Cyberethics

Cyberethics is "a branch of ethics concerned with behavior in an online environment". In another definition, it is the "exploration of the entire range of ethical and moral issues that arise in cyberspace" while cyberspace is understood to be "the electronic worlds made visible by the Internet." For years, various governments have enacted regulations while organizations have defined policies about cyberethics.

Theory
According to Larry Lessig in Code and Other Laws of Cyberspace, there are four constraints that govern human behavior: law, (social) norms, the market and the code/architecture. The same four apply in cyberspace. Ethics are outside these four and complementary to them.

In 2001, Herman T. Tavani considered whether computer ethics were different from cyberethics. While he agreed that "The internet has perpetuated and, in certain cases, exacerbated many of the ethical issues associated with the use of earlier computing technologies", he did not agree that there is enough difference and that a new field should be introduced. He extended the same opinion to internet ethics.

Challenges
According to, Baird, Ramsower and Rosenbaum, it is difficult to unravel cyberethical issues since "the building material of cyberspace is information and that is invisible and carries "value and ethical implications."" They also point out that new ethical issues will arise since technology is changing and growing. Another challenge is that the internet is a borderless phenomenon and according to some, it is "quite difficult for any nation to exercise local jurisdiction over information available in cyberspace" and so governments are better left with a "modest" role in Internet regulation.

According to the International Telecommunication Union, 5.4 billion were using the internet in 2023. That amounted to 67% of the world population. The number increased by 45% since 2018.

Privacy history
In the late 19th century, the invention of cameras spurred similar ethical debates as the internet does today. During a seminar of Harvard Law Review in 1890, Samuel D. Warren II and Brandeis defined privacy from an ethical and moral point of view to be:
 * "central to dignity and individuality and boyhood. Privacy is also indispensable to a sense of autonomy—to 'a feeling that there is an area of an individual's life that is totally under his or her control, an area that is free from outside intrusion.' The deprivation of privacy can even endanger a person's health."

Over the past century, the advent of the internet and the rapid expansion of e-commerce have ushered in a new era of privacy concerns. Governments and organizations collect vast amounts of private data, raising questions about individual autonomy and control over personal information. With the rise of online transactions and digital footprints, individuals face increased risks of privacy breaches and identity theft. This modern landscape necessitates a renewed ethical debate surrounding privacy rights in the digital age.

Privacy can be decomposed to the limitation of others' access to an individual with "three elements of secrecy, anonymity, and solitude." Anonymity refers to the individual's right to protection from undesired attention. Solitude refers to the lack of physical proximity of an individual to others. Secrecy refers to the protection of personalized information from being freely distributed.

Moreover, digital security encompasses psychological and technical aspects, shaping users' perceptions of trust and safety in online interactions. Users' awareness of cybersecurity risks, alongside incident response protocols, authentication mechanisms, and encryption protocols, are pivotal in protecting digital environments. Despite advancements in defensive technologies, the cybersecurity landscape presents ongoing challenges, evident through a continuous influx of data breaches and cyber incidents reported across diverse sectors. This emphasizes the significance of comprehending user behavior and perceptions within the realm of cyberethics, as individuals navigate the intricacies of digital security in their online endeavors.

Individuals surrender private information when conducting transactions and registering for services. Ethical business practice protects the privacy of their customers by securing information which may contribute to the loss of secrecy, anonymity, and solitude. Credit card information, social security numbers, phone numbers, mothers' maiden names, addresses and phone numbers freely collected and shared over the internet may lead to a loss of Privacy.

Fraud and impersonation are some of the malicious activities that occur due to the direct or indirect abuse of private information. Identity theft is rising rapidly due to the availability of private information in the internet. For instance, seven million Americans fell victim to identity theft in 2002, and nearly 12 million Americans were victims of identity theft in 2011 making it the fastest growing crime in the United States. Moreover, with the widespread use of social media and online transactions, the chances of identity theft are increasing. It's essential for people and businesses to stay cautious and implement strong security measures to prevent identity theft and financial fraud.

