Browse Definitions :
Definition

law of unintended consequences

The law of unintended consequences is a frequently-observed phenomenon in which any action has results that are not part of the actor's purpose.

The superfluous consequences may or may not be foreseeable or even immediately observable and they may be beneficial, harmful or neutral in their impact. In the best-case scenario, an action produces both the desired results and unplanned benefits; in the worst-case scenario, however, the desired results fail to materialize and there are negative consequences that make the original problem worse.

Examples of the law of unintended consequences in play:

A company mandates security mechanisms, such as strong passwords or multifactor authentication, to protect sensitive data. However, because the new passwords are too difficult to remember or the procedures too cumbersome, users find ways to circumvent the mechanisms, such as writing passwords on sticky notes on the monitor.

In the United States, the Patriot Act expanded the power of law enforcement and government agencies to monitor and intercept the data of private citizens. One unintended consequence was a reluctance of companies and individuals to allow any of their data to be stored in the U.S.

As machine-to-machine (M2M) communications and the Internet of Things (IoT) develop, an increasing number of devices have the capacity to transmit data over a network. However, these devices are often things that have not traditionally had any ability to communicate and as such have no security mechanisms in place to protect them. An unintended consequence is security attacks on IoT devices, which have included a light bulb hack.

Factors that reduce the likelihood of unintended consequences include an understanding of the systems involved, careful planning and an attention to detail during execution. In recent years, the law of unintended consequences is often evoked in reference to complex systems, which by definition cannot be fully understood. As a result, any action that involves a complex system is certain to have unintended consequences.

In this TED talk, historian Edward Tenner discusses the gap between our ability to innovate and our ability to foresee the consequences:

This was last updated in February 2016

Continue Reading About law of unintended consequences

SearchCompliance
  • OPSEC (operations security)

    OPSEC (operations security) is a security and risk management process and strategy that classifies information, then determines ...

  • smart contract

    A smart contract is a decentralized application that executes business logic in response to events.

  • compliance risk

    Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...

SearchSecurity
  • buffer overflow

    A buffer overflow occurs when a program or process attempts to write more data to a fixed-length block of memory, or buffer, than...

  • biometric verification

    Biometric verification is any means by which a person can be uniquely identified by evaluating one or more distinguishing ...

  • password

    A password is a string of characters used to verify the identity of a user during the authentication process.

SearchHealthIT
SearchDisasterRecovery
  • What is risk mitigation?

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • change control

    Change control is a systematic approach to managing all changes made to a product or system.

  • disaster recovery (DR)

    Disaster recovery (DR) is an organization's ability to respond to and recover from an event that affects business operations.

SearchStorage
  • What is RAID 6?

    RAID 6, also known as double-parity RAID, uses two parity stripes on each disk. It allows for two disk failures within the RAID ...

  • PCIe SSD (PCIe solid-state drive)

    A PCIe SSD (PCIe solid-state drive) is a high-speed expansion card that attaches a computer to its peripherals.

  • VRAM (video RAM)

    VRAM (video RAM) refers to any type of random access memory (RAM) specifically used to store image data for a computer display.

Close