Ethics and Information Technology

, Volume 18, Issue 2, pp 117–129 | Cite as

Hacking the brain: brain–computer interfacing technology and the ethics of neurosecurity

  • Marcello Ienca
  • Pim Haselager
Original Paper


Brain–computer interfacing technologies are used as assistive technologies for patients as well as healthy subjects to control devices solely by brain activity. Yet the risks associated with the misuse of these technologies remain largely unexplored. Recent findings have shown that BCIs are potentially vulnerable to cybercriminality. This opens the prospect of “neurocrime”: extending the range of computer-crime to neural devices. This paper explores a type of neurocrime that we call brain-hacking as it aims at the illicit access to and manipulation of neural information and computation. As neural computation underlies cognition, behavior and our self-determination as persons, a careful analysis of the emerging risks of malicious brain-hacking is paramount, and ethical safeguards against these risks should be considered early in design and regulation. This contribution is aimed at raising awareness of the emerging risk of malicious brain-hacking and takes a first step in developing an ethical and legal reflection on those risks.


Brain–computer interfacing Neurosecurity Privacy Neurocrime Brain-hacking Autonomy Agency 



This project was partly supported by the Erasmus Mundus Scholarship (European Commission).

Compliance with ethical standards

Conflict of interest

The authors declare that they have no competing interests.


