psychopath

I'm doing an "Ethics for Computer Science" course, and for an assignment we're supposed to come up with an "aspect or example of computer technology that has affected society or had a cultural impact, providing an ethical analysis and an explanation of why this issue is unique to computing technology". We're then supposed to conduct an interview, and then later write an essay on the subject using the information we gained from the interview.

I've decided not to do a formal interview as such though. I figure it might be easier to get opinions from various people, and then fabricate an "interview" from that (because, I don't exactly know any experts on the subject, personally).

I figure this would be a good place to pose some questions, and get a discussion going. And FYI, my "interviewee" is anonymous, so none of you will be mentioned or anything like that.

For anyone who doesn't know, Punkbuster is an anti-cheating system for online games on the PC (AFAIK, Crysis uses it, as well as various games from the CoD series, etc). It operates essentially like an anti-virus, except for a few things:

The EULA asks you to agree that, (1) you are aware that Punkbuster is considered as invasive software, (2) that Punkbuster will scan (all of) your harddrive and memory, and will upload files/data to their servers for inspection it deems suspicious, (3) that Punkbuster allows server admins to request screenshots from your system, without your knowledge, and (4) that your ability to play in a cheat-free environment is more important than any security or privacy that may be impared by Punkbuster.

This scanning and uploading is also carried out by a background service, which runs even when the game in question is not. Scanning would keep it in the realm of anti-virus software, but IMO uploading data as well would, by definition, make it a type of spyware.

The questions i'm posing are:

Despite the need to prevent cheating in online games, is it ethical to include these sorts of clauses in an EULA that the user effectively *has* to accept if they want to play on any decent server (afaik, some games don't even give you an option to not install PB)?
Is it ethical to scan *all* of your hard disk, and upload any information it feels like?
Is it ethical to force a user to concede privacy for the operation of their software?

The uploading of data and screenshots seems to me to be a particularly...invasive...invasion of privacy.

It also doesn't help that, based on what I've heard from others, that PB tends to pick up a lot of false-positives and kick/ban legit players.

Anyway. Have at it. Discuss. Argue. I need ideas .

__________________

Mario F.

I do not find this easy to truthfully answer. On a purely personal opinion, of course not. It is an imposition on my privacy and I'm not given any decent alternative.

But in the field of normative ethics, one could apply the concept of virtue and assume the EULA is well intentioned and will not eventually translate in abusive behavior. Ethically such an EULA can exist, I guess.

Definitely not. PB is installed in the context of the game which it shipped with. And should only operate in that context. It's a clear invasion of privacy since there is absolutely no way PB can justify the action of going outside its zone of influence.

One could argue PB could be seen as having a similar behavior to a diskscan or backup utility in that these tools operate anywhere on the hard drive. But the fact is these tools zone of influence is indeed the entire hard drive. It's acceptable for them to access any area of the HD. But PB is an anti-cheat/hack application which only reason it needs to use the whole hard drive is because its programmers don't have a solution to have it operate solely in the context of the game it comes with. In essence PB acts as if under a Police State, where law enforcement agents are allowed to enter my house, do a search and take any material they see fit without even a warrant.

PB cannot take the role of law enforcement. It should not download any data, or inspect anything outside game files. The only legal way for such thing to happen would be with a warrant and a knock on my door. And the only reason these type of things are allowed is because our legislators are way behind this IT world we so quickly started to live in. I'm expecting new generations of legislators, born in the aftermath of the early days of the internet, will be more capable and better informed to start producing laws that regulate and even stop this type of behavior. In essence, software regulation. I understand it is a dangerous and not very popular notion. But inevitable, as freedoms become increasingly attacked by software developers, but also as the industry eventually starts to feel the need for regulating itself. The internet and software development will not be lawless forever. No other industry in the world is so lacking of regulations.

Yes. Within reason and if well justified, in many areas of our daily lives it is acceptable to concede privacy for access to certain services. Online Gaming doesn't need to be any different.

