SENG4921 – Oral Exam Prep

Here are the notes I made for and took into the SENG4921 oral exam.

As an after thought, you can see I wasn’t prepared for all the options but this is the best I could do in the time. Some of my arguments here may not be very valid, but this is my preparation as it stands, not a blog post into the questions (that’s my excuse for being sloppy).

Question 1: free choice

“Each student should prepare a topic of their own free choice concerned with some aspect of software, hardware, IT professional issues or ethics. This could be —but does not have to be— based on, or derived from, the discussions, seminars, debates, student run seminars and lectures given this semester. The question should be broad enough to not overlap with the other two questions. At the examination the student will be asked to present his/her topic and discussion.

If the free choice question deals directly with one of the Seminar or Lecture questions, then this will generally eliminate that question if one of the randomly chosen 3 for question 2 or 3. Note carefully that the elimination occurs after the random choice, not before.”

After a little thought I think I will focus on DRM in this question. I think this is a good choice because,

1. Its not covered in the other seminar and lecture questions,
2. I know enough about the topic to be able to talk about it,
3. There are actually some valid ethical questions that can be raised and debated here,
4. …

So the deal is I only have 5 minutes to talk about the professional issues and ethics surrounding DRM. I need to identify the issues involved, analyse the professional and/or ethical consequences and present the outcome. I will need to be careful that I address the right things as I only have 5 minutes.

The examiners will be looking for:

• clear identification of the issues;
• analysis of the professional and/or ethical consequences;
• careful presentation of the outcomes.

There are no correct answers, but a good answer will give a clear indication of consequences and issues.

Identification of Issues

DRM is digital rights management. DRM technologies attempt to control use of digital media by preventing access, copying or conversion to other formats by end users.

• DRM is used to bypass existing copyright laws and create your own. Content protected by DRM uses software or hardware measures to prevent unauthorised use of such content. An example is protected music purchased from the iTunes music store. The music is usually encoded using AAC, however on top of this it is encrypted. In simple terms you can only play this music on Apple approved devices. So you cannot play that music on a sony MP3 player, you cannot convert the music to MP3, you cannot play the music on another player on Linux, and lastly if Apple goes bust and decides not to free your music you will never be able to play the music you bought.
• How different is this to selling music using patented encoding techniques. No one else is allowed to make a player except you.
• I mentioned this bypasses existing copyright laws. An example of this is say you want to use a segment of the content you bought which is protected by DRM but the use of the segment is permitted under copyright laws. Regardless of the law you can’t use the material either because you can’t crack the DRM or even if you can, the process of doing so is illegal.
• Also most DRM systems are not set to expire when they are supposed to fall into the public domain. Thus the work may be public domain but no one can access it as its encrypted with some DRM mechanism and no keys no longer available. This undermines the concept of the public domain.

Lastly DRM systems do not work, as most have been cracked. Once the DRM has been cracked by one person (who may be an expert) then can distribute this clean version to all over say BitTorrent. DVD’s CSS was cracked,

From personal experience a while ago I downloaded an e-book (actually a standards document) from the UNSW library/publisher of the standard. It was a PDF document and they told me that it would expire after a week or so. It turns out that it used some JavaScript hide the text when the system date was at whatever was a week after the PDF was downloaded (so the web server was creating the PDF on the fly putting the expiry date and the download details into the PDF). This could be easily bypassed by disabling JavaScript, using a free PDF reader that does not support JavaSript, and so on. Furthermore you could easily use some software to extract the content of the PDF and resave it without the DRM. (Will I go to jail if I ever vist the US because of the DMCA?? Or even from Australian laws?)

Professional and/or ethical consequences

Ken noted in his introduction article that “In this course, we will be particularly concerned with developing your capacity to reason about the possible outcomes.” Hence I will try to focus on the affects/consequences of DRM. Taking a consequential approach to ethical thinking requires one to consider the possible consequences. So some consequences of DRM that should be addressed when taking a ethical approach to DRM are,

• Legitimate users soon find out that they can only use the products they thought they bought in situations that are approved. eg. you find out that your iTunes music won’t play on Linux.
• Consumers become locked in to one vendor. eg. they may have purchased $100 worth of music, but they find they must buy an Apple MP3 player to use it and cannot shop around. Companies can use this advantage to raise the prices of their products to above market value.
• DRM systems that require a ‘call back’ over the internet to some key server won’t work if the company goes bust. Hence if the company goes, so does all your music.
• Many consumers will be driven to consume pirated material as its generally DRM free so less hassles.
• The public may turn against corporations as a whole, due to those that have abused their honesty and good will. People may loose trust in companies and no longer purchase any material and just obtain pirated materials instead.
• Consumers/public may feel coned and abused.

These are all possible outcomes, yet they may not all be an ethical concern. This depends on your individual ethical principles. For me if DRM leads people to move to pirated material rather than paying the owner, then this under my ethical principles this is not a concern. This is strictly a business move and the consumer will not be harmed by doing this. If the company doesn’t want people to pirate the matrial instead of buying it then they can simply remove their DRM and sell it DRM free.

But from a utilitarian perspective, DRM does little to stop the original creator receiving remuneration (if anything it may result in less remuneration), instead it causes great unhappiness. In this respect it is unethical.

As Cohen outlined professions come with these extra “professional” responsibilities. Including “public interest is paramount”, public trust, but also client’s interests. Most (if not all) DRM systems are not in the public’s interest. They are riddled with problems and do very little to stop piracy. They turn honest customers into outlaws. The key thing that consumers need to be aware of is they are not purchasing products from the iTunes store rather they are purchasing a licence to use the music in a restricted set of conditions.

Question 2: Seminar Questions

1. “Engineering”

I think Wikipedia’s summary of Engineering describes what is generally understood by the term ‘Engineering’.

Engineering is the application of scientific and technical knowledge to solve human problems. Engineers use imagination, judgement, reasoning and experience to apply science, technology, mathematics, and practical experience. The result is the design, production, and operation of useful objects or processes.

Of course as a profession it comes with all the things that make it a professions such as responsibility to the public, client’s interest, public trust, an so on.

