Neuroethics Survey
33 Frameworks.
One Gap.
Nearly a century of bioethics and neuroethics scholarship have converged on five universal principles. Every framework answers why we should protect neural rights or what those rights are. None answer how to enforce them technically.
Modern Timeline
Fritz Jahr coins "Bio-Ethik"
Jahr, F.
First use of the term in Kosmos journal, proposing a bioethical imperative extending moral consideration to all living things
Nuremberg Code
Nuremberg Military Tribunals
First international ethics code for human experimentation, born from the Doctors' Trial
Declaration of Helsinki
World Medical Association
World Medical Association establishes ethical principles for medical research on humans
Potter revives "Bioethics"
Potter, V.R.
Van Rensselaer Potter publishes "Bioethics: The Science of Survival" in Perspectives in Biology and Medicine
National Research Act
U.S. Congress
Creates the National Commission for the Protection of Human Subjects in response to the Tuskegee study
Belmont Report
National Commission for the Protection of Human Subjects
Three core principles for human subjects research: respect for persons, beneficence, justice
Beauchamp & Childress
Beauchamp, T.L., Childress, J.F.
Principles of Biomedical Ethics: autonomy, beneficence, non-maleficence, justice
"Neuroethics" defined
Safire, W.
William Safire's keynote at the Dana Foundation conference establishes the modern field
Brain Overclaim Syndrome
Morse, S.J.
Warns neuroscience claims are routinely overclaimed when applied to law. "Neuromodesty" follows in 2011
Int'l Neuroethics Society
Gazzaniga, M., Farah, M., Illes, J., Wolpe, P.R.
Founded at Asilomar to advance understanding of the ethical implications of neuroscience
Neurorights
Ienca, M., Andorno, R.; Yuste, R. et al.
Ienca & Andorno and Yuste et al. (Nature) independently propose neurorights
OECD Recommendation
OECD
Nine-principle governance for responsible innovation in neurotechnology
Chile Constitution
Republic of Chile
First country to constitutionally protect neurorights (mental integrity)
Latin American Model Law
Latin American Parliament (Parlatino)
Regional model law for harmonized neurorights legislation
US State Neural Data Laws
Colorado, California, Montana, Minnesota legislatures
Colorado, California, Montana, Minnesota enact neural data protections
China BCI Ethics + UN HRC
China MoST; UN Human Rights Council; Global Privacy Assembly
China MoST BCI ethics guidelines. UN HRC advisory on neurotechnology. Global Privacy Assembly neural data resolution
UNESCO + WHO + MIND Act
UNESCO; WHO; US Congress
UNESCO global neurotech ethics framework (194 states). WHO neurotechnology guidance. US MIND Act
Foundational Milestones
The field that governs how we think about brains, privacy, and technology was formally named in 2002. Here is the lineage all of us inherit.
The Field Is Named
William Safire opens the Dana Foundation conference "Neuroethics: Mapping the Field" in San Francisco. In his keynote, he defines neuroethics as "the examination of what is right and wrong, good and bad about the treatment of, perfection of, or unwelcome invasion of and worrisome manipulation of the human brain." The modern field begins here.
Dana Foundation, San Francisco
Two Branches, One Name
At the same conference, philosopher Adina Roskies draws a distinction that still defines the field. Ethics of neuroscience asks: "What ethical rules should govern neuroscience research and its clinical applications?" Neuroscience of ethics asks: "What can brain science teach us about morality itself?" Both branches share a name, but they ask fundamentally different questions.
Roskies (2002)
The Discipline Formalizes
The International Neuroethics Society (INS) is founded, establishing neuroethics as a professional academic discipline with its own conferences, journals, and research programs.
International Neuroethics Society
Neuromodesty
Legal scholar Stephen Morse publishes "Brain Overclaim Syndrome," warning against using neuroscience findings to make claims the science doesn't support. His principle — neuromodesty — becomes a cornerstone: don't confuse brain scans with mind reading.
