Response to Comments Received for the “The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research” (“The Menlo Report”) for the Department of Homeland Security (DHS), Science and Technology, Cyber Security Division (CSD), Protected Repository for the Defense of Infrastructure Against Cyber Threats (PREDICT) Project, 73669-73671 [2012-29818]
Download as PDF
73669
Federal Register / Vol. 77, No. 238 / Tuesday, December 11, 2012 / Notices
approximately 6 weeks after the initial
call to the center. This follow-up
telephone interview (MI/SP Caller
Follow-up Interview) will be conducted
to collect information on demographic
characteristics, gather caller feedback on
the initial call made to the center,
suicide risk status at the time of and
since the call, current depressive
symptomatology, follow through with
the safety plan and referrals made by the
crisis counselor, and barriers to service.
Prior to collecting information during
the MI/SP Caller Follow-up Interview,
researchers will read callers the MI/SP
Caller Follow-up Consent Script. Taking
into account attrition and the number of
callers who do not give consent, it is
expected that the total number of
follow-up interviews conducted by the
research team will not exceed 1,107.
The estimated response burden to
collect this information is as follows
annualized over the requested 3-year
clearance period is presented below:
ANNUALIZED AVERAGES: RESPONDENTS, RESPONSES AND HOURS
No. of
respondents
Instrument
MI/SP
MI/SP
MI/SP
MI/SP
MI/SP
MI/SP
No. of
responses per
Respondent *
Total number
of responses
Burden/
response
(hours)
Annual
burden *
(hours)
Caller Initial Script .....................................................
Caller Follow-up Consent Script ...............................
Caller Follow-up Interview ........................................
Counselor Consent ...................................................
Counselor Attitudes Questionnaire ...........................
Counselor Follow-up Questionnaire .........................
500
369
369
250
250
250
1
1
1
1
1
5
500
369
369
250
250
1250
.08
.17
.67
.08
.25
.17
40
63
247
20
63
213
Total ..............................................................................
1,988
........................
........................
........................
646
* Rounded to the nearest whole number.
Send comments to Summer King,
SAMHSA Reports Clearance Officer,
Room 2–1057, One Choke Cherry Road,
Rockville, MD 20857 AND email her a
copy at summer.king@samhsa.hhs.gov.
Written comments should be received
within 60 days of this notice.
Menlo Report. The intent of the notice
was to further refine the content of the
Menlo Report beyond the working group
that had generated the report. This
notice responds to the comments
received during this 60-day public
notice.
Summer King,
Statistician.
ADDRESSES:
The updated Menlo Report
may be found at https://
www.cyber.st.dhs.gov/.
FOR FURTHER INFORMATION CONTACT: DHS
S&T, Email Menlo_Report@dhs.gov.
SUPPLEMENTARY INFORMATION:
[FR Doc. 2012–29825 Filed 12–10–12; 8:45 am]
BILLING CODE 4162–20–P
DEPARTMENT OF HOMELAND
SECURITY
Background
Office of the Secretary
[Docket No. DHS–2012–0041]
Response to Comments Received for
the ‘‘The Menlo Report: Ethical
Principles Guiding Information and
Communication Technology
Research’’ (‘‘The Menlo Report’’) for
the Department of Homeland Security
(DHS), Science and Technology, Cyber
Security Division (CSD), Protected
Repository for the Defense of
Infrastructure Against Cyber Threats
(PREDICT) Project
Science and Technology
Directorate, DHS.
ACTION: Response.
AGENCY:
The Department of Homeland
Security (DHS), Science and Technology
(S&T) published a 60-day public notice
in the Federal Register on December 28,
2011 (Federal Register Volume 76,
Number 249, Docket No. DHS–2011–
0074) to invite public comment on the
tkelley on DSK3SPTVN1PROD with
SUMMARY:
VerDate Mar<15>2010
19:01 Dec 10, 2012
Jkt 229001
A grassroots working group composed
of stakeholders in information and
communication technology research
(ICTR), with support from the
Homeland Security Advanced Research
Projects Agency (HSARPA) CSD,
developed the Menlo Report. HSARPA
CSD published this report in the
Federal Register in December 2011 (76
FR 81517, Docket No. DHS–2011–0074)
to invite public comment, and sixteen
comments were received. The complete
text of the public comments and the
Federal Register notice are available on
the Regulations.gov web site at https://
www.regulations.gov/
#!docketDetail;D=DHS-2011-0074.