Software and Computer Engineering can claim to be engineering professions as they meet this description of Engineering that I just quoted. Software and Computer Engineers apply scientific (mostly mathematical, or even Computer Science if you want) and technical knowledge to solve problems. They use experience and so no to apply this to the task at hand. They also do a lot of design work and the actual production of the software/hardware.

Computer programming vs. Software Engineering vs. Software Development

As a job title. Sure your official job title may be “Computer Programmer” or you may graduate with a “Computer Science” degree. That doesn’t mean you never do any “engineering”.

====

My opinion of what is generally understood by “Engineering” as a profession is (to quote Wikipedia here), “Engineering is the application of scientific and technical knowledge to solve human problems. Engineers use imagination, judgement, reasoning and experience to apply science, technology, mathematics, and practical experience. The result is the design, production, and operation of useful objects or processes.” And of course as a profession it comes with all the things that make it a professions such as responsibility to the public, client’s interest, public trust, an so on.

======

2/3. ACM Code of Ethics/Therac 25

• The ACM Code of Ethics and Professional Conduct has the general ethical principles which ACM members must abide to. It also has the code of conduct part called ‘more specific professional responsibilities’ tell you what you should do in particular (but still general) situations.
  • Section 1 Ethical Principles
    • Contribute to society and human well-being.
    • Avoid harm to others
    • Be honest and trustworthy (was Cindy honest to her superiors about the tests?)
    • Be fair and take action not to discriminate
    • respect privacy
    • honour confidentiality
  • Section 2 Specific Prof Responsibilities
    • professional competence
    • Give comprehensive and thorough evaluations of computer systems and their impacts, including analysis of possible risks.
      • “computing professionals must minimise malfunctions by following generally accepted standards for system design and testing.”
    • Access computing and communication resources only when authorised to do so.

• Killer Robot
  • Randy Samuels
  • Cindy
• The Therac 25 accidence were exactly that, they were accidents.
• The people involved were involved appear to have acted as per the ACM Code of Ethics and Professional Conduct.
• Sure they could have done things better. Improved processes, done more checks, get it independently tested, acted on patient complaints.
• Really?

4. Technical Issues with the Therac 25 Case

• Therac 25 was a machine for treating cancer
• Had no mechanical locks like previous models
• Reused software designed for older models
• relied more on software than hardware (did they take this into account when designing the software?)
• investigations only began after several accidents
• causes
  • software not independently tested
  • user manual did not explain certain errors

At the end of the day (as with many famous disasters) there were many times where if something was done better the problem may not have occured.

6. Killer Robot

• Cindy Yardley – Faked software tests to save her co-workers jobs.
  • Knowingly let the product ship with flaws.
  • Thought it would be okay, but be open and let the people charge decide that.
  • —
  • “Give comprehensive and thorough evaluations of computer systems and their impacts, including analysis of possible risks.”

Randy Samuels – Wrote the code that cause the robot to malfunction.

8. Intellectual Property

• Do people still use Windows 3.1? Can you still buy it? Its economic value now is probably close to zero. Why is it still protected then?
  If copyright was designed to encourage new works then surly by freeing up old works such as Windows 3.1 gives Microsoft an incentive to make something new and better.
• Creativity always builds on the past, yet we cannot make derivative works because of copyright laws.
• Data is now protected. And any situations that are not clear may take $$$’s to be decided by the courts. Need better statutory law and modern.
• Scientific knowledge. Most is public knowledge allows ideas to be examined and challenged and improved. Increasingly this is becoming private with genetic engineering.

• What if the internet was patented. Consider a) they essentially stoped all developments or b) make $$$’s from it when obviously we needn’t’ that cost for it to work. Inner workings were shared without the need for patents.
• Think much open source software.

From an ethical analysis,

• some 3rd world people have to pay to use seeds that have been freely available to them for centuries (this is very anti-utilitarian).

Affects Computer Scientists and Software Engineers.

• GIF Patent
• eg. iPhone developer not allowed to use CityRail data
  • When copyright laws are used in this way to stop the spread of information then it counters many ethical principles, openness, fairness, sharing of information, helping someone when doing so will do no harm to you

From an economic view,

• Making a copy does no harm (negative benefit) to the person you copy from. Compared to stealing which takes it away from them. At most you may be removing potential sales.

9. Datavallience

Two types of dataveillance.

• Personal Surveillance (singled out)
• Mass Surveillance

Three examples,

• Government monitoring of internet traffic. (spying)
• Data collection of online services. (eg. facebook data gathering)
• Employer monitoring employee email.

Professionals have a responsibility to act in the public’s interest (as well as the clients interest). They also have codes of ethics to adhear to. Many ethical principles would lead to the conclusion that the people who are having their information monitored should be notified of this. To act in the public interest, the public needs to know when they are being monitored. This gives them the choice, to either use encryption, stop using the service, or something else. However professionals should make an exception to this rule when the matter is of national security or something other when it can be justified that not notifying is acting in the publics interest. This is what ethics is all about. Dealing with these exceptions to the rule.

1. What is dataveillance?
2. Is it immoral to collect data about other people?
3. What personal data is currently being collected?
4. What new opportunities are there to collect even more personal data?
5. How can dataveillance be regulated?
6. What advice would you give to non-specialists about safeguarding personal information?

It depends on the situation. The ethical approach I subscribe to is that the person who is having data collected on them, should be made aware of what is being collected, and that it is being collected.

Question 3: Lecture Questions

• give an overview of the lecture;
• describe the important professional and/or ethical ideas raised in the lecture, especially those that impact on Software/Computer Engineers and Computer Scientists;
• Important answer any specific questions attached below to the lecture.

1. Theoretical Underpinnings of Ethics

“Essentially, you are being asked to demonstrate how different ethical principles could be used to produce different outcomes.  The important part of your answer will be the identification of the different principles and how your reasoning would proceed from those principles.”

