Steps in Ethical Case Analysis
Paper 3 involves both a paper and PowerPoint assignment. Using the given paper, add to the assignment using the given rubric. And then create a powerpoint. Read files for more context.
3rd Case Study assignment
Pick a case or subject from the list of case studies I have sent you.
Steps in Ethical Case Analysis
1. Get the facts straight. Review the case. Briefly recap the details of the case at the beginning of your paper.
2. Identify the central stakeholders in the case. Identify 6 stakeholders then narrow your analysis down to 3.
3. Identify the technical/professional problem in the case.
4. Identify the Ethical problem or problems in the case.
5. Solve the technical and ethical problems using both technical and Ethical standards. Analyze the case from 3 perspectives, 1st use standard ethical principles and use 1 ethical principle for each perspective. 2nd, In Addition you must now also apply 3 principles from the ACM code of ethics in your analysis. 1 principle should be applied for each of the 3 stakeholder perspectives you analyze. 1 principle should be applied for each of the 3 stakeholder perspectives you analyze. 3rd you need to apply 3 of the 5 rules for computing artifacts. This should be an Anticipatory Ethical analysis. 1 rule should be applied for each of the 3 stakeholder perspectives you picked in step 2. The 5 rules are located in a file in Blackboard.
6. Will your solution to the problem withstand criticism from the perspectives of both a variety of Ethical principles and Professionals in your field?
7. What recommendations can you make about the problems in the case based upon your ethical analysis?
When you construct your analysis be sure and remember that we are assigning a 4-6 page analysis. With this length limitation it is important to realize that you will probably only be able to look at the problems in the case from three stakeholder perspectives. If you try to analyze every stakeholder perspective you will probably exceed the length limitation.
Grading and Evaluation of Individual Papers
1. What are the objectives of the papers?
A.
i. To become sensitized to the ethical issues in Engineering and Information Technology.
ii. Learn how to analyze a case.
iii. Learn how to identify the major stakeholders in a case.
iv. Learn how to identify the technical problems in a case.
v. Learn how to identify the ethical problems in a case.
vi. Learn how to apply ethical principles to a case.
vii. Learn how to make recommendations in a case based upon ethical analysis.
B.
a. Critical thinking
i. Did you identify and focus on the crucial material and facts in the case?
ii. Did you support claims you make about the case with facts?
iii. Did you think about the case from a variety of stakeholder perspectives?
b. Ethical analysis
i. Did you identify the central Ethical problem(s)
ii. Did you conduct a well thought out ethical analysis by applying 3 ethical principles?
iii. Did you justify ethical judgments with accurate facts and ethical principles?
iv. Did you think about the case from a variety of ethical perspectives?
v. Did you base your analysis upon ethical principles that cannot be easily criticized?
How will your papers be assessed?
Evaluations of Papers (Percentages)
A. The Case Recap (.10)
i. Do you highlight the key points in the case?
a. Are the facts in the case accurate?
b. Did you focus on the crucial aspects of the case?
c. Did you avoid including non essential or superfluous information?
B. Stakeholders (.10)
i. Who are the primary and secondary stakeholders in the case?
ii. Did you clearly identify from which stakeholder perspective you are analyzing the material in the case?
a. From whose perspective are you analyzing the case?
C. What is the central technical problem? (.15)
i.. How is the central technical problem related to the ethical problems in the case?
D. What is/are the ethical problem/problems? (.15)
i. What ethical problems do you see in the case?
ii. What is the central ethical problem?
iii. Why is this the central ethical problem?
E. What ethical principles apply to the central ethical problem? (.10)
i. Do you correctly define the ethical principles you use?
ii. Have you correctly applied the ethical principles you use?
iii. Do the principles you use withstand obvious criticisms from other ethical perspectives?
F. What principles from the ACM code of ethics apply to the central ethical problem? (.10)
i. Do you correctly define the ethical principles you use?
ii. Have you correctly applied the ethical principles you use?
iii. Do the principles you use withstand obvious criticisms from other ethical perspectives?
.