To address the comments, a subset of
the initial working group was assembled
that has stewarded the document since
its inception. In summary, the
comments contained both laudatory and
critical remarks and covered issues that
ranged in scope from targeted to general.
The approach to absorbing this valuable
feedback was to analyze each comment,
distill the issue(s) raised by the
PO 00000
Frm 00059
Fmt 4703
Sfmt 4703
commenter, reflect on the relevant text
in the Menlo Report, and generate a
response. Those responses entailed
identifying proposed changes intended
to resolve the issues raised, either by
modifying text that was unclear or
misinterpreted by readers or by
accepting constructive criticism.
Changes to the Report
The Menlo Report has been updated
and is available at https://
www.cyber.st.dhs.gov/. Overall, the
changes to the Menlo Report based on
the comments are summarized as
follows:
1. The next version will clarify that
the Menlo Report is not an official
policy statement of DHS and that DHS
does not have the intention or authority
to permit researchers to engage in any
practice in the name of ‘‘ethical
research.’’
2. The next version will reflect that
the main focus of the Menlo Report is
on private sector and academic
researchers who may be government
funded, rather than DHS employees.
While the Menlo Report may certainly
be applicable to government
researchers, it is not intended to conflict
with or preempt statutory or regulatory
requirements placed on government
employees.
3. The next version will explicitly
address the choice of Belmont Report
model instead of an alternative ethical
framework (i.e., a Belmont Report
principles-in-context approach).
Specifically, the next version of the
Menlo Report will clarify the benefit to
society versus the risks to research
subjects under this model.
E:\FR\FM\11DEN1.SGM
11DEN1
73670
Federal Register / Vol. 77, No. 238 / Tuesday, December 11, 2012 / Notices
4. The next version will address the
relationship between law and ethics,
(i.e., when a researcher’s ethicallyderived beliefs are in direct conflict
with relevant laws) by stating it is
beyond the scope of the Menlo Report
to advocate a position when laws
directly conflict with ethics. Rather, the
Menlo Report reinforces the principle
that ethics plays a role in closing gaps
in laws and clarifying grayness in
interpretation of laws.
5. The next version will highlight the
value of the Menlo Report guidelines to
society rather than just researchers.
Detailed Comments and Responses
S&T published a 60-day public notice
in the Federal Register on December 28,
2011 (Federal Register Volume 76,
Number 249, Docket No. DHS–2011–
0074) to invite public comment on the
Menlo Report. The notice helped further
refine the content of the Menlo Report
by seeking comments on the document
generated by the working group. At the
end of the 60-day comment period, S&T
received sixteen comments from two
universities, four private citizens, three
non-profit organizations, one foreign
university, and one professional
association. In general, the comments
received fall into the following
categories:
1. The Menlo Report construed as
official DHS policy
2. Interpretation of informed consent
3. Researcher interaction with a
research subject’s computer
4. Calculating benefits and harms
5. Estimation of benefits and harms
from ICTR
6. Applicability of the Institutional
Review Board (IRB) model for ethical
review of ICTR
7. The relationship between laws and
ethics
8. Privacy rights of individuals related
to corporate monitoring
9. Ethical considerations for future
contemplation and study
10. Standalone comments
tkelley on DSK3SPTVN1PROD with
A. The Menlo Report As Official DHS
policy
Several comments stated that the
Menlo Report is an official policy
statement of DHS and that DHS has the
intention or authority to permit
researchers to engage in any practice in
the name of ‘‘ethical research.’’
Response: The Menlo Report offers
ethical guidance for public and private
researchers and explicitly advocates
respect for the law and public interest
(e.g., supporting the notion that
different laws may apply to government
researchers) and is neither an official
nor authoritative policy statement for
VerDate Mar<15>2010
19:01 Dec 10, 2012
Jkt 229001
DHS or law enforcement. As a result,
modifications to the Menlo Report will
have additional, explicit language to
indicate that while DHS supports the
Menlo Report, the Menlo Report does
not represent official agency policy nor
should it be interpreted as applying to,
conflicting with, or superseding
statutory mandates and other
authoritative commitments governing
actions by the government.
B. Interpretation of Informed Consent
Several comments were received
related to the discussion of informed
consent in the Menlo Report.
Response: Support for informed
consent will be conveyed by the Menlo
Report byh detailing how researchers
and Research Ethics Boards (REB)
should consider the situation where
waivers of informed consent are sought.
