Private persons and entities are increasingly adopting aggressive active defense measures i.e., hack back against Internetbased attacks that can infringe the rights of innocent persons. In this paper, I argue that aggressive active defense cannot be justified by the Necessity Principle, which defines a moral liberty to infringe the right of an innocent person if necessary to achieve a significantly greater moral good. It is a necessary condition for justifiably acting under an ethical principle that we have adequate reason to believe its applicationconditions are satisfied. Since, absent special knowledge, the victim of a hacker attack will not be able to reliably predict the direct or indirect consequences of aggressive countermeasures, she lacks adequate reason to think that those measures will achieve a good that significantly outweighs the evil that is done to innocent parties.
Journal of Information, Communication and Ethics in Society – Emerald Publishing
Published: Feb 29, 2004