helped but to believe that hacking cases is only going to increase in scale and/or frequency and perhaps the Gary McKinnon case will be surpassed in the foreseeable future.
At first look this case appears to be a typical hacking case, where the person committing the offence is behaving for simply personal reasons to commit fraud or elsewhere take something isn't theirs to have. However this circumstance differs in that there is no reason to think that McKinnon was acting with the intent to take anything which was not his or to gain any personal gain from his activities. Celebrities objecting to McKinnon's activities are those who were accountable for the security of the network and the ones who held the network.
Modern day normative ethical frameworks are broadly divided into two. Deontology, predicated on moral motive and source, and conversely Teleology which is centred throughout the output and final result.
Teleology is the philosophical position an action may be critiqued founded upon its effects. It is commonly thought of with the view that the finish may justify the means (Edgar, 2002; Bynum and Rogerson, 2006; Weckert, 2007), therefore teleological frameworks are concerned with the outcome associated with an action. Utilitarianism is a kind of teleological theory, which emphasises that the outcome is important rather than the intentions of an individual. Its main theory is specifically to get to maximise pleasure through effects (Spinello, 1995). It therefore boasts an action may be judged based wholly after its usefulness in bringing about pleasure. Speaking on utilitarianism it was detected by Velasquez (1992) that
"the theory assumes all benefits and costs of the action can be assessed on a common numerical level of moral calculus" (p. 61). To what constitutes happiness and its worth would typically depend upon the average person critiquing the action. For example McKinnon may dispute that his delight in doing this for so long was far greater than the unhappiness triggered for the government who has lots of money and resources, yet the utilitarian frame work aims to maximise the ". . . very best happiness of all those whose interest is involved. " (Lyons, 2003 p. 27). So everyone influenced must come into consideration, this includes: the network administrators, the US government, McKinnon and the creators of RemotelyAnywhere. It could be argued that McKinnon was attempting to maximise pleasure by uncovering hidden knowledge technologies. However a utilitarian construction is only worried about the happiness actually caused because of this from an action (Spinello, 1995) alternatively than intention.
Whilst McKinnon is the primary actor and the key benefiter, in the article he is quoted as expressing "I believe I wanted to be found, since it was ruining me" (Turton, 2009). This indicates that McKinnon's joy was short lived and because of this produced unhappiness from him quitting his job and breaking up with his girlfriend. The creators of the program RemotelyAnywhere subsequently had much publicity, however this is predominantly negative promotion as their software was used to commit crime. A small advantage may be that those wishing to commit criminal offenses, would buy their software more, even if this isn't its intended purpose. A great deal of unhappiness would come from the owners of the network, the US government. The break-in has brought on a large amount of embarrassment for the government, intensified by the statements that the security was vulnerable. Even if the allegations that McKinnon intentionally caused destruction are untrue, the price tag on finding, monitoring and fixing the break-in may be more costly than the actual criminal offense (Baase, 2003). This may be gauged both in terms of money and time.
Utilitarian ethics assumed enjoyment can be somehow determined. An action can be deemed correct if the total good minus the total bad is higher than that of an alternative (Sinnott-Armstrong, 2006). It really is emphasised that the pleasure is calculated established upon everyone who would be damaged by the action. This is reverse to egoism, which is merely worried about the joy of the average person starting the action (Johnson, 2001; Spinello, 1995). Established upon egoism, McKinnon's actions are justified as he was performing purely for his own satisfaction with disregard for anyone else. However as he was caught, the sentence he will most likely receive may outweigh his current contentment.