Morse, Ohio State J Criminal Law
Neurorights Proposed
Ienca and Andorno publish "Towards New Human Rights in the Age of Neuroscience and Neurotechnology," proposing four new rights: cognitive liberty, mental privacy, mental integrity, and psychological continuity. They argue existing human rights are insufficient for the neurotechnology era.
Life Sciences, Society and Policy
Chile Leads
Chile becomes the first country to enshrine neuroprotection in its constitution. The theoretical becomes legislative. The question shifts from "should we protect mental privacy?" to "how do we enforce it technically?"
Chilean Constitutional Amendment
Colorado — First U.S. State
Colorado passes HB 24-1058, classifying neural data as "sensitive data" under its existing privacy framework. Effective August 7, 2024, the law requires explicit opt-in consent for collection and use of neural data. The first U.S. state to legislate neural data protection.
HB 24-1058, Colorado Privacy Act
California Follows
California amends the California Consumer Privacy Act (CCPA) to include "neural data" in the definition of "sensitive personal information." Consumers gain the right to limit the use and disclosure of their neural data — the largest population covered by neural data law in the U.S.
CCPA Amendment, SB 1223
Montana Expands the Scope
Montana passes SB 163, amending the Genetic Information Privacy Act (GIPA) to cover neural data. It becomes the third U.S. state with neural data legislation — and the first to include "mental augmentation" within its scope, acknowledging enhancement alongside protection.
SB 163, Montana GIPA Amendment
All of Us
Two decades of neuroethics scholarship built the principles. Now the engineering has to catch up. If neurotechnology can read, write, and modulate neural signals — who builds the security? Who writes the policies? The answer is everyone working at this intersection.
The bridge is being built
Ethics of Neuroscience
The applied branch
What ethical rules should govern brain research, neural devices, and clinical neurotechnology? This is the branch that asks about consent, privacy, cognitive liberty, and the rights of people using BCIs.
This is where BCI security governance lives.
Neuroscience of Ethics
The philosophical branch
What can brain science tell us about morality itself? How do neural processes produce moral judgments? This branch studies the biological basis of ethical reasoning, not the ethics of the tools.
Same name, fundamentally different question.
Five Universal Pillars
Despite different terminology, legal traditions, and institutional mandates, every major neuroethics framework converges on these five themes.
Cognitive Liberty
The right to mental self-determination. Freedom to alter, protect, or refuse to disclose your own mental states.
Mental Privacy
Protection of neural data from unauthorized access, collection, or inference. Extends data privacy to brain signals.
Mental Integrity
The right to be free from unauthorized manipulation or alteration of neural processes. Protection against cognitive harm.
Psychological Continuity
The right to maintain personal identity and sense of self. Protection against unauthorized alteration of personality, memory, or cognition.
Who Built the Field
Neuroethics defines the rights. Neurosecurity builds the defenses. Governance bridges them. 73 entries across both domains.