Modifications to the Menlo Report will
substitute the term ‘‘proxy’’ with the
Common Rule term ‘‘legally authorized
representative,’’ clarify the issue of their
relationship to requests for waivers, and
better balance the perspective between
that of researchers and that of end-users
or research subjects. The respondents
agree with the observation in various
comments regarding ICTR and waivers
to informed consent and will highlight
this issue in modifications to the Menlo
Report. Given the gravity and ubiquity
of cyber-crime, the benefits and
importance of accurate research data for
countering it is a specific situation that
may satisfy the requirements of 45 CFR
46.116 allowing requests for alteration
or elimination of informed consent
requirements in those situations where
minimal risk to subjects (or those reliant
on information and communication
technology (ICT) under study) exists.
C. Researcher Interaction With a
Research Subject’s Computer
Multiple comments dealt with the
issue of interacting with a research
subject’s computer or interacting with
malicious software under study that the
owner of the computer is not even
aware exists on their computer.
Response: It is understood that the
study of malicious software, to include
botnets, is an area that can pose greater
than minimal risk to those who rely on
infected computers. Ultimately, the
issue of what constitutes ‘‘minimal
risk,’’ and also whether it is ‘‘human
subjects research’’ to interact with the
computer, as opposed to the human,
must be determined. Given that IRB in
the United States today do not require
that researchers adhere to zero-risk, but
rather they are guided by requirements
of 45 CFR 46.111, the Menlo Report will
be updated to clarify the justification for
PO 00000
Frm 00060
Fmt 4703
Sfmt 4703
this approach by illuminating the
consequences of a zero-risk tolerance
approach, noting, for example, how it
would negatively impact the public’s
ability to benefit from research.
D. Calculating Benefits and Harms
Various comments received also
raised issues regarding the estimation of
benefits and harms from ICTR,
including not only who may be harmed
but also how potential benefits and
harms can be quantified.
Response: The current ‘‘Identifying
Harms’’ section of the Menlo Report
addresses concerns about lack of
comprehensive coverage of harms.
However, to bolster this area, the Menlo
Report will be updated to address the
potential, rather than certainty, of harms
resulting from research activities.
Specifically, personal privacy and
information confidentiality and integrity
are uncontrovertibly noted as potential
harms that must be addressed. Updates
will also clarify the distinction and
relevance of the benefit to society versus
the risks to research subjects in ICTR.
The respondents will also change the
text to include harms resulting from
notification of research, and publication
of information that can be used to cause
harm. Additional verbiage will also seek
to clarify the distinction and relevance
of the benefit to society versus the risks
to research subjects in ICTR.
E. Applicability of the Institutional
Review Board (IRB) Model
Several comments raised the
appropriateness of the Belmont/IRB
model, related to both behavioral and
biomedical research, for ethical review
of ICTR.
Response: The purpose of the Menlo
Report is to advocate principles and
applications, not to define enforcement
mechanisms. The crux of these
comments related to applicability of the
Belmont Report. The next version of the
Menlo Report will concretely state that
it is deliberately founded on the
Belmont model, which was originally
developed for the biomedical research
context but is not limited to
biomedicine, as evidenced by the fact
that this model is currently used for
evaluation of behavioral research
(including that which involves ICT).
F. Relationship Between Laws and
Ethics
Many comments were received
relating to conflicts between ethical
codes and the law.
Response: The comments were
diverse but converged on the necessity
to add text regarding the relationship
between law and ethics. The assertion
E:\FR\FM\11DEN1.SGM
11DEN1
Federal Register / Vol. 77, No. 238 / Tuesday, December 11, 2012 / Notices
that the Menlo Report precludes the
Common Rule is conjecture that
appeared in one of the comments, and
it is important to mention that this is
not substantiated by evidence from the
Menlo Report. This criticism does not
reflect what is presently allowed by the
Common Rule in terms of waivers (see
45 CFR 46.116, specifically subsections
(c) and (d)). The Menlo Report currently
is framed in such a way as to be
congruous with the predominant REB
model in the United States, IRB. The
Menlo Report will be revised to include
text that clarifies that the Menlo Report
does not take any stance on addressing
the situation when laws are viewed by
the public to be unethical. It was also
apparent from the comments that the
Menlo Report needs to clarify that
researchers are not authorized to waive
consent. The Menlo Report will also be
updated in the Respect for Law and
Public Interest section to address
conflicts with principles of compliance,
transparency, and accountability and
with the privacy interests of
individuals.
