Abstract
Cybersecurity and cybercrime cannot exist without each other. They are not contraries, but rather two opposite poles of the same idea. Although it may seem that it is a rather black and white kind of relationship, the measures aimed at protecting innocent people raise a myriad of ethical dilemmas. This paper presents the results of a horizon scanning study aimed at identifying the ethical and human rights dilemmas that may arise in relation to cybersecurity and cybercrime; in the paper, the identified “weak signals” have been presented, that is, the ideas or concerns which are less obvious, not widely researched or present in the media. The cybersecurity-related ethical issues arise as part of the relations between the affected people and other entities; thus, in this paper, the identified dilemmas have been organized according to the nature of the relations.
Similar content being viewed by others
Data availability
The even more detailed list of references for the study is available upon request.
References
Humphries M (2020) Report: Garmin paid the ransomware demand. PCMagazine
World Council of Churches (2020) Web meeting focuses on cyber ethical challenges of COVID-19. World Counc, Churches
Timmers P (2019) Ethics of AI and cybersecurity when sovereignty is at stake. Minds Mach 29:635–645. https://doi.org/10.1007/s11023-019-09508-4
Jang-Jaccard J, Nepal S (2014) A survey of emerging threats in cybersecurity. J Comput Syst Sci 80:973–993. https://doi.org/10.1016/j.jcss.2014.02.005
P.S S, S N, M S (2018) Overview of cyber security. IJARCCE 7:125–128 . https://doi.org/10.17148/IJARCCE.2018.71127
Gordon LA, Loeb MP, Zhou L (2011) The impact of information security breaches: has there been a downward shift in costs? J Comput Secur 19:33–56. https://doi.org/10.3233/JCS-2009-0398
Choraś M, Pawlicki M, Kozik R (2019) The feasibility of deep learning use for adversarial model extraction in the cybersecurity domain. pp 353–360
Pawlicki M, Choraś M, Kozik R (2020) Defending network intrusion detection systems against adversarial evasion attacks. Futur Gener Comput Syst 110:148–154. https://doi.org/10.1016/j.future.2020.04.013
Punitha L, Saravanan T, Varnika N (2016) Impact of an electromagnetic threat on cyberspace and cyber security against EM threat. In: 2016 International Conference on Information Communication and Embedded Systems (ICICES). IEEE, pp 1–5
Dean PC, Buck J, Dean P (2014) Identity theft: a situation of worry. J Acad Bus Ethics
Khanna S (2018) How consumers are changing their behavior to combat ID theft. J Account
Hedayati A (2012) An analysis of identity theft: motives, related frauds, techniques and prevention. J Law Confl Resolut 4:1–12. https://doi.org/10.5897/JLCR11.044
Szczepanski M, Choraś M, Pawlicki M, Kozik R (2020) Achieving explainability of intrusion detection system by hybrid oracle-explainer approach. In: Proc. of International Joint Conference on Neural Networks, IJCNN 2020, IEEE. Glasgow
Akhgar B, Choraś M, Brewster B, Bosco F, Vermeersch E, Luda V, Puchalski D, Wells D (2016) Consolidated taxonomy and research roadmap for cybercrime and cyberterrorism. pp 295–321
Choraś M, Kozik R, Churchill A, Yautsiukhin A (2016) Are we doing all the right things to counter cybercrime? pp 279–294
Grobler M, Chamikara MAP, Abbott J, Jeong JJ, Nepal S, Paris C (2020) The importance of social identity on password formulations. Pers Ubiquitous Comput. https://doi.org/10.1007/s00779-020-01477-1
Frank I, Odunayo E (2013) Approach to cyber security issues in Nigeria: challenges and solution. Int J Cogn Res Sci Eng Educ 1:1
Buscher M, Easton C, Kerasidou CX, Escalante MAL, Alter H, Petersen K, Bonnamour MC, Lund D, Baur A, Quinn R, Heesen J, Jasmontaite L, Fuster GG, Boden A, Hofmann B, Stachowicz A, Choras M, Kozik R, Boersma K, Comes M, Clavell GG, Föger N (2018) The isitethical? Exchange responsible research and innovation for disaster risk management