G. What rules from The 5 Rules apply to the central ethical problem? (.10)
i. Do you correctly define the ethical principles you use?
ii. Have you correctly applied the ethical principles you use?
iii. Do the principles you use withstand obvious criticisms from other ethical perspectives?
H. What are your recommendations? (.20)
i. Are your recommendations based upon your ethical analysis?
ii. Do your recommendations link to your ethical analysis?
iii. Rather than stating the obvious ( e. g. this problem could have been easily solved if … ) what do you recommend for similar cases in the future?
,
2
SCENARIO 6-1: The "Olympic Games" Operation and the Stuxnet Worm
Kehinde Osunniran
Towson University
COSC 418
Professor Wilson
SCENARIO 6-1: The "Olympic Games" Operation and the Stuxnet Worm
The case discusses joint operation between the United States and Israel, codenamed Olympic Games, aimed at disrupting Iran's uranium enrichment program in 2006. The operation utilized a computer worm known as Stuxnet targeting industrial-controlled computers (ICCs) developed by Siemens Corporation and installed in Iran . The Stuxnet worm allegedly sent misleading data to computer monitors in Iran and caused centrifuges used for uranium enrichment to spin out of control . Approximately 1,000 centrifuges were destroyed, significantly impacting Iran's nuclear capabilities. Questions arose about whether Olympic Games' operation was justified breach of cybersecurity, whether it is wrong for sovereign nation-states to engage in such cyber intrusions, or if exceptions can be made for cyberwarfare. The absence of a formal declaration of war among the nations involved raises the question of whether imminent threats, like development of nuclear weapons by "rogue" nations, can justify cyber intrusions.
The central stakeholders in the case were the United States and Israel, who planned and executed the operation. Iran, the target nation, Siemens Corporation, the manufacturer of the targeted Industrial Control Computers (ICCs). The international community represented the global perspective and norms regarding cyber intrusions. Non-state hacking groups, like Anonymous, intervened against ISIS, and the general public was affected by these cyber intrusions' consequences. The analysis will focus on the United States government, the Israeli government, and the Iranian government. These three stakeholders were directly involved in the operation, and their actions and perspectives are central to ethical considerations surrounding cyber intrusions used to achieve national security objectives.
The technical/professional problem in the given case is developing and deploying the Stuxnet worm as part of the Olympic Games operation. The Stuxnet worm was designed to target industrial control computers (ICCs) developed by Siemens Corporation and installed in Iran's uranium enrichment facilities. The problem lies in the potential misuse or unintended consequences arising from such powerful tool.
The ethical problems surrounding cyber intrusions by sovereign nation-states, non-state actors, and the legitimacy of targeted entities are complex and require careful consideration. Sovereign nation cyber intrusions raise concerns about the moral permissibility of breaching cybersecurity without formal declaration of war is contentious. Non-state actors launching cyberattacks raise questions about the moral boundaries of individual or group actions in cyberspace. The non-recognition of rogue nations or unofficial states as legitimate entities can justify cyber intrusions but raise concerns about accountability, proportionality, and escalation.
To solve the case, we first consider from the perspective of sovereign nation-states. The utilitarian principle of pursuing the greater good for the greatest number can be invoked to justify their actions. Disrupting Iran's nuclear capability in light of potential "rogue" nations' threats could be seen as a consequentialist approach aimed at preventing harm on a larger scale. However, ethical principle of respect for privacy outlined in the ACM Code of Ethics should be considered. The Olympic Games operation breached and disrupted computer systems compromising privacy rights. Sovereign nation-states must consider the potential consequences and long-term effects of their actions. Their interventions should not undermine fundamental rights and escalate conflicts. Proportionality and necessity of cyber intrusions should first be carefully evaluated, especially when no formal declaration of war exists.
