Through this course, I have learned many new ways to approach ethics relating to topics in cybersecurity. For the majority of the topics we discussed, I was able to conceptualize new methods for analyzing important subjects. Though each case had its own unique and intriguing aspects, I engaged most with those involving Cyber conflict, Data Ethics, and Whistleblowing.

Discussing data ethics opened my eyes more to understanding how our data is used and
handled. Understanding Europe’s GDPR regulations and the protections they provide to its citizens was enlightening. I concluded that the United States should adopt and draft regulations like the GDPR using the theory of contrarianism. Analyzing “But the data is already public” by Michael Zimmer I was able to show how it is only fair for everyone that companies that handle data should do their best to disclose all
the ways a person’s data is being used and do their due diligence to conceal PII. It is also only fair that anyone who handles data does their best to prevent re-identification of datasets. This can include things such as “Terms of Service” agreements. It’s only fair for companies to create TOS agreements that are comprehensible to everyone. Shorter, more precise agreements with less verbose and technical wording are needed to ensure the public understands how data is handled. I was able to use Elizabeth Buchanan’s paper titled “Considering the ethics on big data research: A case of Twitter and ISIS/ISIL” to reach this conclusion.

The second case I found very enlightening was the whistleblowing case. Watching the Video “Collateral Murder” I was able to analyze the action of whistle-blowing through the lens of contrarianism. I analyzed whistleblowing with this ethical theory after reading “Whistleblowing and Rational Loyalty”. The paper helped me understand that even though we should have loyalty to our employers, this does have a limit if there is something morally wrong with their actions and the way they present themselves to the public. An employee’s loyalty should be to what the company represents, not to any specific supervisor. However, it is best that, if an employee has a grievance with the company’s actions, they take the proper steps within the company to resolve the issue. Reading “Care and Loyalty in the Workplace,” I was able to gain an understanding that protecting the public from intentional harm takes priority over loyalty to an employer. If a company is doing something strictly against its mission statement, they are being disloyal to public safety, and all proper channels within the organization have been exhausted, it is acceptable to have an external investigation into the ethical matters.

Last, I examined Cyber Conflict. Examining the ongoing Cyber warfare tactics used between Israel and Iran. The theory of Deontology shows us that we must act with morality before taking any action and that we should “act so that the maximum of your action can be willed as universal law”. When regarding cyber warfare, it is important to use it as a means to an end and to avoid harm to the public. With cyber attacks on critical infrastructure between Israel and Iran, attacks that do more harm than having a strategic purpose, we are only using cyber warfare to escalate. This can eventually lead to traditional warfare or possible lives lost through cyber-attacks. Using the paper “Can there be a just cyber war?” assisted me in this opinion. Also, after reading “An analysis of just cyber warfare”. In this paper, I learned more about target discrimination and non-combatant immunity. Acts of cyber conflict, like those in Israel and Iran, can not be considered a just war because it’s simply a means to escalate, which will eventually lead to traditional warfare or the loss of life by attacking infrastructure like hospitals and power grids. Cyber attacks and cyber conflict should be used only to avoid escalation and to protect the public from bloodshed.

This course overall gave me a new perspective on the importance of the ethical issues we face in the
cyber world.