Shoemaker D, Kohnke A, Laidlaw G (2019) Ethics and cybersecurity are not mutually exclusive. EDPACS 60:1–10. https://doi.org/10.1080/07366981.2019.1651516
Puddephatt A, Kaspar L (2015) Cybersecurity is the new battleground for human rights. openDemocracy
Pawlicka A, Jaroszewska-Choraś D, Choraś M, Pawlicki M (2020) The guidelines for stego/malware detection tools achieving GDPR compliance. IEEE Technol Soc Mag 39:60–70
Delaney K (2014) A practical guide: introduction to horizon scanning in the public sector
Cuhls KE (2020) Horizon scanning in foresight – why horizon scanning is only a part of the game. Futur FORESIGHT Sci 2. https://doi.org/10.1002/ffo2.23
Directorate-General for Research and Innovation (European Commission), Fraunhofer Institute for Systems and Innovation, TNO, VTT Technical Research (2016) Models of horizon scanning. How to integrate horizon scanning into European research and innovation policies
Bishop P (2009) Horizon scanning why is it so hard?
Rowe E, Wright G, Derbyshire J (2017) Enhancing horizon scanning by utilizing pre-developed scenarios: analysis of current practice and specification of a process improvement to aid the identification of important ‘weak signals’. Technol Forecast Soc Change 125:224–235. https://doi.org/10.1016/j.techfore.2017.08.001
Brown D (2007) Horizon scanning and the business environment — the implications for risk management. BT Technol J 25:208–214. https://doi.org/10.1007/s10550-007-0022-8
Amanatidou E, Butter M, Carabias V, Konnola T, Leis M, Saritas O, Schaper-Rinkel P, van Rij V (2012) On concepts and methods in horizon scanning: Lessons from initiating policy dialogues on emerging issues. Sci Public Policy 39:208–221. https://doi.org/10.1093/scipol/scs017
Karasalo M, Schubert J (2019) Developing horizon scanning methods for the discovery of scientific trends. In: 2019 International Conference on Document Analysis and Recognition (ICDAR). IEEE, pp 1055–1062
Müller S (2014) Free yet secure on the internet: how can internet security be reconciled with human rights? Alumniportal Deutschl
Robertson A (2019) Border agents are checking entrants’ Facebook and Twitter profiles — but we still don’t know how closely. The Verge
EDRi (2018) New protocol on cybercrime: a recipe for human rights abuse? In: Eur Digit Rights
Sedgwick S (2019) Ethics in technology & cyber security. In: Linkedin
(2019) Cybersecurity – a matter of ethics. In: EC-Council Univ. Blog. https://blog.eccu.edu/cybersecurity-a-matter-of-ethics/
Team ANP (2017) A closer look at China’s cybersecurity law — cybersecurity, or something else? Accessnow
Lindskog D (2017) The top 7 ethical dilemmas reported by IT in 2016. IT World Canada
Campbell-Dollaghan K (2018) Sorry, your data can still be identified even if it’s anonymized. Fast Co.
Lai J, Mu Y, Guo F, Susilo W, Chen R (2017) Fully privacy-preserving and revocable ID-based broadcast encryption for data access control in smart city. Pers Ubiquitous Comput 21:855–868. https://doi.org/10.1007/s00779-017-1045-x
Jamil D, Ali Khan MN (2011) Is ethical hacking ethical? Int J Eng Sci Technol 5:3
Jackson T (2015) Can Africa fight cybercrime and preserve human rights? BBC News
(2017) Cybersecurity challenges in healthcare - ethical, legal and social aspects. In: Found. Brocher. https://www.brocher.ch/en/events/274/cybersecurity-challenges-in-healthcare-ethical-legal-and-social-aspects/
Finnemore M (2018) Ethical dilemmas in cyberspace. Ethics Int Aff 32:457–462. https://doi.org/10.1017/S0892679418000576
Grinnell R (2019) The ethical use of data. CSO
Stile EM (2017) Cyber security and data privacy in Argentina. Financ. Worldw
Gavirneni S (2019) The ethical dilemma of ransomware payouts. Zeguro
Lee WW (2015) Risk and ethics in cyberspace. ISACA J 6
Sethfors H (2017) Captchas suck. https://axesslab.com/captchas-suck/
Pompom R (2018) The ethical and legal dilemmas of threat researchers. HelpNetSecurity
Burstein A (2009) Legal and ethical issues facing cybersecurity researchers
Bradbury D (2017) In search of an ethical code for cybersecurity. Infosecurity Mag.
