Introduction
In the current digital age, information security and privacy are under an enormous threat since data stored online can be attacked by malware programs, stolen, and used for malicious purposes. The article titled “UK government using confidential patient data in coronavirus response,” by Lewis, Conn, and Pegg in The Guardian in 2020, presents the story about the use of confidential patient data by private organizations. American company Palantir and British startup Faculty used this information to produce statistical predictions intended for the UK government’s use to respond to the pandemic. However, it was not an unauthorized data breach from the side of the companies. Conversely, the UK government wanted to obtain an artificial intelligence (AI) platform to respond better to the pandemic (Lewis et al., 2020). Governmental agencies reassured the public that all the information is encrypted, but the authors of the article state that there was a place to use confidential documents. Although the government allowed companies to access private data with good intentions, its actions cannot be justified even with Kantian ethics of duty because the situation is more an issue of virtue than duty.
Kantian Ethics
As it is widely known, the main emphasis of Kantian ethics is duty. Immanuel Kant, a German philosopher, used to write about various subjects, but mostly philosophy. His ideas of the ethics of responsibility implied that a person should act morally in accordance with one’s duties (MasterClass, 2022). Furthermore, Kant claimed that duty could be perfect and imperfect; the former is categorical imperative while the latter is not required to be honored (MasterClass, 2022). For example, telling the truth is a perfect duty, while beneficence is imperfect (MasterClass, 2022). Kantian ethics is often criticized for its excessive focus on duty, but at the same time, it highlights the importance of respect for a person’s autonomy (Baron, 2018; MasterClass, 2022). In other words, individuals should be allowed to act within moral values without negatively affecting others or confining their rights.
Application to Data Confidentiality
Regarding the situation presented in the selected article, Kantian duty ethics may suggest that the UK government and the two companies acted following moral duty. Indeed, the ultimate goal was to create a database that would predict herd immunity to the novel coronavirus and help create a better action plan in response to the pandemic (Lewis et al., 2020). At the same time, Kant’s categorical imperative claims that every human should be given the freedom of autonomy (MasterClass, 2022). Therefore, using confidential documents for an ambiguous greater cause could be unethical because it was unclear if the outcome would be helpful for the public. However, governmental agencies assure people that Palantir and Faculty do not control but only process the data (Lewis et al., 2020). Still, patients’ autonomy seemed to be violated since the article does not mention that they signed an informed consent document to use their data in an open database.
Virtue Ethics
As the name suggests, virtue ethics focuses on moral virtues. Contrary to other ethical theories, virtue ethics highlights the fact that a person’s moral action is crucial in itself (Statman, 2019). In fact, according to Statman (2019), “a central question within virtue ethics is whether all act-appraisals are reducible to judgments about character, or whether an independent criterion for the value of acts exists” (p. 27). For example, the trustworthiness of a person or organization can be considered a virtue. Furthermore, benevolent actions are virtuous because they are inherently good and strive to attain the goal that will be in another person’s best interests. Other virtues are love, generosity, compassion, and friendliness, which are somewhat similar to Kantian imperfect duties (Statman, 2019). However, unlike Kant’s philosophy, virtue ethics perceives all seemingly imperfect duties as the essence of a human moral deed.
Application to Data Confidentiality
If applied to the case presented in the chosen article, data confidentiality and patient privacy can be considered virtues; the acts that cause a breach of those are immoral. Indeed, using patient data to create open-access databases is against the principles of virtue ethics because patient trust in healthcare institutions and the government was lost. When people are admitted to a hospital, the assurance of privacy of their personal information is articulated to them verbally and sometimes in writing. Electronic health records are protected within a healthcare organization and can only be shared between clinicians to establish a diagnosis or recommend a treatment plan for the patient (Son et al., 2019). Such utilization of confidential data may be viewed as unethical. On the other hand, governmental bodies keep repeating that the two hired companies process encrypted information, suggesting there is no threat to them. Still, according to virtue ethics, such a situation should not have arisen in the first place because the involved agencies and organizations must remain trustworthy elements of a virtuous society.
Virtue Ethics vs. Kantian Ethics in Data Confidentiality
If one compares Kantian and virtue ethics in the presented scenario, both in some way do not support confidential data access for companies. Kant’s categorical imperative suggest that patient autonomy was violated, while virtue ethicist claims the act inherently was immoral. Digital information privacy cannot be guaranteed nowadays since data leaks, and security breaches increase annually at exponential rates due to the advancement of malware (Trabelsi, 2019). For instance, in the first half of 2018, 4.5 billion personal or corporate records were compromised around the globe (Trabelsi, 2019). There are multiple ways to steal information, especially when it is exposed in memory while in use (Rashid, 2020). In the case of Palantir’s and Faculty’s AI platform, information was not stolen but provided to these companies by governmental agencies. On the one hand, it was their duty to act in the public’s best interests to develop this prediction tool. On the other hand, there was no need to make the platform open since most ordinary people were not interested in it. The solution for this ethical dilemma may be to restrict the use of the AI platform to authorized organizations and people to prevent data leak.
Conclusion
Digital information security is a critical source of concern and ethical problems. In the selected article, the authors accused private companies and the UK government of using confidential patient records to create an open-access platform. Although data was encrypted, Kant’s principles of autonomy and virtue ethics’ idea of the moral act were violated. Still, the Kantian philosophy of duty dictates that people’s deeds are ethical if performed to honor their responsibilities. The fact that it was the time of the pandemic could justify such disrespect for virtues, but only if the ultimate goal helped during the pandemic. Otherwise, creating a platform that may never be adequately used but serve as a site for the storage of private information openly is unreasonable.
References
Baron, M. W. (2018). Kantian ethics almost without apology. Cornell University Press.
Lewis, P., Conn, D., & Pegg, D. (2020). UK government using confidential patient data in coronavirus response. The Guardian. Web.
MasterClass. (2022). Kantian ethics explained: Immanuel Kant’s life and philosophy. Web.
Rashid, F. Y. (2020). The rise of confidential computing: Big tech companies are adopting a new security model to protect data while it’s in use-[news]. IEEE Spectrum, 57(6), 8–9.
Son, H. X., Nguyen, M. H., & Vo, H. K. (2019). Toward a privacy protection based on access control model in hybrid cloud for healthcare systems. In Alvarez, F. M., Lora, A. T., Sáez Munoz, J. A., Quintián, H., & Corchado, E. (Eds.), International Joint Conference: 12th International Conference on Computational Intelligence in Security for Information Systems (CISIS 2019) and 10th International Conference on European Transnational Education (ICEUTE 2019) (pp. 77-86). Springer. Web.
Statman, D. (2019). Virtue ethics: A critical reader. Edinburgh University Press.
Trabelsi, S. (2019). Monitoring leaked confidential data. In 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS) (pp. 1–5). IEEE.