Roger Clarke's Netethiquette CasesNET-ETHIQUETTEMiniCase Studies ofDysfunctionalHuman Behaviour on the Net RogerClarkePrincipal, XamaxConsultancy Pty Ltd, CanberraVisiting Fellow, Departmentof Computer Science, AustralianNational University© Xamax Consultancy Pty Ltd, 1995, 1996, 1997, 1998Available under an AEShareNet  licenceThis document is athttp://www.anu.edu.au/people/Roger.Clarke/II/Netethiquettecases.htmlThese instances have been selected specifically because they areinstances of dysfunctional human behaviour on the net, or may beinterpreted by some people to be so. I make clear that I'm an enthusiasticuser and promoter of services available over the emergent informationinfrastructure. Indeed (along with thousands of other people), I've made afew contributions to its development. My purposes in this particularproject are to address, and to contribute to the management of, some of thedownsides of the networked world.THIS PAGE IS WORK-IN-PROGRESS (and always will be ...)Here's areference list of some electronic and hard-copy materials.DepartmentsClassifying these cases is a nightmare. The organisation below is fairlyarbitrary, and intended to offer some appearance of structure among the chaos. Accidental Dysfunctionality: InformationOverload Rumourand Accidental Misinformation NegligentDefamation Persistence MinorPlagiarism InadequateCare with Data Trawling/ Spidering Socially Aggressive Dysfunctionality: IntentionalMisinformation Flaming IntentionalDefamation Harassment Mail-Bombing Obscenity Incitement Impersonation Surveillance Economically Aggressive Dysfunctionality: Spamming Advertising,Promotion and Soliciting SecondaryUse of Data SeriousPlagiarism Abuseof Intellectual Property Rights Hacking Virusesand Worms SecurityBreach Avoidance Dysfunctionality: Circumvention Anonymisation Obscuration CompoundCases InformationOverload Someone sends a message to an emailing list, which has very limitedrelevance to the purposes for which the list was established. Someone replies to the list criticising the person who posted the firstmessage. A flurry of discussion ensues, which has nothing to do with the ostensiblepurpose of the emailing list, and everything to do with the list's management. Someone sees a message from a friend, and sends a reply. It transpiresthat the original message came not directly from the friend, but from anemailing list. The result is that the response is broadcast to the severalthousand people on the list. Someone generates a 'chain letter', and lots of the recipients pass it onto lots of their friends. The standout example is the 'chain reaction' letterof July 1995, protesting about Chirac's resumption of nuclear testing atMururoa Atoll. The originators (postgraduate students in physics in Japan)were buried in thousands of replies, installed aweb-page, and sent email messages chasing the chain, requesting people tostop sending them messages. Someone with an axe to grind sends a message to many mailing lists. Themessage is entirely irrelevant to most of the lists (this has been referred toas 'kook spamming'). Someone who wishes to join or leave an emailing list sends an email to thecomplete list, rather than to the list administration address, and the listmanagement software fails to filter the message out. Someone who needs to filter the data available in a database has no searchtool available which is appropriate to a person of their particular educationalbackground. Rumourand Accidental Misinformation Someone sends a message which misleads readers into assuming facts thataren't. This may be because of the tense or expressions used.Note that this most commonly arises where the originator of the message hasrelatively high credibility, and/or reflects a sentiment popular within thecommunity/ies the message reaches. Here is acompendium and advice. Note that accidental misinformation and intentionalmisinformation can be very difficult to distinguish. NegligentDefamation Someone sends a message to a person which contains assertions of a factualnature, about the recipient, that transpire to be misleading or false. The message is cc'ed to further people. The message is posted by one of the recipients to a newsgroup.Note: To be defamatory in law, then, depending on the jurisdiction, theoriginator would have to have failed certain tests, e.g. to have not reasonablybelieved in the truth of the assertions, to have failed to take reasonableprecautions, and/or to have intended that the assertions harm the personconcerned. See Timothy Arnold-Moore's (somewhat legalistic) paper on defamationon computer networks. Persistence A person leaves someone on a mailing list, or in a local nickname oralias, even though they have asked to be removed. MinorPlagiarism While writing an assignment, a junior student seeks out material on theweb, downloads it, and incorporates it into their answer, without takingsufficient care to provide appropriate attribution to their sources. InadequateCare with Data Someone sees a message from a friend, and sends a reply which includesconfidential information, or comments highly derogatory about another person.It transpires that the original message came not directly from