Martin CD (2019) EES perspective when white hats wear black hats: The Ethics of Cybersecurity. Fall Issue Bridg Cybersecurity
Shou D (2012) Ethical considerations of sharing data for cybersecurity research. pp 169–177
Flake H (2020) Why I [love] offensive work Why I [hate] offensive work. https://docs.google.com/presentation/d/1YcBqgccBcdn5-v80OX8NTYdu_-qRmrwfejlEx6eq-4E/edit#slide=id.g7dd52a5bec_0_1028
Faily S, McAlaney J, Claudia I (2015) Ethical dilemmas and dimensions in penetration testing
Munjal M (2014) Ethical hacking: an impact on society. Cyber Times Int J Technol Manag 7:922–931
Georg T, Oliver B, Gregory L (2018) Issues of implied trust in ethical hacking. ORBIT J 2:1–19. https://doi.org/10.29297/orbit.v2i1.77
Hatfield JM (2019) Virtuous human hacking: the ethics of social engineering in penetration-testing. Comput Secur 83:354–366. https://doi.org/10.1016/j.cose.2019.02.012
Shinder D (2005) Ethical issues for IT security professionals. Computerworld
Ministry of Electronics and Information Technology REPORT OF COMMITTEE – D ON CYBER SECURITY, SAFETY, LEGAL AND ETHICAL ISSUES
(2017) Ethics in information security. IEEE Secur Priv 15:3–4. https://doi.org/10.1109/MSP.2017.75
Taddeo M (2019) Three ethical challenges of applications of artificial intelligence in cybersecurity. Minds Mach 29:187–191. https://doi.org/10.1007/s11023-019-09504-8
Choraś M, Kozik R (2015) Machine learning techniques applied to detect cyber attacks on web applications. Log J IGPL 23:45–46
Choraś M, Pawlicki M, Puchalski D, Kozik R (2020) Machine learning - the results are not the only thing that matters! What about security, explainability and fairness? ICCS 4:615–628
Dobrygowski D, Hoffman W (2019) We need to build up ‘digital trust’ in tech. In: Wired. https://www.wired.com/preview/story/5ce82fe9b256981c3b6b2bd5
Walma M Four common myths about human rights and security in cyberspace. Free Online Coalition
Jay J (2020) AI and big data could introduce fresh cyber security challenges: Europol
Brown D, Esterhuysen A (2019) Why cybersecurity is a human rights issue, and it is time to start treating it like one. In: APCNews. https://www.apc.org/en/news/why-cybersecurity-human-rights-issue-and-it-time-start-treating-it-one
Funding
This work has been performed under the H2020 833115 project PREVISION, which has received funding from the European Union’s Horizon 2020 Programme.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
There are neither any conflicts of interest nor competing interests.
Ethics approval
Not applicable
Consent to participate
Not applicable
Disclaimer
This paper reflects only the authors view, and the European Commission is not liable to any use that may be made of the information contained therein.
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Pawlicka, A., Choraś, M., Kozik, R. et al. First broad and systematic horizon scanning campaign and study to detect societal and ethical dilemmas and emerging issues spanning over cybersecurity solutions. Pers Ubiquit Comput 27, 193–202 (2023). https://doi.org/10.1007/s00779-020-01510-3
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00779-020-01510-3