Changes between Version 5 and Version 6 of doc/PETS2011EthicsPanel


Ignore:
Timestamp:
Aug 15, 2011, 3:11:30 PM (8 years ago)
Author:
AdamShostack
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • doc/PETS2011EthicsPanel

    v5 v6  
    1 Chris Soghoian summarized McCoy et al and Castelluccia et al papers, and described some of the issues there. (Both involved collecting data from exit servers.) Relevant questions: Is it relevant whether research is specifically about Tor, or whether it's just a convenient point to eavesdrop on people? Is it relevant whether data is aggregated?  Chris proposed: only eavesdrop a network in order to do research on that network. (IOW, no using anonymity nets as a source of eavesdroppable users who can't easily complain or TOS you..) Minimize collection or retention. Stuff should be legal in the country where it's performed. Vet your stuff with an IRB if you have one.  He suggested that papers ought to need to include a standard section about what ethical issues there were and what the authors did about it.  Chris's slides are below.
     1Chris Soghoian summarized McCoy et al and Castelluccia et al papers, and described some of the issues there. (Both involved collecting data from exit servers.) Relevant questions: Is it relevant whether research is specifically about Tor, or whether it's just a convenient point to eavesdrop on people? Is it relevant whether data is aggregated?  Chris proposed: only eavesdrop a network in order to do research on that network. (IOW, no using anonymity nets as a source of eavesdroppable users who can't easily complain or TOS you..) Minimize collection or retention. Stuff should be legal in the country where it's performed. Vet your stuff with an IRB if you have one.  He suggested that papers ought to need to include a standard section about what ethical issues there were and what the authors did about it.  Chris's slides are attached at the bottom of this page.
    22
    3 Next Roger Dingledine talked. He said he'd raise lots of point and not answer them. He discussed whether legal standards were particularly relevant, claiming that legal protections fall short of security properties, but claiming that researchers need to hold to a higher standard than actual adversaries. He then talked about research groups who asked Roger about how to do such research, get referred to a lawyer, then give up, So conservative careful groups give up, and brash/reckless groups (nor roger's words) become the only ones to do collection.
     3Roger Dingledine spoke next. He said he'd raise lots of point and not answer them. He discussed whether legal standards were particularly relevant, claiming that legal protections fall short of security properties, but claiming that researchers need to hold to a higher standard than actual adversaries. He then talked about research groups who asked Roger about how to do such research, get referred to a lawyer, then give up, So conservative careful groups give up, and brash/reckless groups (nor roger's words) become the only ones to do collection.
    44
    55Roger proposed: only study an anonymity network iin order to do research on that network. Minimize data collection. (But it's hard to know in advance what to minimize.) Only present data that relates to your hypothesis. (If your hypothesis is about whether an attack works on the network, don't add a section to your paper where you out users and explain where they live and what they're doing.) Don't keep data that isn't safe to publish. Explain data collection methodology in public before you actually do it, so that it can actually get reviewed. Reviewers should demand enough info in papers to know that data collection methodology was safe. [Roger mentioned a paper I talked with him about where the whole paper is about deanonymizing users using only a tiny little bit of data... and where the ethics section was just "We hashed IPs, so it's all okay."]