The Law and Values: CyberSecurity

--Originally published at Don't Trust Humans, Trust Computers

In our daily, we face a lot of decision we need to make. Some of them are very simple and do not need much thinking; and in the other hand, sometimes we need to make very hard decision that not only may affect us, but also it might affect others. I am sure that in more than one time we have face a situation where ethics are involve. There are going to be moments in our life where ethics and even legal matters are going to be involve and we need to be prepare to be able of making the “right” choice. The information security area is fill with ethical and legal situations that we need to be aware of.

Ethical and Legal - businessman confused Standing at the crossro

When we talk about ethics in information security, is a vast topic with plenty of situations. In this kind of situations we need to take in account our own ethics and the ethics of our profession. The values and principles we have as a person are an important factor at the moment of making decisions. Our own ethic code depends on several factors, like: family values, the environment we live in, the culture we have, and many other factors. When we are we receive our bachelors degree, we instantly form part of another community and like many other communities, they have a code. In information security there are plenty of organization that have written how a computer scientist should behave. The Computer Ethics Institute have written 10 commandments of computer ethics, which are:

  1. Thou Shalt Not Use A Computer To Harm Other People.
  2. Thou Shalt Not Interfere With Other People’s Computer Work.
  3. Thou Shalt Not Snoop Around In Other People’s Computer Files.
  4. Thou Shalt Not Use A Computer To Steal.
  5. Thou Shalt Not Use A Computer To Bear False Witness.
  6. Shalt Not Copy Or Use Proprietary Software For Which You have Not Paid.
  7. Thou Shalt Not Use Other People’s Computer Resources Without Authorization Or Proper Compensation.
  8. Thou Shalt Not Appropriate Other People’s Intellectual Output.
  9. Thou Shalt Think About The Social Consequences Of The Program You Are Writing Or The System You Are Designing.
  10. Thou Shalt Always Use A Computer In Ways That Insure Consideration And Respect For Your Fellow Humans.

Ethics aren’t the only topic that should matter to a person working in the information security area, but also legal aspects are very important too. Laws change depending on which country you are. Some countries have more laws in the information security aspect, while other countries have very minimal laws about this subject. Depending on where we are working, we need to be consent of the laws, because if not we may face some pretty bad consequences.

Stay safe

A.C.

References

http://www.computerworld.com/article/2557944/security0/ethical-issues-for-it-security-professionals.html

http://computerethicsinstitute.org/publications/tencommandments.html

http://www.csudh.edu/Eyadat/classes/CIS378/handouts/Legal,%20Ethical,%20and%20Professional%20Issues%20In.ppt