G. Privacy of Individuals vs.
Corporations
Multiple comments highlighted a
problem regarding the discussion on the
privacy of an organization in relation
with enhancing cyber security.
Response: This discussion will be
removed from the next version of the
Menlo Report. The comments correctly
indentified a potential inconsistency.
tkelley on DSK3SPTVN1PROD with
H. Ethical Considerations for Future
Contemplation and Atudy
Finally, there were comments
suggesting a general call for further
study and engagement with various
communities and agencies in order to
create workable guidance.
Response: Much additional work will
be done as a follow on to the Menlo
Report to spur additional discussion of
the approach to ethics in ICTR
presented in the Menlo Report. Some of
this research has already been
undertaken and is included in a
companion report to the Menlo Report.
I. Standalone Comments
There were several comments that did
not fall into the preceding categories but
did spur further changes to the Menlo
Report. The following will be reflected
as updates to the Menlo Report:
1. A clarification will be added
explaining that while the Menlo Report
adopts Belmont Report principles and
the Common Rule regime in framing the
principles and applications for
evaluating and applying ethics in ICTR,
it also highlights areas within the
VerDate Mar<15>2010
19:01 Dec 10, 2012
Jkt 229001
Common Rule that are more frequently
exercised by ICTR or that may cause
problems in applying it to ICTR.
2. Language to more clearly discuss
how to make inclusion/exclusion
decisions in conformance with Justice
and Equity considerations will be
added.
3. In general, the revised Menlo
Report will take a well-rounded
perspective to include the end-user
perspective, in addition to a researchercentric perspective.
4. The discussion of the existence and
management of pre-existing data will be
expanded.
5. The discussion regarding the
creation of the Internet and its growth
to include the hosting databases with
personally identifiable information will
be clarified.
6. The description or context of the
use of the term ‘‘reasonable researcher’’
will be updated.
7. Explanatory language to address the
issue of record retention will be
included in the Mitigation of Realized
Harms section.
8. The term ‘‘evidence-based
consideration’’ will be clarified.
Dated: November 30, 2012.
Tara O’Toole,
Under Secretary for Science and Technology.
[FR Doc. 2012–29818 Filed 12–10–12; 8:45 am]
BILLING CODE 9110–9F–P
DEPARTMENT OF HOMELAND
SECURITY
U.S. Customs and Border Protection
Agency Information Collection
Activities: Deferral of Duty on Large
Yachts Imported for Sale
U.S. Customs and Border
Protection, Department of Homeland
Security.
ACTION: 30-Day notice and request for
comments; extension of an existing
collection of information: 1651–0080.
AGENCY:
U.S. Customs and Border
Protection (CBP) of the Department of
Homeland Security will be submitting
the following information collection
request to the Office of Management and
Budget (OMB) for review and approval
in accordance with the Paperwork
Reduction Act: Deferral of Duty on
Large Yachts Imported for Sale. This is
a proposed extension of an information
collection that was previously
approved. CBP is proposing that this
information collection be extended with
no change to the burden hours or to the
information collected. This document is
published to obtain comments from the
SUMMARY:
PO 00000
Frm 00061
Fmt 4703
Sfmt 4703
73671
public and affected agencies. This
proposed information collection was
previously published in the Federal
Register (77 FR 60133) on October 2,
2012, allowing for a 60-day comment
period. This notice allows for an
additional 30 days for public comments.
This process is conducted in accordance
with 5 CFR 1320.10.
DATES: Written comments should be
received on or before January 10, 2013.
ADDRESSES: Interested persons are
invited to submit written comments on
this proposed information collection to
the Office of Information and Regulatory
Affairs, Office of Management and
Budget. Comments should be addressed
to the OMB Desk Officer for Customs
and Border Protection, Department of
Homeland Security, and sent via
electronic mail to
oira_submission@omb.eop.gov or faxed
to (202) 395–5806.
FOR FURTHER INFORMATION CONTACT:
Requests for additional information
should be directed to Tracey Denning,
U.S. Customs and Border Protection,
Regulations and Rulings, Office of
International Trade, 799 9th Street NW.,
5th Floor, Washington, DC 20229–1177,
at 202–325–0265.
