The Role of Law versus Ethics

The law consists of rules that are recognized by a society and enforceable
by some authority. It can impose affirmative obligations to act
in certain ways or require people to refrain from certain actions. Although
laws are informed by ethics, they are not equivalent and therefore laws
aren’t entirely congruent with societal ethical norms. For example, we
might agree that lying to a friend is unethical, but lying to a friend is not
illegal. Lying under oath, on the other hand, is always illegal. Legal and
ethical considerations matter to security research in several ways:

• Adherence to ethical principles might be required to meet regulatory or
legal requirements (for example, common rule). Conversely, knowing
and respecting existing laws might be required by an ethical code (such
as ACM).

• A law might identify an individual party’s rights and responsibilities,
and clarify the line between beneficial acts and harmful ones by defining

• Ethical principals that are adopted by the computer security research
community can inform judicial, legislative, and regulatory decisions.

• Where a law is ill-fitting or its interpretation unclear, ethics creates an
objective and consistent way for us to reason about the acceptability of
our actions.


  1. #1 by Joe Rugg on August 25, 2012 - 6:59 pm

    And, so, one wonders what are legal ethics — are they more like law or more like an ethical norm. Lawyers treat them like any other legal construct — what can I do (how close to the line can I go) and still not violate the ethical rule. For most of us, lawyer or layman, this is not the way that one lives an ethical life.

