Hexa-Dimension Metric, Ethical Matrix, and Cybersecurity

Hexa-Dimension Metric, Ethical Matrix, and Cybersecurity

Wanbil William Lee (The Computer Ethics Society, Hong Kong & Wanbil and Asssociates, Hong Kong)
Copyright: © 2021 |Pages: 17
DOI: 10.4018/978-1-7998-3479-3.ch030

Abstract

Exorbitant spending on cybersecurity continues; hacking proliferates and continues with the aftermath getting more and more damaging, yet data protection must helplessly continue. This is attributable to a vicious circle and culminates in something akin to a chronic disease, aptly called a “chronic problem of data protection.” The situation is complicated by a tripartite relationship, called the “Law-Security-Ethics Connection,” and exacerbated by a muddled view of the key concepts, notably ethics, privacy, and risk, which hinders a wholesome appreciation of the problem. Given the status quo, an ethics-based framework was perceived and developed aiming to lessen the incidence of hacking or make hacking exasperate to mitigate rather than eradicate because hacker-free cyberspace is unrealistic and impossible. This chapter aims to introduce a remedy successively through an exposition of the symptom and cause of the problem, clearing the muddle, and an illustration of the tools: Ethical Matrix and Hexa-Dimension Metric using the Octopus Saga.
Chapter Preview
Top

Background

Data Generation/Consumption/Protection – A Vicious Circle

Netizens can by means of the facilities provided by advanced interruptive technologies such as Big Data, Cloud Computing, IoT, AI and ML and so on conduct their daily activities more efficiently and effectively. These technologies enable integration of massive, scattered datasets, efficient interpretation of the integrated data, and speedier communication of the information. These facilities bring along obvious benefits and security threats on account of a huge amount of information being made available. As the cyber-world becomes a more transparent and open environment, netizens are better informed and able to innovate marketing, to accelerate business promotion, to enlarge data storage capacity and communication coverage, to increase retrieval facilities, and to improve transaction speed. At the same time, through that transparency loopholes in these new technologies where threats are bred provide opportunities for the cyber-miscreants to exploit and attack. However, as the clandestine activities that are brought to light, for example, the Snowden episode (South China Morning Post, 2013) and the Panama Papers leak (Wilson, 2016), the consequences can be beneficial to some people/organizations and adversary to others.

The better-informed are the consumers, the more information is demanded and supplied. Supplying more information improves profit and uses more technologies. Using more technologies makes more information available. Consumers are happier and demand more information. More information is supplied and mote technologies are used. The volume of information increases as more information is collected and generated. This culminates in a vicious circle.

Figure 1.

A conceptual graph of the circle and the phenomenon

978-1-7998-3479-3.ch030.f01

Key Terms in this Chapter

Privacy: Is not the same as being alone; it is about one’s “zone of inaccessibility” or “right to be left alone”. Intruding into that zone is a violation of privacy and ignoring that right is an act of bullying, both are subject criminal charges.

Vicious Circle: Depicts the phenomenon: The better-informed are the consumers, the more information is demanded and supplied. Supplying more information improves profit and uses more technologies. Using more technologies makes more information available. Consumers are happier and demand more information. More information is supplied and mote technologies are used. The volume of information increases as more information is collected and generated.

Ethics: Is simply put about right and wrong. But it is more than that. Deontic ethics is about duty-based actions taken according to principles of duty and rights; utilitarian ethics is on result-based action taken consistent with the consequence and utility doctrines. Judging an action being ethical may refer the gold rule, categorical imperative, virtue ethics, etc.

Ethics-Based Remedy: Aims at mitigation rather than eradication and comprises the following: take ethics seriously, have a sound understanding of the applicable theories of ethics and be adept to linking actions to these theories, adapt to a shift of view of risk and ethics, carry out ethical analysis and be adept to applying the ethical computing tools that include ethical matrix and hexa-dimension metric.

Ethical Matrix: Is a tool for ethical analysis adapted from Food and Agriculture to the IT context. The columns of the matrix correspond to values held by stakeholders with respect to ethical principles, and the rows correspond to the stakeholders or interest groups. The number of columns and rows varies as required. The cells contain the concerns of the stakeholders (the main criterion that should be met) with respect to the value held (by the stakeholders) or a particular ethical principle.

Ethical Analysis: Is about considering the competing factors when making ethical decisions because, at any one time, our behaviour may be affected by these factors which may be physiological, legal and spiritual. In common practice are three approaches: legal, formal or informal guidelines, and four principles: harm minimization, deontological (rights and duties) and consequentialist (outcome of the action) principles and Kantian categorical imperative (consistency and respect). Tools and methodologies in use typically linear menu-driven list consisting of four or five steps. Ethical Matrix was introduced but not yet popular until lately (see the next item). In any case, the aim of analysis is to identify the stakeholders and the concerns arising as a consequence of an action with respect to some ethical principles that the stakeholders value.

Chronic Problem: Refers to the situation that we spend more (the big spending on cybersecurity), we lose more (still get hacked and the enormous aftermath of the cyberwars) but data protection has to go on.

Risk: Is more than is more than physical damages, financial losses, and criminal sanctions. Using the technologies in contradiction to ethical principles is a techno-ethical risk or ethical risk. There are also speculative risk (if the outcome of ethical actions will bring about gains and unethical actions will yield a loss), dynamic risk (if the chance of occurrence is associated with technological change or change in general including man-made change).

Hexa-Dimension Metric: Is a checklist to ensure that the important aspects (six) are taken into consideration in the decision process. The six principles/measures are financial viability, technical effectiveness, legal validity, ethical acceptance, social acceptability, and ecological sustainability.

Tripartite Link: Symbolizes the interrelationship among Ethics, Law and Security where security relies on trust; trust depends on privacy; and privacy is breached if law is not observed and if ethical principles are not followed.

Complete Chapter List

Search this Book:
Reset