Opinion: The Petraeus scandal and computer ethics
- 20 November, 2012 15:44
Last week Gen. David Petraeus, the director of the Central Intelligence Agency, resigned in response to what has turned out to be a much bigger scandal than it first appeared.
We've gone from a complaint to the FBI by one woman, Jill Kelley, over harassing anonymous email messages that were sent, it turned out, by another woman, Paula Broadwell (who was, of all things, Petraeus' biographer) that exposed the affair Petraeus had had with the latter and which has now embroiled another senior military man, Gen. John Allen, because of email sent to the first woman.
I was tempted to provide a some kind of business intelligence style interactive taxonomic diagram to explain all of this mess, but I simply haven't quite got my head around who's who yet.
The only plausible explanation for the behavior of these people is that they must have all recently escaped from an asylum (see CNN's article "Timeline of the Petraeus affair" along with a ridiculous number of sidebars slicing and dicing every aspect).
What is fascinating about this case is how the FBI examined messages in Kelley's account to find out who was harassing her, which led them to discover the emails between Kelley and Allen, and then how they proved the anonymous messages came from Broadwell.
The FBI relied on the Electronic Communications Privacy Act (ECPA) to legitimize its investigation and, according to the Electronic Frontier Foundation's posting "When Will our Email Betray Us? An Email Privacy Primer in Light of the Petraeus Saga," the bureau cross-referenced the IP addresses of Wi-Fi hotspots Broadwell had used while traveling "'against guest lists from other cities and hotels, looking for common names.' If Broadwell wanted to stay anonymous, a new email account combined with open Wi-Fi was not enough."
I recommend carefully reading the EFF article, which dissects a very complicated topic and clearly shows how incredibly weak our protections are from unwarranted government search of our private messaging.
Anyway, be all that as it may, I will refrain from dwelling any further on the sordid yet highly entertaining details other than to note that the whole reason all of these people got swept up into the scandal was due to two things: their unethical behavior and their use of email.
Curiously, ethical lapses and email often go hand in hand ... in fact, unethical behavior is commonplace in all forms of Internet communication for two reasons.
First, it's easy to do things that are unethical when you're dealing with a computer interface rather than a person. The lack of an empathetic human connection makes it easy to forget or ignore virtues such as politeness, honesty, generosity and fairness. Second, the medium is so new we have neither a sound social foundation for computer-mediated communication nor a system of education that has yet managed to construct such a thing.
This brings me to the whole idea of computer ethics education. My old friend Winn Schwartau, who has also been known to pen a piece or two for this august organ, told me a story about how his wife, Sherra, who is also in the computer security business, was contacted by a woman looking for a computer ethics course.
The woman's seventh-grade son had got into trouble at school for hacking a shared computer and altering grades. Part of the punishment set by the school when they discovered what he'd done was to complete a computer ethics course. The problem was, the mother said, that she couldn't find such a thing.
Sherra talked to Winn and when they couldn't find anything like that either, they, in a paroxysm of creativity, decided to update a book Winn had created more than a decade ago titled "Internet & Computer Ethics for Kids (and Teachers and Parents without a Clue)." Back in 2001, with help of corporate sponsors, Winn distributed something like 125,000 copies of that book.
Now Winn's thinking has become somewhat more ambitious: He wants to give away 1 million copies of the new book!
The new version, "Cyber Safety and Ethics and Stuff (for Kids, Teens, Parents and Teachers)" is being launched on Kickstarter and will be "a high quality, full color, glossy, easy to read and share book, designed to help kids, families and schools, churches and youth groups, learn about the challenges of online security, safety and privacy."
I think this is a great idea. The issues of ethical behavior when using a computer are misunderstood by most people, even those inside the computer industry.
Winn's new book will cover all of the hot button issues of online safety and ethics, including hacking, sexting, bullying, theft, privacy, pornography, scams and phishing, plagiarism and safety but, and here's the interesting angle, it will not be prescriptive.
A key concept behind the book is to ask questions that make readers think about the various topics, provide insight into the issues involved, and then let them draw their own conclusions. I think this is a great idea because, while a few of the topics have simple right or wrong or yes or no answers, the majority are situationally dependent and hard and fast rules won't really answer the question. Understanding the background and dimensions of issues will make it possible for readers who haven't run up against these situations to figure out what the ethical issues are.
Winn's Kickstarter project is looking for initial funding of $60,000 to be pledged by Wednesday, Jan. 2, at 9:02 a.m. PST, which will be used to "fulfill all [backers] rewards and get copies to every member of Congress, every State education director, leaders in Washington, key media and online groups that support kid and family cyber safety."
To be able to give away a "quantity to every school district in the US" will require roughly 1 million copies total, Winn says, and will require something on the order of $4 million, and I think the payoff would be fantastic. At the very least, we'd get some level of national dialogue hopefully involving politicians and policy-makers and start to build a foundation for a more informed, ethical and mature approach to our society's use of computers.
So, check out Winn's Kickstarter pitch, see whether you think this will make an impact, and, if you decide it will, back the project!
Just think, if this book had been published a year ago and had gotten into the hands of government officials, perhaps Petraeus would still be running the CIA.
Gibbs hopes this was ethically persuasive ... Your judgment to firstname.lastname@example.org and follow him on Twitter and App.net (@quistuipater) and on Facebook (quistuipater).
Read more about wide area network in Network World's Wide Area Network section.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
Ruggedized scientific calculator perfect for extreme math
How to Switch From iPhone 5S to BlackBerry Z30 (and Why)
How to Switch From iPhone 5S to BlackBerry Z30 (and Why)
CIOs to Become In-House Brokers -- and That's a Good Thing
The future of computing
Top 20 Critical Security Controls - Compliance Guide
Simply being compliant is not enough to mitigate attacks and protect critical information. Organizations can reduce chances of compromise by shifting away from a compliance-driven approach. This guide provides the Top 20 Critical Security Controls (CSCs) developed by the SANS Institute to address the need for a risk-based approach to security.
Rebranded Quadmark revamps its IT solutions with Google Apps
The Singapore office was using Exchange as its email server but encountered various issues such as storage capacity limitations and difficulty in managing spam. Adding new users to the server was also a hassle that often required a third party vendor, resulting in a waste of time and resources. Quadmark also experienced email performance issues that slowed down their employees’ response time, leading to frustration among staff and clients. Quadmark’s management felt that it was unacceptable to continue it’s current solution and thus decided to streamline its IT infrastructure alongside its rebranding plans. The business wanted a unified and consolidated email service for its various offices. Quadmark also wanted to be able to house files and documents on the cloud.
5 Best practices to make security everyone’s business
Employees are one of your greatest risks to information security. We share five proven techniques to strengthen your security strategy and protect your business.