And on a more broad concept of privacy, it's not even acceptable that if one wants to join a public community, they should be allowed to preserve some aspects of their privacy. This actually means that I'm not a proponent of internet anonymity. Naturally internet technologies preserve anonymity because of technical limitations. But if it came the day such limitations ceased to exist, I would probably be a supporter of the end of what I personally call "unaccountability through anonymity", which I see as being the stigma of a whole generation of cybernauts and of generations to come.

__________________
Originally Posted by brewbuck:
Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

Quiet Technologies... that make some noise.

Bubba

After my many experiences with PunkBuster I'm convinced it only ever kicks legitimate players and all the illegit's play along happily with no troubles.

PB is terrible and only works if the server is setup correctly which most do not use it correctly. Novalogic bragged about PB on their servers but we found out that they weren't streaming it or something which really caused it to lose most of it's functionality. Many times it kicked me out of games for packet problems or something along those lines. I had to go to the game console and type in some command to stop it from kicking me for this. Very annoying. If you want to know how well it works go into a Delta Force server or Joint Ops server and watch the cheaters run rampant.

So not only is PB an invasion of privacy although I've nothing to hide so it really doesn't affect me it also does nothing to stop cheaters. I'm not so sure it doesn't interfere with the normal operation of the games that use it and/or cause crashes and lockups in those games.

__________________
I remember when The Weather Channel talked about weather, MTV played music videos, and the History Channel talked about history instead of conspiracy theories.

MK27

You are asking the wrong questions.

Sure. This and the other examples you give here are answered very simply if I am an average consumer of games:

"It doesn't matter, the chances of me being willing to accept absolutely any and all conditions demanded of me are 95% +." Ie, the number of people that would in reality reject this if the option was not to play is insignificant, even if it include a complete scan of their hard-drive etc.

The reason I say this is because I would give you very low grades for considering this an "aspect or example of computer technology that has affected society or had a cultural impact" unless you absolutely assert that this is an example of the cultural acceptance of the invasion of privacy. Ie, YOU must provide "an ethical analysis" or else this is not something that has a cultural impact. You do not make that dependent upon the attitudes of your interviewee or survey: that's not ethics, that's statistical trivia. You would be fulfilling a different kind of assignment "Take an example of something considered to have a cultural impact and demonstrate that it may not have any."

Rephrased: Doing some sort of survey of whether people think it is ethically right or wrong presupposes that in fact the issue may not have any "cultural impact" at all. If it is okay, then you are trying to present. eg., signing for registered mail as something that merits discussion of it's "cultural impact".

If you want to do a good assignment on this, you need to commit yourself to the position I think you have already taken and consider it as DEFINITIVELY having a cultural impact because it represents an acceptance of a violation of privacy. People who play online games by and large understand completely what searching their entire hard drive means and that they are (most likely) committing themselves to something they have not had to commit to before.

That is an irrefutable objective observation. Don't waste more than a paragraph on contemplating how to think about it. What you should be doing is surveying people to whom it applies: that is, people who have never otherwise knowingly signed an agreement which allows the service provider to search their entire hard drive, but ACTUALLY HAVE for this reason. Then you need to ask them why they consider this okay.

That's an essay. $0.02.

__________________
C programming resources:
GNU C Function and Macro Index -- glibc reference manual
The C Book -- nice online learner guide
Current ISO draft standard
CCAN -- new CPAN like open source library repository
GDB tutorial #1 -- gnu debugger tutorials -- GDB tutorial #2
cpwiki -- our wiki on sourceforge

zacs7

It's annoying yes, and I have been "banned" for writing an OpenGL wrapper that I hadn't even loaded for that game (no, it wasn't a cheat at all -- it was an OSD). Not to mention various bugs with my graphics card driver (8600GT) caused blank screenshots which Punkbuster obviously didn't like.

In my opinion if you agreed to the Punkbuster EULA, then they can do whatever it states (ethical or not). However, forcing Punkbuster on you is another story.

