Ethical Challenges of Quantum Technologies
A Technology That Arrives Before Its Ethics
Most technologies accumulate ethical frameworks reactively — social media, facial recognition, and large language models all developed widespread adoption before governance caught up. Quantum computing is unusual in that its primary near-term ethical risk — breaking public-key encryption — is predictable and dated. Researchers, policymakers, and standards bodies have known for 30 years that Shor's algorithm could compromise RSA and elliptic curve cryptography given sufficient hardware. The ethical question is not whether this will happen but whether the global community will migrate to quantum-safe cryptography before it does.
The OECD's 2025 Quantum Technologies Policy Primer identifies quantum computing as occupying a paradoxical position: simultaneously a tool for public good (drug discovery, climate simulation, materials science) and a potential weapon (cryptanalysis, surveillance enhancement, weapons optimization). Unlike nuclear technology — which is physically dangerous and geographically constrained — quantum software runs on classical hardware once reduced to gate sequences, and quantum algorithms can be disseminated globally without controls. This dual-use nature poses challenges that export control regimes designed for physical hardware do not fully address.
🔒 Encryption Disruption
A CRQC would retroactively expose all currently intercepted traffic encrypted under RSA or ECC. This is not a future privacy risk — harvest-now-decrypt-later attacks are occurring now. The ethical obligation to migrate is already active, not contingent on CRQC arrival.
👁️ Surveillance Amplification
State actors with early access to CRQCs gain unprecedented decryption capability against both adversaries and their own citizens. The Human Rights Watch and Amnesty International have flagged quantum-enabled surveillance as a structural threat to freedom of expression and association.
⚔️ Dual-Use Applications
Quantum simulation accelerates both life-saving drug discovery and weapons optimization. Quantum sensing and imaging have both medical diagnostics and military reconnaissance applications. The same algorithm that searches protein folding space can search cryptographic key space.
🌍 Geopolitical Asymmetry
Quantum capabilities are concentrated in a small number of nations (US, China, EU, UK, Canada, Japan, Australia). As of 2021, only 17 countries had national quantum strategies; 150+ have none. Nations without quantum capabilities face not just economic disadvantage but security vulnerability.
🧪 Research Ethics & Scientific Freedom
Cambridge Core analysis (2024) applies human rights frameworks: states must create conditions for quantum research to flourish even if it carries societal risks — but this must be balanced against the right to privacy and freedom of expression. Publication norms, pre-registration, and dual-use review boards are emerging mechanisms.
⚖️ Algorithmic Fairness
Quantum optimization algorithms applied to hiring, lending, or law enforcement inherit and can amplify classical data biases. Quantum machine learning's opacity is compounded by hardware noise that is difficult to characterize deterministically — making fairness audits harder than for classical ML.
Societal Impact of Widespread Quantum Cryptography Adoption
The Quantum Divide: A Successor to the Digital Divide
Scholars at Just Security and Decent Cybersecurity have described the emerging quantum divide: a structural gap between nations with quantum capabilities and those without. Unlike the digital divide — which primarily affects access to information — the quantum divide has a direct security dimension. Nations without post-quantum cryptography migration plans face two simultaneous vulnerabilities: their current encryption is potentially being harvested for future decryption, and their security infrastructure will become progressively more exposed as quantum capabilities mature abroad.
Widespread adoption of quantum cryptography and PQC also creates transition costs that fall unevenly. A 2025 ISACA report identifies financial services, healthcare, and government as the sectors with the highest urgency, but these same sectors have the most complex, deeply embedded cryptographic infrastructure. Small and mid-size organizations, municipal governments, and healthcare providers in developing nations may lack the resources to migrate on the timelines that NIST and federal mandates require. The equity implications are significant: organizations that cannot migrate may lose access to secure communication channels, creating a two-tier security landscape.
LEADING
Active quantum research programs and proactive PQC migration. Setting global standards and timelines.
ASYMMETRIC RISK
Strong quantum programs without urgent PQC migration. Arguably the most geopolitically dangerous position — capability without defense.
REACTIVE
Migrating to PQC without building domestic quantum capability. Dependent on foreign hardware and standards bodies.
HIGH RISK
No quantum research and no PQC migration. Current encrypted traffic is being harvested now for future decryption. Most exposed to a CRQC event.
Schematic; positions are approximate. Sources: OECD Quantum Policy Primer (2025) · Decent Cybersecurity · WEF Quantum Governance Initiative.
