Path: utzoo!utgpu!news-server.csri.toronto.edu!mailrus!purdue!spaf From: spaf@cs.purdue.EDU (Gene Spafford) Newsgroups: comp.org.eff.talk Subject: Missing mission Message-ID: <11446@medusa.cs.purdue.edu> Date: 24 Aug 90 09:06:22 GMT Sender: news@cs.purdue.EDU Reply-To: spaf@uther.cs.purdue.edu (Gene Spafford) Organization: Department of Computer Science, Purdue University Lines: 83 I just finished reading through mailing #3, and I am disappointed. Why? Because there is a very important mission statement missing from the list given: helping to establish a sense of responsibility in users of networks and computers. I am all in favor of the other stated goals. It is clear that telecommunications and computer technology are opening up whole new avenues of information flow that can drastically change our way of life. It certainly is true that we must come to terms with the nature of these new capabilities, define the rights inherent in their use, and help educate the rest of the world about this new medium. At the same time, we cannot have rights without responsibilities -- be they legal, ethical, or just plain etiquette. In our rush to define and protect our rights, let us also consider that there must be corresponding standards of "good" behavior that need to be developed an encouraged. Failure to recognize and respect those responsibilities will make it more difficult to get broad support in the definition and protection of appropriate freedoms. For instance: publishing a newsletter or sending e-mail may be something we want to define as protected forms of free speech. But suppose the material is slanderous, or violates a company's trade secrets, or spreads a virus, or breeches national defense secrets? How about cases where someone is just unceasingly rude? There are social and legal concerns here on both sides, and focusing on only one side will keep everyone from being supportive of the effort. I've been using bulletin boards and the network for a decade. In that time, I've seen some wonderful things happen. I've also seen an increasing tide of impolite, inconsiderate, harassing, and even hurtful traffic. Perhaps the posters have a right to write what they wish -- but should they have the right to use other people's machines and networks to spread it? Do they have the right to inject that material into inappropriate forums for others to stumble across? Do they have the right to forge their name, and violate accepted protocols to make their statements that almost no one wants to read? What and who exactly is it that needs the protection? There is also the issue of criminal use of computers and networks. Recent situations that have made such headlines in the news may not be such good examples; likewise in any court there are likely to be some mistaken or bad cases of other types of crime. Still, there are people writing viruses, breaking into computers, altering and stealing code and data, and crashing systems. Don't their victims have rights, too? Shouldn't we all share some sense of manners and ethics to prevent such activity? I've heard some "crackers" claim it is their "right" to break into any machine they can and read the data. I've also heard someone suggest that writing computer viruses may be a protected form of free speech. I'm appalled by both attitudes, and I suspect that most people who depend on their computers would be similarly alarmed by such statements. Most people want reasonable guarantees of freedom, but they don't want anarchy. I have the right to bear arms, but not to use them wherever and whenever I wish. I have freedom of worship, but I don't have the freedom to sacrifice you to my dieties. Defining and protecting our freedoms is perhaps less than half the necessary task. I'm glad there are people other than me worried about the future and freedoms of our brave new world of telecommunications and computing. Still, I'm troubled that an organization with as much promise as the EFF fails to stress the development of responsibility and proper usage of computers as one of its aims. From what I have read and been told, I have no problem believing that the EFF would help defend someone wrongly accused of computer trespass, or that they would sponsor lobbying to defeat passage of an unwise piece of legislation concerning telecommunications. However, I also find it difficult to believe that the EFF would help sponsor a campaign in schools to teach kids not to break into others' systems, or that they would help legislators draft balanced computer crime bills, or that the EFF would marshall its resources to help catch computer virus authors. From my point of view, that is badly unbalanced -- and I *believe* in all of the EFF's stated goals! It is no wonder there is such a strong image that the group is just a "cracker's defense fund." Time and events will tell if this is just growing pains and poor publicity, or whether it is a skewed philosophy. I dearly hope it is the former. -- Gene Spafford NSF/Purdue/U of Florida Software Engineering Research Center, Dept. of Computer Sciences, Purdue University, W. Lafayette IN 47907-2004 Internet: spaf@cs.purdue.edu uucp: ...!{decwrl,gatech,ucbvax}!purdue!spaf