Maintaining one's ethics on-line: privacy and authentication issues

On the Internet, no one knows that you are a dog

-- popular New Yorker cartoon with dog at the keyboard

Two recent events got me thinking about how we define what constitutes ethical behavior for our online world: the Oregon license plate server and a fradulent Usenet Microsoft posting. Let me describe both events, and then discuss the ethical implications.

On August 2, Aaron Nabil began a web site that allows anyone to search on the registered owner of a vehicle with Oregon plates. You need to just enter the plate number in the form, and you'll get back information on name and address of the owner. Within days of being up on the web, complaints started pouring in about privacy and the possiblity for stalkers and other criminals to use this information wrongly. When I last checked the site, he had temporarily suspended its operation.

Nabil purchased the entire vehicle database from the Oregon DMV for $225, which anyone can do -- Oregon has "sunshine" laws that allow this.

Nabil's DMV search raises all sorts of interesting questions about net.privacy. Is this a good thing? I am not sure: I can certainly see the implications for both sides. How does this differ from BigBook and other web sites that allow one to search the entire consolidated USA white pages? (Well, one way is that if I am concerned about my privacy, I can elect to have an unlisted telephone number, which hopefully won't show up in these web searches.) Should the state DMV track who queries this data, or put up their own web site? Finally, is it ethical? Well, I am uncomfortable doing what he did, so I guess I would say no. But it is a hard call to make.

Interestingly, a second-level effect was at a web site by someone at Intermania. This person, never identified in their web pages, took it upon himself/herself to conduct a "poll" asking viewers to submit their comments and tabulate the results. Curiously, over 300 people responded within 24 hours, and many not from Oregon. This to me shows the power of the web to deliver immediate information. However, it also shows the power of the web to deliver poor quality of information, since this "poll" is so self-selected it really doesn't tell us much.

Let's move on to a related issue: the flip side of keeping your own identity concealed from others is being able for others to trust that you are whom you say you are. Also earlier this month, a support newsgroup for Microsoft's FrontPage product was attacked (there really isn't a better word for it) by an impostor posing as a bona fide Microsoft employee. What made this henious is that the advice given by the impostor was sufficient to compromise the security of one's web server.

How was this done? BugNet has the details, but basically someone changed the "From:" line of their email package to make it look as if they were "" According to Microsoft, there is no such individual. What makes this attack repugnant is two things: First, the person doing this was using a support discussion to purposely mislead someone. Second, anyone can do this readily -- all it takes is about 35 seconds in Eudora, for example, and I can have a different "From:" address.

I think we will all agree that this wasn't ethical, nor even desirable. The problem, as my friend Bruce Fryer of Novell pointed out to me, is that the barriers and filters of information are gone: anyone can get any information and publish it anywhere these days. While these filters weren't the best way to protect our privacy or security, they did help enhance it in the physical world. Before the white pages were available on disk, few people were going to take the time, money, or effort to type or scan them into a database.

I think these two events cut to the core of how we define ethics for our on-line community. Part of the problem is that this community has no sense of self, no single center or purpose. And even if we limit ourselves to a smaller community, say the three thousand or so people that read this document, it still is hard to pin down a particular set of ethical behavior.

So here is a small proposal: do you think that what Nabil did was ethical? (I've already told you my opinion.) Maybe you all can come to some consensus.

Awards, site-keeping, and self-promotions dep't

On newsstands soon is the September issue of Windows Sources. In it you'll find my series on computer telephony integration along with a short review of Lantastic 7. And starting in November, you'll see my first "Browser" column for the magazine: this will be a regular monthly look at various Internet-related tools and techniques. I've been impressed with the quality of editing and coverage and am pleased to be writing a column for them.

Finally, a request. This fall will mark my tenth year as a computer journalist: it seems both long ago and just yesterday I was coming to work for Mike Edelhart at PC Week to start up the ground-breaking "Connectivity" section. In honor of that event, along with celebrating the first anniversary of Web Informant, I'd like to ask your help.

Please send me copies (or originals with proper postage if you want them returned) of documents that are at least ten years old that discuss technology, lay out your vision of the future back then, or things that you have written or kept in your files all this time. If you don't have any ten-year old writing samples, you can send me a short note with memories of the technologies that you used in 1986. I'll excerpt these notes in a future issue of WI. Mail them to ., Port Washington NY 11050 (USA).

This essay is composed in HTML and can be read in your browser. This is not always a simple process, and I'll be happy to provide help if I can. If you are getting this directly from me, or if someone is forwarding it to you, and you want to change that situation, let me know. Subscriptions are always free of charge. Entire contents copyrighted 1996 by David Strom.

David Strom
+1 516 944 3407
Link to this essay on our site
Back issues of Web Informant essays
WebCompare, comparison and features of over 90 web servers!