Document Sample
Ethics Powered By Docstoc
					             CS 305
    Social, Ethical, and Legal
   Implications of Computing

          Chapter 3
WWW to Wireless Communication

            Herbert G. Mayer, PSU CS
                 status 7/18/2011
    Slides derived from prof. Wu-Chang Feng

    Spam
    Electronic Mail
    Why Spam?
    How Done?
    Spam and Ethics
    CAN Spam
    Class Exercise
    Solutions to Spam
    World-Wide Web
    Censorship
    Freedom of Expression

   SPAM? No: Spam! Spam is not an acronym
   Spam is unsolicited bulk information sent indiscriminately
   Possibly derived as a second meaning of derided product:
    Spam from Hormel Corp. known as SPiced hAM
   Spam is one of email’s not so desired side-effects
   SPIT is Spam over Internet Telephony
   In 2000 Spam accounted for 8% of all email
   In 2003 Spam accounted for 40% of all email
   In 2009 Spam accounted for 90% of all email
   In 2011 Spam is estimated to account for ~7 Trillion emails

Electronic Mail                                              outgoing
                                                        message queue
                                                          user mailbox
Three major components:
   user agents                               agent
   mail servers                      mail
   Simple Mail Transfer Protocol:                              agent
     SMTP                                     SMTP     mail
User Agent                                            server      user
   a.k.a. “mail reader”        SMTP                              agent

   composing, editing, reading
     mail messages                mail                          user
   e.g., Eudora, Outlook, elm,   server                        agent
     Mozilla Thunderbird
   outgoing, incoming messages                agent
     stored on server              user

 Electronic Mail: Mail Servers
Mail Servers
      mailbox contains incoming                   user
       messages for user
      message queue of outgoing         server
       (to be sent) mail messages
                                                   SMTP     mail
      e.g. sendmail, postfix,
                                                           server      user
                                        SMTP                          agent

SMTP protocol
      Between mail servers to send       mail                       user
       email messages                    server                     agent

      Mail servers are both clients
       and servers                                 agent
Electronic Mail: SMTP [RFC 821]

Uses Transmission Control Protocol (TCP) to reliably
  transfer message from client to server, port 25
      User agent to sending server (sometimes)
      Sending server to receiving server (always)

Command-Response interaction
      commands: composing, reading, sending, sending with
       acknowledgment, replying, replying to all …
      response: status code and phrase

Alice emails Bob
1) Alice uses UA to compose        4) SMTP client sends Alice’s
   message, “to”                      message over the TCP                 connection
2) Alice’s UA sends message        5) Bob’s mail server places
   to her mail server;                the message in Bob’s
   message placed in                  mailbox
   message queue
3) Client side of SMTP opens       6) Bob invokes his user agent
   TCP connection with Bob’s          to read message
   mail server                     7) More complex scenarios
                                      with ACK possible

       1                               mail
                                      server        user
       user       server
              2                                    agent
      agent         3                          6
                           4   7
 Spam Today
By mid 2011, the majority of all email received is unwanted
Unwanted email can mean
       Informative for our just interests, and thus be enjoyed
       A bother, since the subject is not of interest
       Some topics even can be strongly offensive

First level protection:
       Have tools to re-direct Span to junk mail boxes
       Error-prone, and place some good mail into junk boxes
       Happened to this instructor with this CS class’s homework

How do we achieve real protection?
       Through laws? Then they need enforcement
       By tools? They need to be strongly refined

Spam-ers will find ways around the tools, and the laws 
 Why Spam?
Let’s say I want to send an advertisement to 1,000,000
  “targeted” people

      To send by regular bulk mail, this will cost ~$200-300 k
      To send by email, it will cost ~$1 k, i.e. the cost to buy a list of
       email addresses from an Internet company
         email addresses harvested from web sites, mailing lists, chat
          rooms, and newsgroups, then sold to Spammers
      Dictionary attacks
         trying lots of plausible address combinations
         keeping the ones not bouncing back
         Thus putting added strain (bandwidth) to the network

How Done?
Run their own server farms for sending Spam
      Typically located off-shore
      Use ISPs that do not care about Spam
      Less effective now
         with proliferation of blacklists
         With efforts to shut down rogue ISPs

Locate open mail proxies and bounce Spam through them
      Less effective

Use networks of compromised machines (botnets)
      Single, most popular use for a botnet
      Monetization of botnet to send Spam drives malware effort
      Some steps taken to prevent (i.e. ISPs allowing direct port 25
       access only to their own mail servers)

How Done?
Definition: Phishing is fraudulent acquisition of
  sensitive (e.g. confidential) information thru internet
Phishing accounts
      Trick legitimate user to give up username/password
      Send as the user (reputation hijacking) to avoid blacklisting
       based on IP addresses

