On Sun, 2021-12-19 at 09:51 -0600, Larry M. Smith via mailop wrote:
> There has been another update, and appears to be well worth a read.

Indeed it is.  I have complimented Jonathan for his leadership.  His
note is what counts.

I had used some of my snowy/rainy/slushy weekend to research US law. 
Obligatory disclaimer:  I am not licensed to practise US law, this is
unfamiliar territory, the following is for information purpose only, is
possibly wrong, I am not the lawyer of any reader of this information,
do not rely on this information.

With the disclaimer out of the way, I have found out the legal ground
on which the IRBs make the determination if the research is human-
subject research or not.  The rest (thinking of the consequences on the
humans or not) follows from that determination.  

Subpart A of 45 CFR Part 46.  To my horror I found ยง46.102 (e)(1)
extends protections to humans only when the information extracted is
about them.  The moment researchers are not extracting data about the
human itself, the IRB does not even have to consider the effect that
the research will have on any human.  My understanding of the law as
written is that it white-washes a researcher who coerce information
about a third party from a human!

The flow chart is at [1].

No-one considered that the mechanisms of the law exercised an abnormal,
in my view intolerable amount of pressure on the human recipients of
the emails, in addition to their scammy/spammy character.  Even if
unintentional, the end-effect was morally wrong, a lack of respect for
persons as envisioned by the Belmont Report [2].


To me, this was a dead-end.  The research was in my view morally wrong,
but legally right and I had no leverage other than appealing to the
researchers' morality because the law is flawed.  And the IRB has
simply done its job as expected by the law, so again, no leverage
whatsoever.  Leveraging the spam issue and putting the kids in the same
class as the phishers and other scammers that infest the internet would
have been heavy-handed and probably also inconclusive, putting them on
the defensive and achiving nothing more than the shields of the anti-
abuse tools were not already achieving.

Dilemma: how to advance on the issue?  Sure, there is that ethical
middle ground, the Belmont Report [3], but it required goodwill on the
other side.  Jonathan has shown goodwill.

This is no longer on-topic for nitty gritty email system operators, so
I will stop annoying mailop with this.

I want to thank everyone who has contributed little bits of evidence to
the case, whether it is point out to anti-spam resources clearly
showing that the emails were spam; or describing their experience.  You
have all helped the researchers understand that what they did was
morally wrong.

[1] <
https://www.hhs.gov/ohrp/regulations-and-policy/decision-charts-2018/index.html#c1
>

[2] <
https://www.hhs.gov/ohrp/regulations-and-policy/belmont-report/read-the-belmont-report/index.html#xrespect
>

[3] <
https://www.hhs.gov/ohrp/regulations-and-policy/belmont-report/index.html
>

-- 
Yuval Levy, JD, MBA, CFA
Ontario-licensed lawyer


_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Reply via email to