Overview

• Humans around the world all tend to have the same ethical concepts. Integrity, fairness, honesty, openness…
• Relativism is doing what the culture is doing just because everyone else is doing it. This does not make it right. People are too quick to play this relative card.
• When we talk about ethics we mean prescriptive ethics. This is what you should or ought to do, compared to descriptive ethic which is what people do do.
• Ethical can be contrasted to,
  • prudential (self interest)
  • political (vote of opinion)
  • preference (want rather than should)
• Rule, Consequences, Professional Code, law, loyalty to employer, confidentiality all factor into ethics. Rules and consequences fall into private (individual) morality, the rest is public morality which matters when you occupy a role.
• There are different levels of morality. In order,
  • Obligation (signed agreement)
  • Duty (eg. its your duty to treat every human with respect)
  • Social Responsibility (duty without specific target)
  • Minimally Decent Samaritan (go the extra mile to help them)
  • Good Samaritan (someone asks you the time, you tell them)
  • Heroism/Self-Sacrifice (wistleblowing)

And now on to the part relevant the the question at hand,

• Two different ethical principles are consequential (teleological) and non-consequential (deontological).
• Under the non-consequential view,
  • to determine if an act is right or wrong it in fact has nothing to do with the consequences of the act. Instead it has to do with other things such as rights, duties, contracts, fairness, etc.
  • Kant’s idea was that good will is what makes an act right, where good will is recognising your duty and then being able to make yourself do it (eg. you crash into a parked car you realise it is your duty to leave your details and then your able to make yourself to do that, even if you don’t want to do it).
• Under the consequential view,
  • Acts are right based on their consequences.
  • We have,
    • Utilitarianism – “Acts are right insofar they produce happiness and they are wrong insofar as they don’t produce happiness.”
    • Nationalism – “Acts are right if they are in the best interest of the nation as a whole.”
    • Epistemism – “Acts are right insofar as they advance our knowledge, and they are wrong if they don’t do that.”
• Example. A dangerous criminal who commited murder and who is very likely to do it again falls into a dangerous situation (eg. is downing). It may very well be your social obligation to throw them an inflatable tube. That would be the fair thing to do, and it would be your social responsibility. However that would not be considering the consequences. Taking a consequential approach, the consequences of saving this one person may cause great unhappiness (and great risk of harm) for the people who the drowning person has threatened to kill. The ethical thing here may be to let him drown in order to save the lives of many others. But again this all depends on your ethical principles.

To make a moral judgement you need to make a judgement, have some justification for that judgement, and also have some principle that lead you to believe that that justification was right. (judgement > justification > principle) If you don’t have this, you don’t have a moral judgement.

2. Professionalism and Ethical Responsibilities

• The key thing that distinguishes professionals or a ‘profession’ is professionals have these extra public ethical responsibilities.
  • act in client’s interest
  • exercise of judgement
  • code of ethics
  • public trust
  • act in public interest
• This is what separates a profession from a business (or a professional from a businessman). These extra things are their duty. Professionals have an obligation to oblige to these things. cf. businessmen are not ethically obliged to act in the public’s interest.
• They have a duty to survey the whole landscape and do what is best.
• Conflict of interest. You can’t be a profession if you have some extra incentive (eg. being paid to do something against the client and public’s interest).
  “A person’s having a conflict of interest is not the same thing as a person’s being affected by a conflict of interest.” People who say they don’t have a conflict of interest just because they are not affected by (or more specifically their judgement is not affected by) a conflict of interest doesn’t
  mean they don’t have a conflict of interest.
• Codes of Ethics and Codes of Conduct. Codes of Ethics have values/principles. (eg. honesty, openness)
  • Any principle/value will require judgement.
  • You make a judgement on the principle/value, and in this respect Code’s of Ethics are empowering. (eg. guy here to kill someone, honesty does not require you to tell him where to find the person).
  • Code’s of Conduct are different. They are not for introducing new values. They are there to remove judgement. They tell you exactly what to do in specific situations. eg. Bribes. They may say that you cannot accept any gift you receive over a given about. They take the heat off.

Other things of interest,

• “At work, you don’t leave your private, personal values at the door!” “Your ethical values must be there.”
• The answer to “Who’s to judge” is always “You, as an individual.” (from whatever perspective whether it be legal, ethical…)

3. Open source from an Economical Approach

• Software is a Collective Consumption Good. Consumption by one consumer does not reduce consumption by any other. Also “non rivalrous”.
• Software is Nonexcludable = difficult to exclude others from use
• Goods which are both lead to incentive to free ride, Results in “Market Failure”
• Argument is that, therefore software will not be produced unless there are special rights restricting the exploitation of software.
• According to this, these are not possible
• Linux, Apache, MySQL, PHP, Email, Internet protocols

Closed source (Sales Force): For every $1 spent on software development, $10 is spent on marketing
Open Source (SugarCRM): for every $4 spent on development, $1 is spent on marketing

6. Freehills Talk/Software Patents

Quick Summary

• Patents are a business tool.
• Monopoly vs. Secrecy
• Patentability (any prior art)

Ethical issues for Software Engineers/Computer Scientists

• Patents cost $$$, and take time. Is this worth it.
• What if the internet was patented. Consider a) they essentially stoped all developments or b) make $$$’s from it when obviously we needn’t’ that cost for it to work. Inner workings were shared without the need for patents.
• Think much open source software.

This comes down to your ethical principles. My ethical principle resolve around helping others, advancing knowledge, and working together for maximum benefit. So under my ethics software patents are unethical because they hinder the progress and development of (in the case of software patents), software. For example, someone patents the GIF encoding scheme, this can be used to lock out people from using this method. It also locks the scheme up so in the theoretical case where someone patents X, which lasts for 20 years. Person B invents X two years later but cannot use or distribute that invention because of the patent.

If you don’t want others exploiting or using or building on your invention then don’t share the details with anyone.

We are forgetting that many people (think Linux) don’t need the incentive of a patent to invent things or make them useful to the public. Patents hinder the publics access to certain processes.

If everyone was free to take others hard work and put it to good use, and build upon it and share that then progress would move faster than ever before.

But this is just my view of the matter. I do grant that I have this view because for me, progress (in terms of new and better software, etc) comes by people working on their own will because they want to for the fun of it (an example open source software, much of it was done with little commercial incentive). No money is wasted on lawyers who make no progress to the field. Instead everyone can work on pushing progress forward.

The ethics is solid. In fact patents were originally designed very ethically. Look at the consequential utilitarianism approach.

But things have changed. Software patents have not helped with this.

