Establishing a framework for the ethical and legal use of web scrapers by cybercrime and cybersecurity researchers: learnings from a systematic review of Australian research

IF 1.6 Q1 LAW

International Journal of Law and Information Technology Pub Date : 2023-10-05 DOI:10.1093/ijlit/eaad023

Katie Logos, Russell Brewer, Colette Langos, Bryce Westlake

{"title":"Establishing a framework for the ethical and legal use of web scrapers by cybercrime and cybersecurity researchers: learnings from a systematic review of Australian research","authors":"Katie Logos, Russell Brewer, Colette Langos, Bryce Westlake","doi":"10.1093/ijlit/eaad023","DOIUrl":null,"url":null,"abstract":"Abstract The Internet has become an increasingly attractive location for collecting data about cyber threats, driven by the abundance of quality data available and accessible online. As such, researchers and practitioners have turned to automated data collection technologies (ADCT), including ‘web crawlers’ and ‘web scrapers’, to study these threats. The rapid proliferation of ADCT has meant directions for their ethical and legal operation have been slow to adapt, with no clear guidelines regulating their use for research. This article identifies the relevant ethical and legal frameworks guiding the deployment of ADCT in Australia for cybersecurity research. This is accomplished through a systematic review of research within this context, coupled with ethical and jurisprudential analysis. We argue that the use of ADCT can be both ethical and legal, but only where mitigating measures are implemented. We provide a series of practical directions to guide researchers and practitioners when navigating this novel terrain.","PeriodicalId":44278,"journal":{"name":"International Journal of Law and Information Technology","volume":"57 1","pages":"0"},"PeriodicalIF":1.6000,"publicationDate":"2023-10-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Law and Information Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1093/ijlit/eaad023","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"LAW","Score":null,"Total":0}

引用次数: 0

Abstract

Abstract The Internet has become an increasingly attractive location for collecting data about cyber threats, driven by the abundance of quality data available and accessible online. As such, researchers and practitioners have turned to automated data collection technologies (ADCT), including ‘web crawlers’ and ‘web scrapers’, to study these threats. The rapid proliferation of ADCT has meant directions for their ethical and legal operation have been slow to adapt, with no clear guidelines regulating their use for research. This article identifies the relevant ethical and legal frameworks guiding the deployment of ADCT in Australia for cybersecurity research. This is accomplished through a systematic review of research within this context, coupled with ethical and jurisprudential analysis. We argue that the use of ADCT can be both ethical and legal, but only where mitigating measures are implemented. We provide a series of practical directions to guide researchers and practitioners when navigating this novel terrain.

查看原文本刊更多论文

建立网络犯罪和网络安全研究人员使用网络抓取器的道德和法律框架:从澳大利亚研究的系统回顾中吸取的教训

互联网已经成为收集网络威胁数据的一个越来越有吸引力的地方，这是由于大量的高质量数据可以在网上获得和访问。因此，研究人员和从业人员已经转向自动数据收集技术(ADCT)，包括“网络爬虫”和“网络抓取器”，以研究这些威胁。ADCT的迅速扩散意味着其伦理和法律操作方向的调整缓慢，没有明确的指导方针来规范其在研究中的使用。本文确定了指导在澳大利亚部署ADCT进行网络安全研究的相关道德和法律框架。这是通过对这一背景下的研究进行系统回顾，再加上伦理和法理分析来完成的。我们认为，使用ADCT可以是道德和法律，但只有在缓解措施实施。我们提供了一系列实用的方向来指导研究人员和实践者在这一新的领域中导航。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Journal of Law and Information Technology LAW-

CiteScore

2.10

自引率

0.00%

发文量

期刊介绍： The International Journal of Law and Information Technology provides cutting-edge and comprehensive analysis of Information Technology, Communications and Cyberspace law as well as the issues arising from applying Information and Communications Technologies (ICT) to legal practice. International in scope, this journal has become essential for legal and computing professionals and legal scholars of the law related to IT.