Ethical And Legal Analysis Of Mckinnon Case

Ethical And Legal Analysis Of Mckinnon CaseThis assignment I based upon an name published online on the 15th of May 2009 by popular computing Magazine PC Pro (see appendix A). The article discussed Gary McKinnon who has been acc utilize of hacking a number of United States (US) NASA, Army, Navy, Department of Defence, and Air jam systems. His US prosecutors insist he was actuateing with malicious intent and that he comelynessd damage charge over $700,000. McKinnon denies acting with malicious intent or that he caused that much damage, citing that his motivation was to look for usher of secret discharge fuel, anti-gravity and flying saucer technologies. McKinnon has stated that the net urinate security was weak and he was adequate to(p) to gain retrieve due to cyberspace administrators failing to use unassail equal to(p) passwords on steep direct administrative accounts. Once inside, McKinnon used unspoiledfulness away available softw ar c eithered RemotelyAnywhere t o apportion control of machines. The field of study study identifies that his reckon became an addiction which took over his life.RationaleThe Gary McKinnon national sprung to the headlines in 2001, the media frenzy skirt the case would support the tagline of the biggest array hack of all(prenominal) time. The case has been hold for over nine years now and the end is non save in sight indicating that the sound anesthetises deep down the case be some(prenominal) complex and in no way, easy to dissever. The extensive and drawn- bring turn come go forth of the clo mystify media coverage adds to the complexity of the issues surrounding the case.This case study has been chosen frontmostly as it covers a very current issue in hacking. It would seem that hacking cases would save increase in the future as more nations cross the digital divide. Electronic crime is ticklish to police and further difficulties arise give away of international crimes. The nature of electr onic communication and the removal of physical boundaries get out complexities in electronic crime and the control of borderless technologies. This case study has been chosen as it is particularly exposed to estimable questioning as soundity does non adequately resolve this case.This case study has been chosen for ethical and licit analysis non except for its high profile. Numerous fakers mountain be de nameine in this case to bear a expert base to apply a pragmatic analysis of ethical issues though the direction of ethical manikins. Primary actors in this case ar identified as the Gary McKinnon and the network administrators am change for security. Secondary actors eat up been identified as the makers of RemotelyAnywhere, the softw atomic number 18 which allowed McKinnon to control machines so easily and the US military who were the owners of the net working and entropy stored there. as well, these actors domiciliate a basis to identify legal issues inherent wi thin the case study. there are sufficient suggestions to argue that laws beat been humiliated by both primary actors in this case.Technology strides on through and through the digital age where the former(a) side of the world is accessible at our fingertips and a mere four billion IP addresses are not fulfilling needs. For this reason, it usher outnot be helped but to feel that hacking cases allow only increase in scale and/or frequency and by chance the Gary McKinnon case forget be surpassed in the future.At first glance this case appears to be a typical hacking case, where the person billting the offence is acting for purely private reasons to apply fraud or other press something which isnt theirs to organize. However this case differs in that there is no reason to believe that McKinnon was acting with the intent to take whateverthing which was not his or to gain some(prenominal) personal advantage from his saves. actionors objecting to McKinnons activitys are th ose who were responsible for the security of the network and those who owned the network.Ethical FrameworksModern twenty-four hour period normative ethical frameworks are broadly divided into two. Deontology, based on clean intention and input, and conversely Teleology which is centred around the output and end result.teleologicalTeleology is the philosophical stance that an action may be critiqued based upon its consequences. It is usually thought of with the view that the end may confirm the instrument (Edgar, 2002 Bynum and Rogerson, 2006 Weckert, 2007), therefore teleological frameworks are pursuited with the end result of an action. Utilitarianism is a part of teleological theory, which emphasises that the end result is important rather than the intentions of an individual. Its main t distributivelying is specifically to seek to sayingise contentment through consequences (Spinello, 1995). It therefore claims that an action may be judged based wholly upon its usefuln ess in transport rough happiness. Speaking on functionalism it was observed by Velasquez (1992) thatthe tenet assumes all eudaemonias and monetary values of an action nookie be measured on a common numerical scale of honorable calculus (p.61). To what constitutes happiness and its worth would largely depend upon the individual critiquing the action. For font McKinnon may argue that his happiness in doing this for so yearn was distant greater than the sorrowfulness caused for the US Government who has lots of notes and resources, yet the utilitarian frame work aims to maximise the greatest happiness of all those whose interest is in question. (Lyons, 2003 p.27). So everyone affected moldiness surveil into consideration, this includes the network administrators, the US government, McKinnon and the makers of RemotelyAnywhere. It can be argued that McKinnon was attempting to maximise happiness by uncovering secret technologies. However a utilitarian framework is only concer ned with the happiness actually brought about as a result from an action (Spinello, 