Showing 73 of 73
Columbia University
Ethics AcademiaNeuroRights Foundation · Rafael Yuste
Five neurorights, Chile legislation, Nature call-to-action
Stanford University
Ethics AcademiaCenter for Law & Biosciences · Hank Greely
Neurolaw, brain data spectrum, legal scholarship
UPenn
Ethics AcademiaCenter for Neuroscience & Society · Martha Farah
Neuroethics toolbox, cosmetic neurology, neuromodesty
Duke University
Ethics AcademiaScience & Society · Nita Farahany
Cognitive liberty, Battle for Your Brain, incriminating thoughts
Johns Hopkins
Ethics AcademiaBerman Institute / CELLS · Debra Mathews
Three-tiered governance, device abandonment, NAM framework
ETH Zurich
Ethics AcademiaHealth Ethics & Policy Lab · Marcello Ienca
Neurorights taxonomy, brain data governance, anti-inflationism
Oxford University
Ethics AcademiaUehiro Centre · Julian Savulescu
Enhancement ethics, cognitive justice, philosophical foundations
UBC
Ethics AcademiaNational Core for Neuroethics · Judy Illes
Neuroethics Canada. Neuroimaging ethics, DBS identity, Indigenous neuroscience ethics
Georgia State
Ethics AcademiaCenter for Neuroimaging & Neuroethics · Karen Rommelfanger
Only US PhD concentration in neuroethics. Global Neuroethics Summit co-founder
UCSF
Ethics AcademiaDecision Lab / BRAIN Neuroethics · Winston Chiong
NIH BRAIN-funded neuroethics. DBS decision-making, dementia autonomy, clinical BCI ethics
Penn State
Ethics AcademiaNeuroethics & Society · Laura Cabrera
IEEE P7700 Neurotechnology chair. Public attitudes toward neurotech, neurostimulation ethics
INSERM / Sorbonne
Ethics AcademiaNeuroscience Paris-Seine · Hervé Chneiweiss
Co-chaired UNESCO Ad Hoc Expert Group producing first global neurotech ethics framework (2025)
RHUNE Network
Ethics AcademiaGerman National Hub · Multi-institution
Responsible Use of Neurotechnologies for Europe. BMBF-funded, bridges Freiburg, Tübingen, Berlin
Baylor College of Medicine
Ethics AcademiaCenter for Medical Ethics · Amy McGuire
Neural data consent, genomic/neural data ethics intersection, clinical neuroethics
UNESCO
Ethics StandardsInternational Bioethics Committee · 194 Member States
First global neurotech ethics recommendation (2025)
OECD
Ethics StandardsNeurotechnology Policy · 38 Member States
Nine-principle innovation governance (2019)
WHO
Ethics StandardsEthics & Governance · Global Health Body
First neurotechnology guidance document (2025)
Council of Europe
Ethics StandardsBioethics Committee · 46 Member States
Strategic Action Plan on Neurotechnology (2025)
Int'l Neuroethics Society
Ethics StandardsProfessional Society · Founded 2006
First professional society for neuroethics. Founded at Asilomar by Gazzaniga, Farah, Illes, Wolpe
NeuroRights Foundation
Ethics StandardsColumbia University · Rafael Yuste
Policy vehicle driving Chile, California, Colorado legislation. 2025 consumer neurotech data audit
Chile Constitution (2021)
Ethics StandardsFirst neurorights law · National Legislature
First country to constitutionally protect neurorights (mental integrity)
Colorado / California / Montana / Minnesota
Ethics StandardsUS State Neural Data Laws (2024) · State Legislatures
Four U.S. states enact neural data protections in 2024
UN Human Rights Council
Ethics StandardsNeurotechnology Mandate · Advisory Committee
Final report on neurotechnology and human rights (September 2024)
Latin American Parliament
Ethics StandardsModel Law on Neurorights (2023) · Regional Body
Regional model law for harmonized neurorights legislation across Latin America
Global Privacy Assembly
Ethics StandardsNeural Data Resolution · 46th Conference (2024)
Resolution on principles for neural data processing and cognitive freedom
Tadayoshi Kohno
Security ResearcherUniversity of Washington · Neurosurgical Focus 27(1):E7
Co-author of the foundational neurosecurity paper (Denning, Matsuoka, Kohno 2009). Threat model for implantable neural devices.
Tamara Denning
Security ResearcherUniversity of Washington · Denning et al. 2009
Lead author on the first neurosecurity paper. Defined attack surfaces for implantable BMIs.
Ivan Martinovic
Security ResearcherUniversity of Oxford · USENIX Security 2012
First empirical BCI side-channel attack. P300-based extraction of PINs and locations from consumer EEG.
Dawn Song
Security ResearcherUC Berkeley · USENIX Security 2012
Co-authored the landmark BCI side-channel paper. MacArthur Fellow, one of the most-cited in computer security.
Laurie Pycroft
Security ResearcherUniversity of Oxford · World Neurosurgery 92:454-462, 2016
Coined and systematized "brainjacking" for implanted neurostimulators.
Tamara Bonaci
Security ResearcherNortheastern / UW · Bonaci et al. 2014
BCI game attack vectors. Subliminal stimuli can extract private information during BCI use.
Howard Chizeck
Security ResearcherUniversity of Washington · Chizeck & Bonaci 2014
Neural engineering security. BCI privacy through signal obfuscation and access control.
Kevin Fu
Security ResearcherNortheastern University · Archimedes Center for Medical Device Security
Medical device cybersecurity pioneer. Former FDA Acting Director of Medical Device Cybersecurity.
Nitesh Saxena
Security ResearcherTexas A&M University · Saxena et al. 2017
BCI authentication protocols. P300 brainwave attacks and neural biometric spoofing.
Marcello Ienca
Security ResearcherTU Munich / ETH Zurich · Ethics & IT 2016; Neurorights 2017
Brain data governance at the security-ethics intersection. Neurorights taxonomy and anti-inflationism.
Sergio Lopez Bernal
Security ResearcherUniversity of Murcia · CACM 2023
BCI cybersecurity survey and neural cyberattack taxonomy. "Eight Reasons" why BCIs are not secure.
Tyler Schroder
Security ResearcherYale Digital Ethics Center · Neuroethics (Springer) 2025
Detailed 2025 BCI cyber risk assessment. Measures for safeguarding brain implants.
Qiben Yan
Security Researcher Unverified-BCIMichigan State University · Acoustic/ultrasonic sensor attacks
Sensor injection attacks (acoustic, ultrasonic). SEIT lab. No verified BCI-specific neural publications — primary work targets voice assistants and IMU sensors.
Dongrui Wu
Security ResearcherHUST / Zhejiang Lab · Scientific Review 2023; Information Fusion 2024
Most prolific BCI security ML group. Backdoor attacks, evasion attacks, federated defense.
Bao-Liang Lu
Security ResearcherShanghai Jiao Tong University · arXiv:2409.20158, 2024
Professor X: invisible backdoor attack on EEG BCI via clean-label poisoning.
Wanzeng Kong
Security ResearcherHangzhou Dianzi University · ICME 2024
Brainprint adversarial attacks. Time-frequency perturbations that defeat EEG biometric authentication.
Xinyu Jiang
Security ResearcherFudan University (co-authors at Penn State, Imperial) · Computers in Biology and Medicine, 2023
First systematic cybersecurity survey across both central and peripheral neural interfaces.
University of Washington
Security AcademiaSecurity & Privacy Research Lab · Kohno, Chizeck, Bonaci, Denning, Goering
Founded the neurosecurity field (2009). Implantable device threat modeling, BCI game attacks, neural signal privacy.
University of Oxford
Security AcademiaFunctional Neurosurgery + InfoSec · Pycroft, Martinovic, Aziz
Brainjacking threat models for implanted DBS devices. EEG side-channel attacks on consumer BCIs.
Northeastern University
Security AcademiaArchimedes Center for Medical Device Security · Fu, Bonaci
Medical device cybersecurity pioneer. $22M total research. Neural implant security under $3.5M NSF grant.
Yale University
Security AcademiaDigital Ethics Center · Floridi, Schroder
Detailed BCI cyber risk assessment (2025). Interdisciplinary cybersecurity-neuroethics approach.
UC Berkeley
Security AcademiaComputer Security Research · Song
Co-produced the first empirical BCI side-channel attack paper (USENIX 2012).
TU Munich / ETH Zurich
Security AcademiaEthics of AI and Neuroscience · Ienca, Haselager
Brain data governance, neurorights and security intersection, state-of-the-art BCI security survey (ACM 2021).
University of Murcia
Security AcademiaBCI Cybersecurity Group · Lopez Bernal, Celdran, Perez
Neural cyberattack taxonomy. Highest-volume BCI security publication group.
Graz University of Technology
Security AcademiaInstitute of Neural Engineering · Muller-Putz
BCI conference venue and neural engineering research. EEG-based authentication and biosignal processing.
Michigan State University
Security Academia Unverified-BCISEIT Lab · Yan
Sensor injection attacks (acoustic, ultrasonic, EMI). No verified BCI-specific neural publications.
Texas A&M University
Security AcademiaSPIES Lab / Global Cyber Research Institute · Saxena
BCI authentication, neural biometric security, brainwave spoofing.
Brown University
Security AcademiaBrainGate Consortium · Hochberg, Donoghue
Intracortical BCI clinical trials. First long-term human implant data on failure modes.
HUST (Wuhan)
Security AcademiaAI & Automation / MoE Key Lab · Wu, Meng, Chen
Most prolific BCI ML-security group globally. Backdoor, evasion, federated defense.
Shanghai Jiao Tong University
Security AcademiaBCMI Lab · Lu, Zheng
Professor X invisible backdoor attack. SEED emotion dataset (most-used EEG dataset).
Fudan University
Security AcademiaMulti-institution Survey Group · Jiang, Fan, Zhu
First cybersecurity survey covering both CNS and PNS neural interfaces.
Zhejiang University
Security AcademiaQiushi Academy / BCI Group · Xu, Sun
China's first human BCI implant (2020). Hardware-software security intersection.
IEEE
Security Standards ActiveBMI Standards Roadmap · P2731, P2794, P7700
Identified BCI-specific security standards as an open standardization gap. IEEE 2794 (brain data).
NIST
Security Standards GapCybersecurity Framework · CSF 2.0
Provides the security control baseline. No neurotech-specific profile exists yet.
FDA
Security Standards PartialPremarket Cybersecurity Guidance · Medical Devices
Requires threat modeling for connected medical devices. No neural-specific requirements.
ISO/IEC
Security Standards GapMedical Device Security · ISO 14708, IEC 62443
Implant standards and industrial security. No BCI-specific standard exists.
MITRE
Security Standards GapATT&CK / CWE / CVE · Threat Taxonomy
Attack taxonomy and vulnerability classification. No neural device attack techniques catalogued.
CISA
Security Standards GapMedical Device Advisories · US Cyber Agency
Issues advisories for connected device vulnerabilities. Has not addressed neural implants.
EU AI Act
Security Standards ActiveHigh-Risk AI Classification · Regulation 2024/1689
Classifies certain neurotech as high-risk AI systems. Full application August 2026.
FIRST / CVSS SIG
Security Standards GapVulnerability Scoring · CVSS 4.0
Scores IT vulnerabilities. No neural impact metrics exist in the standard.
China MoST
Security Standards ActiveBCI Ethics Guidelines · February 2024
First Chinese government-issued ethics guidelines for neural devices. Not binding regulation.
Spain
Ethics StandardsCarta de Derechos Digitales (2021) · Section XXVI: Neurotechnologies
First European nation to include neurorights in a digital rights charter
Brazil
Ethics StandardsPEC 29/2023 · Proposed Constitutional Amendment
Proposes adding mental integrity and algorithmic transparency to fundamental rights
Mexico
Ethics StandardsGLNN (2024) · 92-Article Neurorights Law
Most comprehensive national neurorights legislation proposed (92 articles + 35 amendments)
EU Parliament STOA
Ethics StandardsMental Privacy Study (2024) · EPRS_STU(2024)757807
Study on protection of mental privacy in neuroscience
European Brain Council
Ethics StandardsCharter (2025) · Responsible Development
Pan-European responsible development charter for neurotechnologies
France
Ethics StandardsNational Charter (2023) · OECD Implementation
French charter implementing OECD 2019 neurotechnology recommendation
QIF / Qinnovate
Both Standards ActiveOpen Neural Atlas · Kevin Qi
Proposed open security framework. NISS, TARA, Coherence Metric, NSP.
