- مبلغ: ۸۶,۰۰۰ تومان
- مبلغ: ۹۱,۰۰۰ تومان
There has recently been an upsurge of interest in the deployment of behavioural economics techniques in the information security and privacy domain. In this paper, we consider first the nature of one particular intervention, the nudge, and the way it exercises its influence. We contemplate the ethical ramifications of nudging, in its broadest sense, deriving general principles for ethical nudging from the literature. We extrapolate these principles to the deployment of nudging in information security and privacy. We explain how researchers can use these guidelines to ensure that they satisfy the ethical requirements during nudge trials in information security and privacy. Our guidelines also provide guidance to ethics review boards that are required to evaluate nudge-related research.
We started experimenting with nudges in authentication four years ago. During the course of carrying out our experiments we became aware of the fact that there were no nudge-specific ethical guidelines in place to guide us. We therefore reviewed the literature to derive these. When we started to peruse the literature, we realized that we needed first to delineate the nudge concept properly. Afterwards, we were able to synthesize arguments for, and against, nudging. We then mapped these onto ethical principles obtained from ethical guidelines developed for psychological research. We conclude with a set of preliminary ethical principles formulated to guide nudge Info-S&P researchers.
This paper is not intended to be the final word on the subject; the authors hope that other Info-S&P researchers will help us to work towards extending and refining these principles to arrive at a resource that can benefit Ethical Review Boards and help them to judge proposed Info-S&P nudge-related research.