Public records search engines and databases are the main culprits contributing to the rise of cybercrime. Listed below are a few recommendations to restrict online databases from proliferating sensitive personnel information.
 * 1) Exclude sensitive unique identifiers from database records such as social security numbers, birth dates, hometown and mothers' maiden names.
 * 2) Exclude phone numbers that are normally unlisted.
 * 3) Clear provision of a method which allows people to have their names removed from a database.
 * 4) Banning the reverse social security number lookup services.

History of Cyberethics in Hacking
The evolution of hacking raises ethical questions in cybersecurity. Once a hobby driven by curiosity, hacking has transformed into a profitable underground industry, with cybercriminals exploiting vulnerabilities for personal gain or political motives. This shift raises concerns about privacy violations, financial losses, and societal harm resulting from cyberattacks.

The emergence of cybercriminals exploiting vulnerabilities in digital systems for personal gain or political motives has led to ethical dilemmas surrounding hacking practices. Bug bounty programs and vulnerability disclosure introduce complexities, blurring the lines between legitimate security research and malicious exploitation. Balancing security imperatives with respect for privacy rights presents challenges in safeguarding critical infrastructure while upholding individual liberties.

Addressing the ethical dimensions of hacking requires collaborative efforts across industry sectors, governmental agencies, and academia. Establishing ethical frameworks for vulnerability disclosure, bug bounty programs, and penetration testing is essential to ensure responsible cybersecurity practices. International cooperation and information sharing are imperative to combat cyber threats that transcend national borders and jurisdictions.

Private collection
Data warehouses are used today to collect and store huge amounts of personal data and consumer transactions. These facilities can preserve large volumes of consumer information for an indefinite amount of time. Some of the key architectures contributing to the erosion of privacy include databases, cookies and spyware.

Some may argue that data warehouses are supposed to stand alone and be protected. However, the fact is enough personal information can be gathered from corporate websites and social networking sites to initiate a reverse lookup. Therefore, is it not important to address some of the ethical issues regarding how protected data ends up in the public domain?

As a result, identity theft protection businesses are on the rise. The market is predicted to reach 34.7 billion (USD) by 2032, according to Market.us.

Property
Ethical debate has long included the concept of property. This concept has created many clashes in the world of cyberethics. One philosophy of the internet is centered around the freedom of information. The controversy over ownership occurs when the property of information is infringed upon or uncertain.

Intellectual property rights
The ever-increasing speed of the internet and the emergence of compression technology, such as mp3 opened the doors to Peer-to-peer file sharing, a technology that allowed users to anonymously transfer files to each other, previously seen on programs such as Napster or now seen through communications protocol such as BitTorrent. Much of this, however, was copyrighted music and illegal to transfer to other users. Whether it is ethical to transfer copyrighted media is another question.

Proponents of unrestricted file sharing point out how file sharing has given people broader and faster access to media, has increased exposure to new artists, and has reduced the costs of transferring media (including less environmental damage). Supporters of restrictions on file sharing argue that we must protect the income of our artists and other people who work to create our media. This argument is partially answered by pointing to the small proportion of money artists receive from the legitimate sale of media.

A similar debate can be seen over intellectual property rights in respect to software ownership. The two opposing views are for closed source software distributed under restrictive licenses or for free and Free software. The argument can be made that restrictions are required because companies would not invest weeks and months in development if there were no incentive for revenue generated from sales and licensing fees. A counter argument to this is that standing on shoulders of giants is far cheaper when the giants do not hold IP rights. Some proponents for Free software believe that source code for most programs should be available to anyone who use them, in a manner which respects their freedoms.

