INVITATION TO CYBERSECURITY 260 fits. In this framing of the utilitarian analysis, Bob should not tell the president that he listened to the call because it would do more harm than good. 10.1.1.3 Social Contract Theory “The social pact, far from destroying natural equality, substitutes, on the contrary, a moral and lawful equality for whatever physical inequality that nature may have imposed on mankind; so that however unequal in strength and intelligence, men become equal by covenant and by right.” - Jean-Jacques Rousseau Social contract theory emphasizes the preservation of basic human rights. For a social contract analysis, it is important to identify the commonly held rights of the society. Ethical decisions can be based on the standards that prevail in the society, and a decision can be judged to be unethical if it violates any mutually understood rights. Rights in the United States are explored at length in the next section. For Bob’s ethical dilemma, does the decision to tell or not tell violate the rights of any of the affected parties? Because the president is responsible for the organization, and he hired Bob to perform certain duties, most people would agree that he has a basic right to the information that Bob gleaned during the pentest. This includes, minimally, the right to know that VOIP calls are not encrypted—a highly relevant penetration test finding. Therefore, Bob should disclose this vulnerability. This would not necessarily mean that Bob would need to confess that he listened to the president’s phone call, but there would be a temptation to hide this finding to avoid bringing up the question. The president also has a right to privacy. He clearly assumed that his phone call with his wife was a private conversation, and his privacy was violated by Bob (even if unintentionally). It is not clear that Bob has any relevant rights at stake in his decision to tell, so none of his rights would be violated either way. Therefore, from a social contract perspective, the president has a right to know and Bob should tell him what happened. 10.1.1.4 Kantian Ethics “Act in such a way that you treat humanity, whether in your own person or in the person of any other, never merely as a means to an end, but always at the same time as an end.” - Immanuel Kant Kantian ethics emphasizes the motivations behind actions. Kant wrote that people have a fundamental duty to never use others in accomplishing their objectives. This is the opposite of the well-known Machiavellian maxim, “The ends justify the means.” To Kant, even if the ends are noble, there is a moral obligation to treat all people with dignity at all times, regardless of any extenuating circumstance. People are good at coming up with exceptions to justify actions that bend or break moral codes, but Kantian ethics says that exceptions should not be taken into account. People should act in the way they wish everybody else would act in the same circumstance.
RkJQdWJsaXNoZXIy MTM4ODY=