The following year, the Department of Homeland Security published a 33-page companion report[3] that includes case studies that illustrate how the principles can be applied.
"[4] The Menlo Report was created under an informal, grassroots process that was catalyzed by the ethical issues raised in ICT Computer security research.
Discussions at conferences and in public discourse exposed growing awareness of ethical debates in computer security research, including issues that existing oversight authorities (e.g., Institutional Review Boards) might have been unaware of or determined were beyond their purview.
The Menlo Report is the core document stemming from the series of working group meetings that broached these issues in an attempt to pre-empt research harms and galvanize the community around common ethical principles and applications.
In particular, today's ICT research contexts contend with ubiquitously connected network environments, overlaid with varied, often discordant legal regimes and social norms.
The Menlo Report attempts to summarize a set of basic principles to guide the identification and resolution of ethical problems arising in research of or involving ICT.
In order to properly apply any of the principles in the complex setting of ICT research, it deems that it is first necessary to perform a systematic and comprehensive stakeholder analysis.
Very sensitive information includes government-issued identifiers such as Social Security, driver's license, health care, and financial account numbers, and biometric records.
Circumstances may arise where significant harm occurs despite attempts to prevent or minimize risks, and additional harm-mitigating steps are required.
Transparency-based accountability helps researchers, oversight entities, and other stakeholders avoid guesswork and incorrect inferences regarding if, when, and how ethical principles are being addressed.