As digital systems increasingly mediate access to public life, information security (InfoSec) operates as a sociotechnical and sociopolitical governance layer shaping access, visibility and contestability. CIA-triad approaches (confidentiality, integrity, availability) can reinforce exclusion when “protection” becomes gatekeeping, opaque decision-making or disproportionate monitoring. This study introduces the Emancipatory InfoSec Framework (EISF) to show how InfoSec can be reoriented, through design, toward emancipatory outcomes that enhance freedom, justice and plurality.
The EISF was developed through a staged systematic literature review and critical-theory-informed abductive synthesis. After deduplication, abstract-level triage and full-text eligibility assessment, a core analytical corpus informed iterative coding, abstraction and synthesis. Principles and illustrative InfoSec actions are presented as a conceptual, design-oriented theorization rather than an empirically validated model.
Seven recurring systemic exclusions are translated into emancipatory mechanisms organized in three blocks: freedom-oriented design (agency, voice, inclusion and rationality), justice-oriented design (reflexivity, accountability, redress and repair) and plurality-oriented design (localized and anti-colonial governance). A qualitative “emancipatory degree” heuristic supports prioritization by (1) the breadth of freedoms enabled, (2) the depth of structural reach (governance vs. interface) and (3) the extent to which principles institutionalize contestability and repair capacity.
The EISF links exclusion patterns to design requirements (e.g. inclusive authentication, selective disclosure, auditability, and co-governed redress) while surfacing feasibility trade-offs and boundary conditions (e.g. threat models, compliance, legacy systems and organizational constraints). It also proposes a research agenda across praxis, infrastructure and epistemology, including AI-mediated security governance.
The EISF offers an integrated, critical, justice-oriented and plurality-sensitive framework that specifies how InfoSec can be designed to secure freedoms rather than condition them.