Digital rights management (DRM)
With the introduction of digital rights management software, new issues are raised over whether the subverting of DRM is ethical. Some champion the hackers of DRM as defenders of users' rights, allowing the blind to make audio books of PDFs they receive, allowing people to burn music they have legitimately bought to CD or to transfer it to a new computer. Others see this as nothing but simply a violation of the rights of the intellectual property holders, opening the door to uncompensated use of copyrighted media. Another ethical issue concerning DRMs involves the way these systems could undermine the fair use provisions of the copyright laws. The reason is that these allow content providers to choose who can view or listen to their materials making the discrimination against certain groups possible. In addition, the level of control given to content providers could lead to the invasion of user privacy since the system is able to keep tabs on the personal information and activities of users who access their materials. In the United States, the Digital Millennium Copyright Act (DMCA) reinforces this aspect to DRM technology, particularly in the way the flow of information is controlled by content providers. Programs or any technologies that attempt to circumvent DRM controls are in violation of one of its provisions (Section 1201).

Accessibility, censorship and filtering
Accessibility, censorship and filtering bring up many ethical issues that have several branches in cyberethics. Many questions have arisen which continue to challenge our understanding of privacy, security and our participation in society. Throughout the centuries mechanisms have been constructed in the name of protection and security. Today the applications are in the form of software that filters domains and content so that they may not be easily accessed or obtained without elaborate circumvention or on a personal and business level through free or content-control software. Internet censorship and filtering are used to control or suppress the publishing or accessing of information. The legal issues are similar to offline censorship and filtering. The same arguments that apply to offline censorship and filtering apply to online censorship and filtering; whether people are better off with free access to information or should be protected from what is considered by a governing body as harmful, indecent or illicit. The fear of access by minors drives much of the concern and many online advocate groups have sprung up to raise awareness and of controlling the accessibility of minors to the internet.

Censorship and filtering occurs on small to large scales, whether it be a company restricting their employees' access to cyberspace by blocking certain websites which are deemed as relevant only to personal usage and therefore damaging to productivity or on a larger scale where a government creates large firewalls which censor and filter access to certain information available online frequently from outside their country to their citizens and anyone within their borders. One of the most famous examples of a country controlling access is the Golden Shield Project, also referred to as the Great Firewall of China, a censorship and surveillance project set up and operated by the People's Republic of China. Another instance is the 2000 case of the League Against Racism and Antisemitism (LICRA), French Union of Jewish Students, vs. Yahoo! Inc (USA) and Yahoo! France, where the French Court declared that "access by French Internet users to the auction website containing Nazi objects constituted a contravention of French law and an offence to the 'collective memory' of the country and that the simple act of displaying such objects (e.g. exhibition of uniforms, insignia or emblems resembling those worn or displayed by the Nazis) in France constitutes a violation of the Article R645-1 of the Penal Code and is therefore considered as a threat to internal public order." Since the French judicial ruling many websites must abide by the rules of the countries in which they are accessible.

Freedom of information
Freedom of information, that is the freedom of speech as well as the freedom to seek, obtain and impart information brings up the question of who or what, has the jurisdiction in cyberspace. The right of freedom of information is commonly subject to limitations dependent upon the country, society and culture concerned.

Generally there are three standpoints on the issue as it relates to the internet. First is the argument that the internet is a form of media, put out and accessed by citizens of governments and therefore should be regulated by each individual government within the borders of their respective jurisdictions. Second, is that, "Governments of the Industrial World... have no sovereignty [over the Internet] ... We have no elected government, nor are we likely to have one,... You have no moral right to rule us nor do you possess any methods of enforcement we have true reason to fear." A third party believes that the internet supersedes all tangible borders such as the borders of countries, authority should be given to an international body since what is legal in one country may be against the law in another.

Digital divide
An issue specific to the ethical issues of the freedom of information is what is known as the digital divide. This refers to the unequal socio-economic divide between those who had access to digital and information technology, such as cyberspace, and those who have had limited or no access at all. This gap of access between countries or regions of the world is called the global digital divide.