SUPPLEMENTARY INFORMATION: CBP
invites the general public and other
Federal agencies to comment on
proposed and/or continuing information
collections pursuant to the Paperwork
Reduction Act of 1995 (Pub. L. 104–13;
44 U.S.C. 3505(c)(2)). The comments
should address: (a) Whether the
collection of information is necessary
for the proper performance of the
functions of the agency, including
whether the information shall have
practical utility; (b) the accuracy of the
agency’s estimates of the burden of the
collection of information; (c) ways to
enhance the quality, utility, and clarity
of the information to be collected; (d)
ways to minimize the burden including
the use of automated collection
techniques or the use of other forms of
information technology; and (e) the
annual cost burden to respondents or
record keepers from the collection of
information (a total capital/startup costs
and operations and maintenance costs).
The comments that are submitted will
be summarized and included in the CBP
request for Office of Management and
Budget (OMB) approval. All comments
will become a matter of public record.
In this document CBP is soliciting
comments concerning the following
information collection:
Title: Deferral of Duty on Large Yachts
Imported for Sale.
OMB Number: 1651–0080.
Form Number: None.
E:\FR\FM\11DEN1.SGM
11DEN1
Agencies
[Federal Register Volume 77, Number 238 (Tuesday, December 11, 2012)]
[Notices]
[Pages 73669-73671]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2012-29818]
=======================================================================
-----------------------------------------------------------------------
DEPARTMENT OF HOMELAND SECURITY
Office of the Secretary
[Docket No. DHS-2012-0041]
Response to Comments Received for the ``The Menlo Report: Ethical
Principles Guiding Information and Communication Technology Research''
(``The Menlo Report'') for the Department of Homeland Security (DHS),
Science and Technology, Cyber Security Division (CSD), Protected
Repository for the Defense of Infrastructure Against Cyber Threats
(PREDICT) Project
AGENCY: Science and Technology Directorate, DHS.
ACTION: Response.
-----------------------------------------------------------------------
SUMMARY: The Department of Homeland Security (DHS), Science and
Technology (S&T) published a 60-day public notice in the Federal
Register on December 28, 2011 (Federal Register Volume 76, Number 249,
Docket No. DHS-2011-0074) to invite public comment on the Menlo Report.
The intent of the notice was to further refine the content of the Menlo
Report beyond the working group that had generated the report. This
notice responds to the comments received during this 60-day public
notice.
ADDRESSES: The updated Menlo Report may be found at https://www.cyber.st.dhs.gov/.
FOR FURTHER INFORMATION CONTACT: DHS S&T, Email Menlo_Report@dhs.gov.
SUPPLEMENTARY INFORMATION:
Background
A grassroots working group composed of stakeholders in information
and communication technology research (ICTR), with support from the
Homeland Security Advanced Research Projects Agency (HSARPA) CSD,
developed the Menlo Report. HSARPA CSD published this report in the
Federal Register in December 2011 (76 FR 81517, Docket No. DHS-2011-
0074) to invite public comment, and sixteen comments were received. The
complete text of the public comments and the Federal Register notice
are available on the Regulations.gov web site at https://www.regulations.gov/#!docketDetail;D=DHS-2011-0074.
To address the comments, a subset of the initial working group was
assembled that has stewarded the document since its inception. In
summary, the comments contained both laudatory and critical remarks and
covered issues that ranged in scope from targeted to general. The
approach to absorbing this valuable feedback was to analyze each
comment, distill the issue(s) raised by the commenter, reflect on the
relevant text in the Menlo Report, and generate a response. Those
responses entailed identifying proposed changes intended to resolve the
issues raised, either by modifying text that was unclear or
misinterpreted by readers or by accepting constructive criticism.
Changes to the Report
The Menlo Report has been updated and is available at https://www.cyber.st.dhs.gov/. Overall, the changes to the Menlo Report based
on the comments are summarized as follows:
1. The next version will clarify that the Menlo Report is not an
official policy statement of DHS and that DHS does not have the
intention or authority to permit researchers to engage in any practice
in the name of ``ethical research.''
2. The next version will reflect that the main focus of the Menlo
Report is on private sector and academic researchers who may be
government funded, rather than DHS employees. While the Menlo Report
may certainly be applicable to government researchers, it is not
intended to conflict with or preempt statutory or regulatory
requirements placed on government employees.