Creating bogus webmail accounts
      Rely on good reputation of popular webmail services such as
       Gmail and Yahoo! Mail, to avoid blacklisting based on IP

Spam and Ethics

Kantian evaluation of Spam
      Act guided by moral principles that can at the same time be
       used as base for a universal code of law
      Act so that you always treat both yourself and other people
       as ends in themselves; never purely as means to an end
      Scenario: Suppose I have a great new product that I wish to
       advertise. I send an unsolicited email to a large group of
       people knowing that only a tiny fraction is interested
      Is that ethical under Kant’s CI?
      Students discuss …

Spam and Ethics

Act Utilitarian evaluation of Spam
    An action is right (or wrong) to the extent that it increases
        (or decreases) the total happiness of the affected parties.
       Scenario: A product that costs $10 to make, is sold for $25,
        purchasers value at $30 (i.e. their derived happiness)
          100 million bulk messages sent costing those who receive it and
           are not interested
          As a result each of those has $0.01 of unhappiness (time wasted)
          10,000 customers purchase product and get full happiness
       Is that ethical under Act Utilitarianism?
       Students discuss … and compute amount of happiness

Spam and Ethics
Rule Utilitarian evaluation of Spam
    We should adopt moral rules which, if followed by everyone,
       will lead to greatest increase in overall happiness
      Scenario: Products being advertised, where only a small
       fraction of targets is known to be interested
What if 0nly 1% of all small businesses in the US email
  you 1 Spam advertisement per year?
      There are 24,000,000 small businesses in America
      1% => 240,000 emails per year
      240,000 / 365 = 657 emails per day for each person
      You are one of these persons! Do you feel happy about 657
       unwanted emails every day?
Is sending Spam ethical under Rule Utilitarianism?
     Students discuss … and compute happiness again!
Spam and Ethics
Social Contract Theory evaluation of Spam
    Morality is the set of rules, governing how people are
     to treat one another, that rational people will agree to
     accept, for their mutual benefit, on condition that others
     follow those rules as well
      Right to free speech as applied to mass communication
      Is sending Spam ethical under Social Contract Theory?
      Students discuss … also think of enforcement! And why
       we have Spam in our current society?

CAN Spam of 2003 Federal Law
Controlling Assault of Non-Solicited Pornography & Marketing
Largely unenforced
       Difficult, time-consuming, and resource intensive to track the
        sources of Spam
       Some successes
          Greco (2/2004), Goodin (1/2006)
          JumpStart (3/2006) $900k judgment
       But largely ignored
          Spam 75% of all messages in 2006, more AND larger percentage today
           in 2011
          0.27% of Spam was compliant

Divides email into 3 categories; Spam should adhere to guidelines
   of these 3 categories, to be:
       Transactional, commercial, unsolicited

CAN Spam
      Sender and receiver have an established business or personal
      Header, sender, and organization must be correct
      Can’t disguise identity of the sender from which message was sent
      Commercial email messages to which user has consented to receive
      Same as above and must provide option to remove from list
         Mechanism to opt-out must include an Internet based method
         i.e. not an 800 number of the kind: “Your call is important to us!”
      Must contain the postal address of sender
      Must meet requirements of category 1 and 2 and:
      Must include clear and conspicuous evidence that the message is an
CAN Spam
Critics call this the “You can” Spam Act
       You get one free shot at a user’s Inbox
       Does not prevent sending of Spam, but forces such messages into
        complying with defined rules
Unsolicited messages must comply with all 3 types of rules
       Unsubscribe compliance
          Visible, operable opt-out (unsubscribe) mechanism for all types of
           messages with requests honored within 10 days
       Content compliance
          Accurate “From:” lines with relevant “Subject:” lines
          Legitimate physical address of publisher/advertiser
          If applicable, a label is present for adult content
       Sending behavior compliance
          No sending through open relays –i.e. server that blindly pass on/through
           email messages
          No sending via harvested email
          No deceiving, false headers

CAN Spam
      Religious messages
      Political messages
      Content that complies with lawful marketing mechanisms
      National security messages
      Transactional or relationship messages from companies to
       existing customers
Overrides state law
      Rushed passage to supercede a tougher California law
Prohibits recipients from suing senders directly!!
      Misdemeanor to send with falsified header

 CAN Spam
Problems with the “opt out” provision in CAN Spam?
      For illegal email sender, your opting out means they know you
       exist; so they can and will send you more email
      May unsubscribe you, and send Spam from a different entity!
         Time provisions on length of unsubscription
         Allowable delay in unsubscription
         Create many LLCs to keep user receiving Spam??
      What about a legitimate company? Is there a potential
       problem with opting out?
         Can they then sell your email address to another company?
         Is your email address your possession or theirs to use?
      What about non-US Spammers?