Sexuality and pornography
Sexuality in terms of sexual orientation, infidelity, sex with or between minors, public display and pornography have always stirred ethical controversy. These issues are reflected online to varying degrees. In terms of its resonance, the historical development of the online pornography industry and user-generated content have been the studied by media academics. One of the largest cyberethical debates is over the regulation, distribution and accessibility of pornography online. Hardcore pornographic material is generally controlled by governments with laws regarding how old one has to be to obtain it and what forms are acceptable or not. The availability of pornography online calls into question jurisdiction as well as brings up the problem of regulation, in particular over child pornography, which is illegal in most countries, as well as pornography involving violence or animals, which is restricted within most countries.

Gambling
Gambling is often a topic in ethical debate as some view it as inherently wrong and support prohibition or controls while others advocate for no legal restrictions. "Between these extremes lies a multitude of opinions on what types of gambling the government should permit and where it should be allowed to take place. Discussion of gambling forces public policy makers to deal with issues as diverse as addiction, tribal rights, taxation, senior living, professional and college sports, organized crime, neurobiology, suicide, divorce, and religion." Due to its controversy, gambling is either banned or heavily controlled on local or national levels. The accessibility of the internet and its ability to cross geographic-borders have led to illegal online gambling, often offshore operations. Over the years online gambling, both legal and illegal, has grown exponentially which has led to difficulties in regulation. This enormous growth has even called into question by some the ethical place of gambling online.

In education
There are particular cyberethics concerns in an educational setting: plagiarism or other appropriation of intellectual property, cyberbullying and other activities harmful activities, as well as accessing inappropriate material such as a test key. There is also the issue of bringing to the classroom material that was meant for a different audience on a social media platform and its authors did not give permission for its classroom use. Another issue is the authenticity and accuracy of online material used for learning. On the other hand, however, some might only feel able to express themselves under anonymous conditions where true collaboration happens.

Cyberbullying
Cyberbullying occurs when "a student is threatened, humiliated, harassed, embarrassed or target by another student". It encompasses many of the same issues that come with bullying but it extends beyond "the physical schoolyard". Cyberbullying takes place "on Web or social networking sites, or using email, text messaging or instant messaging". It evolved with the increased use of information and communication technology. It can also reach a victim 24 hours, 7 days a week in places that are outside of the traditional forms of bullying.

The issue of cyberstalking, "the use of electronic communication to harass or threaten someone with physical harm", is sometimes used interchangeably with cyberbullying. However, cyberstalking is a form of cyberbullying. Cyberstalking is a federal crime in the United States as part of the Violence Against Women Act of 2005. This law was amended in 2013 to include stalking over the Internet and by telephone and introduces penalties of up to five years in prison and a 250 000 USD fine.

The UK-based Internet Watch Foundation reported in September 2023 that sextortion was on the rise as numbers for the first half of that year "surged by 257%* compared with the whole of 2022". Similarly, the American Federal Bureau of Investigation reported in January 2024 that in the period of October 2022 to March 2023 there was "at least a 20% increase" in cases as compared to the same period the previous year. Between October 2021 to March 2023, 12 600 victims were registered and 20 suicides were link to sextortion. The victims of sextortion are most often young boys.

Related organizations
The following organizations are of notable interest in cyberethics debates:
 * International Federation for Information Processing (IFIP)
 * Association for Computing Machinery, Special Interest Group: Computers and Society (SIGCAS)
 * Electronic Privacy Information Center (EPIC)
 * Electronic Frontier Foundation (EFF)
 * International Center for Information Ethics (ICIE)
 * Directions and Implications in Advanced Computing (DIAC)
 * The Centre for Computing and Social Responsibility (CCSR)
 * Cyber-Rights and Cyber-liberties
 * International Journal of Cyber Ethics in Education (IJCEE)
 * The Center for Digital Ethics and Policy (CDEP)

Codes of ethics in computing
Four notable examples of ethics codes for IT professionals are listed below:

The Code of Fair Information Practices
The Code of Fair Information Practices is based on five principles outlining the requirements for records keeping systems. This requirement was implemented in 1973 by the U.S. Department of Health, Education and Welfare.
 * 1) There must be no personal data record-keeping systems whose very existence is secret.
 * 2) There must be a way for a person to find out what information about the person is in a record and how it is used.
 * 3) There must be a way for a person to prevent information about the person that was obtained for one purpose from being used or made available for other purposes without the person's consent.
 * 4) There must be a way for a person to correct or amend a record of identifiable information about the person.
 * 5) Any organization creating, maintaining, using, or disseminating records of identifiable personal data must assure the reliability of the data for their intended use and must take precautions to prevent misuses of the data.

