• GM Holden Information Systems,...
• SYDNEY IT MANAGER
• IT Manager / Systems Administrator
• Project Manager - Infrastructure
• Security Engineer - Consultative...

Ethics and cyberwarfare

Oliver Burmeister, Information Age

13/06/2008 14:29:19

Last year I represented the ACS at a meeting of IFIP TC9. Great, I hear you say, more acronyms, as though ICT doesn't have enough. I'll explain what they are for the uninitiated in a moment. Rather than repeat the details of what I reported back to the ACS here, I thought I'd pick on one aspect, namely the consideration for a new working group on Cyberwarfare.

A new IFIP TC WG Given this Information Age section is usually on an area of ethics, I thought I'd plug a new book, by taking my explanation of the acronyms from a piece I wrote for the introduction to a new book on computer ethics. The book is Ethics in ICT An Australian Perspective, edited by Donald McDermid and published by Pearson, 2008.

After World War II, UNESCO advocated that less well developed countries should not be left out of developments in information technologies and sciences. They argued that there ought to be an overriding body that is responsible for information technology diffusion. The result was the establishment of the International Federation of Information Processing (IFIP).

Today IFIP has member ICT professional societies in many countries around the world. Where a country has multiple professional ICT societies, typically only one can be a member of IFIP. Membership means being able to appoint national representatives to IFIP technical committees. Australia is represented through the ACS.

IFIP is structured around 13 Technical Committees (TC), each with Working Groups (WG) within it. There have not always been 13 TCs: the number changes as the need arises. These committees cover areas such as software engineering, information systems, security, human computer interaction, and more. One committee is TC9 "Computers and Society", with a number of working groups, including WG 9.2 "Social accountability", and it is in this WG that ethical matters are addressed. So TC9 is not focused on ethics, only one of its working groups is. Instead TC9 looks at wider issues in which technology affects society.

Each member society puts up one national representative for each of the 13 technical committees. However, working groups comprise many people who are not national representatives. They are typically experts in the technical aspects being addressed by that working group. Usually the work of these working groups is done by volunteers.

Now I want to detail the proposal for a new IFIP TC9 WG on Cyberwarfare. Remember, TC9 is charged with examining societal implications of technology, so this proposed WG would reflect that focus. ICT uses in warfare and the safeguarding of peace.

Information technology is changing how war is conducted, but currently none of the TCs address this. This would be a TC9 perspective, and to see if TC9 ought to consider this area, a special workshop was organised, with guest speakers, for the day after the formal, annual meeting of TC9. The idea of the workshop was to explore the topic area, so we could make an informed decision about how best to proceed.

The first speaker was Peter Sommer, an academic at the London School of Economics, as well as a lawyer and adviser to the EU and UK Governments. His topic was Mapping Cyberwarfare. He explored what he thought are the promising areas of research.

This was followed by a talk by David Nyheim, a consultant with Incas Consulting. He addressed Conflict early warning information systems. In his talk he focused on issues of risk management. One thing he said stuck with me: "The toolbox for peace is not as well developed as the toolbox for war." The final speaker was Noel Sharkey, an academic from Sheffield University, who spoke on Autonomous battlefield weapons: who is responsible for the fatalities? His talk covered robots. A couple of things he said stood out to me. First, that "there will be wars", and secondly that "we shouldn't be whingers, if we hope to influence policy makers".

Following the formal talks, the TC9 met to discuss what we should do, if anything. Discussion ranged across numerous areas; including the need to uncover the myths (for example, are surgical strikes really surgical?), to explore differences in warfare technologies, and to look at politics and war studies.

There was a feeling that we should open up our definition of war and that we need to avoid cheap moralism. We could examine the interaction between warfare and informatics, looking at issues such as computer vision and networks. There was a concern that we can't be neutral when we research war, and that our social responsibility is to look at the welfare of people.

As I said, the purpose of the workshop was exploratory. We decided to have another session on this topic at the bi-annual conference of the TC9, to be held in South Africa, in September this year. The South African TC9 representative has close ties to the South African military and he thought it would be possible to get several military technologists to contribute to an expert panel discussion on the topic. The idea is to formulate a proposal for the new WG following that conference, which means that it would not form until early 2009, if it forms at all.

If this is a topic of interest to you, you might want to have a say about whether the international ICT community should be considering issues of Cyberwarfare. Feel free to e-mail me your thoughts on whether there should be a TC9 WG on Cyberwarfare. My e-mail address is oburmeister@csu.edu.au.

Cyberwarfare and TC 9

In many areas of ICT people define terms to suit their own needs, and if "cyber" is part of the term, then usually "Internet" has to be included in the definition. However, I came across this definition online, which identified cyberwar as a synonym for "information warfare", defined as follows: Information warfare is the offensive and defensive use of information and information systems to deny, exploit, corrupt, or destroy, an adversary's information, information-based processes, information systems, and computer-based networks while protecting one's own. Such actions are designed to achieve advantages over military, political or business adversaries. (Dr. Ivan Goldberg, from www.psycom.net/iwar.1.html) This seems to be a good starting point and using "information" rather than "cyber" fits in nicely with IFIP. There is no explicit mention of the Internet in this definition, but that would certainly be included, especially if the warfare involved political and business adversaries.

Oliver's article mentions that the new WG would focus on ICT uses in Warfare and the Safeguarding of Peace. The definition above would fit into this focus, if we consider Warfare as offensive use, and Safeguarding of Peace as defensive use of information and information systems. However, I think this focus is too broad, and suggest that the new WG should just address the second part, safeguarding peace. TC 9 covers the Relationship between Computers and Society, and the scope of the committee's work includes, amongst other activities:

» Promoting Social Accountability: help computer professionals to develop increasing awareness of social consequences of their work, within IFIP and in the profession at large.

» Humanizing Information Systems: examine how the needs of individuals and society affect the design of technical systems involving computers.

» Enhancing the Quality of Life: identify and promote those uses of information processing which improve the quality of life of individuals and of society as a whole.

Using information and information systems offensively to "deny, exploit, corrupt, or destroy, an adversary's information, information-based processes, information systems, and computerbased networks" does not seem to fit in to the activities of Promoting Social Accountability, Humanizing Information Systems, and Enhancing the Quality of Life. However, using information and information systems defensively to protect against attacks on our political and business systems does fit in to the TC 9 activities.

The work of TC 11 covers Security and Protection of Information Systems, and there is a TC 9 and TC 11 joint working group (WG 9.6/11.7) on IT Misuse and the Law. The new TC 9 WG should be complementary to these initiatives, and work closely with them. It might start by considering the democratic, social and cultural issues of information warfare waged by some governments on their citizens.

This may not be as sexy as working on killer robots and massive electromagnetic radiation attacks, but it is just as important. An example of what I mean is the quotation below, from a paper by Justice Michael Kirby presented at a recent conference at the ANU on an international conference that addressed the topic:

"The final presentation by Ben Bowling described the advancing role of technology as a force enabler for modern police and security agents deemed necessary to preserve a secure world.

The extent of the penetration of surveillance technology in the United Kingdom was portrayed in a rather frightening form. The mosquito, a device with an irritating signal seemingly targeted at the sensitive auditory nerves of teenage crowds, illustrates vividly the possibilities of the technology of law and order that lie ahead.

The more that one becomes aware of such technology, the more most contemporary lawyers will be propelled to demanding effective democratic debate about its use and controls over its deployment."

This is one example of cyberwarfare against citizens which should be addressed by the new TC 9 working group.

- Mike Bowern Mike Bowern is the chairman of the ACS Economic, Legal and Social Implications Committee (ELSIC).