• Look at Mathematics > no patents. Much progress. Much work is based on previous work. (imagine if some theorems were ‘protected’ for 20 years and you could not discover any theorems that used that original theorem in its conception or proof)
• Have Software Patents really done what the patent was meant to do? No. The consequences of having patents was originally that the inner workings and methods of creation of an invention were published to the public for their good. But patents don’t have source code

Back to patents.

7. Law

• Statutory Law. Parliament.
• Common Law Courts.
• 4 jurisdictions
  • criminal
  • civil (tort and contract)
  • administrative law
  • equity
• litigation is the process or a lawsuit
  • burden is on the plaintiff (the one brining the action)
  • can be $$$
• putative damages (in contrast to compensatory damages) are not to compensate rather to reform or deter the defendant/others from doing the act/repeating it.
• Windows and the iPhone are licensed. They come with a license agreement.

Well as an ethical professional engineer you have an obligation/duty to act in the client’s and the public’s interest. As such you should notify the company of the situation and let them make a decision based on that. This is acting in the clients interest. Even with out this certain ethical principles such as openness may require you to notify the other party

Contrasted to an ordinary businessman who has no duty (thought they ought to do at least what is minimally decent) to act in the publics interest.

Different Standards when choosing to obey a law or not. Illegal? Litigation Risk? ‘Professional’ Standard(will your peers reject you)? Ethics(will your friends and children reject you)?

9. Internet Censorship

Overview

Professional/Ethical Ideas / Social/Technical

• There is a lot to talk about this topic.
• Censorship.
  • Should there be any censorship?
• Internet Content Classification.
  • Should there be a gov department which pro-actively classifies all the sites on the web? eg. DET. From a technical view, the web is huge and dynamic. There is no way that one gov department can keep up with this. eg. 20 hours of video is uploaded to youtube every minute.
  • Should classification work on a complaint system? People who oppose could just flood it.
  • Two other options.
    • Community classification (rely on good faith, ie allow people to label certain URL’s as adult only… if you get enough people to ‘vote’ then the results should be good).
    • Host classification. Make laws that require the content host to label any content they make available online.
  • From an ethical standpoint, your ethical values/principles (mine do) may require you to at least make a reasonable attempt to provide users with classification information.
• Transparency is one of the criticisms. If decisions are made behind a closed door then this leads to abuse (eg. blocking political speech). Need public scrutiny and pressure to keep it in line. Taking a non-consequential ethical approach we need transparency for this scheme to meet the ethical principles of openness, fairness, honesty, integrity and so on. From a consequential approach, much research would need to be undertaken to consider the consequences, and this is something the governments reports should address. With the research in hand and from a utilitarian approach would censorship with no transparency produce the most happiness, or from an epistemic approach would this case of censorship without transparency really advance knowledge more than no censorship or censorship with transparency?
• This is real and at the end of the day it is computer scientists or software engineers that will implement any censorship. As such in the end it will come to these people to make an ethical decision on whether what they are doing is ethically right under their principles.

A social issue is over-legislating. eg. . For example certain materials (which probably includes child pornography) is illegal to view, so if you happen to accidentally find this material on the internet and you want to report it to the police so they can track down the perpetrator, you are in a conundrum. If you tell the police about it, then you must have viewed the material yourself which is illegal so you may face criminal charges, hence you cannot report it.

Another social issue. Is it just illegal content? Should the government be deciding what to view or not?

Technical Issue. What about things like VPN’s, tor…? The internet is huge and dynamic? What about a tag system.

Advertisement

SENG4921 – Lec 10 – Censorship, Internet content classification, ISP-level filtering and the interests of young people

The SENG4921 week 10 lecture was “Censorship, Internet content classification, ISP-level filtering and the interests of young people” by David Vaile. The Cyber Law Centre has some materials on the governments current censorship proposal at http://cyberlawcentre.org/censorship/.

This is not an article by me on the topic, rather my notes that I took from the lecture.

Lobbying Efforts

• The online community who are against the censorship regime are (supposedly) not organised as much as other groups who are lobbying for the filter. I take this to mean that while the online community (myself including) spreads the word though blog posts, forum discussions, facebook groups, twitter feeds, youtube videos, etc., the Government does not listen. These online methods don’t seem to get the governments attention as much as perhaps even small groups that know exactly how to lobby the government.
• The anti-censorship/filter advocates may have higher numbers, but the government listens to the traditionally organised pro-censorship/filter lobby groups.
• This is what I gathered from what Vaile was saying, sure I may have missed the point or he may have meant something else, but I think this is correct in a sense. Most senators are not in their 20’s and probably not so digital savy as the youth of today. I’m guessing that they simply don’t hear all the outcry on the internet. They don’t read the blogs or follow the discussions. Do you think Senator Conory reads #nocleanfeed on twitter? This is why I think that open discussion online needs to happen. Some kind of aggregator site that both the community and politicians use. Sure things are happening on different fronts, eg. openaustralia.org but still things are near from ideal.

Transparency

One of the main criticisms of the proposal is the lack of transparency. Vaile painted a nice picture of this. The classification board is where decisions about film ratings are made. Their decisions are public and they are subject to review. Under the proposal the decisions are secret. Consider this, if you have the job of classifying material and only the minister and PM know your decisions you are much more likely to make stricter decisions. If you classify something as blacklisted then people don’t know its blacklisted so are less likely to complain that its blacklisted. Also if your boss (the minister) happens to be bias towards one end of the scale, then you would be more likely to make decisions on that end of the scale not necessarily where the line should be drawn. This may happen if there is no public scrutiny and no review process. Sure you cannot say for sure what an individual who has been assigned to classify sites will do, but this is the image I got from Vaile’s talk.

Tag System

I first came across this when reading Lessig’s Code 2.0. Instead of trying to filter the internet on the ISP level or running some kind of taxpayer funded attempt to classify the interent, put the onus on the web site owner. It would be very easy (and I’m sure such systems already exist) to add some extra HTML content at the top of an HTML page that would contain some metadata about the classification of the site. Perhaps MA if there is lots of violence references, or X for pornography. Then you could have laws in place that say if you distribute certain materials that contain, blah blah and blah, then you must adhere to these metadata tags.

This allows for the browser to filter pages based on their rating. So in school environments where the browser settings are locked down this could work. You could also (probably) do implement a filter at an ISP level (for say a school) that looks at the TCP packets and the HTML data for this rating metadata.

