The innovations brought about by the progress of technology have made computers and interactions over the Internet an essential part of most people’s lives. However, regular interactions with various websites tend to reveal vast amounts of information that can be gathered and analyzed to identify a person as well as others who are close to him or her and make highly accurate guesses as to that person’s preferences and activities.
This inference may be interpreted as a violation of privacy, raising moral concerns. However, the overall ethical framework for digital technologies and methods is difficult to establish, especially on a legislative level, due to the rapid and continuous evolution of the environment. Nevertheless, it is necessary to identify the current issues and possible solutions to attempt to address the concerns that arise in the digital sphere.
Primary Concerns
The main ethical questions related to digital ethics is whether modern data aggregation and analysis technologies violate the privacy of people if they are used to obtain personal information and whether these behaviors should be permitted. According to Damen, Köhler, and Woodard (2017), the term “privacy” as applied to information technology means “reference to the types of information available about an individual, whether they are primary or derived from analysis. These types of information include behavioral, financial, medical, biometric, consumer, and biographical” (p. 2), which would suggest that data analysis interferes with the right. However, the process is not necessarily immoral, as it may be performed with the consent of the person.
Many data aggregation technologies are intended to assist a user by obtaining information about him or her and offering personalized services based on the data. Such services usually ask users for confirmation that they want their data to be collected and analyzed and allow them to choose what information to share. This model is employed by the majority of companies that engage in large-scale data collection, such as Google and Twitter. The consent of the user to the gathering and handling of his or her information makes the central process lawful and ethical. However, it is still surrounded by a variety of possible problems of uncertain morality.
Data Management Awareness
In modern society, technology advances at a significantly faster rate than awareness of it. For example, Clubb, Kirch, and Patwa (2015) name a number of privacy issues related to the Internet of Things, such as terms of use that force the user to agree without understanding the contents, the overall lack of data collection and use transparency, and the ability of data collectors to bypass consent through the use of specific policies that are insufficient to protect one’s privacy. The lack of understanding of modern privacy ethics and the potential issues associated with data collection allow companies to engage in unethical practices without the knowledge of the users and with their uninformed consent.
The attitude many people take to privacy complicates the matter, as they are often passive with regards to controlling their personal information. Steiner, Kickmeier-Rust, and Albert (2017) describe this attitude as the “privacy paradox,” in which people are unconcerned with the security of their data despite claiming otherwise until a breach occurs. One possible reason for such behavior is the lack of clear privacy risk guidelines. People are aware that there is danger involved in improper personal data management, which leads them to believe and claim that they pay significant attention to privacy, but the lack of understanding of the specific issues and possible risks leads them to take insufficient or misguided protection measures.
Developer Responsibility
Misconceptions about the nature and specifics of privacy exist among information technology specialists, as well. Van der Hoven (2017) provides examples of various innovations that were created with improved efficiency, convenience, health safety and other outcomes in mind but were rejected by governments because they infringed on the privacy of the users or people around them. Large and successful IT corporations such as Google are among the offenders, suggesting that even industry leaders have not fully understood the concept of privacy and its impact on the future of data analysis. The ethical issue is a combination of the lack of user awareness and developer irresponsibility, which lead to the development of privacy-infringing products that are accepted by the public.
However, reasons behind unethical practices by IT companies are not limited to a lack of responsibility or awareness. Clubb, Kirch, and Patwa (2015) provide examples of approaches in which companies would purposely obfuscate the implications of their privacy policies or use information-processing standards such as de-identification as loopholes to avoid the necessity of consumer consent during information collection. The existence and possibility of such practices make government overview and control necessary for the continued implementation of consumer-friendly privacy guidelines in both intent and letter. However, the government itself should not be an exception to the rule, leading to further concerns such as the entity that will ensure the compliance of the government with ethical norms.
Group Privacy
Another issue related to data analysis and privacy is the so-called group privacy. According to Taylor, Floridi, and van der Sloot (2017), in the modern environment, groups such as “Black Twitter” can command significant influence without explicitly announcing their existence or having a clearly stated organization. Data aggregation can be used to assign individuals to such groups for purposes of analysis or further action regardless of their identifying as members of the movements. Taylor, Floridi, and van der Sloot (2017) note that such attempts have led to a range of harmful behaviors, including crude inferences, discrimination, and government surveillance. A new group privacy framework is necessary to identify the topics and issues and address them.
Group privacy requires further investigation and the development of specific measures that are tailored to the particulars of the topic. According to Taylor, Floridi, and van der Sloot (2017), it is not reducible to matters of individual privacy, as grouping processes tend to occur algorithmically in analytical software and may happen and influence the resulting predictions and conclusions without the knowledge of the person that is conducting the research.