Next, we can consider the perspective of non-state actors from a deontological standpoint. The principle of respect for autonomy can be applied, emphasizing the importance of individual agency and decision-making. State-sponsored cyber intrusions can be justified on consequentialist grounds, but non-state actors’ actions, like Anonymous hacker groups, require evaluation (Wilson, n.d.). The ACM Code of Ethics principle of professional competence should be considered. Non-state actors may lack the necessary expertise and accountability mechanisms in legitimate state actions (Housen-Couriel, 2021). Although driven by desire to achieve a greater good, their actions may inadvertently cause unintended harm or escalate conflicts. Therefore, it is crucial to consider the potential risks and unintended consequences of legitimizing non-state actors' activities as they do not act officially on behalf of recognized nation-states.
Last, we can consider perspective of general public guided by ethical principle of respect for human rights. The public has the right to be protected from the potential negative consequences of cyber intrusions, regardless of whether carried out by state actors or non-state actors (Jørgensen, 2019). However, such actions by sovereign nation-states raise concerns regarding privacy, security, and potential collateral damage. The ACM Code of Ethics emphasizes the importance of public understanding and support, indicating the need for transparency and accountability in cyber operations. Olympic Games incident had no formal declaration of war among involved nations, and the actions were unjustifiable public expectations and support. Granting nonstate actors the same justifications could lead to chaotic and unpredictable cyber landscape, compromising global security and stability. Therefore, potential risks and ethical implications associated with unauthorized cyberattacks must be carefully weighed against the principles of human rights, public welfare, and international norms.
The solution provided considers multiple ethical principles and professional standards. It aims to balance the utilitarian perspective of achieving the greater good and the deontological perspective of respecting individual rights and autonomy. Incorporating the ACM Code of Ethics ensures the analysis incorporates professional standards in cybersecurity field.
Based on the ethical analysis, I recommend developing international cybersecurity norms, strengthening diplomatic channels, enhancing professional education and certification in cybersecurity, and fostering public awareness and engagement in cybersecurity. The norms should prioritize transparency, accountability, and respect for human rights and establish common framework for addressing cyber intrusions. Enhancing professional education can equip professionals with the necessary knowledge and ethical awareness (Formosa et al., 2021). Promoting diplomatic efforts to resolve conflicts can reduce cyber intrusions needed as means of addressing potential threats.
References
Formosa, P., Wilson, M., & Richards, D. (2021). A principlist framework for cybersecurity ethics. Computers & Security, 109, 102382. https://doi.org/10.1016/j.cose.2021.102382
Housen-Couriel, D. (2021). Hacking Back under International Law: Toward Effective Remedies against Cyberattacks for Non-State Actors. 103–133. https://doi.org/10.1142/9789811219160_0005
Jørgensen, R. F. (2019). Human rights in the age of platforms. The Mit Press.
Wilson, R. L. (n.d.). Application of Ethical Principles.
,
ACM Code of Ethics and Professional Conduct
Preamble
Computing professionals' actions change the world. To act responsibly, they should reflect upon
the wider impacts of their work, consistently supporting the public good. The ACM Code of
Ethics and Professional Conduct ("the Code") expresses the conscience of the profession.
The Code is designed to inspire and guide the ethical conduct of all computing professionals,
including current and aspiring practitioners, instructors, students, influencers, and anyone who
uses computing technology in an impactful way. Additionally, the Code serves as a basis for
remediation when violations occur. The Code includes principles formulated as statements of
responsibility, based on the understanding that the public good is always the primary
consideration. Each principle is supplemented by guidelines, which provide explanations to
assist computing professionals in understanding and applying the principle.
Section 1 outlines fundamental ethical principles that form the basis for the remainder of the
Code. Section 2 addresses additional, more specific considerations of professional
responsibility. Section 3 guides individuals who have a leadership role, whether in the workplace
or in a volunteer professional capacity. Commitment to ethical conduct is required of every ACM
member, and principles involving compliance with the Code are given in Section 4.
The Code as a whole is concerned with how fundamental ethical principles apply to a computing
professional's conduct. The Code is not an algorithm for solving ethical problems; rather it
serves as a basis for ethical decision-making. When thinking through a particular issue, a
computing professional may find that multiple principles should be taken into account, and that
different principles will have different relevance to the issue. Questions related to these kinds of
issues can best be answered by thoughtful consideration of the fundamental ethical principles,
understanding that the public good is the paramount consideration. The entire computing
profession benefits when the ethical decision-making process is accountable to and transparent
to all stakeholders. Open discussions about ethical issues promote this accountability and
transparency.
