Responsibility and accountability in an uncontrolled environment.
I recently had an interesting, if disheartening, e-mail discussion about freedom and responsibility. Details have been expunged to prevent an unfortunate termination of employment. The following is a slightly edited version of that correspondence.
* * *
Dear "Bobg:" [Name modified to protect the guilty]
Message text written by bobg@big_name_corp.com [errors are yours]:
-Seems to me the recent blowup with the Napster thing evidences the fact that the music industry is attempting to shift their responsibility for prototecting their data from malicious attack or theft from their corporate selves onto third parties.
If you have data and wnat to protect it, do so. if you don't then it is in the realm of freely available data. if i can access it and use it, that is not my fault. you did not protect yourself. put you prized possessions in a condom or live with the risk. the Internet must reamin an anarchistic, free-flowing uncontrolled environment. Bob G.-
* * *
How do you apply your principles to your own correspondence and to your own privacy?
How about this: I'll quote you verbatim in an upcoming column, complete with misspellings and erratic punctuation. And unless you are forging your e-mail headers, you appear to be working for Big_Name Corporation (at least for now).
So in line with being an anarchistic, free-flowing uncontrolled environment, I can publish your name, e-mail address and title when I republish your letter. I can forward your message to your employer -- the public relations department will love it -- as evidence of your degree of professionalism, ability to think logically, and skill in writing English.
In addition, if I take your advice, I suppose I could construct an equivalent claim (but cleaned up a bit) for you to consider:
-Seems to me the recent blowup with the publishing of private correspondence evidences the fact that individuals are attempting to shift their responsibility for protecting their private letters from malicious publication from themselves onto third parties.
If you have private comments and want to protect them, do so. If you don't, then they are in the realm of freely available data. If I can access and use them, that is not my fault. You did not protect yourself. Put your prized possessions in a condom or live with the risk. Internet e-mail must remain an anarchistic, free-flowing uncontrolled environment.-
So I guess you'll agree that if I abuse you by violating your copyright on your own writing, it's your own fault for writing to me. And if thieves steal gasoline, it's the victim's fault for not having better security. And if a torturer harms children, it's their parents' fault for not protecting them. And if, in general, bad people do bad things to others, it's entirely their victims' fault for not being able to prevent those harms.
As for the anarchistic, free-flowing uncontrolled environment, it would be interesting to hear from you why you make that assertion about TCP/IP-connected networks but not about, say, modem-mediated linkups, telephone conversations, letter writing, or face-to-face interactions. Why the special treatment for a particular communications technology? What is so special about a particular communications protocol that forces the implication that we ought to discard normal expectations for civility?
And why not extend your arbitrary rules about breaking down rules of courtesy and honesty when using the Internet to the use of particular languages? For example, how do you defend "the Internet must remain an anarchistic, free-flowing uncontrolled environment" without also supporting the view that "the use of French must remain an anarchistic, free-flowing uncontrolled environment?" Under this extension of your principle, I can hit you over the head with a mallet (assuming I can reach you and you can't defend yourself) as long as I cry, "Merde, esp�ce de cr�tin!" but not if I say the same thing in English.
* * *
The originator of this message wrote back with the following comments:
-Message text written by bobg@big_name_corp.com:
-oopsie . . . i put my foot in it, eh . . . opened the can and jumped in with the worms . . . argh . . . your points are valid . . . however, using my name and company puts me at risk and i don't need that hassle . . . you make the point rather succinctly . . . the dialog does show both sides of the issue . . . if you feel you must ruin or at least jeopardize my career, so be it . . . use this as a column but PLEASE leave my real name and employer out of it . . . i will leave the issue there and ponder my further response . . .-
* * *
So much for the anarchistic, free-flowing uncontrolled environment of the Internet.
Mich Kabay is Associate Professor of Computer Information Systems at Norwich University in Northfield, VT. He can be reached by e-mail at < [email protected] >. He invites inquiries about a wide range of information security courses and INFOSEC consulting services that he and his colleagues would be delighted to deliver to your employees at your site and at your convenience. Copyright 2001 M. E. Kabay. All rights reserved.