M.10 Legal and Ethics

From CyberEdWiki
Jump to: navigation, search

People working in cyber operations must comply with many laws, regulations, directives and policies. Cyber operations professionals should fully understand the extent and limitations of their authorities to ensure operations in cyberspace are in compliance with U.S. law. In addition, cyber operators must have knowledge of cyber ethics for both understanding and applying moral reasoning models to address current and emerging ethical dilemmas on an individual and society.

Specific topics to be covered in this knowledge unit include, but are not limited to:

  • International Law
    • Jus ad bellum
      • United Nations Charter
    • Jus in bello
      • Hague Conventions
      • Geneva Conventions
  • U.S. Laws
    • Constitution
      • Article I (Legislative Branch)
      • Article II (Presidency)
      • Article III (Judiciary)
      • Amendment 4 (Search and Seizure)
      • Article 14 (Due Process)
  • Statutory Laws
    • Title 10 (Armed Forces)
    • Title 50 (War and National Defense)
    • Title 18 (Crimes)
      • 18 USC 1030 (Computer Fraud and Abuse Act)
      • 18 USC 2510-22 Electronic Communications Privacy Act
      • 18 USC 2701-12 Stored Communications Act
      • 18 USC 1831-32 Economic Espionage Acts
  • Cyber Ethics
    • Professional Ethics and Codes of Conduct
    • Social Responsibility
    • Ethical Hacking

Outcome: Given a cyber operations scenario, students will be able to explain the authorities applicable to the scenario.

Outcome: Students will be able to provide a high-level explanation of the legal issues governing the authorized conduct of cyber operations and the use of related tools, techniques, technology, and data.

Outcome: Students will be able to evaluate the relationship between ethics and law, describe civil disobedience and its relation to ethical hacking, describe criminal penalties related to unethical hacking, and apply the notion of Grey Areas to describing situations where law has not yet caught up to technological innovation.

Outcome: Students will be able to describe steps for carrying out ethical penetration testing, describe 'ethical hacking' principles and conditions, distinguish between ethical and unethical hacking, and distinguish between nuisance hacking, activist hacking, criminal hacking, and acts of war.