1. GENERAL ETHICAL PRINCIPLES.
A computing professional should…
1.1 Contribute to society and to human well-being, acknowledging that all people are stakeholders in computing.
This principle, which concerns the quality of life of all people, affirms an obligation of computing
professionals, both individually and collectively, to use their skills for the benefit of society, its
members, and the environment surrounding them. This obligation includes promoting
fundamental human rights and protecting each individual's right to autonomy. An essential aim
of computing professionals is to minimize negative consequences of computing, including
threats to health, safety, personal security, and privacy. When the interests of multiple groups
conflict, the needs of those less advantaged should be given increased attention and priority.
Computing professionals should consider whether the results of their efforts will respect
diversity, will be used in socially responsible ways, will meet social needs, and will be broadly
accessible. They are encouraged to actively contribute to society by engaging in pro bono or
volunteer work that benefits the public good.
In addition to a safe social environment, human well-being requires a safe natural environment.
Therefore, computing professionals should promote environmental sustainability both locally
and globally.
1.2 Avoid harm.
In this document, "harm" means negative consequences, especially when those consequences
are significant and unjust. Examples of harm include unjustified physical or mental injury,
unjustified destruction or disclosure of information, and unjustified damage to property,
reputation, and the environment. This list is not exhaustive.
Well-intended actions, including those that accomplish assigned duties, may lead to harm.
When that harm is unintended, those responsible are obliged to undo or mitigate the harm as
much as possible. Avoiding harm begins with careful consideration of potential impacts on all
those affected by decisions. When harm is an intentional part of the system, those responsible
are obligated to ensure that the harm is ethically justified. In either case, ensure that all harm is
minimized.
To minimize the possibility of indirectly or unintentionally harming others, computing
professionals should follow generally accepted best practices unless there is a compelling
ethical reason to do otherwise. Additionally, the consequences of data aggregation and
emergent properties of systems should be carefully analyzed. Those involved with pervasive or
infrastructure systems should also consider Principle 3.7.
A computing professional has an additional obligation to report any signs of system risks that
might result in harm. If leaders do not act to curtail or mitigate such risks, it may be necessary to
"blow the whistle" to reduce potential harm. However, capricious or misguided reporting of risks
can itself be harmful. Before reporting risks, a computing professional should carefully assess
relevant aspects of the situation.
1.3 Be honest and trustworthy.
Honesty is an essential component of trustworthiness. A computing professional should be
transparent and provide full disclosure of all pertinent system capabilities, limitations, and
potential problems to the appropriate parties. Making deliberately false or misleading claims,
fabricating or falsifying data, offering or accepting bribes, and other dishonest conduct are
violations of the Code.
Computing professionals should be honest about their qualifications, and about any limitations
in their competence to complete a task. Computing professionals should be forthright about any
circumstances that might lead to either real or perceived conflicts of interest or otherwise tend to
undermine the independence of their judgment. Furthermore, commitments should be honored.
Computing professionals should not misrepresent an organization's policies or procedures, and
should not speak on behalf of an organization unless authorized to do so.
1.4 Be fair and take action not to discriminate.
The values of equality, tolerance, respect for others, and justice govern this principle. Fairness
requires that even careful decision processes provide some avenue for redress of grievances.
Computing professionals should foster fair participation of all people, including those of
underrepresented groups. Prejudicial discrimination on the basis of age, color, disability,
ethnicity, family status, gender identity, labor union membership, military status, nationality,
race, religion or belief, sex, sexual orientation, or any other inappropriate factor is an explicit
violation of the Code. Harassment, including sexual harassment, bullying, and other abuses of
power and authority, is a form of discrimination that, amongst other harms, limits fair access to
the virtual and physical spaces where such harassment takes place.
The use of information and technology may cause new, or enhance existing, inequities.
