Ethics And Computer Security Essay Research Paper

Ethics And Computer Security Essay, Research Paper

1. The Problem

In the recent discussion of the required specifications of our new computer security product, the issue of including backdoor in the product was brought up. This backdoor would allow anyone knowing this special password to access anything going on in the system and would also allow one possessing the password to read personal files and email of employees. While many thought this was a good idea, there were also many that disapproved of it. Those in favor of the “feature” say that it will allow system administrators and executives to better monitor network activity and their employee s productivity. Also noted was that about 15% of our corporate clients had requested this sort of feature. Those against the backdoor expressed privacy concerns, citing that reading email of company employees (which this feature would allow) is unjust and an invasion of privacy. Many also cited that having a backdoor could be a great security concern if the password were to fall into the wrong hands or if those who it has been entrusted to abuse its use. If this were to happen our company might be greatly blamed for any instances of “hacking” or attacks on our clients systems. This could damage our reputation as a reliable security products manufacturer.

2. Relevant Facts

There are many facts pertaining to this issue. First of all, the decision-maker in this situation is important. The purpose of this memorandum is to give the decision-maker an opportunity to make an informed decision. Apparently this will be a joint decision between our marketing manager and our software-engineering manager. The stakeholders involved this decision are actually a very wide and expansive group. Some of them include our own company (reputation-wise), the companies who use our software, the clients of those companies (consumers), and the employees of those companies. Some other facts to take into account are the dangers of having backdoors as mentioned above; the fact that this feature has been discreetly requested by some of our corporate customers (15%); the issues of privacy involved with reading company email, and also issues involved with private records held within the systems of some of our customers (i.e. medical records, DMV records, etc.).

3. Alternatives

There are a few alternatives that the decision-makers may want to take into account when making the decision of whether or not to include this feature. Perhaps the most apparent option is to not include this feature at all. While some companies may not like not having the option of a backdoor, we could send out a press release stating why we did not include this as a “feature” and affirming our company as a protector of privacy and our desire to lead the industry in producing responsible security software. This is likely to cause consumers to question the companies that hold information on them what security software they use and raise awareness in general. Another alternative is that our company could include this feature in our software product. This would appease our clients who have requested it.

Another possible alternative is to appease those who have requested this “feature” by offering two versions of the software, one with the feature and one without. Perhaps we could charge more money for the one that includes the feature. But at the very least this would give our clients a choice.

4. Relevant Models of Ethical Reasoning

There are several models or ethical reasoning that can be applied to this situation. The first of which is Rights Theory. If this feature were to be implemented in our software the rights of many people could be violated. The main right being violated in this case is privacy. With the records held within systems that rely on our security products, vast numbers of stakeholders rights could be violated.

Act-Utilitarianism also can be applied to this decision. While providing great utility for the people who wish to use this backdoor, the consequences for the other stakeholders are great. The net utility of this feature is very low because it violates a vast number of stakeholders rights. Kant s Duty Ethics can also be applied. It is hard to universalize this issue. Those who use the backdoor would most likely not approve of it if it were being used to monitor their productivity or read their personal email.

5. Evaluation of Alternatives

If our company were to include this feature in our software, I do not believe that it would fulfil any of the requirements of being a moral decision by applying the common theories. In trying to apply Act-Utilitarianism one must take into account the utility and disutility for each of the stakeholders. In the case of the corporation using our product, the utility may be great in their ability to better monitor and manage the productivity; however, there is also a great disutility because of the risks to security that this feature would cause. In the case of clients (consumers) of the company who uses our products there are some benefits to using the software but the costs of having their private information disseminated are far greater that the benefits. In the case of our own company, the costs far outweigh the benefits again. While the benefits may be that 15% of our clients will be happy that we included this feature, the costs of having our re