Ethical issues in research using datasets of illicit origin

Thomas, DR; Pastrana Portillo, S; Hutchings, A; Clayton, R; Beresford, AR

View / Open Files

Accepted version (PDF, 582Kb)

Authors

Thomas, DR

Pastrana Portillo, S

Hutchings, A

Clayton, R

Beresford, AR

Publication Date

2017-11-01

Journal Title

Proceedings of IMC '17

Conference Name

ACM Internet Measurement Conference (IMC)

ISBN

9781450351188

Publisher

ACM

Pages

445-462

Type

Conference Object

This Version

Metadata

Show full item record

Citation

Thomas, D., Pastrana Portillo, S., Hutchings, A., Clayton, R., & Beresford, A. (2017). Ethical issues in research using datasets of illicit origin. Proceedings of IMC '17, 445-462. https://doi.org/10.1145/3131365.3131389

Abstract

We evaluate the use of data obtained by illicit means against a broad set of ethical and legal issues. Our analysis covers both the direct collection, and secondary uses of, data obtained via illicit means such as exploiting a vulnerability, or unauthorized disclosure. We extract ethical principles from existing advice and guidance and analyse how they have been applied within more than 20 recent peer reviewed papers that deal with illicitly obtained datasets. We find that existing advice and guidance does not address all of the problems that researchers have faced and explain how the papers tackle ethical issues inconsistently, and sometimes not at all. Our analysis reveals not only a lack of application of safeguards but also that legitimate ethical justifications for research are being overlooked. In many cases positive benefits, as well as potential harms, remain entirely unidentified. Few papers record explicit Research Ethics Board (REB) approval for the activity that is described and the justifications given for exemption suggest deficiencies in the REB process.

Keywords

ethics, law, leaked data, found data, unintentionally public data, data of illicit origin, cybercrime, Menlo Report

Sponsorship

Daniel R. Thomas is supported by a grant from ThreatSTOP Inc. All authors are supported by the EPSRC [grant number EP/M020320/1]. The opinions, findings, and conclusions or recommendations expressed are those of the authors and do not necessarily reflect those of any of the funders.

Funder references

Engineering and Physical Sciences Research Council (EP/M020320/1)

Identifiers

External DOI: https://doi.org/10.1145/3131365.3131389

This record's URL: https://www.repository.cam.ac.uk/handle/1810/267728

Rights

Licence:

http://www.rioxx.net/licenses/all-rights-reserved

Statistics

Total file downloads (since January 2020). For more information on metrics see the IRUS guide.