Law vs. Morality in Computer Ethics Sonali Agrawal Abstract: --------- More and more cyber crimes are now done by teenagers. Studies show that 35% of the hacking attacks can be attributed to the age group of 14 to 23. Even though there are enough laws to govern the activities of users online, mere laws are not enough. It is right to have laws, but it is not the end of it. Laws just form the beginning phase of bringing an awareness of computer ethics. To bring about complete awareness of right computer behavior, we need to address the core of the issue - it is the morals that need to be changed. And never have laws been able to enforce morals. Looking at the increasing percentage of cyber crimes committed by youngsters, it is even more important to instill the appropriate morals in the new generation. This paper talks about the importance of setting the right computer ethics and morals and jump-starting these values in the young generation. Paper: ------ March 1998: Federal criminal charges were unsealed against a computer hacker who disabled a key telephone company computer servicing the Worcester airport. As a result of a series of commands sent from the hacker's personal computer, vital services to the FAA control tower were disabled for six hours. In the course of his hacking, the defendant also electronically broke into a pharmacy computer and copied patient records. Punishment: The teenager received two years' probation, during which he could not possess or use a modem or other means of remotely accessing a computer or computer network directly or indirectly. He also had to complete 250 hours of community service. In addition, he had been required to forfeit all of the computer equipment used during his criminal activity. September 2000: A 16-year-old from Miami pleaded guilty for illegally obtaining information from NASA computer networks. The juvenile, who was known on the Internet as "c0mrade" was responsible for intrusions into a military computer network used by the Defense Threat Reduction Agency (DTRA). In addition to the computer intrusions at DoD, he illegally accessed a total of 13 NASA computers located at the Marshall Space Flight Center, Huntsville, Ala.. As part of his unauthorized access, he obtained and downloaded proprietary software from NASA valued at approximately $1.7 million. The software supported the International Space Station's (ISS) physical environment, including control of the temperature and humidity within the living space. Punishment: He was sentenced to six months in a detention facility for two acts of juvenile delinquency. Under adult statutes, those acts would have been violations of federal wiretap and computer abuse laws for intercepting electronic communications on military computer networks. These are just two very recent cases of cyber crimes committed by very young hackers (Source: Archive of Cyber Crimes at http://www.cybercrime.gov). Studies reveal that youngsters in the age group of 14 to 23 account for 35% of the attacks of breaking into computer network systems illegally (As stated in U.S. News & Report, September 2000). And this percentage is steadily increasing, as are the cases of hacking attacks - not just in US, but all over the world. With the advancements in technology freedom, needs, and interests of the individual are threatened. Issues related to hacking, viruses, and restrictions on how to control the flow of information on the Internet, begin to arise. Since most of these issues are fairly new, laws and rules are now just starting to be implemented. Due to the lack of these rules in the computer field, crimes and abuses relating to this field have left people with an unlimited amount of freedom to do as they please. Lets talk about a couple of legal regulations related to cyber activities (Information taken from laws and policies stated at the government web site www.cybercrime.gov). The Computer Fraud and Abuse Act, first enacted in 1984, makes certain activities designed to access a "federal interest computer" illegal. These activities may range from knowingly accessing a computer without authorization or exceeding authorized access to the transmission of a harmful component of a program, information, code, or command. Consider also the NET (No Electronic Theft) Act that was signed into law by President Clinton in December 1997, making it illegal to reproduce or distribute copyrighted works, such as software programs and musical recordings, even if the defendant acts without a commercial purpose or for private financial gain. If the defendant reproduces or distributes 10 or more copyrighted works that have a total value of more than $2,500, he or she can be charged with a felony, and faces a sentence of up to 3 years imprisonment and a fine of up to $250,000. A defendant who reproduces or distributes one or more copies of copyrighted works with a value of more than $1,000 can be charged with a misdemeanor, and face up to one year in prison and a fine of up to $100,000. As we see, laws enforcing more strict rules for behaving on computer networks and laws defining what is legally wrong have started taking shape only a few years back, and can still be considered to be in their infant stage. But the advancements in computer technologies can and will not wait for laws to be established. The developments will continue, newer things will keep coming up. This means that just having laws and coming up with more refined laws is not enough to describe the computer or cyber ethics. It is the psychology of the people that finally needs to be affected and fine-tuned. Having stricter