10. The Boundaries of Cybersecurity: Ethics, Rights, and Laws 287 the law has not kept up with technology, that are unethical and should be illegal, but laws have yet to be passed to make them illegal. An example of this is cyberbullying, or more formally, harassment through cyberspace, which is unethical but was not illegal in most states until the 2000s. The last category is the combination of ethical-illegal (the bottom-left square). This category should be rare in the United States because laws are passed only after a careful, deliberate, and democratic process. How could a law be passed to make an ethical behavior illegal? This would make the law unjust. Segregation laws are an example of unethical laws because they enforced divisions and discriminated against people based on skin color. Defying these restrictions was ethical but illegal. Ethical but illegal activities like defying segregation laws are candidates for civil disobedience. Civil disobedience is refusing to obey a law, or actively disobeying a law, as an act of protest based on the belief that the law is unjust. In order for an illegal action to qualify as civil disobedience, it must be non-violent and morally justifiable, and the actor must submit to the authorities for punishment. Rosa Parks is an example of a person that committed civil disobedience when she was arrested in Montgomery, Alabama, on December 1, 1955, for refusing to obey bus segregation laws. The Montgomery City Code Chapter 6 Section 11 read, “...it shall be unlawful for any passenger to refuse or fail to take a seat among those assigned to the race to which he belongs…” See Figure 10.2 for the police report that was written after Parks knowingly violated this ordinance and was arrested. Does hacktivism (see Chapter 3) qualify as civil disobedience? Some hacktivists help to keep the identity of political dissidents anonymous—this may be considered a form of civil disobedience. Other hacktivists expose corrupt leaders by linking them to illegal activities. This is a gray area because it ignores the rights of the accused and borders on vigilante justice. Vigilante justice is when individuals without the proper authority attempt to enforce the law. Vigilante justice is illegal and unethical, and hacktivists have themselves been arrested for trying to take the law into their own hands by hacking to expose evidence of crimes. The crypto wars of the 1980s and 1990s provide a good illustration of civil disobedience in the domain of cybersecurity. During this era, strong computer encryption was considered a military munition and protected from export under the United States International Traffic in Arms Regulations (ITAR). Therefore, exporting computer cryptography was illegal. While it may sound strange to group computer encryption with military-grade weapons like missiles and machine guns, up to this point in history, strong encryption was considered a military advantage that needed to be protected from falling into enemy hands. But once cryptographic algorithms were implemented in software and could be run on any computer, the idea of trying to keep cryptography contained was considered ludicrous by many. Effectively, the ITAR made posting encryption algorithms on a com-
RkJQdWJsaXNoZXIy MTM4ODY=