In weighing up the nice verses the bad outcomes of your action, the differentiation must be produced between 'work utilitarians and 'guideline utilitarians'. Baase (2003) gives the explanation that "rule utilitarianism, can be applied the utility basic principle not to individual actions but to general ethical guidelines. " (p. 406). In evaluating this case study, it would be difficult to concur that computer hacking is always alright, as this is an invasion of personal privacy therefore creates much unhappiness. However an argument for making use of this in most cases may be given, as hacking large, private and ungoverned organisations such as the army navy or NASA would ultimately lead to them being more truthful and open about things. Being genuine and stimulating others to be truthful is something a rule utilitarian would definitely trust. This argument is of course independent of the allegations that McKinnon caused harm in his clear seek out secrets. The permanent effects, in rule utillitarian's perspective, could be that hacking prestigious governmental networks could cause panic amongst other network administrators or individuals which wish to have their data kept secure. It might likely lead those accountable in this case to reduce their jobs. Understanding that data is not private and may be scrutinised can result in individuals acting in another way than they would in any other case; perhaps to the scope that inhibits them from doing their job as well as they in any other case would (Johnson, 2001). Allowing hacking to be justified in every cases may even lead to questioning if electronic data can be maintained securely at all! Alternatively, acquired McKinnon uncovered evidence of UFO technology, the pleasure generated would perhaps be greater than unhappiness, and may then be justifiable.
Rule utilitarianism does not foresee the inherent complications in predicting the results of every work of computer hacking, therefore it is difficult to apply from a functional perspective. Although it might be idealist to summarize that this is would only be suited to a hindsight analysis, a rule utilitarian would demand all other instances come into consideration. This is unrealistic and inherently flawed.
Act utilitarianism is only concerned with the existing action under scrutiny. In making use of this to the present case study it was assumed by McKinnon that the producing happiness would much outweigh that of unhappiness. However Johnson (2001) shows that in making decisions on current actions, the norm or general guidelines may only be "abandoned in situations where it is clear more contentment will derive from breaking them. " (p. 40). McKinnon acknowledges in the event that he gained little in proof UFO activity. It is presented that his inspiration was to "prove the US was withholding information on systems including anti-gravity propulsion and free energy" (Turton, 2009). However, McKinnon alluded to his friends that he had found little or no research. Bynum and Rogerson (2006) agree that in a utilitarian framework "The risk and probabilities rely also" (p. 72). As McKinnon says that there was little previous evidence of UFO technology then surely regarding to a rule utilitarian he shouldn't have ignored the general rule as it was not clear that his actions would cause greater general happiness, consequently it didn't.
It is identified in the event that McKinnon was only in a position to access the network due to the action of network administrators in departing accounts without passwords. The activities of the network administrators would appear unethical under a utilitarian framework when contemplating the alterative of arranging a strong password, which could have had a far more desirable result. Whilst it was not known in this case study if setting passwords could have refused McKinnon unauthorised gain access to, the chance of not preparing passwords, as recognized by Bynum and Rogerson (2006), would have been extremely high, and the possibility that someone would eventually exploit this also high. Whilst chances are that this problem was made due to carelessness rather than a conscious decision, the assumption is made that was an action that might have been averted. However this neglectfulness will not automatically justify unauthorised access, under the utilitarian framework the total pleasure must be weighed against unhappiness. The contentment produced by this negligent behavior would mainly be for network administrators who would have had the opportunity to get on machines without having to type passwords. Delight could have been directed at potential hackers too who have been more easily in a position to gain access to the network. Despite the fact that allowing hackers in might not have been meant, a utilitarian framework is purely concerned with results (Baase, 2003; Bynum and Rogerson, 2006; Spafford, 2006; Sinnott-Armstrong, 2006). As all afflicted individuals are judged identical (Bynum and Rogerson, 2006) the enjoyment of terrorists or other hackers must count as a good consequence: "No matter a person's station in life, each individual is matters the same when the huge benefits and harms are added up" (Bynum and Rogerson, p. 71). Otherwise the government may dispute that the unhappiness was much larger from McKinnon's activities due to the number of men and women that would have been influenced by shutting down a network of pcs. To adopt this stance the long term view must be disregard, that McKinnon's action highlighted a significant security flaw that might have been exploited by a far more astute hacker. To delve even deeper in to the realm of possibilities, by McKinnon hacking and getting trapped at this juncture, he can have removed any chance of someone having the ability to hack US federal computers ever again, perhaps at a time when hacking US personal computers would allow an incredible number of lives to be kept.