regulations definitely does play a very significant role, but the society needs more. We, the users of computer systems, owe the world of science something. And that "something" is where morals come in. Ten million children are already on the Internet, and that's four times as many as just a few years ago. In a short time, more young people will be connected to the Internet than any other segment of the population. The younger section of computer users (kids and teenagers) barely realize the legal and non-legal issues behind their electronic behavior. The two cases discussed in the beginning of the paper are just examples of the numerous activities of their kind. Just like a child is taught not to break into others' homes - not because it is illegal, but because it is not good and it is not ethical, in the same way we need to make our young computer users understand that a similar rule holds for computer network systems as well. The bottom line is that laws should not act as definitions for punishing the illegal activities. At least in computer world, their goal should be to establish a moral voice and public conscience in the people, which will help them guide themselves and their morals. Laws merely infuse fear, they need to start cultivating the morals and building up a solid ethical framework. It is easy to talk about the insufficiency of laws and importance of a strong moral core as far as cyber ethics are concerned. But the big question that arises here is: How? How exactly are parents and members of the information-society supposed to direct the young generation in the right way? How can we let the kids, or for that matter - =anyone who is new to the cyber world, get to know of the proper cyber behavior and hint them about the legal background behind it. One way to look at it is - consider this as any other parental responsibility i.e. apply old values to a new medium. Just like you would explain that breaking into your neighbor's house is not "right" and stealing your friend's calculator "should not be done", similarly, you can tell them that downloading copyrighted software without having a license is wrong. And it is equally important to monitor and restrict your child's access to inappropriate sites. As Vice President Al Gore mentioned in his speech at the Internet Summit in Washington DC, Dec. 1997: "Most parents quickly learn the value of letting children explore. Small children can learn much more from employing a cupboard of pots and pans onto the floor than they could ever learn by direct instruction. Weight, balance, sound, texture, touch, temperature -- there is no human being competent to teach a child all those lessons. They're just too vast and varied. Therefore, sometimes the best teaching is to encourage exploring. So, just as a parent covers electrical outlets when baby is crawling around and locks medicine cabinets to protect children against poisoning, and cushions the hard corners of coffee tables to make a home safe for a child to explore, we must also help parents anticipate and block dangerous places on the Internet to make it safe or child to explore." Lets go a step further. The responsibility needs to be handled not just on the household scale. It is a big issue, that needs to be addressed by the entire society, cyber world and the government. Web sites need to be put up, that are aimed at teenagers, to make them aware of the cyber - do's and dont's . One such existing noteworthy site is http://www.cybercitizenship.org . This web site represents a major national effort to provide teachers, parents and their children with a new learning tool - that of responsible computer use. They have presented information in a teenager - friendly look and feel, and have also made up a list of the ten commandments for the cyber acts. Conclusion: ----------- We cannot allow cyberspace to become the Wild West of the information age. But if we are to ensure public safety and responsible computer use, then government, industry and the public must all work together. Young people are growing up in a society where the Internet is central to everything from commerce to recreation. Unfortunately, criminal activity exists online just as it does on the streets. While most children know that it is wrong to break into their neighbor's house or read their best friend's diary, fewer realize that it's wrong to break into their neighbor's computer and snoop through their computer files. As children learn basic rules about right and wrong in the off-line world, they must also learn about acceptable behavior on the Internet. We need kids to understand that hacking is the same as breaking and entering--that being a hacker doesn't make them "cool" or show their smarts--it makes them a criminal! By fostering cyber-ethics and promoting responsible computer use, we can better ensure the privacy and security of all people. Bibliography: ------------- 1. Computer Intrusion Cases - Computer Crime and Intellectual Property Section at http://www.cybercrime.gov/cccases.html 2. "Ethical Conflicts in Information, Computer Science, Technology and Business" by Donn B. Parker, Susan Swope, Dr. Bruce N. Baker 3. www.cybercitizenship.org 4. Remarks by Vice President Al Gore at the Internet/Outline Summit , Washington DC. December 2, 1997. At http://www.usdoj.gov/criminal/cybercrime/gore-sp.htm 5. Federal Computer Intrusion Laws - Computer Crime and Intellectual Property Section at http://www.cybercrime.gov/cclaws.html 6. National Infrastructure Protection Center at the FBI at www.nipc.gov : provides regularly updated information and descriptions of cyber crimes