__________________
My homepage | premake | vim

_Mike

Yes I think it is. If you don't like it then choose to not accept the EULA and return the game to where you bought it.
If you willingly accepted the EULA and gave them permission to do so, then yes. If they however were scanning without informing you about it then it would be unethical. (And possibly also illegal depending on where you live)
A better question would be; is it reasonable or necessary to scan that much? I'd say no.
Key word here being their software. They wrote the software, they get to choose who is allowed to use it. Again, you have the choice to not accept the EULA so you are not actually being forced to do anything.

So to summarize, I don't think it's unethical at all to do the things punkpuster (and others) do. I do however think it is completely pointless and self-destructive because people who intend to cheat always find a way around any anti-cheat system. The only ones who are affected by the anti-cheats are the legit users because of the false positives, crashes due to bugs, etc..
There was also once an exploit in valve's anti-cheat VAC where you could get any player banned if you knew their user id.

My impression is that most people who play online games are completely clueless about being scanned, since they just clicked accept on the EULA without reading it.

MK27

Makes sense. So maybe surverying specifically people who have would be better, because a first question would be "Are you aware that..."; then "How do you feel about that and that"? Of course, this will be a little more work because you'd have to post in an actual gaming forum and make up some more concrete questions.

As Mike says, granting your permission kind of "makes it ethical". My interest in this is that if people are willing to do so individually for the sake of gaming online, then why not collectively if the government said it is a matter of state security, etc: everyone will install software allowing the government to inspect their HD's without notice. This has already been attempted in China; while Western nations would justify it in a completely different way, there is already plenty of precedence WRT enforcing file sharing policies indicating most Western governments are willing and able to do things of this sort.

So "Is it ethical?" still seems like a non-question to me. Just using the word in a sentence does not an ethical discussion make. "Why do you consider this justified?", put to someone who has already surrendered their rights, is more to the point. As Mario observes, a completely rational answer might be "I assume the EULA is well intentioned". The same thing can easily be said of the government. But without this explicit link the EULA is not really something with "cultural impact".

__________________
C programming resources:
GNU C Function and Macro Index -- glibc reference manual
The C Book -- nice online learner guide
Current ISO draft standard
CCAN -- new CPAN like open source library repository
GDB tutorial #1 -- gnu debugger tutorials -- GDB tutorial #2
cpwiki -- our wiki on sourceforge

Bubba

In the US, they are not able to do this unless they have probably cause to believe you have somehow broken the law which requires a significant burden of proof.

PunkBuster may not be unethical but it is an invasion of my privacy, it is a huge POS, and any game that uses it in the future will not be on my shelf or on my drive. Obviously the courts do not agree with you MK27 concerning the EULA. The case against Securom and EA was won by the consumers and every single one of them clicked on the EULA yet they won the case. EULAs, like NDAs, and other agreements are not allowed to cover everything under the sun. In other words just b/c your users clicked on a EULA doesn't mean you can now do anything and install anything you want on their system.

__________________
I remember when The Weather Channel talked about weather, MTV played music videos, and the History Channel talked about history instead of conspiracy theories.

MK27

Sure, but it didn't take much for them to retroactively legalize warrantless wiretapping, which means they currently can gain access to your internet activity and phone line with no warrant and no burden of proof. Installing mandatory data-mining and searching software is just a slightly more "active" seeming proposition.

In the US and elsewhere, there is certainly a trend toward considering "the threat of filesharing" so important that we are moving into a situation where your right to access the internet will be summarily revoked without trial -- the mechanism will simply be the RIAA goes to a judge and says person X is engaged in illegal filesharing as far as we are concerned, and then you find out afterward and have no recourse. That legislation has already passed in England and will probably start passing in various states here soon. If that is okay, mandatory "file scanning" software operated by the RIAA might as well be too. I haven't read the EULA but from the sounds of things they are not committing themselves to only perform certain actions -- they could easily go, well, we found pirated games on your system and the cops are on their way, or we've forwarded your list of mp3s to the RIAA. Etc.

Well that's certainly good and sets a precedent that the courts do consider demanding this of your users unethical. I guess it would be interesting to see in a general voluntary survey of "EULA users" whether they then consider it to be a form of forcing them to "assent" to an ethical compromise.

