Opinion: The Petraeus scandal and computer ethics

Curiously, ethical lapses and email often go hand in hand

Last week Gen. David Petraeus, the director of the Central Intelligence Agency, resigned in response to what has turned out to be a much bigger scandal than it first appeared.

We've gone from a complaint to the FBI by one woman, Jill Kelley, over harassing anonymous email messages that were sent, it turned out, by another woman, Paula Broadwell (who was, of all things, Petraeus' biographer) that exposed the affair Petraeus had had with the latter and which has now embroiled another senior military man, Gen. John Allen, because of email sent to the first woman.

I was tempted to provide a some kind of business intelligence style interactive taxonomic diagram to explain all of this mess, but I simply haven't quite got my head around who's who yet.

BLOG POST: Petraeus used clever Gmail trick during affair

The only plausible explanation for the behavior of these people is that they must have all recently escaped from an asylum (see CNN's article "Timeline of the Petraeus affair" along with a ridiculous number of sidebars slicing and dicing every aspect).

What is fascinating about this case is how the FBI examined messages in Kelley's account to find out who was harassing her, which led them to discover the emails between Kelley and Allen, and then how they proved the anonymous messages came from Broadwell.

The FBI relied on the Electronic Communications Privacy Act (ECPA) to legitimize its investigation and, according to the Electronic Frontier Foundation's posting "When Will our Email Betray Us? An Email Privacy Primer in Light of the Petraeus Saga," the bureau cross-referenced the IP addresses of Wi-Fi hotspots Broadwell had used while traveling "'against guest lists from other cities and hotels, looking for common names.' If Broadwell wanted to stay anonymous, a new email account combined with open Wi-Fi was not enough."

I recommend carefully reading the EFF article, which dissects a very complicated topic and clearly shows how incredibly weak our protections are from unwarranted government search of our private messaging.

Anyway, be all that as it may, I will refrain from dwelling any further on the sordid yet highly entertaining details other than to note that the whole reason all of these people got swept up into the scandal was due to two things: their unethical behavior and their use of email.

Curiously, ethical lapses and email often go hand in hand ... in fact, unethical behavior is commonplace in all forms of Internet communication for two reasons.

First, it's easy to do things that are unethical when you're dealing with a computer interface rather than a person. The lack of an empathetic human connection makes it easy to forget or ignore virtues such as politeness, honesty, generosity and fairness. Second, the medium is so new we have neither a sound social foundation for computer-mediated communication nor a system of education that has yet managed to construct such a thing.

This brings me to the whole idea of computer ethics education. My old friend Winn Schwartau, who has also been known to pen a piece or two for this august organ, told me a story about how his wife, Sherra, who is also in the computer security business, was contacted by a woman looking for a computer ethics course.

The woman's seventh-grade son had got into trouble at school for hacking a shared computer and altering grades. Part of the punishment set by the school when they discovered what he'd done was to complete a computer ethics course. The problem was, the mother said, that she couldn't find such a thing.

Sherra talked to Winn and when they couldn't find anything like that either, they, in a paroxysm of creativity, decided to update a book Winn had created more than a decade ago titled "Internet & Computer Ethics for Kids (and Teachers and Parents without a Clue)." Back in 2001, with help of corporate sponsors, Winn distributed something like 125,000 copies of that book.

Now Winn's thinking has become somewhat more ambitious: He wants to give away 1 million copies of the new book!


The new version, "Cyber Safety and Ethics and Stuff (for Kids, Teens, Parents and Teachers)" is being launched on Kickstarter and will be "a high quality, full color, glossy, easy to read and share book, designed to help kids, families and schools, churches and youth groups, learn about the challenges of online security, safety and privacy."

I think this is a great idea. The issues of ethical behavior when using a computer are misunderstood by most people, even those inside the computer industry.

Winn's new book will cover all of the hot button issues of online safety and ethics, including hacking, sexting, bullying, theft, privacy, pornography, scams and phishing, plagiarism and safety but, and here's the interesting angle, it will not be prescriptive.

A key concept behind the book is to ask questions that make readers think about the various topics, provide insight into the issues involved, and then let them draw their own conclusions. I think this is a great idea because, while a few of the topics have simple right or wrong or yes or no answers, the majority are situationally dependent and hard and fast rules won't really answer the question. Understanding the background and dimensions of issues will make it possible for readers who haven't run up against these situations to figure out what the ethical issues are.

Winn's Kickstarter project is looking for initial funding of $60,000 to be pledged by Wednesday, Jan. 2, at 9:02 a.m. PST, which will be used to "fulfill all [backers] rewards and get copies to every member of Congress, every State education director, leaders in Washington, key media and online groups that support kid and family cyber safety."

To be able to give away a "quantity to every school district in the US" will require roughly 1 million copies total, Winn says, and will require something on the order of $4 million, and I think the payoff would be fantastic. At the very least, we'd get some level of national dialogue hopefully involving politicians and policy-makers and start to build a foundation for a more informed, ethical and mature approach to our society's use of computers.

So, check out Winn's Kickstarter pitch, see whether you think this will make an impact, and, if you decide it will, back the project!

Just think, if this book had been published a year ago and had gotten into the hands of government officials, perhaps Petraeus would still be running the CIA.

Gibbs hopes this was ethically persuasive ... Your judgment to gearhead@gibbs.com and follow him on Twitter and App.net (@quistuipater) and on Facebook (quistuipater).

Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.

Tags unified communicationsWinn Schwartaucomputer safetyFederal Bureau of InvestigationElectronic Communications Privacy ActtheftIdentity fraud / thefthackingintrusionEFFbullyingscamscomputer ethicsJill KelleyphishingpornographyfbicnnGeneral John AllenCentral Intelligence AgencyplagiarismE-mail servicesNetworkingKickstarterElectronic Frontier FoundationprivacyciaGeneral David PetraeussecurityPaula BroadwellECPAsextingintel

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Mark Gibbs

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place