Class Exercise
    How do you suggest to solve the problem of Spam in an ethical
    Students propose a practical, legal method of curbing
     Spam, in a way that the Internet remains usable!
    Discuss Pros
    Discuss Cons
    Enforceable?
    Would this be an improvement over current situation?

Solutions to Spam
    Require explicit opt-in to email lists
    Require labeling of email advertising, e.g. “AAA subscription”
     in the subject line
    Add a cost to every email that is sent
    Ban all unsolicited email
    1991 – Telephone consumer protection act, included a
     provision against junk faxes
    Provide fast method of unsubscribing: not 10 days!
    Problems?

Ethics & World-Wide Web

World-Wide Web
Invented by Timothy Berners-Lee
       Proposed 1989
       Co-invented with Robert Cailliau
       Ref:

Hypertext system that is
       Decentralized
       Uniquely addressable (via URLs)
       Ubiquitous, internet based
       E-commerce
       Social networks
       Content creation (wikis, blogs)
       News, Advertise
       Distance learning
       Pay taxes, Gamble, …
 WWW & Censorship
Should the Internet be filtered/censored?
    In our times, access to the internet is tightly controlled in some
        countries: e.g. North Korea, Cuba, China, Myanmar
       In others the content is tightly controlled, e.g.:
          Saudi Arabia (centralized control center in Riyadh blocks pornography,
           gambling, and sites offensive to Islam, government, royal family)
          China’s Great Firewall (human censors who perform similar functions)
       Special interesting cases of censorship:
          Germany:
             » Bans neo-Nazi web sites
             » Bans message denying Holocaust; denial illegal in 16 EU countries
          USA:
             » Controls pornography (Children’s Internet Protection Act)

Censorship During History
Direct censorship
       Since the 4th century, the Catholic Church banned the reading and
        possession of certain books
          List of books named “Index Librorum Prohibitorum”
          List officially maintained by the Vatican, later by those cardinals who were
           the official institution of the “Inquisition”
          Maintained until the mid 20th century (NOT a typo!!)
       State execution, Church control, University responsibility for
        enforcing the “Index”
          Catholic church did not have the executive arm to enforce that all the
           books on “Index” be collected and burnt
          Was the duty of catholic states, delegated generally to the universities
          Last issue of “Index” was in the 1960s! Seriously, the 20th century!
          Today the church has no such official list

Autocratic states like Saudi Arabia, Myanmar, etc. today maintain
   similar prohibited lists not of books, but of select Internet sites

Direct censorship
      Government monopolization enables censorship
         Government controls all means of communication
         e.g. Soviet television stations, radio, etc.
         Hard to do with Internet; but being attempted!
      Prepublication review
         Sensitive classified documents must go through process to become
          declassified and publishable
      Licensing and registration
         Controlling who gets access (i.e. television stations being grant ed
          electromagnetic spectrum in exchange for something)
         Note that “selling frequencies” is a huge source of tax/income potential

Self censorship
      Suppressing information as a means to an end
         CNN suppressed negative government info in Iraq to retain office in
      Voluntary rating systems so users can avoid certain content
      What is “voluntary?”

Practical Censorship Issues
Many-to-many communication
          Prevents governments from controlling the content
          Gutenberg’s invention of the printing press raised the difficulty of controlling
           books considerably (printing was known in China before Gutenberg)
          New web sites and content continuously published
          New site-names created and deleted constantly
          Millions of sites, numerous pieces of information, mirror sites
          See WikiLeaks Department of State content: ¼ million files for one event
          Limited authority for any government to restrict activities around the world
          Many countries have server farms; impossible to shut all down!
          Difficult to distinguish children from adults, criminals from bona-fide users

Censorship & Ethics
Where does censorship leave “freedom of expression”?
      Kant
         Censorship is clearly a backwards step
         Prevents people from getting information they need to make their
          own decisions
      John Stuart Mill, 1806 – 1873, British philosopher:
         None of us is infallible and knows the whole truth. Censorship
          may be silencing the voice of truth
         Majority opinion is not necessarily/usually/ever/always the whole
          truth. Must allow others to express their opinions to get a better
          sense of what is the truth
         Majority opinion must be tested and validated. Otherwise it is
         Tested opinions using free and open discourse has a vital effect
          on character and conduct

Censorship & Ethics
Is censorship of books, films, internet, posters practiced
   in the USA?
Aside from limiting a) pornography from internet sites
   and b) offensive language and c0 libel, there seems to
   be no censorship; see freedom of expression below!