A common criticism of the utilitarian construction is the assumption that huge unhappiness could be justified upon one person for the sake of ten others. This discussion could be countered by forcing the acknowledgement of long term implications as well as the short term consequences (Johnson, 2001). For example, the research study (appendix A) must try and foresee the permanent ramifications of the action. Nearly all these long term results are known as the action was committed back in 2001. Nether the less the anonymous unknowns greatly limit the reasoning behind making a decision on utilitarian ideas. Even if it's believed all the alternatives, repercussions and everything individuals which is affected by the results have been identified, how do these be confirmed? A posteriori knowledge may be useful in identifying these, that is, a decision that is arrived at following the event or perhaps through the use of what has occurred before. A big issue arising from utilitarianism is the fact that without the good thing about hindsight, it is difficult to apply practical reasoning to identify the outcome of an action.
Deontology was first coined by C. D. Broad when he used it in a term to compare that of Teleological theories based on result. However, a deontological approach could be best personified by the earlier work of Immanuel Kant (1785) in stating "The moral worth of an action will not lie in the effect expected from it" (p. 13). Deontologists claim the morality of a disagreement is based completely on intentions of your respective actions.
Immanuel Kant is often provided as the excellent example of a deontologist (Baase, 2003). Kantian ethics argues that it is not the result that makes an action right or incorrect; it's the intentions of the individual undertaking the action. Kant (1785) argues that "It is not necessary that whilst I live I live gladly; but it's important that so long as I live I will live honourably. " (p. 13). This declaration suggests that upon making an honourable decision, this will be the correct move to make and therefore Kant must believe that this will probably have good consequences. Deciding upon what is 'honourable' and for that reason what would be the right move to make, is basically dictated by law. However other influences will come from upbringing, communal characteristics or spiritual beliefs; for example, McKinnon might have been affected by his own backdrop in opinion of UFOs. It would appear that McKinnons belief in UFOs influenced his actions.
McKinnon hacked armed service machines in order to discover key UFO technology, which seems to maintain turmoil with a deontological framework as he is using the action as only means to an end. However, as Johnson (2001) points out, a deontological framework dictates a decision is not used as simply a means to an end; it could be justified if that end is moral. In applying this to the present research study we can explain that the outcome was to find hidden UFO technology; McKinnon's means of doing this is through hacking. Despite the fact that McKinnon state governments he did not plan to cause harm, but simply look. This perhaps is justifiable if the outcome was intended to supply the world knowledge of these systems. The obstacle in cases like this is the fact McKinnon did not have authorisation to do this. Alternatively if the US Government had decided that McKinnon may hack their computer system on the condition of not triggering any damage and just to look, this would have been entirely ethical on accordance to a deontological platform. It is difficulty to determine McKinnon's intention as he did not appear to find such proof and secondly because he was found. Kant's specific category of deontology states "I will never respond except so that I'm also able to will that my maxim should become universal legislation" (p. 14). This again is similar to that of a guideline utilitarian, for the reason that if an action can't be justified on every occasion, if is unethical.
In departing admin accounts without passwords, the professionalism of network administrators may certainly be put into question, yet it is difficult to recognize a purpose behind doing this. The key issue driving a vehicle deontological ethics is the notion of motives. There does not appear to be a motive being this step just carelessness. Johnson describes negligence as "failing to take action that a acceptable and wise person would have done" (Johnson, 2001 p. 184). Johnson's classification quite adequately represents the machine administrators who may have been responsible for leaving high level administrative accounts without adequate security. Therefore under a deontological platform, the activities of the network administrators was unethical.
Apposition to Kantian ethics is basically twofold. First of all, that Kant's idea is grounded over a universal work or maxim that may be accepted over the panel, which begs the question of what should be honored if an action divides two moral maxims. In hacking military machines, McKinnon can only just be acting upon his personal responsibility to discover the reality about UFO living, but in doing so, ignored the duty to respect others' personal property. This highlights the second major issue with Kant's viewpoint, which is, which maxim should take top priority.
The ethical concepts specified by Kant rely upon the basis of moral absolutism. This is contrasted by the views of W. D Ross. Ross described seven primary or prima facie responsibilities:
Duty of beneficence: A obligation to help other people (increase pleasure, improve identity)
Duty of non-maleficence: A obligation to avoid harming other people.
Duty of justice: A work to ensure people get what they are worthy of.
Duty of self-improvement: A obligation to improve ourselves.
Duty of reparation: A work to recompense someone if you have acted wrongly towards them.