3. The next version will explicitly address the choice of Belmont
Report model instead of an alternative ethical framework (i.e., a
Belmont Report principles-in-context approach). Specifically, the next
version of the Menlo Report will clarify the benefit to society versus
the risks to research subjects under this model.
[[Page 73670]]
4. The next version will address the relationship between law and
ethics, (i.e., when a researcher's ethically-derived beliefs are in
direct conflict with relevant laws) by stating it is beyond the scope
of the Menlo Report to advocate a position when laws directly conflict
with ethics. Rather, the Menlo Report reinforces the principle that
ethics plays a role in closing gaps in laws and clarifying grayness in
interpretation of laws.
5. The next version will highlight the value of the Menlo Report
guidelines to society rather than just researchers.
Detailed Comments and Responses
S&T published a 60-day public notice in the Federal Register on
December 28, 2011 (Federal Register Volume 76, Number 249, Docket No.
DHS-2011-0074) to invite public comment on the Menlo Report. The notice
helped further refine the content of the Menlo Report by seeking
comments on the document generated by the working group. At the end of
the 60-day comment period, S&T received sixteen comments from two
universities, four private citizens, three non-profit organizations,
one foreign university, and one professional association. In general,
the comments received fall into the following categories:
1. The Menlo Report construed as official DHS policy
2. Interpretation of informed consent
3. Researcher interaction with a research subject's computer
4. Calculating benefits and harms
5. Estimation of benefits and harms from ICTR
6. Applicability of the Institutional Review Board (IRB) model for
ethical review of ICTR
7. The relationship between laws and ethics
8. Privacy rights of individuals related to corporate monitoring
9. Ethical considerations for future contemplation and study
10. Standalone comments
A. The Menlo Report As Official DHS policy
Several comments stated that the Menlo Report is an official policy
statement of DHS and that DHS has the intention or authority to permit
researchers to engage in any practice in the name of ``ethical
research.''
Response: The Menlo Report offers ethical guidance for public and
private researchers and explicitly advocates respect for the law and
public interest (e.g., supporting the notion that different laws may
apply to government researchers) and is neither an official nor
authoritative policy statement for DHS or law enforcement. As a result,
modifications to the Menlo Report will have additional, explicit
language to indicate that while DHS supports the Menlo Report, the
Menlo Report does not represent official agency policy nor should it be
interpreted as applying to, conflicting with, or superseding statutory
mandates and other authoritative commitments governing actions by the
government.
B. Interpretation of Informed Consent
Several comments were received related to the discussion of
informed consent in the Menlo Report.
Response: Support for informed consent will be conveyed by the
Menlo Report byh detailing how researchers and Research Ethics Boards
(REB) should consider the situation where waivers of informed consent
are sought. Modifications to the Menlo Report will substitute the term
``proxy'' with the Common Rule term ``legally authorized
representative,'' clarify the issue of their relationship to requests
for waivers, and better balance the perspective between that of
researchers and that of end-users or research subjects. The respondents
agree with the observation in various comments regarding ICTR and
waivers to informed consent and will highlight this issue in
modifications to the Menlo Report. Given the gravity and ubiquity of
cyber-crime, the benefits and importance of accurate research data for
countering it is a specific situation that may satisfy the requirements
of 45 CFR 46.116 allowing requests for alteration or elimination of
informed consent requirements in those situations where minimal risk to
subjects (or those reliant on information and communication technology
(ICT) under study) exists.
C. Researcher Interaction With a Research Subject's Computer
Multiple comments dealt with the issue of interacting with a
research subject's computer or interacting with malicious software
under study that the owner of the computer is not even aware exists on
their computer.
Response: It is understood that the study of malicious software, to
include botnets, is an area that can pose greater than minimal risk to
those who rely on infected computers. Ultimately, the issue of what
constitutes ``minimal risk,'' and also whether it is ``human subjects
research'' to interact with the computer, as opposed to the human, must
be determined. Given that IRB in the United States today do not require
that researchers adhere to zero-risk, but rather they are guided by
requirements of 45 CFR 46.111, the Menlo Report will be updated to
clarify the justification for this approach by illuminating the
consequences of a zero-risk tolerance approach, noting, for example,
how it would negatively impact the public's ability to benefit from
research.
D. Calculating Benefits and Harms
Various comments received also raised issues regarding the
estimation of benefits and harms from ICTR, including not only who may
be harmed but also how potential benefits and harms can be quantified.
