Informed consent theory in information technology

Flick Catherine


Informed consent, despite being a relatively new concept, is a well-established requirement in areas such as medical research and clinical practice whereby practitioners are required to fulfill certain requirements of disclosure, achieve understanding, judge competence, and ensure voluntariness before obtaining assent from a subject or patient (Faden and Beauchamp, 1986).
Situations similar to that in medical research and clinical practice exist in an information technology setting, whereby computer users are asked to make autonomous decisions that can affect important aspects of their lives, such as their personal privacy, security, and autonomy.

This paper aims to explore the nature of informed consent and its applicability to information technology situations by studying the traditional theory behind the concept, the history and use of it in clinical medical practice and medical research settings, and the attempts at establishing informed consent mechanisms in information technology. It lastly explores a theory of informed consent based on these ideas that is specifically aimed at information technology situations.

The seminal literature for theory of informed consent is Faden and Beauchamp’s 1986 “A History and Theory of Informed Consent”. Although it concentrates primarily on the medical and legal fields, the concepts it introduces can be applied to situations in information technology, and have been in some specific situations, such as for online interactions (Friedman et. al. 2000,Friedman et. al. 2002). In this paper I argue that the principles of informed consent, as established in medical research and clinical practice, can be more generally described and applied in information technology to offline as well as online computing interactions between a variety of different stakeholders, and not just the generic at-home end-user/non-specific “practitioner” stakeholder relationship as explored by Friedman.

The establishment of informed consent in the medical field is fairly recent, and is rooted in reactions to human rights disasters such as World War II and the Tuskegee syphilis trials. Information technology is yet to have such a crisis, and the establishment of general best practice guidelines may prevent any disasters stemming from similar consent issues. This is especially important considering the increasing ubiquity of computing and the lack of an industry regulatory body, although, ideally, a regulatory body would be best able to impose such guidelines. As it is, informed consent is dealt with on an ad-hoc basis, with potentially serious implications should something go dramatically wrong. All too often the practitioners of the field (for example, companies providing software, hardware, or support) rely on external standards for informed consent guidelines from other fields (such as from the medical or legal fields), and the governing powers of these for guidance, which is essentially the bare minimum required for legal liability, and often not particularly suited for situations that may occur in information technology. This approach, however, ignores the real need for specification within the industry for interactions between stakeholders that places the users of systems as the primary concern, and not purely focusing on legal liability.

I would lastly like to discuss a theory of informed consent for information technology that builds on the history of medical informed consent and the concepts established by Faden and Beauchamp, exploring

  • the autonomy of computer users and other stakeholders in a variety of relationships,
  • disclosure of information across varied platforms and situations,
  • the concept of competence, especially when taking into account the ability for information technology to provide a significant level of anonymisation,
  • mechanisms of testing for understanding given the aforementioned anonymisation and potential range of levels of competence,
  • ways of achieving a computer user’s autonomous decision free of coercion given the competitive markets and “free-for-all” industry.

Investigating the issues at stake here will provide the groundwork for further research aimed at establishing sets of guidelines and best practice documents that will be able to effectively address informed consent issues within the information technology industry.


Faden, R, and Beauchamp, T. A History and Theory of Informed Consent. Oxford University Press, New York NY, 1986.

Friedman, B., Felten, E., and Howe, D. C. Informed Consent in the Mozilla Browser: Implementing Value-Sensitive Design.

Proceedings of the 35th Hawaii International Conference on System Sciences, 2002.

Friedman, B., Felten, E., and Millett, L. I. Informed Consent Online: A Conceptual Model and Design Principles. UW-CSE Technical

Report Number 2000- 12-2, 2000.