Vviewpoints
such grossly immoral ways shows the
dilemma of using unethically obtained
data is not as simple as it initially appears. Nonetheless, the arguments for
and against using such data in research
can guide computing researchers concerned about using data exposed by a
data breach.
Unethically Obtained
Data in Research
Computing researchers are not usually concerned with using data obtained
by inflicting physical or psychological
harm on human subjects. However,
computing and Internet research may
have the potential to cause harm: data
analysis and computing research can
be used to invade privacy and reveal
information about individuals that
might be used against them. Unlike
medical research, the appropriate
uses of big data analytics and the appropriate sources of data are not well
established. 4 In their review of published research that uses unethically
obtained data, Daniel R. Thomas and
his colleagues found the discussion of
SECURITY BREACHES AND the public exposure of internal databases, customer re- cords, and user information are now unfortunately frequent occurrences. The data exposed
by these breaches presents an ethical
dilemma for computing researchers.
Such datasets are potentially valuable
as descriptions of actual behavior and
events that are otherwise hidden from
outside observers. However, researchers must confront the fact this data
was obtained unethically: corporate
confidentiality has been broken, and
the privacy of those described in the
data has been compromised.
There are a variety of contexts where
laws and professional norms prohibit
using unethically obtained information.
In law, there are exclusion rules against
using illegally obtained evidence in
criminal cases. Trade secrecy law pro-
hibits businesses from using confiden-
tial information obtained from their
competitors. The ‘Common Rule’ in
U.S. scientific research regulation and
the World Medical Association’s Dec-
laration of Helsinki requires human
research subjects to give informed con-
sent to participate in research. 8, 9
Nonetheless, in some research
fields there is still debate over whether
researchers should use data obtained
unethically by others. Medical researchers have debated whether to use
the results of deadly and inhumane experimentation conducted by Nazi doctors on concentration camp prisoners
and prisoners of war during the Second
World War. 6 That researchers would seriously consider using data obtained in
Computing Ethics
Should Researchers Use Data
from Security Breaches?
Evaluating the arguments for and against using
digital data derived from security breaches.
DOI: 10.1145/3368091
˲ Susan J. Winter, Column Editor
There are various
kinds of unethically
obtained data
that might interest
computing
researchers.