Hi all, For those who did not attended our panel on "Other Ethics" at AoIR in Manchester, my contribution was to mention a DHS-supported effort to develop principles and applications for ethical evaluation of ICT research and how it can help in studying computer crime in ICT settings. If you are not familiar with the Menlo Report and want to learn more, see: Michael Bailey, David Dittrich, Erin Kenneally, and Douglas Maughan. The Menlo Report. Security & Privacy, IEEE, 10(2):71–75, March/April 2012. http://staff.washington.edu/dittrich/papers/menlo_report/menlo_report.pdf Two of my Menlo colleagues and I recently taught a didactic course at the PRIM&R IRB conference in San Diego. The course primarily described the Menlo Report process, but concluded with a mock IRB committee review of a fictional proposed research project in which researchers develop countermeasures to malicious botnets in social network platforms like Facebook using a combination of deception to build a social network of over 1 million users and to then use "good bots" that infiltrate the "bad bots". I would be very interested in hearing any feedback from researchers on this list who study social networks and have had experience with their own IRBs as to whether this paper is helpful and in what ways, or how it could be modified to be more helpful. You can find the paper here: David Dittrich. The Ethics of Social Honeypots. Available at SSRN: http://ssrn.com/abstract=2184997, 2012. P.S. Stuart Schecter already pointed out to me that Facebook provides a back-end service to researchers that would obviate the need to use deception in order to get the same information necessary to detect malicious botnets. I was not aware of it and possibly many others are not as well. Regardless, the discussion of how to address the issues of deception in ICT research studies is still important to consider. -- Dave Dittrich dittrich@apl.washington.edu http://staff.washington.edu/dittrich PGP key: http://staff.washington.edu/dittrich/pgpkey.txt Fingerprint: 097B 4DCB BF16 E1D8 A06C 7512 A751 C80A D15E E079 -- Dave Dittrich dittrich@apl.washington.edu http://staff.washington.edu/dittrich PGP key: http://staff.washington.edu/dittrich/pgpkey.txt Fingerprint: 097B 4DCB BF16 E1D8 A06C 7512 A751 C80A D15E E079