Freedom of Expression
Mill’s Principle of Harm
      The only ground on which intervention is justified is to
       prevent harm to others; the individual’s own good is not a
       sufficient condition
         Students: How does this apply to drug users who destroy
         Or how to people wanting to commit suicide?
      What ethical framework does Mill’s principle follow?
      Explains positions of most western democratic governments
       with regard to pornography
         Adults viewing hurt mostly themselves by doing so as opposed
          to others
         Note exception for children

Freedom of Expression in US
Not an absolute right in eyes of the US Supreme Court
      See Supreme Court Justice Clarence Thomas’ dissentions

Right is balanced against the public good
      Abuse of such freedom in order to harm the public may be
      Libel, reckless or calculated lies, slander, misrepresentation,
       perjury, false advertising, obscenity and profanity, solicitation
       of crime, and personal abuse
      Example: Cigarette advertising on television
         How many cigarette ads have you seen recently?
         Ethical argument for why it should not be allowed:
         Opinons?

FCC v. Pacifica Foundation
Radio broadcast of George Carlin performance “Filthy
  Words” in 1973
      Preceded by warning of sensitive language

A man had heard “filthy words” on car radio while
  driving with his young son; he complained to FCC
FCC informed Pacifica Foundation: further complaints
  would lead to sanctions
Pacifica sued FCC, and won: Supreme Court 1978 in a 5
  to 4: FCC did not violate the First Amendment!

FCC vs. Pacifica Foundation
Broadcast media is uniquely pervasive
      Indecent material broadcast into privacy of homes
      People can turn it on-off at any time, making the warning
      Damage is done as soon as it is heard (can not undo its harm
       by turning it off after the fact)
Uniquely accessible to children
      Can restrict access in bookstores and movie theaters
      Time of day is an important consideration, however, for
       broadcast radio/television
Students debate and exercise: Ethical analysis!
      Kant’s CI, Act U., Rule U., Social Contract

Censorship and Children
Child Internet Protection Act (CIPA)
      Government requirement for installing anti-pornography
       filters before receiving federal funds for Internet access
         Argument for: Libraries do already abstain from offering X-rated
          magazines or movies
         So they should not be obliged to filter Internet pornography
         Argument against: Filters are inaccurate and inconvenient. They
          restrict freedom of speech from some web publishers
      Upheld by U.S. Supreme Court in 2003
         It is not the role and function of libraries to provide a public
          forum for free speech; can be exercised elsewhere

 Is CIPA Ethical?
Kantian evaluation of protecting children from harm using filters
       Assumption is that some non-pornographic web pages are filtered
       Filters treat creators of non-offensive, blocked pages as a means to the
        end for restricting children’s access to pornographic materials

Act utilitarian evaluation
       Up to each of us
       Enacting CIPA results in fewer children being exposed
       Some legitimate sites will be filtered accidentally
       Stigma, discomfort for legitimate users getting sites unfiltered

Social contract theory evaluation
       Private viewing of pornography does not make social living impossible
       Public libraries offer arguments on both sides (assumption is that filters
        block some useful sites)

Catch Chat-Room Predators
Police sting operations to lure pedophiles
       Ethical?
       Kantian analysis
          Is the will leading to the action OK?
          Yes and no
              » Overall goal is good; but that is not of prime interest to CI
              » Deceptiveness to do so is always wrong to a Kantian!
       Utilitarian analysis
          Result is public benefit (OK to harm one pedophile so society benefits)
          Publicity may deter other pedophiles
          Impact on chat rooms as an effective medium for communication if one
           knows one is being “watched”?
       Social contract theory analysis
          Misrepresentation by pedophile should be punished
          Police are also misrepresenting themselves
          Not a clear cut argument 

Suppose 99% of all email from country X is Spam
Discuss the ethics behind blacklisting all email from
  country X:
      Kantian
      Act Utilitarianism
      Rule Utilitarianism
      Social Contract

Definition MMORPG: Massively Multiplayer Online Role-
  Playing Game
Discuss the ethics behind rule in China mandating a
  time-limit for playing MMORPGs. Is this law moral?
  What would the judgment depend upon?
      Kantian
      Act Utilitarianism
      Rule Utilitarianism
      Social contract theory


Discuss the ethics of posting photos on-line without the
  permission of those who appear in them
      Are there situations when it would be unethical? If so, what
       are they?
      Kantian
      Act Utilitarianism
      Rule Utilitarianism
      Social contract theory

 Spam:
 Mill’s utilitarianism:
 Clarence Thomas supreme court dissentions:
 Phishing at Microsoft:
 Phishtank:
 Index of Prohibited books:
 Holocaust denial:

Shared By: