Frequently asked questions about security-relevant research and the KEFs
What is Dual Use Research of Concern (DURC)?
In its statement “Biosecurity – Freedom and Responsibility of Research” (2014), the German Ethics Council defines Dual Use Research of Concern (DURC) as “work in the life sciences that can be reasonably anticipated to provide knowledge, products, or technologies that could be directly misapplied by others to cause damage to public health and safety, the environment or to other important legal interests.” In the view of the DFG and Leopoldina, however, this problem goes far beyond the life sciences and affects almost all scientific fields. The two organizations therefore speak more generally of “security-relevant research of concern.”
What is security-relevant research of concern?
Security-relevant research of concern is scientific work that has the potential to produce knowledge, products or technologies that can be directly misused by third parties to cause significant harm to human dignity, life, health, freedom, property, the environment or peaceful coexistence.
Who conducts security-relevant research of concern?
In principle, it is conceivable in almost all disciplines, albeit to varying degrees, that research results and methods are misused by third parties with harmful intentions. In addition to the classic dual–use examples in nuclear and pathogen research, materials research and nanotechnology could contribute to the development of weapons of war; research on autonomously acting industrial and household robots may enable the construction of intelligent combat robots. Analyses in molecular plant genetics for breeding purposes could enable targeted attacks on seeds. Research in information technology, such as on motion analysis and biometrics, could be used for widespread surveillance and repression of individuals, thereby limiting human rights. To improve cybersecurity, researchers often intentionally develop compromising hardware and software and break encryption procedures. Psychological, medical, or neurobiological research could support manipulation of individuals to the point of aggressive interrogation techniques and torture. Linguistic research on speech recognition systems may also be applicable to abusive communications surveillance. Ultimately, even humanities, cultural, social and behavioral sciences could produce security-relevant results. This list can be extended almost indefinitely.
What is the Joint Committee on the Handling Security-Relevant Research?
The Joint Committee on the Handling of Security-Relevant Research is a body established in 2015 by the Leopoldina and the German Research Foundation (DFG) to sustainably raise awareness of the dual–use of research results, the responsible handling of security-relevant research, and the self-regulation of the sciences in this regard. According to the resolutions of the presidia of the Leopoldina and the DFG, the committee has the mandate to “[…] support the effective and sustainable implementation of the recommendations of the DFG and the Leopoldina on ‘Scientific Freedom and Scientific Responsibility‘. The committee is to follow the status of implementation at the research institutions (monitoring) and proactively advance it, as well as support the institutions in the proper implementation of the recommendations, e.g., by creating sample texts. This applies in particular to the establishment of the Committees for Ethics in Security-Relevant Research (KEF) envisaged in the recommendations […].”
What does the abbreviation KEF mean?
KEF means “Committee for Ethics in Security-Relevant Research”. For the proper handling of security-relevant research, the DFG and Leopoldina recommend in their paper “Freedom of Science and Responsibility for Science – Recommendations for of Handling Security-Relevant Research” (2022) that, if possible, every research institution should set up its own KEF to advise researchers and research institutions on questions concerning security-relevant aspects of their research.
What are the tasks of the KEFs?
Concerning security-relevant work is only a rare exception in academic research. In the complex area of tension between freedom and responsibility of research, the KEFs provide assistance to researchers and research institutions upon request by advising and evaluating ethical aspects of security-relevant research projects. This includes, on the one hand, questions directly concerning the project and its possible consequences, but also questions concerning cooperation partnerships and third-party funding. In addition, KEFs promote awareness of security-relevant aspects of research within the institution and thus a culture of responsibility. Depending on the specific embedding of the KEFs in the research institution, they may also perform other tasks, for example, to clarify the compatibility of research with constitutional foundations or the basic regulations or guidelines of the respective research institution, with the DFG guidelines for ensuring good scientific practice, with requirements for data security and with foreign trade law (export control). Many KEFs are at the same time responsible for ethical questions concerning research on humans and animals. The KEFs assume an advisory function only.
What are KEFs not responsible for?
Since KEFs have an advisory function, they do not decide whether a research project may not be carried out for ethical reasons, for example. As a rule, KEFs are also not a substitute for a compliance office, which is supposed to inform researchers about the legal limits of their research, for example in the context of foreign trade law and export control. In several cases, however, “classical” ethics committees, which decide on research involving animals and humans on the basis of legal regulations, have additionally assumed the mandate of a KEF.
Why should a research institution establish a KEF?
A KEF should, among other things, ensure that appropriate contact persons are available locally for researchers who wish to seek advice and protection in the event of known or unexpected security-relevant risks in their research. During the consultation process, it may also turn out that the research project in question is not associated with any security-relevant risks. The DFG has included the need for appropriate organizational structures to deal responsibly with research risks in the Guidelines for Safeguarding Good Research Practice, which were revised in July 2019. Also in the EU Framework Program for Research and Innovation “Horizon Europe”, an ethical self-assessment with regard to possible risks of misuse of the research project for endangering humans, animals and the environment is mandatory when submitting an application, and the establishment of advisory bodies for corresponding ethical issues is recommended. Here, the KEF can thus be a basic condition for applying for certain funding. Furthermore, in the event of an unexpected security-relevant incident, a KEF can also be a suitable crisis management and crisis communication tool for the respective research institution. In this way, it can help to strengthen public confidence in research freedom.
Are research institutions required to report to the Joint Committee on the work of their KEF?
There is no reporting obligation to the Joint Committee; reporting by the research institutions on their respective handling of security-relevant research is entirely voluntary. The Joint Committee is nonetheless grateful to receive information on the activities of KEFs in a sufficiently aggregated and anonymized form or through its regular surveys. Reports received by the Joint Committee will be evaluated by it so that it can better fulfill its tasks in sustainably strengthening the German sciences‘ autonomous handling of security-relevant risks of research. Furthermore, the committee would like to make these evaluations public in anonymized form in order to document how the German research institutions deal with risks of their research on their own responsibility. At the same time, the feedback is intended to support other KEFs in their work.
What happens if a serious case of misuse occurs despite the existence of a KEF?
In this case, the researchers have ideally at least contacted the responsible KEF prior to the misuse of their results by third parties; in the course of the subsequent consultation and assessment process, a significant potential benefit of the security-related work should have been identified in the event of a favorable vote by the KEF. If the institution or the researchers are then held responsible for the harm that has occurred, e.g., by the media, they can demonstrate that the work was done in good faith in advance of the work or publication and that the potential benefits of the work may in the future outweigh the harm that has occurred.
If there are hardly any security-relevant cases at a research institution, does its KEF accumulate enough experience and competence to meet its responsibilities when needed?
This depends on the concrete implementation of the recommendations “Scientific Freedom and Scientific Responsibility” (2022) of the DFG and Leopoldina by the respective institution, in which the Joint Committee can also provide support in an advisory capacity. Among other things, it maintains a list on its website of all contact persons and committees in Germany that are responsible for ethics in security-relevant research, thus facilitating networking and the exchange of experience among the individual institutions. In addition, the committee regularly invites contact persons and KEF members to KEF forums and specialist events in order to promote awareness and competence for security-relevant risks of research as well as the exchange of experience in this regard. At regular intervals, the Joint Committee asks KEFs for information on their activities and continues to develop the concept of appropriate self-responsible handling of security-relevant research.
Does an existing ethics committee replace a KEF?
Insofar as this ethics committee is responsible and adequately equipped to provide advice and decisions beyond those required by law or statute, for example in the case of research projects involving humans and animals, it is sufficient in the sense of the recommendations of the DFG and Leopoldina “Scientific Freedom and Scientific Responsibility” (2022). There are a number of research institutions where existing committees with different responsibilities have also taken on the task of a KEF. This has the advantage that they can usually draw on established procedures and experience.
Should the KEF be dissolved in the event of a prolonged absence of security-relevant cases?
According to the experience of the Joint Committee, there have been only a few actual security-relevant cases of concern in Germany over the past 7 years on which KEFs have provided advice. There are just under 100 documented cases in which advisory votes were obtained between 2015 and 2021. Nevertheless, the precautionary principle upheld in Germany applies here, i.e. researchers and institutions should also be prepared for rare or unexpected security-relevant cases in order to minimize risks. In addition, an important aspect of KEF’s work is to raise awareness among researchers of security-related risks in their work, so that researchers recognize problematic cases in the first place. This awareness raising also includes that researchers learn that they can turn to a KEF in case of doubt. Furthermore, ethics votes increasingly play a role in the allocation of funding for potentially security-relevant research projects by the DFG and the European Commission.
Wouldn’t it be better to regulate security-relevant research through additional legislation?
In the view of the DFG and Leopoldina, the opportunities and risks of free research can only be controlled to a limited extent by legal regulations. Research methods and content are constantly changing, e.g. through new synergies between different disciplines and the results of research, and their future applications are generally hardly predictable. The DFG and the Leopoldina continuously work to ensure that ethical principles and mechanisms for the responsible handling of research freedom and research risks are further developed and observed in the sciences and humanities. This makes it possible to deal with risks of misuse in an appropriate and flexible manner.