Duty of gratitude: A work to benefit individuals who have benefited us.
Duty of promise-keeping: A responsibility to act matching to explicit and implicit offers, including the implicit promise to be honest. (Johnson, 2001)
Ross identifies these as common obligations (but in no way definite) to be upheld whatever the situation. For example the work of promise-keeping may be dismissed for the duty of beneficence. In light of Ross's deviation of deontological ethics, McKinnon's hacking of armed service machines may only be justified under the reason that he was operating after his personal duty to discover the reality about UFO existence (the work of beneficence). However in doing so, ignoring the work to respect other's personal property (the work of non-maleficence). The predominant issue with making use of a deontological framework is discovering the intent of any action, this is also relatively marred by the actual fact that McKinnon has not yet been recharged. McKinnon's truthfulness may be contested because he is bias; he'd likely say anything to get out of facing a possible extradition and prison sentence. You will find suggestions brought forwards from his prosecutors that demand McKinnon brought on $700, 000 price of damage. The results of his action are disregarded under this framework (Kant, 1785), yet this may claim that his intentions were not only to find UFO technology. McKinnon's activities wouldn't normally be justifiable if his intentions were to cause damage. If it can be assumed that McKinnon's actions were and then search for research a deontological framework would dictate this is ethically justifiable. However, if Kants view is taken into account then is cannot be judged that hacking to find secret technologies is universally justified.
Virtue ethics dates back to the ancient Greek philosopher Aristotle. Aristotle presumed in brilliance in human character though upholding virtues (Tavani, 2007; Bynum and Rogerson, 2006). Virtues promote positive figure even though list is quite long, such virtues include: responsibility, reliability, self-discipline, modesty, courage and integrity (Bynum and Rogerson, 2006; Johnson, 2001). Whereas utilitarian and deontological frameworks are centred on guidelines to apply, virtue ethics is about building moral persona.
In this research study McKinnon displays dishonesty by hacking the network without permission. As "virtue ethics ignores the special roles of consequences, duties and social agreements" (Tavani, 2007 p. 65) therefore McKinnon and the government must be observed as equals. This exposes McKinnon for performing without due consideration of his actions, and perhaps even foolhardiness to continue breaking in without authorization. Perhaps McKinnon could be seen as courageous for hacking such a robust establishment, yet acknowledging the tasks of the two actors (ibid) gets rid of any hierarchy between your two. The case study beings to light accusations that McKinnon kept threatening information on desktops such as: 'I am SOLO. I will continue to disrupt at the best levels'. Threatening behavior is not considered virtuous in Aristolean ideas. Presumably when McKinnon downloaded RemotelyAnywhere, there would have been a finish consumer licence that he'd have to agree to before he could use the software. This contract dictates that the software be used because of its intended purpose. McKinnon has confirmed dishonesty by disobeying this and using the software for hacking. Esteem and quality is an integral thought in virtue ethics (Bynum and Rogerson, 2006).
The network administrators in cases like this study would not have acted responsibly or with integrity as it is alleged that they failed to take basic options to guarantee the network stayed secure. THE UNITED STATES military who is the owner of the network and data organised on it, although not directly responsible, would not display trustworthiness as they are hacked at the same time when they must have been on high alert.
Johnson (2001) identified that in a rights-based framework "the categorical imperative requires that each person be treated as a finish in himself or herself" (p. 47). This declaration exemplifies the normal parallels between deontological and rights-based ethics.
Rights are seriously intertwined with law. Including the Data Protection Function gives individuals the right to know very well what information is being kept on them. Yet no matter law, some philosophers argued that humans own some natural inherent rights. These rights can be seen as general or human rights including the to life; Spinello (1995) provides example of how these protection under the law are general in saying "everyone equally stocks the to free speech regardless of nationality or position in modern culture" (p. 31). Natural or common rights derive from the type of mankind (Baase, 2003). Under rights-based ethics, legal rights come second to natural privileges. The principles of rights based mostly ethics act like the basic principle for nonmaleficence. Baase (2003) claims that, under rights established ethics an function is "likely to be honest if they involve voluntary connections and freely made exchanges, where celebrations aren't coerced or deceived. " (p. 407). In the case study there may be evidence which suggests that the exchange of data had not been done voluntarily. Therefore the action of McKinnon can't be justified on that theory.
