Intent to perform a greater good would not affect the possibility of being exposed to a prison sentence of up to 20 years and a fine of up to $250,000, plus possible penalties under state law.
Montana compares this legislation with that of the regulation of firearms. It is not the mere possession of malicious code that is criminalized, but the use and the damage to computer systems and association economic losses that are the focal point of the law. Computer code, even MMC, is considered intellectual property and carries legal protections similar to books or sound recordings. It is also considered a form of speech and therefore is also offered protection under the Constitution's First Amendment. However, this protection is limited, just as 'free speech' is limited, especially in instances when this speech interferes with the protection of the public welfare -- as is the case with the release of a worm or virus. Although Bush, Ford and Boulatov's virus would have benefits, damage and economic impact would occur and the public welfare would be in jeopardy.
Current laws would have to be changed significantly to allow Bush, Ford and Boulatov's recommendation to take place. Intent would have to be factored into the law. The scope of the effects of the released MMC would have to be regulated as well. International legal cooperation would have to be secured, as this new controlled burn type MMC would affect users around the globe. Obviously, the issue would no longer be as black and white as it is legally today.
Safeguards that Would Need to be Put Into Place:
The primary safeguard that would need to be put into place would be regulation of who is releasing this new controlled burn type MMC. Leaving the writing and release of this code to anyone and everyone would give carte blanche to virus authors who could release virulent code under the auspices of this new program. Attacks just under the limit of legislated effects would be rampant. Therefore, it would make sense to either limit release to either operating software developers, where MMC would only be allowed as it applied to their own product, or licensing and monitoring certain software developers, to help avoid abuse. An additional safeguard that could be put in place would be the requirement that a patch be made available for the worm or virus, to those vulnerable to the threat, prior to its release. Of course, these safeguards do not counteract the ethical concerns with this recommendation.
In the end, Bush, Ford and Boulatov's comparison of the virtual environment to the natural environment is an interesting concept. The theory that, like forest fires, worms and viruses could be utilized to ensure diversity and resiliency has merit. However, the ethical concerns contradict the overriding ethical code to do no harm while also introducing relationships with possible conflicting interests. Current law does not allow for this controlled burn type MMC release, and as such an alternative including increased education and awareness or mandatory patch updates may be a less ethically-challenged solution. Even if the law were changed to allow for a 'greater good' intent to be legalized, safeguards would need to be put into place to ensure 'legal' MMC release wasn't rampant and patches were available to users.
Ford, R., Bush, M., & Boulatov, a."Internet Instability and Disturbance: Goal or Menace?" Proceedings of the 2005 Workshop on New Security Paradigms. 2005: p. 3-8.
Frohmann, B. "Subjectivity and Information Ethics." Journal of the American Society for Information Science & Technology. 59(2) Jan 2008: p. 267-277.
Johnson, M. & Rogers, K. "The Fraud Act 2006: The E-Crime Prosecutor's Champion or the Creator of a New Inchoate Offence?" International Review of Law, Computers & Technology. 21(3) Nov 2007: p.. 295-304.
Ledin, G. "Not Teaching Viruses and Worms is Harmful." Communications of the ACM. 48(1) Jan 2005: p. 144.
Malibiran, B. "Are We Ready for Another Love Bug?" Ateneo Law Journal. 53(1) Jun 2008: p. 32-104.
Montana, J. "Viruses and the Law: Why the Law is Ineffective." Information Management Journal. 34(4) Oct 2000: p. 57-59.
National Information Infrastructure Protection Act of 1996. 2009. United States Department of Justice. April 11, 2009 .
Panko, R. "Slammer: The First Blitz Worm." Communications of AIS. 2003(11) 2003:…