To deceive or not to deceive!: legal implications of phishing covert research

R. S. El-Din; Lisa Sugiura

doi:10.1504/IJIPM.2013.057635

To deceive or not to deceive! legal implications of phishing covert research

R. S. El-Din, Lisa Sugiura

School of Criminology and Criminal Justice

Research output: Contribution to journal › Article › peer-review

Abstract

Whilst studying mobile users' susceptibility to phishing attacks, we found ourselves subject to regulations concerning the use of deception in research. We argue that such regulations are misapplied in a way that hinders the progress of security research. Our argument analyses the existing framework and the ethical principles of conducting phishing research in light of these regulations. Building on this analysis and reflecting on real world experience; we present our view of good practice and suggest guidance on how to prepare legally compliant proposals to concerned ethics committees.

Original language	English
Pages (from-to)	285-293
Journal	International Journal of Intellectual Property Management
Volume	6
Issue number	4
DOIs	https://doi.org/10.1504/IJIPM.2013.057635
Publication status	Published - 2013

Keywords

phishing
research ethics
deception
IT law
information technology
security research

Access to Document

10.1504/IJIPM.2013.057635

Cite this

@article{8f014d696e26400b814f1bf96916bd2a,

title = "To deceive or not to deceive!: legal implications of phishing covert research",

abstract = "Whilst studying mobile users' susceptibility to phishing attacks, we found ourselves subject to regulations concerning the use of deception in research. We argue that such regulations are misapplied in a way that hinders the progress of security research. Our argument analyses the existing framework and the ethical principles of conducting phishing research in light of these regulations. Building on this analysis and reflecting on real world experience; we present our view of good practice and suggest guidance on how to prepare legally compliant proposals to concerned ethics committees. ",

keywords = "phishing, research ethics, deception, IT law, information technology, security research",

author = "El-Din, {R. S.} and Lisa Sugiura",

year = "2013",

doi = "10.1504/IJIPM.2013.057635",

language = "English",

volume = "6",

pages = "285--293",

journal = "International Journal of Intellectual Property Management",

issn = "1478-9647",

publisher = "Inderscience Publishers",

number = "4",

}

TY - JOUR

T1 - To deceive or not to deceive!

T2 - legal implications of phishing covert research

AU - El-Din, R. S.

AU - Sugiura, Lisa

PY - 2013

Y1 - 2013

N2 - Whilst studying mobile users' susceptibility to phishing attacks, we found ourselves subject to regulations concerning the use of deception in research. We argue that such regulations are misapplied in a way that hinders the progress of security research. Our argument analyses the existing framework and the ethical principles of conducting phishing research in light of these regulations. Building on this analysis and reflecting on real world experience; we present our view of good practice and suggest guidance on how to prepare legally compliant proposals to concerned ethics committees.

AB - Whilst studying mobile users' susceptibility to phishing attacks, we found ourselves subject to regulations concerning the use of deception in research. We argue that such regulations are misapplied in a way that hinders the progress of security research. Our argument analyses the existing framework and the ethical principles of conducting phishing research in light of these regulations. Building on this analysis and reflecting on real world experience; we present our view of good practice and suggest guidance on how to prepare legally compliant proposals to concerned ethics committees.

KW - phishing

KW - research ethics

KW - deception

KW - IT law

KW - information technology

KW - security research

U2 - 10.1504/IJIPM.2013.057635

DO - 10.1504/IJIPM.2013.057635

M3 - Article

SN - 1478-9647

VL - 6

SP - 285

EP - 293

JO - International Journal of Intellectual Property Management

JF - International Journal of Intellectual Property Management

IS - 4

ER -

To deceive or not to deceive! legal implications of phishing covert research

Abstract

Keywords

Access to Document

Fingerprint

Cite this