Sure there are many technical problems (particularly the case of you can’t add this metadata so easily to non-HTML files) but the system sounds the best to me.

Over-legislating

Vaile made a point about the dangers of over-legislating things. For example certain materials (which probably includes child pornography) is illegal to view, so if you happen to accidentally find this material on the internet and you want to report it to the police so they can track down the perpetrator, you are in a conundrum. If you tell the police about it, then you must have viewed the material yourself which is illegal so you may face criminal charges, hence you cannot report it.

This rebinds me of copyright infringement on the internet. You cannot know for sure what you are downloading until after it has downloaded (and even then you can how can you know if this material is illegal to copy or not?). Therefore how you can be charged for downloading copyrighted material is beyond me.

Opt In/Opt Out

What happens if the opt-in list is leaked. People can be criticised much more for opting in compared to opt out where you most likely won’t be criticised.

Links (Vaile did not discuss)

Apparently not only does ACMA not like certain materials, they also don’t like people posting links to materials that they don’t like. But its not just ACMA, this link take down fiasco is a wider problem (think sites that host .torrent files).

So posting a link to a site on the ACMA blacklist will result in an $11,000 fine per day. What if you post the URL but with no <a href… tag? What if you encrypt the URL? What if you encrypt the URL and post the decryption key on a different domain? What if you post a link to a page that contains a link to a page on the blacklist? How many hops will ensure you don’t get threats of massive fines? The internet has so many links I’m sure that somehow some .gov.au web site links to an other web site which in turn links to another web site ……. which in turn links to a site on the ACMA blacklist (I haven’t the time to find this path though). Is it illegal to tell someone the street address of someone who may be able to provide you with illegal drugs?

The other problem is we are supposed to not post links to certain sites, but ACMA won’t publish that list of sites that we cannot post to? So we must instead check our mail every single day in case today is the day that ACMA tells us that we are providing a link and must remove it immediately?

SENG4921 – Lec 06 – Intellectual Property and software patents

Patents

Patents are a business tool.

I think that is the most important thing I gathered from this lecture by two Freehills attorneys (Stuart Irvine & Ronelle Geldenhuys) about IP and software patents. Lecture slides here.

Monopoly vs. Secrecy. In order to get the monopoly you must give up the secrecy.

Patents protect functionality.

Patents can be used as a sword (legal action to get royalties or force the infringer to stop), shield (dissuade others from infringing), war chest (trade and negotiation).

A patent gives the patent owner an exclusive right to exclude others from exploiting (manufacturing or importing a patented product or using or importing a product made by a patented process) an invention in a particular country.

To enforce a patent, the patent owner must take the infringer to court.

Tests for patentability,

• Patentable subject matter
• Industrially applicable
• newness (any prior art?)
• obviousness

With regards to patenting mathematical algorithms,

“A method of calculating a value c, where c = e^x x sin(t)” is not patentable however this is,

“A method of determining the length of a road (L) in metres by applying the formula where is the gradient of the road, N is the number of litres of fuel used by a car travelling on the road, and g is the acceleration due to gravity”, According to APO, Manual of Practice and Procedure, Volume 2. Sounds a bit silly to me.

An example,

US Pat. 5356330 (via google) – Apparatus for simulating a “high five”

Self publication prior to filing does class as prior art, meaning you cannot get the patent.

To invalidate a patent you just need to find prior art. That is, find the idea published prior to the filing date of the patent. Lesson here, if you know you don’t want to get a patent for something and you want it to remain free to the world publish your idea/concept. Remember you don’t need something working in order to patent it. Just detail how it would work (that’s easier than getting it to work right?).

US patent 5490216 (or via google) is interesting. Filed in 1993, its a System for software registration. Basically there is a demo mode and a full mode. To get the full mode you need a registration key. Thats the general gitz. I didn’t read the whole thing.

There are other examples,

• IBM holds patent #4,965,765 which covers the use of different colours to distinguish the nesting level of nested expressions. (Filed: 1986)
• Patent #5,249,290 covers assignment of client requests to the server process having the least load. (Filed: 1991)
• Patent #4,941,125 covers using a digital camera in conjunction with character recognition software to store and index documents on a CD ROM. (Filed: 1984)

I don’t know what to think. They seem trivial, simple and obvious, but they weren’t published today. As most people would say, you need to ensure that trivial patents are not granted (problem here is how do you define trivial?), and that the term is not too long (20 years is too long in my opinion).

Patenting of illegal methods in not allowed, though you may patent a things which may be used illegally such as gun (heh, otherwise nothing would be patentable).

Interesting example. A safe design was patented and then a thief used the patents to work out how to break it.

———————–

Copyright

In terms of software, copyrighting software only stops others from using the same implementation as you. They are free to use an alternate implementation to do the exact same thing.

You can copyright compiled machine code.

I have a lot to say about this (creative/computational universe, and the clouds that span derivative works). So much that I’ll have to leave it till later.

———————–

Registered Designs

Registered designs are interesting. There is a nice brochure from an Australian Law firm here.

A registered design provides a monopoly of a limited duration (max 10 years in Australia) granted by the government to an entity of a “concept” which determines the appearance of a product. I’m a little confused here as I though (its such a shame that the audio recoding from that lecture is corrupt) Geldenhuys said that registered designs are for a specific device. So if you register a design for an electronic device, anyone can use that design for say a paperweight. However in their lecture slides it says that registered designs protect appearance not functionality.

You will all probably recognise AU Registered Design 307210. Currently owned by Apple Inc. and must expire by Nov 23, 2015.

AU Registered Design 307210 (http://pericles.ipaustralia.gov.au/adds2/adds.adds_reps_details.paint_large_rep?p_application_details=200515157,307210,1,BB,tmprod,NORMAL)

All registered designs must have a “Statement of Newness and Distinctiveness”. AU RD 307210 says, “Newness and distinctiveness is claimed in the visual features shown in solid lines in the representations.”

Registered designs must be renewed to stay protected. Though they have a max of 10 years, renewal fees get larger near the end of the designs protected life, either Irvine or Geldenhuys then added to this “governments don’t like monopolies”. Sorry but I strongly disagree with you there. If governments didn’t like monopolies they would abolish crown copyright.