the friend, butfrom an emailing list. The result is that the response is broadcast to theseveral thousand people on the list. As a service to its local community, a University makes the identificationdetails and contact points of its students available on the net. As a service to its local community, a University makes the identificationdetails and contact points of its students available on the net. Some of thestudents have unlisted numbers, which they have disclosed to the University onthe assumption that they will only be used within the context of studentadministration.Note: In relation to the first case, this depends on the setting of theReply-To variable, which is controlled by the list-owner. Many list-ownersassume that their community is network-savvy, and set the variable toreply-to-list rather than reply-to-originator. Generally, however, networkcommunities are not mature enough to take this risk. Netsearching/ Trawling / Spidering A person makes comments in what they assume is a restricted context, suchas a specific newsgroup. Software tools (generically referred to as indexingor concordance tools, search-engines, robots, wanderers, and more vividly as'spiders') crawl around the web building cross-references. People discoverthese comments remote from the original time, space and context.Note: For an authoritative source on the topic, try MartijnKoster's page. The latest, most powerful, and therefore most accidentallythreatening tools are Deja News (for newsgroups) and Alta Vista. In the spiritof spidering, I offer an html'd version of arelevant message by Tim May on the cypherpunks mailing list. IntentionalMisinformation Someone spreads a rumour which they know is unfounded, or distributesseemingly hard information which is incorrect, and which is intended to causedifficulties for someone else.Note: See theApple/Sony rumour, and a story that suggested that a particular virus canbe propagated by email - theso-called 'Good Times' Virus. See also one'Good Times' Virus FAQ, and another(I'm not sure which is the original ...). This subsequently re-surfaced as PenPalGreetings.Note that intentional misinformation can be very difficult to distinguish from accidentalisinformation. Flaming Someone sends an email message containing foul and/or abusive languageabout the person to whom it is addressed. A participant in a synchronous 'chat' session uses foul and/or abusivelanguage about another participant. Someone sends an email message containing foul and/or abusive languageabout one of the addressees of a message. Someone sends an email message to a small group of people containing fouland/or abusive language about another person relevant to the group. Someone sends an email message to a large number of people using fouland/or abusive language about another person who is only moderately relevant tothe group. IntentionalDefamation Someone sends a message to a person which contains assertions purportingto be factual, about the recipient, that the sender knows, or reasonably shouldhave known, to be false or constructively misleading. The message is cc'ed to further people. The message is posted by one of the recipients to a newsgroup.Note: See FrancisAuburn's paper on the Western Australian Rindos v. Hardwick newsgroupdefamation case. Timothy Arnold-Moore has made available a (somewhatlegalistic) paper on defamationon computer networks. There's also theInteractive Services Association's views on the Stratton Oakmont libel caseagainst Prodigy. Harassment Someone sends a succession of email messages to someone else, although itis clear that the recipient does not want to maintain the conversation. Someone implements a program to intercept a person's email traffic. Thepurposes the interceptor has in mind are to block some or all messages, to sendan automated response to the sender, to send a copy to some other person,and/or to modify and re-transmit the message. Someone sends an email message to someone else, suggesting various acts ofviolence, which the sender would like to, or intends to commit on themessage-recipient. While participating in a multi-user dungeons and dragons game (or MUDD),someone depicts a highly graphic rape of one of the other participants.Note: In relation to case 4, thearticle was first published by Julian Dibbell in 'The Village Voice'(Greenwich, presumably), December 21, 1993, p.38. Mail-Bombing Someone sends many email messages to someone else's mailbox, with theintention of causing at least inconvenience in sorting out real mail fromnuisance mail, and perhaps a disk-overflow and therefore even more seriousinconvenience. Someone organises many people to despatch email messages to someone else'smailbox, etc. Someone sends very large messages to someone else's mailbox, etc. This isusually performed by attaching very large files, such as the source-code for aMicrosoft product.Note: In relation to case 2, a notable example was the campaign to fillJacques Chirac's mailbox after he announced the Mururoa Atoll tests. Obscenity Material is made available over the net which some people findobjectionable. Unsolicited material is sent over the net to various people, some of whomfind it