logo

Unit 6 Surveillance and security

Learning outcomes

By the end of this unit you should:

  • be aware of the ethical trade-offs related to surveillance and security
  • understand the key concepts
  • have considered a taxonomy of ethical frameworks
  • participated in a variety of debates regarding surveillance and security
Rubik

Activity 1: Starter quiz

Work alone. Create a mindmap for the topic or topics set by your tutor.

Within the mindmap use cf. (Latin: confer or conferatur, English: compare) to show concepts that may be compared. For example, when considering a financial investment one criterion is reward. Low risk investments tend to have lower rewards while high risk investments have higher rewards. Thus, a mindmap on investments could show: reward cf. risk.

Potential topics include:

  1. data privancy
  2. information property
  3. digital divide
  4. algorithmic bias
  5. surveillance and security
  6. ethical frameworks
Assessment criteria
  1. Organisation, e.g. concepts grouped appropriately
  2. Evidence-based, e.g. examples
  3. Precision of terminology
  4. Counter argumentation, e.g. critical analysis, shown through X cf. Y.
placeholder

Activity 2: Introduction to surveillance and security

Work in pairs and discuss the content of this slideshow.

Activity 3: Taxonomy of ethical frameworks

Read this table. Work in pairs or threes. Discuss any unknown concepts. Make use of the internet to look up any concepts that you are not familiar with. Share your findings with your partners.

Normative ethics is a subfield of ethics that focuses on how people ought to behave, or what actions are morally right or wrong. Unlike meta-ethics, which explores the nature and meaning of moral concepts, or applied ethics, which deals with ethical questions in specific contexts (e.g., medical or business ethics), normative ethics aims to develop a general framework for evaluating actions, intentions, and moral principles. Applied ethics is another subfield of ethics that deals with specific ethical issues that arise in various areas of human life, such as medicine; applied ethics aims to resolve particular ethical dilemmas by applying ethical theories and principles to real-world situations.

Normative ethics Meta-ethics Applied ethics
Deontological ethics Cognitivism Medical ethics
Virtue ethics Non-cognitivism Business ethics
Rights-based ethics Environmental ethics
Care ethics Bioethics
Consequentialism Legal ethics
Teleological ethics

Activity 4: Surveillance and security - terminology

Read these definitions of terminology related to the digital divide.

  1. Ethical hacking:
    • Examining the role and significance of ethical hackers in securing information systems.
    • Discussing the ethical boundaries and responsibilities of ethical hackers.
  2. Unethical hacking:
    • Analyzing the motivations and justifications (if any) behind unethical hacking.
    • Exploring the societal and individual impacts of unethical hacking.
  3. Legal framework:
    • Delving into the legal frameworks surrounding hacking, both ethical (e.g., penetration testing) and unethical.
    • Comparing different countries' legal approaches to hacking.
  4. Education and awareness:
    • Evaluating the role of education in promoting ethical hacking and discouraging unethical hacking.
    • Discussing the importance of public awareness campaigns regarding safe online practices.
  5. Privacy and surveillance:
    • Examining the ethical implications of hacking in the context of privacy and surveillance.
    • Assessing the balance between security and privacy in cybersecurity efforts.
  6. Corporate responsibility:
    • Investigating the responsibility of corporations in protecting against hacking.
    • Discussing the ethical obligations companies have in reporting and addressing hacking incidents.
  7. Hacktivism:
    • Exploring the phenomenon of hacktivism and its ethical implications.
    • Analyzing notable hacktivist movements and their impact on public discourse and policy.
  8. Future of hacking:
    • Speculating on the evolving nature of hacking and its ethical implications.
    • Discussing the potential future legal and ethical challenges posed by advancements in hacking techniques.
  9. Policy and regulation:
    • Assessing existing policies and regulations surrounding hacking.
    • Proposing new policies or amendments to address the evolving nature of hacking.
placeholder

Activity 5: Discussion

Work in groups. Discuss one or more of the following ethical trade-off.

Privacy vs. Safety

The most obvious trade-off is between individual privacy and collective safety. Enhanced surveillance measures, like closed-circuit television (CCTV) cameras or data mining of online activity, can deter crime and terrorism. However, these methods often come at the cost of individual privacy.

Consent vs. Coercion

In democratic societies, any form of surveillance usually requires some level of public consent or legal justification. But the line can blur quickly, especially if the public is not adequately informed or if consent is assumed rather than explicitly given.

Transparency vs. Secrecy

While transparency about surveillance methods can build public trust, it can also provide potential wrongdoers with insights into how to evade such surveillance, thereby compromising security objectives.

Equality vs. Profiling

Surveillance tools can be used to profile specific groups based on ethnicity, religion, or other factors. While such profiling might be argued to be "effective" from a security perspective, it is generally considered ethically problematic, perpetuating stereotypes and possibly leading to unjust discrimination.

Short-term Gains vs. Long-term Consequences

Immediate security threats may warrant temporary surveillance measures, but these can set a precedent for long-term policies. This "slippery slope" can lead to a state of perpetual surveillance, which may be difficult to roll back even after the immediate threat has passed.

Autonomy vs. Control

Surveillance can limit an individual's freedom to act autonomously. Knowing one is being watched can lead to self-censorship and a more conformist society, which might stifle innovation and social progress.

Data Security vs. Vulnerability

Collecting and storing more data can make that data a target for malicious actors. Even if the original intent of data collection is security, the data storage facilities themselves must be secure to prevent breaches that could compromise personal information.

Activity 6: Scenarios

Work in groups. Discuss each scenario in turn.

Linus, a software developer in a financial tech firm, stumbled upon a hidden line of code within the company's core software. The code allowed external access to sensitive customer data without any permission checks. Realizing the severity of what he'd discovered, he immediately alerted his supervisor, Youssef. An internal investigation was launched, and it turned out that one of the founding engineers had embedded the code years ago before leaving the company.

During a quarterly review, Cherno, the CTO of a healthcare organization, noticed a peculiar pattern of unauthorized data access. Someone had downloaded large sets of patient records, including sensitive information. An immediate forensic analysis led to the shocking discovery that an external IP address was behind this unauthorized access. The breach had exposed millions of patient records, and the company had to alert affected parties, offer free credit monitoring services, and face regulatory scrutiny.

Prerna worked in the HR department of a prestigious law firm. Over the years, she had grown increasingly frustrated with the unethical practices she witnessed. Finally, she had enough evidence—emails, recordings, and documents—that demonstrated the firm was actively involved in tax evasion and bribery. Feeling conflicted about her loyalty to the company and her ethical responsibility, Prerna decided to leak the information anonymously to the media.

Jimmy had always been a curious and ethically questionable employee at the marketing firm where he worked. Frustrated by the lack of progress in his career and feeling underappreciated, he decided to take matters into his own hands. Using his administrative privileges, he accessed confidential client strategies and plans, and then sold them to a competitor. His betrayal went unnoticed for months, until the company lost a big account and began an internal review.

Sumaiya, a cybersecurity researcher, was accustomed to traversing the unindexed parts of the internet for her job. One day, she stumbled upon a marketplace that offered a range of illegal services, from hacking to counterfeit money. Most shockingly, she found a listing that offered access to government databases, complete with verified reviews. Realizing the potential national security implications, she collected evidence and alerted the authorities.



Review

Can you:

  1. describe the key debates within surveillance and secruity related to information ethics
  2. describe the different ethical frameworks in Activity 3

If you can not, make sure that you do before your next class.

Running count: 70 of 70 concepts covered so far.