Framework Comparison
| Framework | Type | CL | MP | MI | PC | EA |
|---|---|---|---|---|---|---|
| Beauchamp & Childress (1979) | Ethics | ✓ | ✓ | ✓ | ✓ | |
| Ienca & Andorno (2017) | Rights | ✓ | ✓ | ✓ | ✓ | |
| Yuste et al. / Nature (2017) | Rights | ✓ | ✓ | ✓ | ✓ | ✓ |
| Farahany (2023) | Rights | ✓ | ✓ | |||
| OECD (2019) | Policy | ✓ | ✓ | ✓ | ||
| UNESCO (2025) | Policy | ✓ | ✓ | ✓ | ✓ | ✓ |
| WHO (2025) | Policy | ✓ | ✓ | ✓ | ✓ | |
| Council of Europe (2025) | Policy | ✓ | ✓ | ✓ | ✓ | |
| Chile Constitution (2021) | Law | ✓ | ✓ | ✓ | ✓ | |
| Colorado HB 1058 (2024) | Law | ✓ | ||||
| California SB 1223 (2024) | Law | ✓ | ||||
| EU AI Act (2024) | Law | ✓ | ✓ | |||
| Goering et al. (2021) | Ethics | ✓ | ✓ | ✓ | ✓ | ✓ |
| Farah (2015) | Ethics | ✓ | ✓ | |||
| Morse (2006) | Rigor | |||||
| Wexler (2024) | Rigor | |||||
| Ienca (2021/2022) | Rigor | ✓ | ✓ | ✓ | ✓ | |
| Hendriks et al. (2019) | Ethics | ✓ | ||||
| Ligthart & Meynen (2023) | Rights | ✓ | ✓ | ✓ | ✓ | |
| Lavazza (2023) | Rights | ✓ | ✓ | |||
| Andorno & Gkotsi (2022) | Rights | ✓ | ✓ | ✓ | ✓ | |
| Savulescu & Bostrom (2009) | Ethics | ✓ | ||||
| Kreitmair (2019) | Ethics | ✓ | ✓ | |||
| Kellmeyer (2022) | Rights | ✓ | ✓ | |||
| Bublitz (2022) | Rigor | ✓ | ✓ | ✓ | ||
| Racine, Illes (2005) | Rigor | |||||
| Poldrack (2006) | Rigor | |||||
| Tennison & Moreno (2012) | Rigor | ✓ | ✓ | ✓ | ||
| Montana SB 163 (2025) | Law | ✓ | ||||
| Minnesota HF 1370 (2024) | Law | ✓ | ||||
| Latin American Model Law (2023) | Law | ✓ | ✓ | ✓ | ✓ | |
| China MoST Guidelines (2024) | Policy | ✓ | ✓ | ✓ | ||
| UN HRC Advisory (2024) | Policy | ✓ | ✓ | ✓ | ✓ | ✓ |
| QIF (in development) | HOW | ✓ | ✓ | ✓ | ✓ | ✓ |
The Principles-to-Protocol Gap
The fire code problem
Imagine if fire safety consisted only of the principle "buildings should not burn down" and the right "people deserve safe buildings" — but no one had written fire codes, designed sprinkler systems, or specified fire-resistant materials. That is the current state of neuroethics.
33 frameworks define why neural rights matter and what those rights are. Zero provide how to enforce them technically: no threat models, no scoring systems, no detection mechanisms, no protocol specifications.
33
WHY / WHAT
0
HOW (before QIF)
1
HOW (QIF)
QIF fills this gap with: NISS (neural impact scoring), the TARA Atlas (161 threat techniques), signal integrity analysis (future work with domain experts), and NSP (post-quantum secure neural communication).
Two Domains, One Bridge
Neuroethics asks: what rights should people have over their own neural data and cognitive processes? Neurosecurity asks: how do we technically defend against the attacks that violate them?
Governance spans both. Policy, regulation, and compliance frameworks translate ethical principles into enforceable rules and give security controls their legal mandate. Ethics without security is aspiration. Security without ethics has no compass. Governance connects them.