  1. Allison, B. Z., Wolpaw, E. W., & Wolpaw, J. R. (2007). Brain–computer interface systems: Progress and prospects. Expert Review of Medical Devices, 4(4), 463–474. doi: 10.1586/17434440.4.4.463.CrossRefGoogle Scholar
  2. Anderson, J. (2013). Autonomy. In The International Encyclopedia of Ethics. Blackwell Publishing Ltd.
  3. Beauchamp, T. L., & Childress, J. F. (2001). Principles of biomedical ethics. New York: Oxford University Press.Google Scholar
  4. Bonaci, T., Calo, R., & Chizeck, H. J. (2014). App stores for the brain: Privacy & security in brain–computer interfaces. In IEEE international symposium on ethics in science, technology and engineering, 2014.Google Scholar
  5. Brunoni, A. R., Nitsche, M. A., Bolognini, N., Bikson, M., Wagner, T., Merabet, L., et al. (2012). Clinical research with transcranial direct current stimulation (tDCS): Challenges and future directions. Brain Stimulation, 5(3), 175–195. doi: 10.1016/j.brs.2011.03.002.CrossRefGoogle Scholar
  6. Buss, S. (2002). Personal autonomy. In E. N. Zalta (Ed.), The Stanford Encyclopedia of Philosophy (Winter 2014 Edition).
  7. Buxton, M. (1987). Problems in the economic appraisal of new health technology: The evaluation of heart transplants in the UK (pp. 103–118). Oxford, England: Oxford Medical Publications.Google Scholar
  8. Chizeck, H. J., & Bonaci, T. (2014). Brain–computer interface anonymizer. Google Patents.Google Scholar
  9. Clausen, J. (2011). Conceptual and ethical issues with brain–hardware interfaces. Current Opinion in Psychiatry, 24(6), 495–501.Google Scholar
  10. Conner, M. (2010). Hacking the brain: Brain-to-computer interface hardware moves from the realm of research. EDN, 55(22), 30–35.Google Scholar
  11. Denning, T., Matsuoka, Y., & Kohno, T. (2009). Neurosecurity: Security and privacy for neural devices. Neurosurgical Focus, 27(1), E7.CrossRefGoogle Scholar
  12. Dupont, B. (2013). Cybersecurity futures: How can we regulate emergent risks? Technology Innovation Management Review, 3(7), 6–11.Google Scholar
  13. Evans, D. (2011). The internet of things: How the next evolution of the internet is changing everything. CISCO white paper, 1.Google Scholar
  14. Fazel-Rezai, R., Allison, B. Z., Guger, C., Sellers, E. W., Kleih, S. C., & Kübler, A. (2012). P300 brain computer interface: Current challenges and emerging trends. Frontiers in Neuroengineering, 5(14), 14.Google Scholar
  15. Fetz, E. E. (2015). Restoring motor function with bidirectional neural interfaces. Progress in Brain Research, 218, 241–252.CrossRefGoogle Scholar
  16. Godfrey-Smith, P., & Sterelny, K. (2007). Biological information. In E. N. Zalta (Ed.), The Stanford Encyclopedia of Philosophy (Summer 2016 Edition).
  17. Halder, D., & Jaishankar, K. (2011). Cyber crime and the victimization of women: Laws, rights, and regulations. Hershey, PA: IGI Global. ISBN 978-1-60960-830-9.Google Scholar
  18. Halperin, D., Heydt-Benjamin, T. S., Ransford, B., Clark, S. S., Defend, B., Morgan, W., et al. (2008). Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero-power defenses. In IEEE symposium on security and privacy, 2008, SP 2008.Google Scholar
  19. Haselager, P. (2013). Did I do that? Brain–computer interfacing and the sense of agency. Minds and Machines, 23(3), 405–418.CrossRefGoogle Scholar
  20. Heisenberg, D. (2005). Negotiating privacy: The European Union, the United States, and personal data protection. Boulder, CO: Lynne Rienner Publishers.Google Scholar
  21. Kotchetkov, I. S., Hwang, B. Y., Appelboom, G., Kellner, C. P., & Connolly, E. S, Jr. (2010). Brain–computer interfaces: Military, neurosurgical, and ethical perspective. Neurosurgical Focus, 28(5), E25.CrossRefGoogle Scholar
  22. Li, Q., Ding, D., & Conti, M. (2015). Brain–computer interface applications: Security and privacy challenges. In IEEE conference on communications and network security (CNS), 2015.Google Scholar
  23. Martinovic, I., Davies, D., Frank, M., Perito, D., Ros, T., & Song, D. (2012). On the feasibility of side-channel attacks with brain–computer interfaces. In USENIX security symposium.Google Scholar
  24. Mill, J. S. (1869). On liberty. London: Longmans, Green, Reader, and Dyer.Google Scholar
  25. Miranda, R. A., Casebeer, W. D., Hein, A. M., Judy, J. W., Krotkov, E. P., Laabs, T. L., et al. (2015). DARPA-funded efforts in the development of novel brain–computer interface technologies. Journal of Neuroscience Methods, 244, 52–67.CrossRefGoogle Scholar
  26. Powell, C., Munetomo, M., Schlueter, M., & Mizukoshi, M. (2013). Towards thought control of next-generation wearable computing devices. In K. Imamura, S. Usui, T. Shirao, T. Kasamatsu, L. Schwabe & N. Zhong (Eds.), Brain and Health Informatics (pp. 427–438). Springer.Google Scholar
  27. Pustovit, S. V., & Williams, E. D. (2010). Philosophical aspects of dual use technologies. Science and Engineering Ethics, 16(1), 17–31.CrossRefGoogle Scholar
  28. Rosenfeld, J. P. (2011). P300 in detecting concealed information. In Verschuere, B., Ben-Shakhar, G., & Meijer, E. (Eds.), Memory detection: Theory and application of the concealed information test (pp. 63–89). Cambridge University Press.Google Scholar
  29. Rosenfeld, J. P., Biroschak, J. R., & Furedy, J. J. (2006). P300-based detection of concealed autobiographical versus incidentally acquired information in target and non-target paradigms. International Journal of Psychophysiology, 60(3), 251–259.CrossRefGoogle Scholar
  30. Shannon, C. (1949). The mathematical theory of environments. The mathematical theory of communication (pp. 1–93). Urbana: University of Illinois Press.Google Scholar
  31. Strickland, E. (2014). Brain hacking: Self-experimenters are zapping their heads. IEEE Spectrum, 51(5), 23–25. doi: 10.1109/mspec.2014.6808452.CrossRefGoogle Scholar
  32. Tronnier, V. M., & Rasche, D. (2015). Deep brain stimulation. In Textbook of Neuromodulation (pp. 61–72). New York: Springer.Google Scholar
  33. Vallabhaneni, A., Wang, T., & He, B. (2005). Brain–computer interface. In Neural Engineering (pp. 85–121). New York: Springer.Google Scholar
  34. van Gerven, M., Farquhar, J., Schaefer, R., Vlek, R., Geuze, J., Nijholt, A., & Gielen, S. (2009). The brain–computer interface cycle. Journal of Neural Engineering, 6(4), 041001.CrossRefGoogle Scholar
  35. van Vliet, M., Mühl, C., Reuderink, B., & Poel, M. (2010). Guessing what’s on your mind: using the N400 in Brain Computer Interfaces. In Y. Yao, R. Sun, T. Poggio, J. Liu, N. Zhong, J. Huang (Eds.), Brain Informatics (pp. 180–191). Berlin Heidelberg: Springer.Google Scholar
  36. Varelius, J. (2006). The value of autonomy in medical ethics. Medicine, Health Care and Philosophy, 9(3), 377–388.CrossRefGoogle Scholar
  37. Wechsler, H. (1968). Codification of criminal law in the United States: The model penal code. Columbia Law Review, 68(8), 1425–1456.CrossRefGoogle Scholar
  38. Westby, J. R. (2004). International guide to privacy. American Bar Association, Privacy & Computer Crime Committee, and American Bar Association, Section of Science & Technology Law.Google Scholar
  39. Yuan, B. J., Hsieh, C.-H., & Chang, C.-C. (2010). National technology foresight research: A literature review from 1984 to 2005. International Journal of Foresight and Innovation Policy, 6(1), 5–35.CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media Dordrecht 2016

Authors and Affiliations

  1. 1.Institute for Biomedical EthicsUniversity of BaselBaselSwitzerland
  2. 2.Donders Institute for Brain, Cognition and BehaviourRadboud University NijmegenNijmegenThe Netherlands

Personalised recommendations