RFC 1087
In January 1989, the Internet Architecture Board (IAB) in RFC 1087, titled "Ethics and the Internet," defines an activity as unethical and unacceptable if it: They defined the role of the government and the users. However, these were seen as intended for the protection of U.S. government investment into the infrastructure of the Internet.
 * 1) Seeks to gain unauthorized access to the resources of the Internet.
 * 2) Disrupts the intended use of the internet.
 * 3) Wastes resources (people, capacity, computer) through such actions.
 * 4) Destroys the integrity of computer-based information, or
 * 5) Compromises the privacy of users.

Ten Commandments of Computer Ethics
In 1992, Ramon C. Barquin authored a set of principles based on the IAB RFC 1087, it was called “In Pursuit of a ‘Ten Commandments’ for Computer Ethics”. These were published in 1992 (or 1996 ) by the Computer Ethics Institute; a nonprofit organization whose mission is to advance technology by ethical means.

It lists these rules:
 * 1) Thou shalt not use a computer to harm other people.
 * 2) Thou shalt not interfere with other people's computer work.
 * 3) Thou shalt not snoop around in other people's computer files.
 * 4) Thou shalt not use a computer to steal.
 * 5) Thou shalt not use a computer to bear false witness.
 * 6) Thou shalt not copy or use proprietary software for which you have not paid.
 * 7) Thou shalt not use other people's computer resources without authorization or proper compensation.
 * 8) Thou shalt not appropriate other people's intellectual output.
 * 9) Thou shalt think about the social consequences of the program you are writing or the system you are designing.
 * 10) Thou shalt always use a computer in ways that ensure consideration and respect for your fellow humans.

(ISC)² Code of Ethics
The International Information System Security Certification Consortium, is a professional association known as (ISC)², which seeks to inspire a safe and secure cyber world. It has further defined its own code of ethics. The code is based on four canons, under a general preamble:

Code of Ethics Preamble:
 * The safety and welfare of society and the common good, duty to our principals, and duty to each other, require that we adhere, and be seen to adhere, to the highest ethical standards of behavior.

Code of Ethics Canons:
 * Protect society, the common good, necessary public trust and confidence, and the infrastructure.
 * Act honorably, honestly, justly, responsibly, and legally.
 * Provide diligent and competent service to principals.
 * Advance and protect the profession.

Ethical considerations in emerging technology
Though it is impossible to predict all potential ethical implications resulting from new or emerging technology, ethical considerations early in the Research and Development (R&D) phases of a system or technology's lifecycle can help ensure the development of technology that adheres to ethical standards. Several methodologies, to include frameworks and checklists, have been proposed by researchers for the purpose of conducting ethical impact assessments on developing technology. The goal of these assessments is to identify potential ethical scenarios prior to deployment and adoption of an emerging technology. The output from these assessments allow for the mitigation of potential ethical risk and ultimately helps to ensure ethical standards are upheld as technology evolves.

Additionally, the overlap of ethics and cybersecurity reveals a complex situation. Safeguarding important infrastructure and private data often clashes with worries about privacy. Deciding on security measures must balance protecting national interests with preserving civil liberties. Ethical concerns are crucial in dealing with the differences in cybersecurity practices between public and private sectors. Despite efforts to improve funding and cooperation, challenges remain in finding and stopping cyber threats, especially in government agencies. This shows the need for clear ethical guidelines to guide cybersecurity decisions