Legal Risks for Phishing Researchers

The Third Anti-Phishing Working Group eCrime Researchers Summit

11 Pages Posted: 12 Sep 2008 Last revised: 18 Jul 2015

Christopher Soghoian

Yale University - Yale Information Society Project

Date Written: September 10, 2008

Abstract

Researchers are increasingly turning to live, 'in the wild' phishing studies of users, who unknowingly participate without giving informed consent. Such studies can expose researchers to a number of unique, and fairly significant legal risks. This paper will present four case studies highlighting the steps that researchers have taken to avoid legal problems, and to highlight the legal risks that they were unable to avoid. It then provides a high-level introduction to a few particularly dangerous areas of the law. Finally, it concludes with a series of best practices that may help researchers to avoid legal trouble.

Keywords: phishing, cyberlaw, legal risks

Suggested Citation

Soghoian, Christopher, Legal Risks for Phishing Researchers (September 10, 2008). The Third Anti-Phishing Working Group eCrime Researchers Summit. Available at SSRN: https://ssrn.com/abstract=1266262 or http://dx.doi.org/10.2139/ssrn.1266262

Christopher Soghoian (Contact Author)

Yale University - Yale Information Society Project ( email )

127 Wall Street
New Haven, CT 06511
United States

Paper statistics

Downloads
367
Rank
65,058
Abstract Views
2,754