Cristian Bravo-Lillo, Serge Egelman, Cormac Herley, Stuart Schechter, and Janice Tsai
23 May 2013
Just as security is often a secondary task when users sit down to accomplish something on their computers, ethics tends to be a secondary task for the security researchers who study these users. Both security and ethics rules are often viewed as an inconvenience to those whose productivity is reduced by demands to comply. For researchers, ethics requirements such as informed consent and debriefing are just one of many sources of friction that stand in the way of their research goals.
In this paper, we describe how shared tooling could assist in three different research functions related to ethical compliance: obtaining informed consent, debriefing, and the surveying of surrogate participants when consent cannot be obtained from actual participants. Having invested the time to exceed ethical compliance standards in our recent security experiments, we believe this increased attention to ethical design has benefited participants. We are building services to perform these compliance tasks with the goal of reducing the cost of compliance to researchers and obtaining a level of attention to participant protection that would be unreasonable to expect from researchers for whom this is not a primary goal.
While we are in part motivated to build reusable ethics-compliance tools because they serve a social good, we too stand to benefit; we plan to build these tools as services that facilitate the sharing of ethics-related behavioral data with the ethics research community. As members of that community, we hope to aggregate the behavioral observations flowing from myriad experiments' ethics infrastructure and use these data to iteratively improve the design of our tools. We also hope to run experiments and analyses using these data that benefit the research community as a whole. We hope that, as the flow of data on ethics-related interactions grows, other researchers will also use these data to advance the state of research ethics.
In the remainder of this paper, we describe proposed improvements to three ethics-compliance tasks that could be achieved improve reusable tooling. These tasks are the obtaining of informed consent, the debriefing participants along with monitoring participants reactions during debriefings, and the surveying of surrogate participants.
|Published in||Cyber-security Research Ethics Dialog & Strategy Workshop (CREDS 2013)|