Response: The current ``Identifying Harms'' section of the Menlo
Report addresses concerns about lack of comprehensive coverage of
harms. However, to bolster this area, the Menlo Report will be updated
to address the potential, rather than certainty, of harms resulting
from research activities. Specifically, personal privacy and
information confidentiality and integrity are uncontrovertibly noted as
potential harms that must be addressed. Updates will also clarify the
distinction and relevance of the benefit to society versus the risks to
research subjects in ICTR. The respondents will also change the text to
include harms resulting from notification of research, and publication
of information that can be used to cause harm. Additional verbiage will
also seek to clarify the distinction and relevance of the benefit to
society versus the risks to research subjects in ICTR.
E. Applicability of the Institutional Review Board (IRB) Model
Several comments raised the appropriateness of the Belmont/IRB
model, related to both behavioral and biomedical research, for ethical
review of ICTR.
Response: The purpose of the Menlo Report is to advocate principles
and applications, not to define enforcement mechanisms. The crux of
these comments related to applicability of the Belmont Report. The next
version of the Menlo Report will concretely state that it is
deliberately founded on the Belmont model, which was originally
developed for the biomedical research context but is not limited to
biomedicine, as evidenced by the fact that this model is currently used
for evaluation of behavioral research (including that which involves
ICT).
F. Relationship Between Laws and Ethics
Many comments were received relating to conflicts between ethical
codes and the law.
Response: The comments were diverse but converged on the necessity
to add text regarding the relationship between law and ethics. The
assertion
[[Page 73671]]
that the Menlo Report precludes the Common Rule is conjecture that
appeared in one of the comments, and it is important to mention that
this is not substantiated by evidence from the Menlo Report. This
criticism does not reflect what is presently allowed by the Common Rule
in terms of waivers (see 45 CFR 46.116, specifically subsections (c)
and (d)). The Menlo Report currently is framed in such a way as to be
congruous with the predominant REB model in the United States, IRB. The
Menlo Report will be revised to include text that clarifies that the
Menlo Report does not take any stance on addressing the situation when
laws are viewed by the public to be unethical. It was also apparent
from the comments that the Menlo Report needs to clarify that
researchers are not authorized to waive consent. The Menlo Report will
also be updated in the Respect for Law and Public Interest section to
address conflicts with principles of compliance, transparency, and
accountability and with the privacy interests of individuals.
G. Privacy of Individuals vs. Corporations
Multiple comments highlighted a problem regarding the discussion on
the privacy of an organization in relation with enhancing cyber
security.
Response: This discussion will be removed from the next version of
the Menlo Report. The comments correctly indentified a potential
inconsistency.
H. Ethical Considerations for Future Contemplation and Atudy
Finally, there were comments suggesting a general call for further
study and engagement with various communities and agencies in order to
create workable guidance.
Response: Much additional work will be done as a follow on to the
Menlo Report to spur additional discussion of the approach to ethics in
ICTR presented in the Menlo Report. Some of this research has already
been undertaken and is included in a companion report to the Menlo
Report.
I. Standalone Comments
There were several comments that did not fall into the preceding
categories but did spur further changes to the Menlo Report. The
following will be reflected as updates to the Menlo Report:
1. A clarification will be added explaining that while the Menlo
Report adopts Belmont Report principles and the Common Rule regime in
framing the principles and applications for evaluating and applying
ethics in ICTR, it also highlights areas within the Common Rule that
are more frequently exercised by ICTR or that may cause problems in
applying it to ICTR.
2. Language to more clearly discuss how to make inclusion/exclusion
decisions in conformance with Justice and Equity considerations will be
added.
3. In general, the revised Menlo Report will take a well-rounded
perspective to include the end-user perspective, in addition to a
researcher-centric perspective.
4. The discussion of the existence and management of pre-existing
data will be expanded.
5. The discussion regarding the creation of the Internet and its
growth to include the hosting databases with personally identifiable
information will be clarified.
6. The description or context of the use of the term ``reasonable
researcher'' will be updated.
7. Explanatory language to address the issue of record retention
will be included in the Mitigation of Realized Harms section.
8. The term ``evidence-based consideration'' will be clarified.
Dated: November 30, 2012.
Tara O'Toole,
Under Secretary for Science and Technology.
[FR Doc. 2012-29818 Filed 12-10-12; 8:45 am]
BILLING CODE 9110-9F-P