Cybersecurity, Ethics, and Collective Responsibility

This is an open access title. It is made available under a Creative Commons Attribution-Non Commercial-No Derivatives 4.0 International licence. It is available to read and download as a PDF version on the Oxford Academic platform.

The advent of the Internet, exponential growth in computing power, and rapid developments in artificial intelligence have raised numerous cybersecurity-related ethical questions in various domains. The dual use character of cybertechnology-that it can be used to provide great benefits to humankind but can also do great harm-means that business (data security, data ownership and privacy), public communication (disinformation and computational propaganda), health (privacy, ransomware attacks), law enforcement (data security, predictive policing) and interstate conflict (cyberwar, autonomous weapons) are of vital interest to cybersecurity ethics.

This work analyses the key ethical concepts in the field, such as privacy, freedom of communication, security, and the right to self-defence, and develops sets of ethical guidelines for the regulation of cyberspace in these various domains. From a liberal democratic perspective, Seumas Miller and Terry Bossomaier seek to protect individual rights while ensuring the collective good of cybersecurity. They also pay close attention to institutionally embedded collective moral responsibilities that function as 'webs of prevention' against cyberattacks. These webs, they argue, need new regulation and the redesign of institutional roles, as well as technical countermeasures to cyberattacks, such as passwords, encryption, firewalls, and 'patching.' At times, webs of prevention also involve offensive and defensive measures. In their expert analysis and guidance, Miller and Bossomaier reinforce just how much is at stake in the field of cybersecurity ethics.