objectionable. Material is made available over the net which infringes the obscenity lawsof some jurisdictions. Unsolicited material is sent over the net to various people, whichinfringes the obscenity laws of some of the jurisdictions in which they arelocated. Solicited material is sent over the net to various people, which infringesthe obscenity laws of some of the jurisdictions in which they are located.Note: I maintain apage of pointers to key sites concerning regulation of the net, most ofwhich are stimulated by pornography concerns. The recent switching-offby Compuserve of access to USENET newsgroups was also stimulated by thesame concern, in that instance by German authorities. The storyabout Compuserve switching it back on again is also interesting. Incitement Someone posts to a bulletin board explicit instructions on how to makeletter-box bombs, pick locks, make plastic explosives in one's garage, or makean atom bomb. Someone posts to a bulletin board a list of valid credit-card numbers, todemonstrate the insecurity of a computer installation. Someone posts to a bulletin board a list of valid credit-card numbers, andsuggests that they be used to perpetrate financial fraud. Someone sends emails to one, a few, or many people, criticising some classof people (e.g. those of a particular ethnic origin, or of a particularreligious persuasion), and urging that action be taken against such people,their property, or their meeting places.Check out EFF'spage on 'hatespeech', and HarvardLaw School's 'Guide to Hate Groups on the Internet'. Impersonation Someone uses the security weaknesses inherent in an email package orsystems software to send a message which appears to come from someone else.The message says something highly derogatory about someone. Someone uses the security weaknesses inherent in an email package orsystems software to send a message in such a way that it appears to come fromthe Lecturer-in-Charge of a unit of study, and advises that the currentassignment has been cancelled. A male participant in a chat session or an electronic conferencerepresents themselves as being female, and attracts the trust of other females,with the result that some of them confide sensitive information with theimpersonator. A participant in a multi-user dungeons and dragons game (MUDD) representsthemselves as a person of the opposite gender.Note: In relation to case 3, the perpetrator was a New York clinicalpsychologist. For some background in this area, try theElectronic Frontier Foundation's FAQ on anonymity, and materialand pointers in my dataveillance page. Surveillance An employer openly monitors the senders and recipients of email traffic toand from their employees. An employer openly monitors the content of email traffic to and from theiremployees. An employer surreptitiously monitors email traffic to and from theiremployees. An employer surreptitiously monitors email traffic to and from theiremployees, but, when challenged, denies that they do so. A law enforcement agency takes advantage of loopholes in existing law todemand information about net-users' behaviour from their Internet ServicesProviders, without a warrant or other form of external control. A provider of a software product builds into it a means whereby data aboutclient-workstations and their users can be captured and made available todistant servers that they communicate with. Teams of people developing enhancements to Internet architectureintentionally build in means whereby servers can monitor behaviour and data onremote client-workstations.Cases 6 and 7 are modelled on Netscape's Cookies,and an emergent generalised feature of forthcoming Internet services. Notethat surveillance by marketing organisations may be linked with spamming. Spamming An organisation sends an advertisement for its services to many mailinglists. The services are in some way relevant to the topics which some of thelists address, but are entirely irrelevant to most. Many people reply, the vast majority expressing very negative sentiments.The organisation's mailbox overflows. A few people attach 8MB files to their replies. (This is referred to as 'mail-bombing'). This results in an overflow of the disk-drive of the network services providerwho provides the organisation with its electronic mailbox, and seriouslyinconveniences the provider's hundreds or thousands of other clients.Note: These cases are modelled on the Cantor & Siegel case in early1995. (They offered legal services relating to applications for green cards).Unfortunately I can't many net-reference for the history of the case. See,however, http://www-math.uni-paderborn.de/~axel/BL/#list.Here's mystandard reply to spammers.Here's myseparate paper on spamming, which pursues the analysis much further. Notethat the effectiveness of spamming is dependent on the effective implementationof consumer surveillance. Advertising,Promotion and Soliciting An organisation sends an advertisement for its goods or services tomailing lists whose subscribers can reasonably be expected to have someinterest in the products. An organisation which provides a gratis or very cheap service on the netdevises a way to offer space on the page to