Targeting the innocent: Active defense and the moral immunity of innocent persons from aggression

Private persons and entities are increasingly adopting aggressive “active defense” measures (i.e., “hack back”) against Internet‐based attacks that can infringe the rights of innocent persons. In this paper, I argue that aggressive active defense cannot be justified by the Necessity Principle, which defines a moral liberty to infringe the right of an innocent person if necessary to achieve a significantly greater moral good. It is a necessary condition for justifiably acting under an ethical principle that we have adequate reason to believe its application‐conditions are satisfied. Since, absent special knowledge, the victim of a hacker attack will not be able to reliably predict the direct or indirect consequences of aggressive countermeasures, she lacks adequate reason to think that those measures will achieve a good that significantly outweighs the evil that is done to innocent parties.