1995) rather than intent.Whilst McKinnon is the primary actor and the main pull aheader, in the article he is quoted as saying I think I wanted to be caught, because it was ruining me (Turton, 2009). This indicates that McKinnons happiness was on the spur of the moment awake(p)d and as a result produced unhappiness from him quitting his job and splitting up with his girlfriend. The makers of the software RemotelyAnywhere subsequently had much publicity, however this is predominantly proscribe publicity as their software was used to practice crime. A small benefit may be that those wishing to commit crime, would buy their software more, charge if this is not its think purpose. A large amount of unhappiness would come from the owners of the network, the US government. The break-in has caused a large amount of embarrassment for the government, intensify by the claims that the security was weak. rase if the allegations that McKinnon deliberately caused damage are untrue, the cost of abide bying, tracking and fixing the break-in may be more expensive than the actual offense (Baase, 2003). This could be gauged both in landmarks of money and time.Utilitarian ethics faux happiness can be someways compute. An action can be deemed correct if the total good subtraction the total bad is greater than that of an alternative (Sinnott-Arm muscular, 2006). It is emphasised that the happiness is calculated based upon everyone who would be affected by the action. This is opposite to egoism, which is only concerned with the happiness of the individual to a lower placetaking the action (Johnson, 2001 Spinello, 1995). Based upon egoism, McKinnons actions are confirm as he was acting purely for his own enjoyment with inadvertence for anyone else. However as he was caught, the sentence he will virtually potential receive may outstrip his current happiness.In deliberateness up the good verses the bad consequences of an action, the distinction moldiness be do between act utilitarians and come up utilitarians. Baase (2003) gives the explanation that rule utilitarianism, applies the utility principle not to individual actions but to general ethical rules. (p.406). In evaluating this case study, it would be difficult to agree that calculator hacking is always okay, as this is an onset of retirement therefore creates much unhappiness. However an descent for applying this as a general rule may be inclined, as hacking large, clannish and undisciplined organisations such as the army navy or NASA would ultimately travel by to them being more truthful and open about matters. Being near and encouraging others to be truthful is something that a rule utilitarian would surely agree with. This argument is of course independent of the allegations that McKinnon caused damage in his seeming search for secrets. The long term effects, in rule utillitarians perspecti ve, could be that hacking honored governmental networks may cause panic amongst other network administrators or individuals which wish to eat up their info unploughed secure. It could likely hightail it those responsible in this case to lose their jobs. Knowing that data is not private and may be scrutinised can lead to individuals acting differently than they would other by chance to the extent that inhibits them from doing their job as surface as they otherwise would (Johnson, 2001). Allowing hacking to be justified in all cases may thus far lead to questioning if electronic data can be kept firmly at all Alternatively, had McKinnon uncovered evidence of flying saucer technology, the happiness generated would perhaps be greater than unhappiness, and may then be justifiable.Rule utilitarianism fails to visualize the inherent difficulties in predicting the consequences of every act of computer hacking, therefore it is difficult to apply from a practical point of view. Alt hough it may be dreamer to conclude that this is would only be suitable for a hindsight evaluation, a rule utilitarian would insist all other cases come into consideration. This is unrealistic and inherently flawed.Act utilitarianism is only concerned with the current action on a lower floor scrutiny. In applying this to the current case study it was believed by McKinnon that the resulting happiness would off the beaten track(predicate) outweigh that of unhappiness. However Johnson (2001) high demoralizes that in making decisions on current actions, the norm or general rules may only be abandoned in situations where it is snuff it more happiness will result from breaking them. (p.40). McKinnon acknowledges in the case that he gained little in evidence of UFO activity. It is presented that his motivation was to turn out on the US was withholding culture on technologies including anti-gravity propulsion and forfeit competency (Turton, 2009). However, McKinnon alluded to his fr iends that he had found little or no evidence. Bynum and Rogerson (2006) agree that in a utilitarian framework The risk and probabilities count likewise (p.72). As McKinnon says that there was little previous evidence of UFO technology then surely according to a rule utilitarian he should not return handle the general rule as it was not pardon that his actions would result in greater general happiness, consequently it did not.It is identified in the case that McKinnon was only able to access the network due to the action of network administrators in leaving accounts without passwords. The actions of the network administrators would seem unethical under a utilitarian framework when considering the alterative of setting a strong password, which would kick in had a more desirable effect. Whilst it was not known in this case study if setting passwords would have denied McKinnon unauthorised access, the risk of not setting passwords, as identified by Bynum and Rogerson (2006), would have been extremely high, and the hazard that somebody would matterually exploit this also high. Whilst it is likely that this error was make due to carelessness rather than