Neuroethics
What rights do people have?
- Defines the four neurorights (Ienca & Andorno, 2017)
- Establishes consent models (Beauchamp & Childress)
- Provides the moral foundation and philosophical grounding
- Publishes frameworks and principles
- Constrains what neurotechnology may do to people
Policy, regulation, compliance
Neurosecurity
How do we technically defend against attacks?
- Catalogs the attacks (161 TARA techniques)
- Scores the impact (NISS vulnerability scoring)
- Builds the defenses (Neurowall, NSP, Runemate)
- Verifies signal integrity (future work with domain experts)
- Detects, prevents, and responds to neural interface threats
Governance spans both domains
Ethics → Governance
Translates rights into policy (UNESCO, OECD, WHO, Chile). Defines consent tiers, data classification, and institutional oversight.
Governance → Security
Mandates technical controls (FDA, NIST, ISO). Specifies what must be auditable, enforceable, and measurable at the signal level.
Rights → Threats → Defenses
| Neuroright (Ethics) | Threat Pattern (Security) | QIF Defense (Security) | Governance Status |
|---|---|---|---|
| Mental Privacy | Eavesdropping, side-channel extraction, neural fingerprinting | NSP encryption, differential privacy, session pseudonyms | HIPAA/GDPR don't classify neural signals as protected health data |
| Mental Integrity | Signal injection, replay attacks, parameter tampering | Neurowall L1/L2 filtering, Cs anomaly detection | No regulatory definition of "unauthorized neural modification" |
| Cognitive Liberty | Subliminal manipulation, sovereignty attacks, covert retuning | SSVEP detection, adaptive spectral monitoring, policy engine | No compliance standard for subliminal influence via BCI |
| Psychological Continuity | Slow drift, homeostatic disruption, self-model corruption | Cs trend monitoring, reference electrode validation | FDA adverse event reporting doesn't cover cognitive drift |
| Equitable Access (governance) | Device abandonment, vendor lock-in, enhancement inequality | Open standards, interoperable protocols, vendor-neutral spec | No interoperability mandate for neurotech devices |
Toward Privacy-Preserving Neural Data Governance
Kellmeyer (2022) proposes establishing "trustworthy technological means and/or institutions — data fiduciaries — for handling any data that might allow for inferences on mental experience." Several technologies are emerging to address this:
Process neural signals without decrypting. Anomaly detection and filtering can operate on ciphertext.
Share aggregate neural patterns for research without exposing individual neural signatures. Calibrated noise injection.
Distributed ledger for audit trails — who consented to what, when. Neural data itself never on-chain; only hashes and metadata.
Independent institutions that hold decryption keys on behalf of patients. Device manufacturers do not hold keys to patient neural data.
NSP v0.5 specifies post-quantum encryption in transit. Section 11 of the NSP spec (draft) extends this with HE, DP, consent provenance, and data fiduciary requirements.
Rigor Checks & Guardrails
Good science requires active skepticism. These published critiques constrain how BCI security research should be framed. QIF treats each as a guardrail, not an obstacle.
Grouped by what they constrain: overclaim, scope, methodology, and framing.
Overclaim & Scope
Neuromodesty
Morse 2006/2011 · Ohio State J. Criminal Law / Mercer Law Review
"Brain Overclaim Syndrome": neural correlates do not prove causation or eliminate agency. Neuroscience findings are routinely overclaimed when applied to law and policy.
QIF guardrail: we score signal-level interference, not mental states. NISS measures physical amplitude disruption, not "thought harm."
Premature Legislation
Wexler 2019/2024 · Nature Biotechnology
Consumer neurotechnology does not yet warrant the level of ethical alarm being raised. Legislating solutions to problems that don't yet exist risks blocking beneficial research.
QIF guardrail: technical specifications are not legislation. Standards (like CVSS) inform but don't mandate. Building the fire code doesn't close the building.
