Hacktivism: Right or Wrong

1
Hacktivism Right or Wrong
2
Format

• Short Introduction to Ethics
• Introduction to Hacktivism
• A Potential Framework
• Discussion of Hacktivism

3
EthicsIntroduction

• The 5 minute tour
• Glosses over 2500 years of philosophical work
• Ethics A system of principles and rules
  concerning duty what we ought to do
• Duty A task or action one is bound to perform
  (obligation)
• 2 Principles of Ethics
• Any ethic or ethical position must satisfy these

4
EthicsUniversality Principle

• Universality if an ethic declares an action
  right or wrong given a situation, it must also
  declare the action right or wrong given another
  situation with similar circumstances

5
EthicsJustification Principle

• Justification Any ethical determination must be
  justified by appeal to a general moral position
  (even though one may not be able to articulate
  that position)
• Unacceptable justifications include
• Appeal to Prejudice
• Appeal to Emotional Reaction
• Appeal to False Facts
• Appeal to Others (Parroting)

6
EthicsTheories for Hacktivism

• Although almost any theory can work for
  Hacktivism, we will focus on three that are most
  promising
• Consequentialism
• Deontology
• Civil Disobedience (Rights/Justice Theories)

7
ConsequentialismIntroduction

• A group of theories which determines the
  rightness or wrongness of an action in terms of
  their consequences
• Act-Consequentialism
• Assess potential outcomes of each case and act to
  produce the most good
• Rule-Consequentialism
• Derive the rules which typify actions based on
  their production of good

8
DeontologyIntroduction

• There are several distinct duties
• Personal duties (children, parents, friends)
• Social duties (debtors, associations, jobs)
• Certain kinds of acts are intrinsically right and
  others are intrinsically wrong based on duties
• Not in any way determined by its consequences
• Almost formalizes The Golden Rule
• Do unto others as you would have them do unto you

9
DeontologyKant

• Kants Categorical Imperative
• An action is right or wrong based on
  universalizing the maxim (rule of conduct) of the
  action
• i.e. would bad things happen if everybody did it
• Wrong if a logical contradiction occurs
• Lying is wrong because if everybody did it, then
  over time the term lying is meaningless because
  then there is no distinction between truth and
  fiction

10
Applied DeontologySpaffords Hacking

• Spafford argues that hacking is intrinsically
  wrong (except in extreme or rare cases)
• It is deontological because it would not be
  sensible or permissible if everybody did it
• Acknowledges that some instances of hacking would
  be preferable, but not ethical (i.e. not
  something we ought to do).
• Hacking into medical records to get vital data to
  save somebodys life when no authorized user is
  available

11
Hacktivists Claims

• Most hacktivists claim that their actions can be
  considered civil disobedience
• Therefore, they attempt to evoke the ethical
  justifications of civil disobedience
• But can they?

12
Civil DisobedienceDefinition

• According to John Rawls in his historic 1977
  work, A Theory of Justice, he defines civil
  disobedience as a public, nonviolent,
  conscientious yet political act contrary to the
  law usually done with the aim of bringing about a
  change in the law or policies of the government.

13
Civil DisobedienceJustification to Break the Law

• This will only apply to democratic societies (or
  near democratic societies)
• An implicit contract (duty) when participating in
  the society to follow its laws
• P. Singer
• We have a natural duty to follow just
  institutions
• Rawls
• Therefore, any need to dismiss that duty (if
  any), must be extremely rare and well measured

14
Civil DisobedienceJustification to Break the Law
(2)

• Rawls gives these requirements for C.D.
• The law or policy being objected to must be a
  clear and substantial injustice
• Violating the natural rights of citizens
• Must first try to eliminate injustice by lawful
  means
• Cannot threaten the rule of law with the
  disobedience
• The action must be controlled, not to provoke
  into unjust violence
• The action should advance the ends addressed (not
  just to show off your morality)

15
HacktivismDefinition

• An amalgamation of the words hacking and
  activism.
• The use of technology to publicly communicate or
  further a political cause through the
  unauthorized use and/or the disruption of a
  computer service.

16
ExamplesZapatista Rebellion - Description

• First documented event of modern hacktivism
• In 1998 a DoS attack against the President of
  Mexicos website
• As Wired News reported, approximately 8,000
  hacktivists attempted to prevent any legitimate
  traffic to the site, or even crash the server.
  The purpose of this action was to protest and
  gain publicity for the alleged mistreatment of
  Zapatista rebels in Chiapas.

17
ExamplesZapatista Rebellion - Methods

• To do this, any person could go to a website,
  which downloaded an applet (FloodNet) and allowed
  the hacktivist to reload the webpage numerous
  times very quickly.
• Hacktivists from the U.S., Mexico, and many other
  nations participated

18
ExamplesZapatista Rebellion - Pentagon

• The Pentagon (another target in the attack)
  attacked back when it sensed the flood of web
  page requests.
• The Pentagon website redirected the hacktivists
  to another site, which included another FloodNet
  type program called HostileApplet.
• At that point, the HostileApplet program was
  downloaded onto the hacktivists machine and
  caused it to be unresponsive until the machine
  was restarted.

19
ExamplesIndia and Nuclear Weapons

• In June of 1998, just months after the Zapatista
  act, hacktivists broke into top-secret Indian
  nuclear laboratory computer systems to protest
  live nuclear tests being performed by India.
• According to Wired News, the hacktivists broke
  into the Indian computer network at the Bhabha
  Atomic Research Centre in Bombay, copied some
  files and emails and then erased all of the data
  on the systems.

20
ExamplesNike and Human Rights

• On July 19, 2000 Nikes primary corporate website
  (http//www.nike.com) was hijacked.
• Hijacking is a term used to describe when an
  unauthorized change is made which causes all of
  the traffic going to one site, actually go to
  another site.
• In this case, all of the traffic going to
  nike.com was being redirected to an Australian
  hacktivism organizations site (S-11). The S-11
  site contained a political statement that urged
  protests of the World Economic Forum to focus
  attention on the alleged human rights violations
  of corporations.

21
FrameworkIntroduction

• The framework is designed to help determine
  whether an act of hacktivism is ethical or not
• Satisfying all of the criteria should be
  necessary, but not sufficient to render a case
  ethically justifiable
• Criteria is made up of numerous ethical theories

22
FrameworkCase of Ethical Hacktivism?

• Say that a small group of technologically savvy
  persons are living in a totalitarian state, which
  restricts all information in and out of the
  state. Say that this group has obtained
  unequivocal proof that their government is
  practicing genocide. This group then defaces the
  governments website and places on it the proof
  they have of the atrocities for the purpose of
  alerting other nations to the genocide. The
  group could not have gotten this information out
  any other way.

23
FrameworkCriterion (1-4)

• The individual or organization engaging in
  hacktivism must have first exhausted all other
  legal means of redress.
• The act of hacktivism must not harm innocents who
  are not involved in the accusation of unethical
  practices (this includes upstream providers)
• The participants of an act of hacktivism cannot
  remain anonymous (no proxies)
• The act of hacktivism must clearly advance the
  end addressed

24
FrameworkCriterion (5-9)

• The hacktivist must be ethically motivated. (must
  be able to morally justify their position)
• The act of hacktivism must not cause unnecessary
  harm to the system being attacked
• No personal profit.
• Willingness to accept responsibility for the
  consequences of the action.
• Unless in a non-democratic environment, action
  cannot threaten the rule-of-law

25
Discussion

• So, can we ethically justify hacktivism?
• Is hacktivism civil disobedience as claimed?
• Can we apply consequentialism or deontology to
  hacktivism?
• Were any of the examples of hacktivism ethical?