Date: July 31, 1991 From: "The Moderators" Subject: File 2--CuD Review of _Computer Ethics_ (Reprint) Date: March 8, 1991 ******************************************************************** *** CuD #3.07: File 5 of 6: Book Review: Computer Ethics *** ******************************************************************** Review of COMPUTER ETHICS: CAUTIONARY TALES AND ETHICAL DILEMMAS IN COMPUTING, by Tom Forester and Perry Morrison. 1990. Oxford (Eng.): Basil Blackwell. 193 pp. (np). (Reviewed by Jim Thomas, Northern Illinois University). The questions raised in the U.S. by Secret Service procedures in so-called "computer crime" investigations such as Operation Sun Devil, the growth in public computer literacy, and the general public recognition that computers are moving from the periphery to the center of social control and organizational operations make COMPUTER ETHICS a timely and worthwhile tome. Although both authors resided in Australia when the book was written (Tom Forester remains at Griffith University in Queensland and Perry Morrison is now at the University of Singapore), the work focuses primarily on the U.S. for examples, but draws as well from international data to argue that society has yet to confront the twin dilemmas of hardware and software malfunctions and misuse by humans. In some ways, the book is misnamed. The themes are not restricted to those of ethics, but include as well risks to society by over-reliance on computer technology (especially when it fails) and to thornier social issues, such as privacy, the social implications of artificial intelligence, and the potential problems of the increasingly computerized workplace. The authors organize each of the eight chapters around a specific issue (Our Computerized Society, Computer Crime, Software Theft, Hacking and Viruses, Unreliable Computers, The Invasion of Privacy, AI and Expert System, and Computerizing the Workplace), summarize the problems by drawing from an impressive wealth of data from conventional and other media, and conclude each chapter with a hypothetical example and set of questions that enhance the value of the work for college graduate and undergraduate classes. About one third of the book directly confronts computer crime and "computer underground" activities, such as piracy and hacking. There is no obvious ax-grinding, and especially with piracy the authors raise issues in a generally non-judgmental manner. They observe that an increasing number of software authors have recognized the general ineffectiveness of program-protecting their products and have increasingly moved away from the practice. However, the focus of the discussion avoids the type of "warez sharing" that occurs on pirate BBSs and begs the issue of swapping copyright programs without purchasing them. The discussion example focuses on the ethical issue of copy-protecting programs with a disk-wiping virus rather than using an example that teases out the nuances of using unpurchased software. I am also a bit troubled by the cursory attention given to the different types of piracy. Participants enmeshed in the "pirate culture" on BBSs would agree that theft of proprietary source code for profit or reselling copied programs is clearly wrong. Further, even within the computer underground, pirates range from "kids" who crack and swap games to older and more sophisticated users who simply enjoy collecting and examining various types of programs. Without teasing out the complexity of the pirate culture, many of the important issues are glossed over, such as the ethics of "fair use" to pre-test a program, the harm (or lack of it) in using a program that would not have been purchased, but whose use expands a product's visibility and reputation (thereby expanding the market), and the problem of an increasing array of available software that if purchased would be exceed the resources of all but the most affluent computerists. In fairness, not all relevant ideas can be addressed in a single chapter, and the authors satisfactorily provoked enough questions to make this an interesting and useful section. The most troublesome chapter, "Hacking and Viruses," simplifies the phreak/hacking community and alludes to studies that do not accurately reflect the computer underground. Although a relatively short and seemingly innocuous discussion, the section "why do hackers 'hack'?" cites studies suggesting that "severe social inadequacy" typifies many hackers. The authors do make it clear that there is no simple answer to explain motivation, they tend to ignore the primary reasons cited by most hackers: The challenge, the excitement, and the satisfaction of success and increased knowledge. Granted, these reasons, too, are simplistic as a satisfactory explanation but they provide an antidote to the general imagery portrayed by law enforcement officials that hackers are dangerous social misfits and criminals who should be prosecuted to the full extent of the law. Also troublesome is the inclusion of virus writers and spreaders with hacking activity. Hackers are as vehemently opposed to spreading viruses as law enforcement. In fact, hackers, because of their use of networks and reliance on smoothly functioning hardware, have far more to lose than the average computer user by their spread. Nonetheless, the authors do raise a few questions about the differences in the various types of activity, asking, for example, whether system-browsing should be criminalized in the same way as other predatory behavior. The degree to which this chapter provokes disagreement and challenge to some of the claims (or vehement responses to some of the questions) is simply an indicator of the utility of this work both for stimulating thought and for generating discussion. Although the remainder of the book is not as directly relevant to the CU community, it nonetheless provides interesting reading. The authors continually remind the reader that despite their benefits, computers possess numerous demonstrable dangers. The value of the work is not simply the admonition of the risks of computer misuse, but more importantly, that social attitudes, ethical issues, governmental policies, and social control strategies have lagged far behind in the need to be aware of how computers change our lives and how these changes may usher in new forms of social interaction for which we are unprepared as we cross into the cyber-frontier. The authors' scholarship and documentation, although impressive, does not tempt them to fall back into academicese. The volume reads like a novel and--even where one might disagree with claims or conclusions--the provocations are stimulating rather than combatative. In short, Computer Ethics is fun and worth reading. ------------------------------