Computer virus raises new ethical concerns

The pirates, hackers and crackers of the world have never been renowned for their display of social consciousness. After all it is they who, after having launched attacks directed at the corporate world, sit back with visions of destruction and mayhem dancing in their heads. And, unless they undergo some sort of reflexive and collective social rebirth, they are likely to stay that way.

Well not all of them as it turns out. A recent headline from a New York Times article in the Toronto Star stated, “Porn-seeking rogue virus raises concerns.”

It seems as though there is some worried soul out there who has decided to take the matter of child pornography into his (or her, as the case may be) hands by creating a virus that scans your hard drive looking for files that may indicate the existence of child pornography and then passes your name and the file names onto a law enforcement agency randomly gleaned from the program’s database. The virus, called VBS.Noped.A@mm, is an encrypted mass-mailing worm, according to Symantec Corp.

To say this raises a few concerns is an understatement.

Few people (the pathological of our society possibly excluded from this thinking) would argue the fact that child pornography is – if not the most evil – certainly one of the great evils of society.

But the issue here, and the reason it is being brought up in an IT magazine instead of the mainstream media, is whether we want or need self-appointed technology vigilantes to be those who define what is good and what is evil in the society in which we live.

One could easily argue that this is the work of a lone wolf, with no connection to IT, who created the virus using a piece of no-brainer, fill-in-the-blanks-virus-creation software. But who created the software to enable this person to create the virus? Seldom does anything happen in a vacuum anymore.

Since the virus defines child pornography based on the creator’s preconceived definition of what file names might include child pornography, the potential for abuse is enormous.

What if the police do react to the virus and decide to get a warrant to search your hard drive?

Ignoring whether or not the ends justify the means, what if you were inadvertently caught in the net? What if you have a bunch of innocent photographs on your hard drive or your son or daughter frolicking in the bath tub and were unfortunate enough to name the files something that triggered off the virus?

One would hope and assume various police agencies would be extremely careful before they move to elicit a warrant. But do you want your future in the community to be safeguarded by that assumption? In this case mistakes, once made are essentially irreversible.

If you were arrested, it would be game over. Innocence, when it comes to something as emotional as child pornography will not get you too far. Your reputation would be toast.

Almost as disconcerting is the fact that true paedophiles are probably far craftier at hiding their pornography and would probably not be caught by this net in the first place.

There is no question as to whether IT should play a role in the apprehension of suspects (after all, the Internet is partially to blame for the dramatically increased range of operation enjoyed by the paedophile). It should. It is just whether lone wolves should be part of the solution. They should not.

Vigilantism, and this is nothing more than a version of it, is seldom the hallmark of an advanced society. IT should work in tandem with law enforcement not parallel to it.