All privacy laws, security policies, and even individual actions are subject to an often-forgotten factor - the "Law of Unintended Consequences" (LUC.) Yet LUC is not a "law" in the sense of appearing in the Criminal Code, nor is it a Law of Nature like gravity. It is actually a manifestation of our inadequate efforts at foresight, and there are things we can do to counteract it. This paper identifies classes of factors which have lead to unintended consequences in the privacy and computer security domains, though the list is by no means exhaustive. It is primarily intended to inspire further thinking and research. We clearly need to make a stronger effort to "foresee the unforeseeable" or at least "expect the unexpected" to maintain public confidence in technological systems. The disciplines of strategic foresight and automated policy analysis may prove useful in attaining this goal. © 2011 IFIP International Federation for Information Processing.
CITATION STYLE
Keenan, T. P. (2011). Oops - We didn’t mean to do that! - How unintended consequences can hijack good privacy and security policies. In IFIP Advances in Information and Communication Technology (Vol. 352 AICT, pp. 108–119). Springer New York LLC. https://doi.org/10.1007/978-3-642-20769-3_9
Mendeley helps you to discover research relevant for your work.