Trademarks

I won’t say too much here. But here is a sample trade mark “thing”(?).

Trade Mark 1111537 (http://pericles.ipaustralia.gov.au/atmoss/Falcon_Details.Print_TM_Details?p_tm_number=1111537&p_ExtDisp=D&p_Detail=DETAILED&p_Search_No=2&p_Lastrecord=FALSE&p_Is_Internal=F)

Trade Secrets

You don’t publish, you just swear everyone to secrecy (contracts). Does not protect against reverse engineering or independent formulation.

SENG4921 – Lec 07 – Legal perspectives on system development — Liability, litigation risk, ’professional’ standards, and ethics

I was looking forward to this talk by David Vaile since his name keeps popping up everywhere I go. So here are some rough notes I took down (and then expanded on some points now). His full slides can be found here.

This slide gives a nice overview.

(David Vaile. Legal perspectives on system development)

Lawyers can speak for clients (i.e. on their behalf). So you may want to be careful of what they are saying for you.

Cases are often about motivation. Why you did something. Your intent. Its not a whole science. eg. murder/manslaughter. did you intentionally push someone in front of a train, or did you slip and accidentally push them in front of a train. This can make a difference in a trial.

Criminal –> Beyond reasonable doubt.
Civil –> Probability. Does not need to be beyond reasonable doubt.

Lawyer’s will generally say “with respect I think you are wrong” rather than the direct “you are wrong”.

Law exists to regulate. “It won’t just work out itself [if we don’t have laws]”.

Courts can be expensive and risky. Going to court may not always be the best idea.

ASIC, ACCC… can step in sometimes. This strips away the companies advantage (lots of $$’s and lawyers) in a case against an individual.

“If you make something accessible in another country is that publishing in that country?” One court case says yes. I find this surprising. If you publish something on a web server in your country and allow all IP’s to access your web pages then another country considers you publishing in that country??? Unfortunately Vaile didn’t give the case reference for this (UPDATE: This is the case and here is a list of law journal articles referring to the case. I’ll probably make another post once I get a chance to take a closer look at it).

Due to the free trade agreement its now illegal to copy even when allowed if you break the DRM.

Suing your customers –> turns them against your company! This builds a coalition of difference to try to change the law. The turning point is if that coalition is large enough. Could this mean that to win the copyright fight we must get the film studios to sue as many people as possible? I would hope not, and rather hope that people become aware of the current problems on their own accord not through legal action against them.

Litigation risk may change over time. You may do something now that has a low risk of litigation but in a year or so that may change. That minimal risk does not increase your chances of winning the case.

This slide from Vaile’s talk is enlightening for me.

(David Vaile. Legal perspectives on system development)

Mainly because its so easy to fall through the top one that you forget there are layers underneath. Copyright laws is so tough and stupid its hard to convince yourself that you should not break them. You loose faith in the law and begin to not worry about anything. But the law is just one standard. Professional standards and ethics come into play. Let me look at some example cases.

	Liability	Litigation Risk	‘Professional’ standards (will your peers & colleagues reject you?)	Ethics (Will your children & friends reject you?)
Murder	Illegal	High	Yes (probably)	Yes (probably)
Copyright Infringement of a feature film to avoid paying	Illegal	Low	Perhaps	Perhaps
Copyright Infringement of a feature film to transfer a purchased DVD to a portable device (prior to amendments)	Illegal	Very Low	No (unlikely)	No (unlikely)

I think its just as important, if not more important to consider the bottom two standards (professional standards and ethics) than the top two (liability and litigation risk). These bottom two are still important even if you can get away with the illegal act.

Privacy. There are two interests here, the individual and the government.

The Individual. “I want to be left alone.”

<===>

The Government. “What have you got to hide? Tell us.”

When a political party is trying to pass a law public interest/politics may come into play and cause a party to back down on a bill, even if they can get it passed and want it passed.

	US	Australia
Upper House	Senate	Senate
Lower House	Congress	House of Representatives

The Australian SPAM act has no private right to sue. Must rely on ACMA. The US CANSPAM act has private rights to sue.

SENG4921 – Lec 05 – Introduction to Law and Contracts

There are two sources of law.

• Statutory Law:
  In Australia Statutory Law is written law set down by parliament. Before a law can come into force, the Bill must pass through both Houses of Parliament.
• Common Law:
  “Common law refers to law and the corresponding legal system developed through decisions of courts and similar tribunals (called case law), rather than through legislative statutes or executive action.
  Common law is law created and refined by judges: a decision in a currently pending legal case depends on decisions in previous cases and affects the law to be applied in future cases. When there is no authoritative statement of the law, judges have the authority and duty to make law by creating precedent.” –Wikipedia

Statutory law trumps common law.

In Australia, the legal system can be broadly classified into 4 different jurisdictions:

• Criminal Jurisdiction
• Civil Jurisdiction
  • Contract Law
  • Tort Law
• Administrative Jurisdiction
• Equity

Litigation refers to the process of a lawsuit (when you take someone to court).

• The burden is on the party bringing the action (the Plaintiff)
• Litigation can be costly and something to be avoided
• Consider mediation and arbitration for civil matters

Punitive damages (in contrast to compensatory damages) are damages not awarded in order to compensate the plaintiff, but in order to reform or deter the defendant and similar persons from pursuing a course of action such as that which damaged the plaintiff.

In the area of Contract Law, clicking an OKAY button on a webpage or during installation is legally binding!

In the lecture we took a look at the Microsoft Windows Vista License Agreement. Though I think the iPhone License Agreement is worth taking a look at too.

References

Ho. Peter S. 2009. Introduction to Law and Contracts.

SENG4921 – Lec 02 – Moral Reasoning & Professional Ethics

Part II of Stephen Cohen’s lecture, (audio here) (2008 lecture slides here). Just as a side note, I think I’ve picked up more by listening to the audio where I can stop it to think about what was said, that I have by going to the lecture. Also it seems that the content in the two lecture doesn’t fall under the title really well. It seems some of the stuff from lecture one falls under lecture two’s title, and some of the stuff from lecture two falls under lecture ones title.

Cohen started by talking about some ethical theories. Here is a diagram based on the one we were shown.

