Consent!

·       What is implied consent? 

·       When, if ever, is implied consent morally acceptable? 

·       When is it necessary to obtain explicit consent?  Give some examples--they don't have to deal with the body and sex, as these examples do, but they should *not* be associated with computers.

From www.privacysense.net, implied consent, also known as implicit consent, can have two meanings: Firstly, “You voluntarily personal information for an organization to collect, use, or disclose for purposes that would be considered obvious at the time” or Secondly, “You provide personal information to an organization and it is used in a way that clearly benefits you and the organization’s expectations are reasonable.” They then went ahead and defined implicit consent as consent that is usually inferred from your actions and the current.

            Implied consent is morally acceptable only when there is a possible close relationship between the parties. It is indeed necessary, for example, if surgery has to be done on someone, the doctor will have to explain the possible outcomes of the surgery and explain what they will be doing during the surgery.  Implied consent occurs through the actions or conduct of the patient rather than direct communication through words, i.e. the nodding of the head or them actually showing up to do the surgery.

·       How does the problem of implied vs. explicit consent apply to computers, and specifically, to ethical hacking? 

·       When would an ethical hacker need to make use of this concept?

From the above, we know that implied consent is were consent is inferred, explicit consent, on the other hand, is consent that has been directly given i.e. through spoken words or through written proof. Everything within the technology world requires you to give some form of consent. Whether it be buying parts for a computer, or downloading software form the Internet, there is some form of consent giving happening. In terms of hacking or penetration testing, is it okay to go over what you consented on doing? If you were give a task to break into a server, is it okay to break into other servers that are connected to that server or the network. Well actually it is not. If you were have given explicit consent for the penetration of only one specific server, and you went ahead and penetrated other servers because you thought the consent was implied, you are going against your agreement with the company and can be prosecuted.

            An ethical hacker will need to make use of this concept pretty much every working day of their life. If is okay to go over the agreement because you think you are smart? If you think it will benefit the company in the long run, it is not right to go ahead, without permission and do it, the explicit consent of the company is needed!