Anti-Inflationism
Ienca 2021 · Bublitz 2022 (Neuroethics)
Multiplying neurorights beyond existing human rights frameworks dilutes protections (Ienca). Novel neurorights lack standard legal quality criteria and may constitute neuroexceptionalism (Bublitz).
QIF guardrail: we extend Mental Privacy and Mental Integrity with technical depth, not new rights. Five rights, not fifteen.
Methodology
Reverse Inference Fallacy
Poldrack 2006 · Trends in Cognitive Sciences
Concluding that a specific cognitive process is occurring because a brain region activated is not deductively valid. Even Broca's area provides only weak evidence for language engagement.
QIF guardrail: signal detection does not entail mental-state identification. TARA catalogs physical interference patterns, not cognitive content.
Statistical Inflation
Vul et al. 2009 · Eklund et al. 2016 (PNAS)
Brain-behavior correlations in fMRI are routinely inflated by double-dipping (Vul). Common fMRI software produces up to 70% false-positive rates (Eklund). A dead salmon showed "significant" brain activation without correction (Bennett 2009).
QIF guardrail: claims citing neuroimaging findings as ground truth must account for demonstrated validity failures in the underlying methods.
Conceptual Underspecification
Kellmeyer 2022 · Cambridge University Press
Mental privacy and mental integrity are conceptually "still under construction." Operational descriptions vary across philosophy, ethics, neuroscience, and psychology. No consensus model of self-experience or agency exists.
QIF guardrail: we define operationally measurable properties (signal amplitude, frequency, coherence) rather than philosophically contested mental states.
Kellmeyer (2022) notes that "mental privacy" and "mental integrity" lack agreed operational definitions. QIF proposes engineering-level operationalizations — one approach among several.
Framing
Neurorealism Triad
Racine, Bar-Ilan & Illes 2005 · Nature Reviews Neuroscience
Three failure modes in public neuroscience communication: neuro-realism (brain scans as visual proof), neuro-essentialism (we are our brains), neuropolicy (using brain data to advance agendas without evidence).
QIF guardrail: documentation must not frame BCI threats as "brain data reveals identity." Neural signals are partial, noisy representations, not transparent read-outs of selfhood.
Brain Reading Limits
Ienca et al. 2018 / Wexler 2019 · Nature Biotechnology
Even the paper raising BCI privacy concerns acknowledges consumer EEG "is not mind reading." Decoded images are selected from known lists, not freely read. Current devices require algorithm training, long-term data, and user cooperation.
QIF guardrail: threat models must distinguish between current capabilities and projected future capabilities. We catalog what is technically possible, not what is science fiction.
The Dual-Use Trap
Tennison & Moreno 2012 · PLOS Biology
BCIs are inherently dual-use: the same systems used for clinical treatment can be repurposed for military enhancement, deception detection, and interrogation. Framing BCI as a security domain risks enabling the very surveillance it aims to prevent.
QIF guardrail: the framework specifies defensive clinical protections. Offensive applications are explicitly out of scope. The threat catalog exists to inform defense, not enable attack.
Sources
This landscape survey draws from 255+ verified research sources compiled in the QIF Research Sources Registry . All citations have been verified via DOI resolution or publisher URL. See Sections 11, 11b, and 11c for the full neuroethics bibliography.
Survey conducted 2026-03-04/05 by 9 parallel research agents covering: neuroethics institutions (Columbia, Stanford, Harvard/MIT, UPenn/Duke, UBC, Georgia State, UCSF, Penn State, INSERM/Sorbonne, Baylor), neurosecurity labs (UW, Oxford, Northeastern, Yale, HUST, SJTU, Fudan, Murcia, Graz, MSU, Texas A&M, Zhejiang), governance bodies (UNESCO, OECD, IEEE, WHO, INS, UN HRC, China MoST, Latin American Parliament), and European frameworks (ETH Zurich, Freiburg, RHUNE, Council of Europe). Citations spot-checked via DOI resolution.