It also means people are being punished for standing up for their individual right to privacy, I guess it would be interested to hear from people who have refused (there is no way in hell I would sign that).

__________________
C programming resources:
GNU C Function and Macro Index -- glibc reference manual
The C Book -- nice online learner guide
Current ISO draft standard
CCAN -- new CPAN like open source library repository
GDB tutorial #1 -- gnu debugger tutorials -- GDB tutorial #2
cpwiki -- our wiki on sourceforge

Mario F.

Yup. Even private contracts are regulated by laws that establish what cannot exist in them, exactly to preserve a notion of grace and fairness. Just because I signed a contract, it doesn't mean the contract is legal. And we can extend it: A contract is not legal if its provisions go against the law. And this will be the case of an EULA too. So all it takes in fact is a set of laws that regulate personal freedoms and the guarantee certain rights to privacy in order for these EULAs to be illegal. And these laws exist and they are behind the court rulings.

There's also another problem with diskscan and download like activities that can infringe on rights of Property because software like PB does not differentiate between files the onwer of the game owns and those they don't. So, a kid who installs the game on his father computer gives room for PB to actively seek and download information from someone who didn't read, agreed or in most cases is even aware of the game. A computer cannot be seen as "one instance of property" (for the lack of a better term).

I'd go as far as say some here have already refused certain EULAs. Personally, I never did and never will install a game on my computer protected under PB. And Securerom has been denied by me on many occasions before with the exception of a very limited number of games I absolutely must had.

For a gamer who refuses EULAs and decides not to buy (or return) a game, the feeling is one of frustration. Each title is one entity diferent from any other. It's not like choosing between different brands of refrigerators. Because of technical limitations of the game, the incompetence of its developers, the greed of its publishers, the still insecure nature of the internet, some, or all above, I'm barred from gaining access to the game. Not because I don't like the game, or I don't meet its requirements, or even because I can't afford it. Instead the reason is totally alien to the nature of the game and its promise as a tool of entertainment. The reason is simply because it infringes on my privacy and it installs spy-like software on my computer.

It's even more frustrating to me because I actually don't play any games online. I'm a pure single-player and have no interest whatsoever in playing online.

__________________
Originally Posted by brewbuck:
Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

Quiet Technologies... that make some noise.

Bubba

England's laws and their trends have nothing to do with what happens in the United States. California is the place to look to see where our laws and legal trends are heading. I do not see a trend towards more invasive practices...rather I see a trend towards less invasive practices. Several software companies have now gone back to the good old CD key and nothing more. The beauty of capitalism is that we the people determine the trends of the industries b/c we can choose to support or not support various companies due to their practices. In the current economy any lost sales is huge so companies are taking a step back and re-examining their business practices.

I doubt you will see the internet become more restrictive in the near future. Obama is too concerned about Obamacare and the FBI is more concerned with terrorism. Most of the spammers who had clear cut cases got off without much. A couple of the people who knowingly not just pirated audio CD's but made them available via the internet were prosecuted and given hefty sentences. Other than that I haven't seen much in the way of companies attempting to become more invasive. As for the local police they are too busy playing Barney Fife the tax collector on the highways and roads to care one lick about the internet.

And you cannot use evidence found through illegal means in a US court of law. So if the software found illegal games on your computer but the software that found it was illegal then the evidence is void. You see this happen all the time in high profile murder cases where the police drop the ball somehow and illegaly obtain evidence only to have it thrown out. You can't just raid someone's house or take them to jail because you think they have this or that. You must have proof and must have a warrant. No judge in his right mind or who cared about his job would ever issue a warrant based on items that an already questionable program had found on someone's computer.

__________________
I remember when The Weather Channel talked about weather, MTV played music videos, and the History Channel talked about history instead of conspiracy theories.

psychopath

Excellent responses here so far .

@MK27: If i'm understanding you correctly, you're saying that I shouldn't be using the PB EULA specifically as having a "cultural impact", but rather as a specific example of something more broad?