sponsors or advertisers. The adsdo not intrude unduly (e.g. the images occupy a relatively small proportion ofthe page, and they are displayed after the content of the page appears andhence their display can be interrupted without loss of content). An organisation provides the same kind of service, but in such a mannerthat the advertising intrudes on the function. The advertiser stores the addresses of replies to its ads. The advertiser consolidates the information from the replies to its adswith other data it has on the individual. The organisation runs on off-list, or what is sometimes referred to as an an'opt-out' mechanism, whereby anyone can nominate that they do not wish toreceive any further ads, and they will be removed from the list. The organisation runs an 'opt-in' mechanism, such that the only people whoreceive ads are people who have expressly nominated to join the service.Here'sSpam.htmlmy separate paper on spamming. SecondaryUse of Data An organisation uses net transactions as a basis for developing orimproving a mailing list. An organisation seeks out and acquires data from net transactions to whichit was not a party, and includes them in its database of customers andprospects.Note: Check out EPIC'sdocumentation of the Avrahmi case.Here's myseparate paper on cookies. SeriousPlagiarism While writing an assignment, a senior student or researcher seeks outmaterial on the web, downloads it, and incorporates it into their answer,without providing appropriate attribution. The database the material is drawn from is a set of previousstudent-written assignments, together with model answers written by lecturingstaff, which is maintained by students as a service to students throughout theworld. Abuseof Intellectual Property Rights An author intentionally makes material available on the net andintentionally cedes copyright, placing it in 'the public domain'. Someone appropriates copyrighted text (such as this document), or acartoon, or an image, or video, or software, and fails to provide a referenceto the source, thereby implying the work is their own. (Note that some usesare considered 'fair dealing', such as quoting less than 'a substantialportion' of the work and providing attribution to the source). Someone incites others to appropriate copyright materials, on the groundsthat the Internet is common grazing land and property rights are morallyunjustifiable. Someone argues that the law should be changed to delete all forms ofintellectual property in the context of the net, because it is not in theeconomic interest of society to create large numbers of micro-monopolies.Note: See GillianDempsey's guide to the application of copyright on the net. There havebeen lively debates raging, e.g. RonNewman's page on the Church of Scientology's attempts to protect itsrestricted-access, money-earning documents; Hacking Someone exploits a security weakness in an installation, and leaves amessage for the system administrator, identifying the weakness. Someone exploits a security weakness in an installation, and writes areport to the system administrator's boss. Someone exploits a security weakness in an installation, and usesresources (such as processor-cycles, disk space and communications links) fortheir own purposes. Someone exploits a security weakness in an installation, and accesses datastored in that installation. Someone exploits a security weakness in an installation, and damages datastored in that installation. Someone exploits a security weakness in an installation, and gains accessto another site [followed by any of the above].Note: This is well-travelled territory, which pre-dates the Internet.Statutory laws have been amended and created in many jurisdictions intended toproscribe some or all such activities. They vary greatly in their sensiblenessand effectiveness. I'm looking for an authoritative site which examines, andprovides links to copies of, such laws. Virusesand Worms Someone writes software which 'infects' other software by inserting orappending some additional code (generally including copies of itself). Someone accidentally creates an environment in which a virus or worm willpropagate. Someone knowingly creates an environment in which a virus or worm willpropagate. Someone creates a virus or worm which accidentally causes significant harmto data stored in installations which are infected by it. Someone creates a virus or worm which is intended to cause significantharm to data stored in installations which are infected by it.Note: Here's anFAQ on viruses. And here's thestory on Robert Morris's Cornell worm in 1988. SecurityBreach Someone writes and publishes a book which explains many 'known' (but notvery widely known) security weaknesses in common operating systems. Someone writes a program which checks whether 'known' (but not very widelyknown) security weaknesses are present in the operating system installed on alocal machine. Someone writes a program which checks whether 'known' (but not very widelyknown) security weaknesses are present in the operating systems installed onany machine anywhere on the net. Someone publishes the program.Like almost every other case listed in this