Human Subjects, Agents, or Bots: Current Issues in Ethics and Computer Security Research

  • John Aycock
  • Elizabeth Buchanan
  • Scott Dexter
  • David Dittrich
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7126)


In this panel, we explore some of the issues surrounding the ethical review of computer security research by institutional review boards (IRBs) and other ethical review bodies. These issues include interpretation of legal language defining how ethical review is to be performed, the impact of information and communication technologies (ICT) on research methods and ethical analysis, how terms like “risk” and “harm” must be interpreted in the light of ICT. We examine two case studies in which these issues surface, and conclude by providing some ideas on the path forward.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
  2. 2.
    Buchanan, E., Ess, C.: Internet Research Ethics and the Institutional Review Board: Current Practices and Issues. In: ACM SIGCAS Computers and Society, vol. 39 (2009)Google Scholar
  3. 3.
    Canadian Institutes of Health Research, Natural Sciences and Engineering Research Council of Canada, Social Sciences and Humanities Research Council of Canada. Tri-Council Policy Statement: Ethical Conduct for Research Involving Humans (December 2010),
  4. 4.
    Dittrich, D., Bailey, M., Dietrich, S.: Towards Community Standards for Ethical Behavior in Computer Security Research. Technical Report CS 2009-01, Stevens Institute of Technology (April 2009)Google Scholar
  5. 5.
    Hall, T., Flynn, V.: Ethical issues in software engineering research: A survey of current practice. Empirical Software Engineering, 305–317 (2001)Google Scholar
  6. 6.
    Harvard University Information Security. Harvard Research Data Security Policy Protection Memo (October 2010),
  7. 7.
    Kenneally, E., Bailey, M., Maughan, D.: A Framework for Understanding and Applying Ethical Principles in Network and Security Research. In: Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J.M., Sako, K., Sebé, F. (eds.) RLCPS, WECSR, and WLC 2010. LNCS, vol. 6054, pp. 240–246. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  8. 8.
    Markham, A., Buchanan, E.: The Distance Principle in Internet Research Ethics. Internantional Journal of Internet Research Ethics (forthcoming, 2011)Google Scholar
  9. 9.
    Office for Human Research Protections (OHRP). Institutional review board guidebook (1993),
  10. 10.
    Ross, L., Loup, A., Nelson, R.M., Botkin, J., Kost, R., Smith, G., Gehlert, S.: Human subjects protections in collaborative community-engaged research: A research ethics framework. Journal of Empirical Research on Human Research Ethics 5(1), 5–17 (2010)CrossRefGoogle Scholar
  11. 11.
    Shou, D.: Ethical Considerations of Sharing Data for Cybersecurity Research. In: Danezis, G., Dietrich, S., Sako, K. (eds.) FC 2011 Workshops. LNCS, vol. 7126, pp. 169–177. Springer, Heidelberg (2012)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • John Aycock
    • 1
  • Elizabeth Buchanan
    • 2
  • Scott Dexter
    • 3
  • David Dittrich
    • 4
  1. 1.University of CalgaryCanada
  2. 2.University of Wisconsin-StoutUSA
  3. 3.Brooklyn CollegeUSA
  4. 4.University of WashingtonUSA

Personalised recommendations