a conscious decision, the assumption is do that this was an action that could have been avoided. However this negligence does not automatically justify unauthorised access, under the utilitarian framework the total happiness must be weighed against unhappiness. The happiness generated by this negligent behaviour would primarily be for network administrators who would have been able to log on to machines without having to type passwords. happiness would have been given to potential hackers too who were more easily able to access the network. Even though allowing hackers in may not have been intended, a utilitarian framework is purely concerned with consequences (Baase, 2003 Bynum and Rogerson, 2006 Spafford, 2006 Sinnott-Armstrong, 2006). As all affected individuals are judged equal (Bynum and Rogerson, 200 6) the happiness of terrorists or other hackers must count as a verifying consequence Regardless of a persons station in life, each person is counts the same when the benefits and harms are added up (Bynum and Rogerson, p.71). Alternatively the US government may argue that the unhappiness was far greater from McKinnons actions due to the number of people that would have been affected by shutting down a network of computers. To take this stance the long term view must be disregard, that McKinnons action highlighted a thoughtful security flaw that could have been exploited by a far more astute hacker. To delve even deeper into the realm of possibilities, by McKinnon hacking and acquire caught on this occasion, he could have removed any chance of someone being able to hack US government computers ever again, perhaps at a time when hacking US computers would allow millions of lives to be saved.A common criticism of the utilitarian framework is the assumption that huge unhappiness cou ld be justified upon one person for the sake of ten others. This argument could be countered by forcing the acknowledgement of long term consequences as well as the short term consequences (Johnson, 2001). For manikin, the case study (appendix A) must try and foresee the long term effects of the action. The majority of these long term effects are known as the act was committed sand in 2001. Nether the less the unknown unknowns severely limit the cerebrate lav making a decision on utilitarian principles. Even if it is believed all the alternatives, consequences and all individuals which will be affected by the consequences have been identified, how can these be verified? A posteriori knowledge may be useful in identifying these, that is, a decision that has been arrived at after the event or perhaps by applying what has happened before. A large issue arising from utilitarianism is that without the benefit of hindsight, it is difficult to apply practical reasoning to identify the outcome of an action.DeontologicalDeontology was first coined by C. D. Broad when he used it in a term to contrast that of Teleological theories based on outcome. However, a deontological approach could be best personified by the earlier work of Immanuel Kant (1785) in saying The moral worth of an action does not lie in the effect judge from it (p.13). Deontologists argue the morality of an argument is based entirely on intentions of ones actions.Immanuel Kant is a lot presented as the prime example of a deontologist (Baase, 2003). Kantian ethics argues that it is not the consequence that makes an action right or wrong it is the intentions of the individual carrying out the action. Kant (1785) argues that It is not necessary that whilst I live I live merrily but it is necessary that so long as I live I should live honourably. (p.13). This statement suggests that upon making an honourable decision, this will be the correct thing to do and therefore Kant must assume that this will likely have good consequences. Deciding upon what is honourable and therefore what would be the right thing to do, is largely governd by law. However other influences may come from upbringing, social shareistics or religious stamps for example, McKinnon may have been influenced by his own foulground in belief of UFOs. It would appear that McKinnons belief in UFOs influenced his actions.McKinnon hacked military machines in an effort to discover secret UFO technology, which would appear to be in conflict with a deontological framework as he is utilize the action as a mere pith to an end. However, as Johnson (2001) points out, a deontological framework dictates that a decision is not used as just a means to an end it may be justified if that end is moral. In applying this to the current case study we can define that the end result was to discover hidden UFO technologies McKinnons means of doing this was through hacking. Even though McKinnon states he did not intend to cause harm, but merely look. This perhaps is justifiable if the end result was intended to give the world knowledge of these technologies. The stumbling block in this case is that McKinnon did not have authorisation to do this. Alternatively if the US Government had concur that McKinnon may hack their computer system on the condition of not causing any damage and just to look, this would have been entirely ethical on accordance to a deontological framework. It is difficulty to define McKinnons intent as he did not appear to find such evidence and second because he was caught. Kants specific class of deontology states I should never act draw in such a way that I can also will that my maxim should become popular joint law (p.14). This again is equivalent to that of a rule utilitarian, in that if an action cannot be justified on every occasion, if is unethical.In leaving admin accounts without passwords, the professionalism of network administrators may certainly be placed into question, yet it is difficult to identify a motive behind doing so. The key issue driving deontological ethics is the notion of motives. There does not appear to be a motive being this action just negligence. Johnson describes negligence as