Positive Societal Impact: The Quantum for Good Agenda
The Microsoft Quantum for Good initiative and the ICQE 2025 conference both identified three categories of high-impact beneficial applications: problems that are economically important, out of scope for classical computers, and realistically solvable on future quantum hardware.
Leading candidates include protein folding and drug binding simulations (Google's Quantum Echoes already demonstrated molecular NMR on 28 atoms), battery and materials discovery for clean energy, and logistics optimization for supply chains. The Open Quantum Institute publishes annual studies mapping quantum algorithms to UN Sustainable Development Goal targets. Quantum sensing, a closely related technology, enables medical imaging and environmental monitoring at resolutions not achievable classically.
Privacy, Surveillance, and the Right to Encryption
The Cambridge Core human rights analysis (2024) frames encryption not merely as a technical tool but as infrastructure for the right to privacy and freedom of expression under international law. A state-operated CRQC that decrypts dissidents' communications, journalists' sources, or legal counsel's records is not merely a cybersecurity event — it is a human rights violation.
The transition to PQC is therefore not just a technical migration but a human rights obligation. The UN designation of 2025 as the International Year of Quantum Science and Technology catalyzed new attention to this framing. UNESCO has convened an Ethics of Quantum Computing Commission, which proposes that ethical guardrails should be grounded in individual dignity and autonomy — not merely national security or commercial competitiveness.
Governance Frameworks for Responsible Quantum Development
The Governance Landscape: Who Is Building the Rules?
Unlike AI, whose governance frameworks emerged years after deployment, quantum governance is being constructed during the technology's pre-commercial phase — a rare opportunity. The landscape involves interleaved technical standards bodies, national regulatory agencies, international organizations, and industry consortia, each operating on different timelines and with different binding authority.
The World Economic Forum's Quantum Computing Governance initiative brings together public sector, private sector, academia, and civil society to develop principles for responsible design and adoption. Its work spans three interconnected streams: quantum applications (identifying beneficial use cases), cybersecurity (managing the cryptographic transition), and governance (policy and regulatory frameworks). The WEF explicitly draws on AI governance lessons — particularly the importance of building ethical principles before widespread adoption creates path dependencies that are difficult to reverse.
Key unresolved governance questions include: Should CRQCs be classified as critical infrastructure with mandatory access controls? Should quantum algorithm publication follow dual-use research norms similar to gain-of-function biology? Who is liable when a quantum-enabled cryptographic attack succeeds despite published PQC migration timelines? How should export controls on quantum hardware be harmonized internationally to avoid creating unilateral disadvantage without reducing proliferation risk?
| Actor | Instrument | Scope & Status |
|---|---|---|
| NIST (US) | FIPS 203/204/205; NISTIR 8547 | Active PQC standards finalized Aug 2024; transition timeline for federal systems. Organizations encouraged to begin migrating now. |
| US Executive Branch | NSM-10 (2022); PQC executive order | Active Requires federal agencies to inventory quantum-vulnerable systems; 2025 mandate for PQC-ready TLS 1.3 on federal infrastructure. |
| ENISA (EU) | Quantum Cryptography Guidelines | Active EU cybersecurity agency guidance on PQC migration; coordinated with ETSI and national member authorities. |
| IETF | TLS 1.3 PQC extensions; Hybrid X.509 | Draft Working groups standardizing hybrid key exchange and certificate formats for internet-scale deployment. |
| World Economic Forum | Quantum Computing Governance Initiative | Active Multi-stakeholder principles for responsible quantum development; cybersecurity, applications, and governance workstreams. |
| UNESCO | Ethics of Quantum Computing Commission | In Progress Developing ethical guardrails grounded in human dignity, autonomy, and equity. Concept note published; commission active 2025. |
| OECD | Quantum Technologies Policy Primer (2025) | Published Calls for international cooperation, workforce development, and frameworks ensuring secure and equitable deployment. |
| US/EU/UK/Japan | Export controls on quantum hardware | Active Quantum hardware and algorithms subject to export restrictions; China, Russia, Belarus excluded from early-access research programs. |
| Cambridge Core / Legal Scholarship | Human rights compatibility framework | Academic Applies right to science + right to privacy to derive state obligations for quantum policy; favors enabling research while mandating encryption migration. |
Resources & Further Reading