The future of online trust, innovation & self-regulation is threatened by a widening gap between users. expectations, formed by laws and norms, and the capacity for great benefits and harms generated by technological advances. As this gap widens, so too does ambiguity between asserted rights and threats. How do we close this gap and thereby lower risks, while also instilling trust in online activities? The solution embraces fundamental principles of ethics to guide our decisions in the midst of information uncertainty.
One context where this solution is germinating is cybersecurity research. Commercial and public researchers and policymakers are tackling novel ethical challenges that exert a strong influence for online trust dynamics. These challenges are not exceptional, but increasingly the norm: (i) to understand and develop effective defenses to significant Internet threats, researchers infiltrate malicious botnets; (ii) to understand Internet fraud (phishing) studies require that users are unaware they are being observed in order to ascertain typical behaviors; and (iii) to perform experiments measuring Internet usage and network characteristics that require access to sensitive network traffic.
These research activities are prerequisite for evidence-based policymaking that impacts us individually and collectively, such as infrastructure security, network neutrality, free market competition, spectrum application and broadband deployment, technology transfer, and intellectual property rights. Therefore, in the wake of failures to resolve these mounting tensions, ethics has re-emerged as a crucial ordering force. For this reason, ethics underpins the debate among CS researchers, oversight entities, industrial organizations, the government and end users about what research activity is or is not acceptable.