a failure to do something that a reasonable and prudent person would have done (Johnson, 2001 p.184). Johnsons definition quite adequately describes the system administrators who may have been responsible for leaving high level administrative accounts without adequate security. Therefore under a deontological framework, the actions of the network administrators was unethical. apposition to Kantian ethics is largely twofold. Firstly, that Kants philosophy is grounded on a universal affair or maxim that can be accepted crosswise the board, which begs the question of what should be adhered to if an action divides two moral maxims. In hacking military machines, McKinnon can only be acting upon his personal debt instrument to find out the truth about UFO creati ve activity, but in doing so, ignored the duty to respect others personal property. This highlights the second major issue with Kants philosophy, which is, which maxim should take priority.The ethical principles outlined by Kant rely upon the basis of moral absolutism. This is contrasted by the views of W.D Ross. Ross defined seven initial or prima facie duties tariff of beneficence A duty to help other people (increase pleasure, amend character)Duty of non-maleficence A duty to avoid harming other people.Duty of arbiter A duty to ensure people get what they deserve.Duty of self-reformation A duty to improve ourselves.Duty of reparation A duty to recompense someone if you have acted wrongly towards them.Duty of gratitude A duty to benefit people who have benefited us.Duty of promise-keeping A duty to act according to explicit and implicit promises, including the implicit promise to tell the truth. (Johnson, 2001)Ross defines these as common duties (but in no way absolute) to be up held regardless of the situation. For example the duty of promise-keeping may be ignored for the duty of beneficence. In light of Rosss variation of deontological ethics, McKinnons hacking of military machines may only be justified under the reason that he was acting upon his personal duty to find out the truth about UFO existence (the duty of beneficence). But in doing so, ignoring the duty to respect others personal property (the duty of non-maleficence). The predominant issue with applying a deontological framework is identifying the intent of an action, this is also somewhat marred by the fact that McKinnon has not yet been charged. McKinnons truthfulness may be repugn because he is bias he would likely say anything to get out of facing a possible extradition and prison sentence. There are suggestions brought advancing from his prosecutors that insist McKinnon caused $700,000 worth of damage. The consequences of his action are disregarded under this framework (Kant, 1785), yet this may suggest that his intentions were not simply to find UFO technology. McKinnons actions would not be justifiable if his intentions were to cause damage. If it can be assumed that McKinnons actions were only to search for evidence then a deontological frame would dictate this is ethically justifiable. However, if Kants view is taken into consideration then is cannot be judged that hacking to search for secret technologies is universally justified.Virtue ethicsVirtue ethics go outs back to the ancient Greek philosopher Aristotle. Aristotle believed in excellence in human character though upholding celibacys (Tavani, 2007 Bynum and Rogerson, 2006). Virtues promote positive character although the list may be very long, such virtues include responsibility, reliability, self-discipline, modesty, courage and integrity (Bynum and Rogerson, 2006 Johnson, 2001). Whereas utilitarian and deontological frameworks are centred on rules to apply, virtue ethics is about building moral char acter.In this case study McKinnon displays dishonesty by hacking the network without permission. As virtue ethics ignores the special roles of consequences, duties and social contracts (Tavani, 2007 p.65) therefore McKinnon and the US government must be seen as equals. This exposes McKinnon for acting without due consideration of his actions, and perhaps even foolhardiness to progress breaking in without authorization. Perhaps McKinnon could be seen as courageous for hacking such a powerful establishment, yet acknowledging the roles of the two actors (ibid) removes any hierarchy between the two. The case study beings to light accusations that McKinnon left laboured messages on desktops such as I am SOLO. I will continue to disrupt at the highest levels. Threatening behaviour is not considered virtuous in Aristolean ideas. Presumably when McKinnon downloaded RemotelyAnywhere, there would have been an end user indorse that he would have to agree to before he could use the software . This symmetry dictates that the software be used for its intended purpose. McKinnon has showed dishonesty by disobeying this and using the software for hacking. Respect and quality is a key thought in virtue ethics (Bynum and Rogerson, 2006).The network administrators in this case study would not have acted responsibly or with integrity as it is alleged that they failed to take basic measures to ensure the network stayed secure. The US military who owns the network and data held on it, although not directly responsible, would not display reliability as they have been hacked at a time when they should have been on high alert.Rights-basedJohnson (2001) described that in a rights-based framework the categorical imperative requires that each person be treated as an end in himself or herself (p.47). This statement exemplifies the common parallels between deontological and rights-based ethics.Rights are heavily intertwined with law. For example the entropy Protection Act gives individ uals the right to know what information is being kept on them. Yet regardless of law, some philosophers argued that all humans take some natural inherent rights. These rights can be seen as universal or human rights such as the right to life Spinello (1995) gives the