Natural or human rights have emerged as natural and must be reputed; this implies an individual gets the right never to be interfered with (Johnson, 2001). Therefore the right to privacy is not reduced by the indegent security viewed within the case study. Even though the network administrators didn't arranged passwords, this does not automatically negate the right never to be interfered with. Similarly if someone forgets to lock their car this does not give someone else the to take the automobile. Lax security would not subject if the right to privacy was upheld.
The variation between positive and negative rights must be given in making use of a rights-based moral framework to this case study. A poor right will free an acting professional from outside treatment, whereas a good right would supply the actor whatever is required to fulfil an interest (Spinello, 1995). Negative protection under the law are a lot more common than positive privileges as it is difficult to get the line concerning in which a positive right is limited. Johnson (2001) highlighted that whereas duty-based ethics is largely seen a deontological framework, it could be produced from a utilitarian key points on occasion. From a utilitarian point of view, searching for the greatest delight, Mill argued that intellectual pleasure was higher than sensual (Spinello, 1995). Based on this, it could be argued that McKinnon might have been over exerting his right to further inform himself, but intellectual enjoyment is higher in Mills make of teleology, so his activities would be justified. Rights-based ethics derived from intent would claim that McKinnon has gone against the legal right prohibiting him from unauthorised usage of the network and that he in addition has gone from the moral to respect others' level of privacy. From a rights-based ethical framework, moral rights take prescience over other tasks or action people might have (Baase, 2003) therefore McKinnons actiosn can't be justified.
In applying ethical frameworks to any case study, personal morals are closely intertwined. Legislations often overrides these morals. For instance, ownership of what someone creates may be negated to that of the company which see your face works for if that is at their conditions of employment. Otherwise something which is viewed as ethically acceptable may also be illegal. At the minimum, law influences moral judgement.
There is a lot dispute over which country McKinnon should be tried out. In analysing legal issues natural within the case study it is firstly assumed that only UK laws apply to this case.
It is obvious within the case study that Gary McKinnon did not have authorization to access the US systems. Immediately this is at violation of the Computer Misuse Work 1990, which states an offence is devoted if:
"(a) he triggers a computer to perform any function with purpose to secure usage of any program or data kept in virtually any computer [or to enable any such access to be anchored] ;
(b) the gain access to he intends to secure [or to allow to be anchored, ] is unauthorised; and
(c) he has learned at the time when he causes the computer to perform the function that that is the case. " (Computer Misuse Take action 1990, 1990)
Clearly McKinnon was in breach of the Computer Misuse Take action 1990. The case study acknowledges that McKinnon does not have authorisation and that he designed to access data about the existence of UFO technology. The utmost sentence for unauthorised gain access to without intent to commit further offences is 5 years in prison. A more serious offence is dedicated when unauthorised gain access to is gained " with intention to impair, or with recklessness as to impairing, operation of computer, etc" (Computer Misuse Action 1990, 1990) this keeps a maximum imprisonment of a decade. It is undiscovered and incredibly difficult to determine what the goal of Gary McKinnon was; thus far there is no evidence to suggest he intended to commit further offences with the data he utilized. But claimed from his United States prosecutors show that he have intent to cause harm as he still left a message on machines proclaiming: "I am Single. I will continue to disrupt at the highest levels. " (Turton, 2009).
There are additional legalities in relation to protecting data kept on the network, and the professional requirements expected. It is indicated within the case that no private information was accessed. These details is distributed by the US Navy, which might be questioned as it would be to their gain to deny that any private information was accessed. The Data Protection Function (1998) dictates that the data controller must provide adequate security to safeguard private information (Data Protection Action 1998, 1998).
Failure to provide satisfactory security even though a major accident is no excuse as Cambridgeshire Region Council most recently found out (du Preez, 2011). A worker lost a storage stick by accident; however the storage area stick did not have encryption software installed as it should have when it covered sensitive data onto it. Likewise the network administrators didn't intend for McKinnon to access the network, yet they didn't provide security in the chance of this happening
As McKinnon was able to access personal computers easily due to lax security, chances are that the US and the network administrators would be in breach of this legislation.