Technologies and practices should be as inclusive and accessible as possible and computing
professionals should take action to avoid creating systems or technologies that disenfranchise
or oppress people. Failure to design for inclusiveness and accessibility may constitute unfair
discrimination.
1.5 Respect the work required to produce new ideas, inventions, creative works, and computing artifacts.
Developing new ideas, inventions, creative works, and computing artifacts creates value for
society, and those who expend this effort should expect to gain value from their work.
Computing professionals should therefore credit the creators of ideas, inventions, work, and
artifacts, and respect copyrights, patents, trade secrets, license agreements, and other methods
of protecting authors' works.
Both custom and the law recognize that some exceptions to a creator's control of a work are
necessary for the public good. Computing professionals should not unduly oppose reasonable
uses of their intellectual works. Efforts to help others by contributing time and energy to projects
that help society illustrate a positive aspect of this principle. Such efforts include free and open
source software and work put into the public domain. Computing professionals should not claim
private ownership of work that they or others have shared as public resources.
1.6 Respect privacy.
The responsibility of respecting privacy applies to computing professionals in a particularly
profound way. Technology enables the collection, monitoring, and exchange of personal
information quickly, inexpensively, and often without the knowledge of the people affected.
Therefore, a computing professional should become conversant in the various definitions and
forms of privacy and should understand the rights and responsibilities associated with the
collection and use of personal information.
Computing professionals should only use personal information for legitimate ends and without
violating the rights of individuals and groups. This requires taking precautions to prevent re-
identification of anonymized data or unauthorized data collection, ensuring the accuracy of data,
understanding the provenance of the data, and protecting it from unauthorized access and
accidental disclosure. Computing professionals should establish transparent policies and
procedures that allow individuals to understand what data is being collected and how it is being
used, to give informed consent for automatic data collection, and to review, obtain, correct
inaccuracies in, and delete their personal data.
Only the minimum amount of personal information necessary should be collected in a system.
The retention and disposal periods for that information should be clearly defined, enforced, and
communicated to data subjects. Personal information gathered for a specific purpose should not
be used for other purposes without the person's consent. Merged data collections can
compromise privacy features present in the original collections. Therefore, computing
professionals should take special care for privacy when merging data collections.
1.7 Honor confidentiality.
Computing professionals are often entrusted with confidential information such as trade secrets,
client data, nonpublic business strategies, financial information, research data, pre-publication
scholarly articles, and patent applications. Computing professionals should protect
confidentiality except in cases where it is evidence of the violation of law, of organizational
regulations, or of the Code. In these cases, the nature or contents of that information should not
be disclosed except to appropriate authorities. A computing professional should consider
thoughtfully whether such disclosures are consistent with the Code.
2. PROFESSIONAL RESPONSIBILITIES.
A computing professional should…
2.1 Strive to achieve high quality in both the processes and products of professional work.
Computing professionals should insist on and support high quality work from themselves and
from colleagues. The dignity of employers, employees, colleagues, clients, users, and anyone
else affected either directly or indirectly by the work should be respected throughout the
process. Computing professionals should respect the right of those involved to transparent
communication about the project. Professionals should be cognizant of any serious negative
consequences affecting any stakeholder that may result from poor quality work and should
resist inducements to neglect this responsibility.
2.2 Maintain high standards of professional competence, conduct, and ethical practice.
High quality computing depends on individuals and teams who take personal and group
responsibility for acquiring and maintaining professional competence. Professional competence
starts with technical knowledge and with awareness of the social context in which their work
may be deployed. Professional competence also requires skill in communication, in reflective
analysis, and in recognizing and navigating ethical challenges. Upgrading skills should be an
ongoing process and might include independent study, attending conferences or seminars, and
other informal or formal education. Professional organizations and employers should encourage
and facilitate these activities.
2.3 Know and respect existing rules pertaining to professional work.
"Rules" here include local, regional, national, and international laws and regulations, as well as
any policies and procedures of the organizations to which the professional belongs. Computing
professionals must abide by these rules unless the
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.