That's my intent, but I probably didn't explicitly mention it. We were told to pick a specific example (such as Punkbuster and it's EULA) of an issue that has a cultural impact.
This part of the assignment does seem to contradict slightly the first part, since a specific example isn't really having a cultural impact in and of itself.

Although I could just be completely misunderstanding you .

__________________

Bubba

The EA/Securom suit would be a good example of privacy invasion and/or malicious software being installed by legit programs. There is a wiki about the entire case. SPORE had quite a bit of controversy surrounding it so you could Google for it and get tons of info and links as well.

__________________
I remember when The Weather Channel talked about weather, MTV played music videos, and the History Channel talked about history instead of conspiracy theories.

MK27

100% False, since these are exactly the kinds of things that international trade agreements deal with. The United States is generally considered to have draconian intellectual property laws (which are what would permit having your internet service summarily revoked). Far from backing away from the issue, the Obama admin. is actively pursuing it in exactly the same way as the Bush admin:

Michael Geist - U.S. To Costa Rica: No Sugar Access Without Copyright Reform

So I've gotta observe you have it ass-backwards in observing that there is (objectively) some "trend towards less invasive practices". Ass-backward. Completely.

The RIAA is an American organization, nb.

No, you understand me. I'm just saying you need to be more focused with the nature of your survey, which hopefully fits in with the prof's desire for specifics. Simply asking a bunch of people "Do you think this is ethical?" is a little bit limp noodle. You need to present it as an ethical issue with cultural impact -- which means you need a broader context than just waivers signed to play video games. The acceptance and continued use of those waivers have to be understood as setting a precedent.* Losing a few preliminary legal battles, as Bubba mentions, may well only inspire the industry to re-strategize. For example, they can link up with the RIAA and also (behind closed doors) present this as paving the way to more "anti-terrorist" surveillance measures. Which may be irrelevant to them, but if it could in the end give EULAish things more legal status they are big corporations and they will fund the election campaign of politicians who support BOTH initiatives. This is already a normative political practice.

It might even be wise -- you have some substantial bunch of voters who have already been agreeing to this for a while, so they can easily go "well, I've already agree to that and I don't think it's a big deal" esp. it the larger concern is National Security.

Consider some Time magazine article of the near future. Let's give this technology a name (maybe it has one already): Local Filesystem Reporting Software (LFRS). So the article begins:

Ha ha ha. Now all you need is enough right wing conservatives (who generally only favour individual freedoms of the sort that involve gun ownership or not having to pay taxes) of the "busybody" variety to jump at the opportunity to create more laws restricting things like freedom of speech, etc, and this cat is in the bag: everyone in the US will be subject to warrantless wiretapping, warrantless net eavesdropping, and (perhaps soon enough) mandatory LFRS. And then they will still turn around and try and pretend they live in the freest country in the world, when what they really mean is they live in the richest most powerful country in the world and will give up individual freedom at the drop of a hat if they think it contributes to this wealth and power.

Anyway, good luck psychopath "Permission granted" to use my Time joke if you want, I think it's funny and succinct.

* also critical and maybe more pertinent to a class on software and ethics would be the point that the pre-existence and large scale successful implementation of such software only opens the door to further consideration of it's usefulness. That's compounded with the fact that those corporations are software developers and could lead the field! Picture EA bidding on big government security contracts and using their record of success as a leverage point.

__________________
C programming resources:
GNU C Function and Macro Index -- glibc reference manual
The C Book -- nice online learner guide
Current ISO draft standard
CCAN -- new CPAN like open source library repository
GDB tutorial #1 -- gnu debugger tutorials -- GDB tutorial #2
cpwiki -- our wiki on sourceforge

Mario F.

It's irrelevant. It will be England that will eventually need to change those laws if they indeed end up passing in the House of Commons (which I doubt). It just so happens the EU is preparing exactly opposite laws that instead protect consumer privacy.

__________________
Originally Posted by brewbuck:
Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

Quiet Technologies... that make some noise.