On the left we have the group of ethical theories, consequential, that is based on the view that “Acts are right based on their consequences.” Under this umbrella there are four different views as shown.

• Egoism – “An act is right insofar as it advances my welfare.” Although nowadays people tend to contrast this with thinking about ethics.
• Utilitarianism – “Acts are right insofar they produce happiness and they are wrong insofar as they don’t produce happiness.” The wrong way to thing about utilitarianism would be “the greatest good, for the greatest number”, rather it is about maximising happiness not distributing the most. For example if I had $100 to distribute to 50 people, it may well be that giving the whole $100 to one person would produce greater happiness than the sum of happiness of 50 people each getting $2. If this were so than the utilitarian view would be to give the whole $100 to that one person.
• Nationalism – Acts are right if they are in the best interest of the nation as a whole.
• Epistemism – “Acts are right insofar as they advance our knowledge, and they are wrong if they don’t do that.“

On the right we have another view where ethics is based on non-consequential things. That is, to determine if an act is right or wrong it in fact has nothing to do with the consequences of the act. Instead it has to do with other things such as rights, duties, contracts, fairness, etc.

Or to put it as Ken Robinson and Achim Hoffman have it in their introduction article,

• Deontological in which the reasoning is based on axioms or laws, for example, “You shall not lie”
• Teleological in which the reasoning is based on outcomes.

Kant was a non-consequential thinker. His idea (how I have interpreted it) was that good will is what makes an act right, where good will is recognising your duty and then being able to make yourself do it (eg. you crash into a parked car you realise it is your duty to leave your details and then your able to make yourself to do that, even if you don’t want to do it).

Cohen then goes on to make a very good point about autonomy. The audio segment is embedded here, (or direct download)

“Kant was the person, and this has been a feature of thinking about ethics ever since Kant. A number of people think that a really important feature about ethical performance is autonomy, autonomy. Which means being free from various kinds of constraints and being able to generate something all on your own. Autonomy, I do it not because I have to, not because I’ve been trained to do it. In that respect you see you could be free …–go do whatever you want, but you’ve now been as it were brainwashed to do a certain kind of thing–. You would be free but you wouldn’t be autonomous. Autonomous is being able to come up with the principle, to generate it yourself and then make yourself do it. And that has been a very important element in thinking about ethics.” –Stephen Cohen, 2009.

Aristotle on the other hand thinks ethics is about having the right character. Imagine there’s person walking along a pier and he sees someone who’s drowning. The person with a good character (a good kind of person) does think twice, they pick up the lifefloat tube and trow it to them. This person has good ethical values as a result of their good character. Taking another approach, same situation but now someone who doesn’t have good character who doesn’t value human life. They don’t want to save this person, but they know that they ought to save them so they throw them the lifefloat to save them, despite the person not wanting to do it. This person does not have good character, but they have good ethical vales because they recognised what they ought to do, and they did it. This is Kant’s view.

Another view, sometimes called contractarism, focuses on “Keeping the terms of the contract.”

Another slide that Cohen showed was this.

Cohen makes the point that in order to have made a moral judgement you need to make a judgement, have some justification for that judgement, and also have some principle that lead you to believe that that justification was right.

judgement > justification > principle

If you don’t have this, you don’t have a moral judgement. He also says that the way you could discover that something is not a moral judgement, rather you have some bias or preference towards that judgement and it is not a moral judgement is if you don’t have that, you don’t have judgement > justification > principle.

If you are more committed to a particular judgement rather than the principle. Cohen then goes on to say that he thinks this is how we go on about moral reasoning. We try to put these two together. Sometimes we modify the judgement in light of the principle, and sometimes we modify the the principle in light of the judgement. These are exceptions to the rule (or the principle).

Cohen then talks about business and the profession.

The big difference between profession and business is profession have this extra bit about the public interest and the client interest. They have a duty to survey the whole landscape and do what is best. Professions and professionals must do that stuff as above. You can’t be a profession if you have some extra incentive (eg. being paid to do something against the client and public’s interest).

“A person’s having a conflict of interest is not the same thing as a person’s being affected by a conflict of interest.” People who say they don’t have a conflict of interest just because they are not affected by (or more specifically their judgement is not affected by) a conflict of interest doesn’t mean they don’t have a conflict of interest.

Two more good slides. This first one shows two organisational models, one where the top has great power, with this comes great responsibility, the other where they all have power, with this comes great trust.

The second shows some of the modern differences between a Code of Ethics and a Code of Conduct.

Any principle/value will require judgement. Say you subscribe to the principle of honesty. At some stage you will need to make a judgement based on this principle. For example (and Cohen makes the story sound more convincing than I do here) you are at home with your close friend, Bob. Bob says he is scared as some crazy person is out to get him. Someone then knocks on your door, you answer and there is a big strong man there with a knife in his hand who asks is Bob here. Honesty does not require that you say yes he is here. You make a judgement on the principle/value, and in this respect Code’s of Ethics are empowering.

Code’s of Conduct are different. They are not for introducing new values. They are there to remove judgement. They tell you exactly what to do in specific situations. One area they may deal with is gifts/bribes. They may say that you cannot accept any gift you receive over a given about. They take the heat off.

Although Cohen did not cover this in the lecture, the lecture slides from last year looked into management and leadership issues and ways to promote ethical behaviour in an organisation. I find this interesting so I’ll go over a couple of these things here.

• Leadership involves authorising and empowering others to behave ethically.
• People are more likely to behave ethically when:
  • managers behave ethically
  • organisational values are clear
  • ethical behaviour is rewarded
  • sanctions for unethical behaviour are clear
  • there is practical ethics training

One last thing about morals and ethics. Back in COMP1917 Richard Buckland made a good statement he said something along the lines of come up with your own ethics and moral beliefs, and stick to them. I think this is good advice.

Also here are some notes made by the COMP1917 class which seem relevant.

