The Third Anti-Phishing Working Group eCrime Researchers Summit
11 Pages Posted: 12 Sep 2008 Last revised: 18 Jul 2015
Date Written: September 10, 2008
Researchers are increasingly turning to live, 'in the wild' phishing studies of users, who unknowingly participate without giving informed consent. Such studies can expose researchers to a number of unique, and fairly significant legal risks. This paper will present four case studies highlighting the steps that researchers have taken to avoid legal problems, and to highlight the legal risks that they were unable to avoid. It then provides a high-level introduction to a few particularly dangerous areas of the law. Finally, it concludes with a series of best practices that may help researchers to avoid legal trouble.
Keywords: phishing, cyberlaw, legal risks
Suggested Citation: Suggested Citation
Soghoian, Christopher, Legal Risks for Phishing Researchers (September 10, 2008). The Third Anti-Phishing Working Group eCrime Researchers Summit. Available at SSRN: https://ssrn.com/abstract=1266262 or http://dx.doi.org/10.2139/ssrn.1266262