example of how these rights are universal in saying everyone equally shares the right to free speech regardless of nationality or status in society (p.31). immanent or universal rights are derived from the nature of humanity (Baase, 2003). Under rights-based ethics, legal rights come second to natural rights. The values of rights based ethics are similar to the principle for nonmaleficence. Baase (2003) states that, under rights based ethics an act is likely to be ethical if they involve voluntary interactions and freely made exchanges, where parties are not coerced or deceived. (p.407). In the case study there is evidence which suggests that the exchange of data was not done voluntarily. Therefore the action of McKin non cannot be justified on that principle.Natural or human rights are seen as inherent and must be respected this implies that an individual has the right not to be interfered with (Johnson, 2001). Therefore the right to privacy is not diminished by the poor security displayed within the case study. Although the network administrators did not set passwords, this does not automatically negate the right not to be interfered with. Similarly if someone forgets to lock their car this does not give someone else the right to take the car. Lax security would not matter if the right to privacy was upheld.The distinction between positive and negative rights must be given in applying a rights-based ethical framework to this case study. A negative right will free an actor from outside intervention, whereas a positive right would give the actor whatever is needed to fulfil an interest (Spinello, 1995). Negative rights are much more common than positive rights as it is difficult to draw the line as to where a positive right is limited. Johnson (2001) highlighted that whereas duty-based ethics is largely seen a deontological framework, it may be derived from a utilitarian principles on occasion. From a utilitarian perspective, in search of the greatest happiness, poor boy argued that intellectual happiness was greater than sensual (Spinello, 1995). On the basis of this, it can be argued that McKinnon may have been over exerting his right to further ameliorate himself, but intellectual happiness is greater in Mills tick of teleology, so his actions would be justified. Rights-based ethics derived from intent would argue that McKinnon has asleep(p) against the legal right prohibiting him from unauthorised access to the network and that he has also gone against the moral right to respect others privacy. From a rights-based ethical framework, moral rights take prescience over other duties or action people king have (Baase, 2003) therefore McKinnons actiosn cannot be justifie d.Legal IssuesIn applying ethical frameworks to any case study, personal morals are heavily intertwined. Law oftentimes overrides these morals. For example, ownership of what someone creates may be negated to that of the company which that person works for if that is in their terms of employment. Alternatively something which is viewed as ethically acceptable may also be against the law. At the very least, law influences moral judgement.There is much dispute over which country McKinnon should be tried. In analysing legal issues inherent within the case study it is firstly assumed that only UK laws apply to this case.It is apparent within the case study that Gary McKinnon did not have authorization to access the US networks. Immediately this is in violation of the computer Misuse Act 1990, which states that an offence is committed if(a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer or to enable any such access to be secured (b) the access he intends to secure or to enable to be secured, is unauthorised and(c) he knows at the time when he causes the computer to perform the function that that is the case. (Computer Misuse Act 1990, 1990)Clearly McKinnon was in breach of the Computer Misuse Act 1990. The case study acknowledges that McKinnon does not have authorisation and that he intended to access data regarding the existence of UFO technology. The maximum sentence for unauthorised access without intent to commit further offences is 5 years in prison. A more in force(p) offence is committed when unauthorised access is gained with intent to impair, or with recklessness as to impairing, operation of computer, etc (Computer Misuse Act 1990, 1990) this holds a maximum incarceration of 10 years. It is unknown and very difficult to determine what the intention of Gary McKinnon was to date there is no evidence to suggest he intended to commit further crimes with the data he accessed. But claim ed from his United States prosecutors indicate that he did intent to cause damage as he left a message on machines stating I am SOLO. I will continue to disrupt at the highest levels. (Turton, 2009).There are additional legal issues with regards to defend data held on the network, and the professional requirements expected. It is indicated within the case that no personal information was accessed. This information is given by the US Military, which may be questioned as it would be to their advantage to deny that any personal information was accessed. The Data Protection Act (1998) dictates that the data controller must provide adequate security to protect personal information (Data Protection Act 1998, 1998).Failure to provide adequate security even though an chance is not an excuse as Cambridgeshire County Council most recently found out (du Preez, 2011). A member of staff lost a memory cohere by accident however the memory stick did not have encryption software installed as it should have when it contained sensitive data on it. Similarly the network administrators did not intend for McKinnon to access the network, yet they failed to provide security in the chance of this happeningAs McKinnon was able to access computer systems easily due to lax security, it is likely that the US and the network administrators would be in breach of this legislation.