ethics paper 2

Computer Ethics Paper 2

Due: Thursday, June 18, 2015

Topic option 1: Third-Party Doctrine

Do you have a "reasonable expectation of privacy" -- in the sense of police surveillance -- for any kinds of data held by others?

The "third-party doctrine" says no, or at least that, if we do, it's too bad for us and the government still does not need a warrant. This was originally determined in the context of:

banking records (US v Miller 1976)
informants wearing a wire

How broadly should the third-party doctrine apply? And if it does contradict a reasonable expectation of privacy, which rule should apply?

Email is a special case: your ISP, as third party, has no reason to look at the contents. Nonetheless, the government still sometimes has success with simply subpoenaing email, using the Electronic Communications Privacy Act (ECPA).

For many other examples of third-party data, the third party does have a reasonably direct need for the data: bank records are used by banks, cellular nearest-tower records are used to provide service to your phone, the dialed number is used to connect the call, etc. The third-party doctrine is sometimes defended in cases like these on the grounds of the transaction theory of privacy: the third party has just as much interest in the data as you do. But what about library records? Internet search records? Facebook history? Do the relevant third parties actually have an interest in this data?

Often there is a point after which such data is no longer relevant to the provider, such as nearest-tower cellular data after you've moved to another cell, or library records once the book is returned. Should the government still be free to subpoena it?

What about telephone GPS data? This is generally used by providers only for advertising-related services.

For phone metadata of a single individual, the Supreme Court ruled in Smith v Maryland, 1979, that only a subpoena was needed. In that era, third parties held a lot less digital data on each of us than they do now.

The Patriot Act made it mandatory to turn over most subpoenaed business records on third parties. Would it help if this were simply voluntary, with a warrant available in case a third party refused and the requirements for a warrant could be met? Or should "business records" be interpreted narrowly, and perhaps not so as to include other data?

One common pro-warrant, anti-third-party argument is that it's just not that hard for the police to get a warrant, and they should have to do so whenever the information sought is moderately intrusive.

See the course notes here and here. Orin Kerr, in defending the third-party doctrine, acknowledged it is sometimes thought of as the Fourth Amendment rule scholars love to hate.

Topic option 2: Defamation Policy

You and two friends, Alice and Bob, are starting a new website in which user comments figure prominently. Users comment on various products they have used, and also on the reviews and comments provided by other users. Users can also post pictures. Your goal is to create a social-network feel to the site, although all posts will be public and users will be rewarded with coupons. You anticipate that the majority of users will use their real names on the site, though pseudonyms are permitted.

Right now you've agreed to a policy allowing the deletion of profanity and obvious insults. However, you're having more trouble agreeing to a policy for dealing with defamatory comments that don't fit into the obvious profanity/insult categories. Alice has argued

We don't need to do anything; section 230 of the CDA clearly means we have no liability for what our users post, and thus no obligation to remove false, hostile or libelous content. Many other sites, such as youtube.com and aol.com, don't seem to remove such content. How would we determine if an allegedly defamatory post is in fact true? Would we have to post the other side's position? The bottom line is that we'd be censoring someone's post based on a complaint that may or may not be well founded. We already know from prior experience that if users say something negative about a product, corporate sock puppets will take offense and demand action. We have to stand firm.

Bob is not so sure; his position is that

We simply should not let hostile or defamatory content remain. At the very least, the possibility that they could be the victim of such an attack will discourage other users; we want to encourage our users! We need to have a clear standard of behavior; this is about "takedown" and not about arguing the points of libel.The bottom line is that we cannot side with injustice, any more than we can side with harassment.

Your job is to propose a policy and then argue in support of it. If you leave something out of the policy, such as a way for users to complain that they have been unfairly depicted, be sure you explain why you don't think the feature is necessary. You should also make clear whether features of your policy are there to address legal risk to the site or are there to make users feel more comfortable.

You can take a legalistic approach, an ethical approach, or a combination. When making ethical arguments in a business context it is sometimes helpful to recognize that ethical behavior can be closely tied to a business's own long-term self-interest.

Your paper (either topic) will be graded primarily on organization (that is, how you lay out your sequence of paragraphs), focus (that is, whether you stick to the topic), and the nature and completeness of your arguments.

It is, as usual, essential that all material from other sources be enclosed in quotation marks (or set off as a block quote), and preferably with a citation to the original source as well.

Expected length: 3-5 pages (1000+ words)