Security breaches and the public exposure of internal databases, customer records, and user information are now unfortunately frequent occurrences. The data exposed by these breaches presents an ethical dilemma for computing researchers. Such datasets are potentially valuable as descriptions of actual behavior and events that are otherwise hidden from outside observers. However, researchers must confront the fact this data was obtained unethically: corporate confidentiality has been broken, and the privacy of those described in the data has been compromised.
There are a variety of contexts where laws and professional norms prohibit using unethically obtained information. In law, there are exclusion rules against using illegally obtained evidence in criminal cases. Trade secrecy law prohibits businesses from using confidential information obtained from their competitors. The 'Common Rule' in U.S. scientific research regulation and the World Medical Association's Declaration of Helsinki requires human research subjects to give informed consent to participate in research.8,9
No entries found