• “Ethics is the way you behave when people are not around and there is a spanking new Alienware laptop sitting on the table in front of you waiting for you to steal.
• When you face ethical dilemmas at work, don’t forget you can ask other professionals from your field for advice on how to handle such situations.
• Discussed a large range of examples of ethical dilemmas and scenarios which present interesting problems:
  1. Hitler’s guards – Each of Hitler’s guards, when told to throw the next lot of prisoners into the gas chambers must have each thought inside that they didn’t want to do it, but nobody had the courage to say anything. Maybe if one guard refused, all the others would, then a message might get sent that what they were doing was wrong.
  2. Richard’s friends – was put on the spot by her boss in an interview with a client to lie about the progress of her software. In spur of the moment she lied and ever since the boss does it regularly now. She feels like she is doing the wrong thing and doesn’t know what to do.
• Richard’s advice on ethics was for each person to sit down and work out exactly what they think is ethically wrong and ethically right, and then never break that. It doesn’t matter what he thinks, in the end it’s YOUR ethics and morals that count for yourself. He said that breaking morals breaks the spirit and that we get extreme happiness from obeying our morals and doing the right thing. He also said we need to plan ahead, and attempt to predict ethical dilemmas before they arise, that way we can think about them and make a proper decision, since during the heat of the moment we will often give into temptation and fail miserably.
• Whistleblowing – extremely difficult thing to do, the company/government will attempt to discredit your character and make a mess of your image etc. If anyone feels like whistleblowing read a book called “the Whistleblowers Handbook” by Brian Martin. Richard says its a great read.”– COMP1917 08s1 Class.

References:

Cohen, Stephen. 2009s1 SENG4921 Lecture. Audio. 2008 Slides.

SENG4921 – Lec 01 – Theoretical Underpinnings of Ethics

Today’s This week’s lecture for SENG4921 – Professional Issues and Ethics was given by Stephen Cohen of the School of History and Philosophy, UNSW. The lecture title was “Theoretical Underpinnings of Ethics”.

It was a very interesting lecture for me, and I thought it was presented very well. You can find his lecture slides from last year here, and the audio here.

This post is basically a summary of the notes I made in the lecture, so you should be able to follow though the slides as its in chronological order. I’ve mixed in my own interpretation so it may not be the case that this is exactly what Cohen said and/or meant.

———————————————

• Ethical thinking is about thinking of others interests.
• Everybody has the same ethical thinking, (and these are all important)
  • Integrity
  • Fairness
  • Openness
  • Compassion
  • Honesty

Relativism is doing what the culture is doing just because everyone else is doing it. This is does not make it right. For example say you go to another country where bribery is common. This does not make it right. Nor does the line of thought “everyone else is doing it so it must be okay”.

• People are too quick to play this relative card.

———————————————

For example if you bump into a parked car and dent the other car’s bumper your thinking here is focused on answering the question “What should I do?”. However if for example you are asked to list some important moral characteristics your thinking here is focused on answering the question “What kind of person should I be?”.

These two questions are the underpinnings of ethics.

You don’t always end up doing what you think you should do.

“What kind of person should I be?” relates to a “Code of Ethics”. This is what the employees or organisation are.
“What should I do?” relates to a “Code of Conduct”.  This is what the employees or organisation should do.

When we talk about ethics we mean prescriptive ethics. This is what you should or ought to do, compared to descriptive ethic which is what people do do.

———————————————

Morals and ethics are really the same.

Ethical is compared to (i.e. very different to)

• Prudential – self interest
• Political – settled by a vote (of opinion).
  • Cohen used a good example, where one politician in parliament said they should have a referendum to see if the indigenous people should be given human rights. Another politician then got up and said this is non-negotiable. The indigenous people have a right to human rights, there should not be a referendum to decide this.
• Preference – want rather than should
• Artistic

———————————————

To borrow a diagram from Cohen’s slides,

Rules, consequences, professional code, law, loyalty to your employer, confidentiality, requirements of your role, etc. all factor into ethics.

Rules and consequences are requirements of morality of an individual (private morality), the other is public morality which comes into play when you occupy a role, it is mediated by the institution.

and another diagram,

I think this is the foundation of a lot of Cohen’s message.

• Obligation – You are required to do something (e.g. you have signed in agreement to act on something)
• Duty – e.g. it is your duty to treat every human with respect
• Social Responsibility – Duty without a specific target. eg. ought to do something, whether it be Clean Up Australia, supporting Youth off the streets or the Red Cross, etc.
• Good Samaritanism – Go the extra mile. eg. stop to help someone with a flat tyre.
• Minimally Decent Samaritanism – eg. if you are wearing a watch and someone asks you for the time you tell them.
• Heroism Self-sacrifice – doing more than you have to do, beyond what is expected. eg. Wistleblowing

———————————————

Cohen’s advice, “be aware of these things”.

“At work, you don’t leave your private, personal values at the door!”

“Your ethical values must be there.”

All these things often conflict, but you must make a decision. You may ask “Who’s to judge” these things. The answer is always “You, as an individual.” (from whatever perspective whether it be legal, ethical…)

I feel this is a key and important part of the lecture, and I know that this is not easy.

You have an obligation to your employer, at the same time you have your own ethics which may conflict. Would you do something you think is unethical just because you don’t want to lose your job? I don’t know what I would do…

———————————————

Cohen makes another good example. Say there was a rule that said all motor vehicles must stop at a stop sign. But what about police who are chasing a criminal. What about an ambulance. What about people rushing someone injured to the hospital. As Cohen puts it, the right thing to do in all these cases is to run the stop sign. But we will continue to find more cases. The rules cannot cover them all.

The point he is trying to make is “you can’t clear up ethics stuff with more rules.” You need to make an ethical judgement.

I agree with this. Though this sounds like a tough legal issue. Who would be the judge of the ethical judgement? What if you broke the law in order to do what you thought was ethical? Would claiming you made an ethical judgement hold up in a litigation suite? I’m guessing not.

———————————————

Another good example Cohen gave was the “dead man’s break”. As it was told State Rail implemented the dead man’s break in it’s trains, so if the driver got off the seat a break would be applied. The drivers didn’t like this so some disabled it. As a result a train crashed because of this. So what did State Rail try to then do, they tried to make a fool-proof break. This doesn’t work.

———————————————

Whistleblowing – As Cohen puts it, the whistleblower almost always suffers. Its something that you are never obligated to do.

References:

Cohen, Stephen. Theoretical Underpinnings of Ethics. 2009. SENG4921 – Professional Issues and Ethics Lecture 1.