10. The Boundaries of Cybersecurity: Ethics, Rights, and Laws 289 some mechanism that would allow messages that were encrypted by them to be decrypted by law enforcement under the proper legal authority. Many cyber experts argue that trying to create a backdoor that can only be used by people with the proper legal authority is a fool’s errand and dangerous. Either cryptography is strong and protects us all equally (i.e., the good and bad guys alike), or cryptography is weak and we all forfeit the assurance of genuine cryptographic privacy. Figure 10.3 Export-controlled munitions shirt from the crypto wars. Civil disobedience is morally justifiable if it is done in the right way. Most forms of hacktivism are forms of vigilante justice (i.e., taking the law into one’s own hands) and not civil disobedience. Cybersecurity professionals must understand the legal and ethical implications of their actions. 10.5 Conclusion To protect the reputation and advance the profession of cybersecurity, it is vital that ethical hackers and cybersecurity professionals behave ethically at all times, respect the rights of all citizens, and obey all applicable laws and legal authorities. Applying multiple ethical paradigms and the veil of ignorance principle can help ethical hackers proceed with moral clarity when confronted with ethical gray areas. The United States Constitution is the basis for our system of government and the foundation for our freedoms and rights, such as the rights to due process and privacy. Federal and state statutes, the United States Constitution and international laws define the legal boundaries of cyberspace activities, including cyber warfare.
RkJQdWJsaXNoZXIy MTM4ODY=