Hacking: Is it Wrong?

Deciding whether hacking is morally wrong depends on your definition of what it is. Some see hacking as gaining access to a system without authorization - and the definition stops there. Others see it as entering a system to damage, change or otherwise abuse it. Yet others see it as entering a system with the intention of personal profit by manipulating the contents. Obviously, the moral complexities cannot be discussed without a clear indication of what the activity actually is.

To simplify matters, I would suggest that hacking itself is not the question. It is the intent of the individual that matters and that will define whether what they are doing is wrong. Let's consider three examples. Firstly, a person hacks into a system purely to see if they can bypass the security features. Once they are in the system, they disconnect without doing anything further. Secondly, a person hacks a system and damages it - changes a homepage, deletes information, corrupts password files and so on. Thirdly, a person hacks a system and uses the knowledge they have gained from being successful to build better security.

In the first case, the hacker is on morally neutral ground. Their intention is to learn about security, to experiment in a real world situation and to feel proud of their capabilities. They have done no damage to the system they entered and have not affected it in any way except to sneak through its defenses. Nobody has lost anything as a result of the activity.

The second case is blatantly wrong. The hacker's intention to damage the system, and thus cause distress, financial loss, a drop in public status for the targeted system's owners or some other nastiness determines this fact. It is their actions after they enter the system which are morally wrong, in exactly the same way as stealing.

The third case is more complicated. If the hacker uses their knowledge to create better security systems, there is a positive outcome (whether for them personally or a company they work for) - another hole in our electronic defenses can be plugged and everyone can feel more secure. But what if they use the information to blackmail the targeted company? This has been seen before, where professional hackers use the potential loss of face for a large organization to gain financially. Morally speaking, that's not right. Once again, it is the hacker's actions after the initial breach that matter.

In summary, then, I say that the act of hacking is not morally wrong, in itself - the intentions and activities of the hacker inside the system are the only means to determine whether they should be punished or not.