Hacking the brain: brain–computer interfacing technology and the ethics of neurosecurity
Brain–computer interfacing technologies are used as assistive technologies for patients as well as healthy subjects to control devices solely by brain activity. Yet the risks associated with the misuse of these technologies remain largely unexplored. Recent findings have shown that BCIs are potentially vulnerable to cybercriminality. This opens the prospect of “neurocrime”: extending the range of computer-crime to neural devices. This paper explores a type of neurocrime that we call brain-hacking as it aims at the illicit access to and manipulation of neural information and computation. As neural computation underlies cognition, behavior and our self-determination as persons, a careful analysis of the emerging risks of malicious brain-hacking is paramount, and ethical safeguards against these risks should be considered early in design and regulation. This contribution is aimed at raising awareness of the emerging risk of malicious brain-hacking and takes a first step in developing an ethical and legal reflection on those risks.
KeywordsBrain–computer interfacing Neurosecurity Privacy Neurocrime Brain-hacking Autonomy Agency
This project was partly supported by the Erasmus Mundus Scholarship (European Commission).
Compliance with ethical standards
Conflict of interest
The authors declare that they have no competing interests.
- Anderson, J. (2013). Autonomy. In The International Encyclopedia of Ethics. Blackwell Publishing Ltd. http://dx.doi.org/10.1002/9781444367072.wbiee716
- Beauchamp, T. L., & Childress, J. F. (2001). Principles of biomedical ethics. New York: Oxford University Press.Google Scholar
- Bonaci, T., Calo, R., & Chizeck, H. J. (2014). App stores for the brain: Privacy & security in brain–computer interfaces. In IEEE international symposium on ethics in science, technology and engineering, 2014.Google Scholar
- Buss, S. (2002). Personal autonomy. In E. N. Zalta (Ed.), The Stanford Encyclopedia of Philosophy (Winter 2014 Edition). http://plato.stanford.edu/archives/win2014/entries/personal-autonomy/.
- Buxton, M. (1987). Problems in the economic appraisal of new health technology: The evaluation of heart transplants in the UK (pp. 103–118). Oxford, England: Oxford Medical Publications.Google Scholar
- Chizeck, H. J., & Bonaci, T. (2014). Brain–computer interface anonymizer. Google Patents.Google Scholar
- Clausen, J. (2011). Conceptual and ethical issues with brain–hardware interfaces. Current Opinion in Psychiatry, 24(6), 495–501.Google Scholar
- Conner, M. (2010). Hacking the brain: Brain-to-computer interface hardware moves from the realm of research. EDN, 55(22), 30–35.Google Scholar
- Dupont, B. (2013). Cybersecurity futures: How can we regulate emergent risks? Technology Innovation Management Review, 3(7), 6–11.Google Scholar
- Evans, D. (2011). The internet of things: How the next evolution of the internet is changing everything. CISCO white paper, 1.Google Scholar
- Fazel-Rezai, R., Allison, B. Z., Guger, C., Sellers, E. W., Kleih, S. C., & Kübler, A. (2012). P300 brain computer interface: Current challenges and emerging trends. Frontiers in Neuroengineering, 5(14), 14.Google Scholar
- Godfrey-Smith, P., & Sterelny, K. (2007). Biological information. In E. N. Zalta (Ed.), The Stanford Encyclopedia of Philosophy (Summer 2016 Edition). http://plato.stanford.edu/archives/sum2016/entries/information-biological/.
- Halder, D., & Jaishankar, K. (2011). Cyber crime and the victimization of women: Laws, rights, and regulations. Hershey, PA: IGI Global. ISBN 978-1-60960-830-9.Google Scholar
- Halperin, D., Heydt-Benjamin, T. S., Ransford, B., Clark, S. S., Defend, B., Morgan, W., et al. (2008). Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero-power defenses. In IEEE symposium on security and privacy, 2008, SP 2008.Google Scholar
- Heisenberg, D. (2005). Negotiating privacy: The European Union, the United States, and personal data protection. Boulder, CO: Lynne Rienner Publishers.Google Scholar
- Li, Q., Ding, D., & Conti, M. (2015). Brain–computer interface applications: Security and privacy challenges. In IEEE conference on communications and network security (CNS), 2015.Google Scholar
- Martinovic, I., Davies, D., Frank, M., Perito, D., Ros, T., & Song, D. (2012). On the feasibility of side-channel attacks with brain–computer interfaces. In USENIX security symposium.Google Scholar
- Mill, J. S. (1869). On liberty. London: Longmans, Green, Reader, and Dyer.Google Scholar
- Powell, C., Munetomo, M., Schlueter, M., & Mizukoshi, M. (2013). Towards thought control of next-generation wearable computing devices. In K. Imamura, S. Usui, T. Shirao, T. Kasamatsu, L. Schwabe & N. Zhong (Eds.), Brain and Health Informatics (pp. 427–438). Springer.Google Scholar
- Rosenfeld, J. P. (2011). P300 in detecting concealed information. In Verschuere, B., Ben-Shakhar, G., & Meijer, E. (Eds.), Memory detection: Theory and application of the concealed information test (pp. 63–89). Cambridge University Press.Google Scholar
- Shannon, C. (1949). The mathematical theory of environments. The mathematical theory of communication (pp. 1–93). Urbana: University of Illinois Press.Google Scholar
- Tronnier, V. M., & Rasche, D. (2015). Deep brain stimulation. In Textbook of Neuromodulation (pp. 61–72). New York: Springer.Google Scholar
- Vallabhaneni, A., Wang, T., & He, B. (2005). Brain–computer interface. In Neural Engineering (pp. 85–121). New York: Springer.Google Scholar
- van Vliet, M., Mühl, C., Reuderink, B., & Poel, M. (2010). Guessing what’s on your mind: using the N400 in Brain Computer Interfaces. In Y. Yao, R. Sun, T. Poggio, J. Liu, N. Zhong, J. Huang (Eds.), Brain Informatics (pp. 180–191). Berlin Heidelberg: Springer.Google Scholar
- Westby, J. R. (2004). International guide to privacy. American Bar Association, Privacy & Computer Crime Committee, and American Bar Association, Section of Science & Technology Law.Google Scholar