...

In many ways, disclosing a vulnerability can be thought of as a form of journalistic reporting, in that "The purpose of journalism is … to provide citizens with the information they need to make the best possible decisions about their lives, their communities, their societies, and their governments." [4].

By analogy, vulnerability disclosure provides individuals and organizations with the information they need to make the best possible decisions about their products, their computing systems and networks, and the security of their information.

...

• Seek truth and report it – Ethical journalism should be accurate and fair. Journalists should be honest and courageous in gathering, reporting and interpreting information.
• Minimize harm – Ethical journalism treats sources, subjects, colleagues and members of the public as human beings deserving of respect.
• Act independently – The highest and primary obligation of ethical journalism is to serve the public.
• Be accountable and transparent – Ethical journalism means taking responsibility for one's work and explaining one's decisions to the public.
  
  

References

1. FIRST, "Ethics SIG," [Online]. Available: https://www.first.org/global/sigs/ethics. [Accessed 17 May 2017].
2. Association for Computing Machinery, "ACM Code of Ethics and Professional Conduct," 16 October 1992. [Online]. Available: https://www.acm.org/about-acm/acm-code-of-ethics-and-professional-conduct. [Accessed 17 May 2017].
3. USENIX, "System Administrators' Code of Ethics," 30 September 2003. [Online]. Available: https://www.usenix.org/system-administrators-code-ethics. [Accessed 17 May 2017].
4. American Press Institute, "What is the purpose of journalism?" [Online]. Available: https://www.americanpressinstitute.org/journalism-essentials/what-is-journalism/purpose-journalism/. [Accessed 17 May 2017].
5. Society of Professional Journalists, "SPJ Code of Ethics," 6 September 2014. [Online]. Available: https://www.spj.org/ethicscode.asp. [Accessed 17 May 2017].