document, this series is real,not imaginary. The program is called SATAN(Security Administrator Tool for Analyzing Networks). Circumvention Someone establishes a web-server in a tax haven, and offers merchants aservice whereby net-facilitated sales are legally made in that location,thereby avoiding paying tax in which the buyer and/or seller operate. Ditto, but the action is rendered illegal by a law in a jurisdiction inwhich the buyer and/or seller operate. Someone stores hard-core porn and paedophilia on a web-server in ajurisdiction whose law or law enforcement is less restrictive than that of someof the service's clients. Someone scans a banned book into machine-readable form, and replicatescopies in various locations around the world.Note: An instance of case 4 is thebook by Mitterrand's physician, banned and re-published electronicallywithin hours. Anonymisation A so-called 'anonymous remailer' receives email addressed to a thirdparty, removes the sender's identification, and forwards it to the intendedrecipient. The service provider ensures that the service is genuinelyanonymous (by keeping no records of the identity of the originator of themessage; or by participating in a chain of remailers, and handling messageswhich have nested levels of encryption - if that sounded complicated, you cancheck out apaper on the topic). The same service is provided, but the 'anonymous' remailer maintains anindex of the relationship between the originator and the message, and is ableto provide that information to law enforcement agencies in exceptional cases.This would be more correctly described as a 'pseudonymous remailer'.Note: I have somerelevant material and pointers in my dataveillance page. Obscuration A sender encrypts their messages, and only provides the decryption key tothe intended recipient. A sender encrypts their messages, but registers the encryption key with agovernment authority. A sender encrypts their messages, but registers the encryption key with akey escrow agent of their choice. This agent is subject to legal compulsion todisclose the key to law enforcement agencies under exceptional circumstances. A sender encrypts their messages, but registers various parts of theencryption key with various different people and organisations, such that themessages can be decrypted provided that several of them collaborate.Note: This is actually the deepest of all of the mini-cases here, and hasenormous ramifications for the future of society. For one view, see TomMay's 'crypto-anarchist manifesto'. CompoundCases Someone sends a message to someone else, containing informationabout a third party which turns out to be wrong. The recipientincludes it in a message to someone else. That person sends it to a relativelysmall mailing list. A recipient posts it to a newsgroup. Along the way, someof the associated text is removed, to shorten the message; and in the processsome of the context is lost. Unbeknowns to many of the participants, somewell-meaning soul archives all traffic which occurs on the emailing list and/orthe newsgroup. Deja News quietly goes about maintaining a comprehensiveconcordance of newsgroups, and Alta Vista on, among many other things, emailinglist archives. As a result, the information is locatable, for the foreseeablefuture, by search on the wrongfully-accused person's name. Correctinginformation may or may not have been circulated, chasing the erroneous message.The person concerned may or may not know about it all. The Time Magazine 'Cyberporn' article of 10 July 1995,pp.48-55 (at least, that's where it was in the Australian edition) raised awhole raft of issues, primarily about the perpetrators of the article. Ihaven't seen the Time article on the net, but here are some sources: thestudy on which the Time article was based, by Marty Rimm; Hotwiredmagazine's critique; Hoffmanand Novak's comprehensive hot-links on the matter; BradCox's collection at GMU; DeclanMcCullagh's pages at Carnegie-Mellon itself. Someone posts on a newsgroup a fictional account of a violentrape. The name of the 'victim' transpires to be the same as that of aperson in the same university class as the author. Someone brings the story tothe attention of the 'victim'. See JakeBaker's personal Information Page on the matter.AcknowledgementsThe first version of these mini-cases was originally intended as preparatoryreading and deliberation for participants in a session on what I referred to as'net-ethiquette' at the University of Southern Queensland on 26 April 1995. Mythanks to several people for their contributions, especially Ooi Chuin Nee andKevin Jeffery.NavigationGo to Roger'sHome Page.Go to thecontents-page for this segment. Sendan email to RogerOriginal Version: 10 April 1995Last Amended: 4 September 1998 These communityservice pages are a joint offering of the Australian National University (whichprovides the infrastructure), and Roger Clarke (who provides the content). The Australian National UniversityVisitingFellow, Faculty of Engineering and Information Technology,InformationSciences Building Room 211 Xamax ConsultancyPty Ltd, ACN: 002 360 45678 Sidaway St Chapman ACT 2611AUSTRALIATel: +61 2 6288 1472, 62886916 |
|