Examples of risks that are associated with belonging to a group based on specific characteristics as opposed to personal history or traits include belonging to a population that is known for higher violence or drug abuse rates than the national average and being profiled as a potentially dangerous individual because of that. The information that is necessary to add a person to such a group is minimal and can usually be found in open access, as a person’s race or community tend to be public information on various social network websites.
Possible Solutions
The concerns surrounding privacy in digital technology are numerous and diverse. This quality makes the development of solutions that are both efficient and effective a challenging process, but researchers are making progress in the task.
The development of new legislation currently remains the primary medium for the introduction of new privacy policies, but the proposals include recommendations for education systems as well as for enterprises. It should be noted, however, that suggestions are unlikely to eliminate all unethical practices in privately owned enterprises, whether these approaches are intentional or not, and authors of such proposals have to turn to the government due to its ability to enforce compliance with new standards and identify failures to conform to new rules.
Legislation Changes
The United States can follow the example of other developed countries, such as those of the European Union, for basic privacy guidelines formulation. Steiner, Kickmeier-Rust, and Albert (2017) describe the primary European principles as collection limitations, data quality management, purpose specifications, use restrictions, security safeguards, openness, individual participation, and accountability. Personal data should be obtained lawfully and with the consent of the person. The individual should be aware of the purposes for which the information is collected, and the data itself should be relevant to the goal. Furthermore, the data should be stored securely and be openly available to the person, and the company should be accountable for compliance with the policies above.
The new policies described above should assist the government with the creation of ethical device and software guidelines, but it does not directly affect the current products, which will also require corrections to comply with the updated regulations described above. Examples offered by Clubb, Kirch, and Patwa (2015) include simplified terms of use, complete transparency, centralized opt-out, HIPPA extensions for health data protection, IoT dataset usage limitations, and enforcement of device override capabilities. Overall, these changes will lead to the government taking a more prominent role in the information management field, but consumers will receive a set of privacy management tools that are more powerful and easy to use than those that are currently available.
Data Science Education
Consumers should become more aware of the concerns that surround ethics and digital technology, which can only be accomplished through extensive education on the subject. It will be necessary to formulate an evidence-based framework for the potential dangers of the various issues in the modern Internet environment, their sources and the practices that may help one avoid it. The knowledge may then be disseminated through an information campaign that will target the locations and populations that are most prone to loose personal data handling procedures, such as social networks and their users.
A well-executed approach that presents the information in an accessible fashion and achieves a broad area of coverage should contribute significantly to improving the ethical literacy of the people whose data is in potential danger.
However, a one-time campaign will have a limited long-term influence on the issue. The most logical approach would be to incorporate digital ethics, and especially their privacy aspect, into the curriculum of educational institutions. Matzner (2018) proposes a data science education program where the students are taught to be responsible with their information handling and make rational decisions on the matter.
The latter is particularly relevant, as information technology companies are typically privately owned and profit-oriented, and a better understanding of the increasingly complicated IT field may help a person orient himself or herself to use the possibilities offered by those companies to his or her advantage. The education may help students handle themselves better in the information environment that the modern world appears to be approaching and help them take full advantage of privacy protection policies offered by the government.
Responsible Innovation
The primary policy for companies that work in the IT sector would be an increased focus on responsibility, which preferably should not impede their ability to enact technological progress. Van der Hoven (2017) suggests a definition of responsible innovation that incorporates the accumulation of relevant knowledge on the options and outcomes, their evaluation in terms of moral values such as safety, security, and privacy, and the use of the considerations obtained in the process as requirements for the development of new technology.
The employment of these policies should benefit both consumers and companies, as the former would be more secure due to the greater consideration put into the product by the manufacturer, and the latter would encounter fewer difficulties related to potential conflicts with the law or privacy breaches.
Group Privacy
Protecting group privacy through the policies that are explicitly outlined in legislation may be a challenging task at times, as many groups that are constructed during big data analysis are not explicit entities in the physical world.
While distinguishing factors such as race can be identified without much difficulty, and appropriate laws can and have been passed, an algorithm that processes vast amounts of information may form associations that would be difficult for a human to comprehend or describe using words on a regular basis. As such, true group privacy protection measures would require extensive joint research by ethics specialists and information analysts that would aim to change the procedures employed during big data processing to be more conducive to privacy without significantly damaging their performance.
Nevertheless, some measures, which primarily concentrate on improvements to individual privacy and the consequent partial reinforcement of its group counterpart, are possible to implement now. Taylor, Floridi, and van der Sloot (2017) suggest approaches such as the international harmonization of data management regimes, improved data security and breach accountability, and enhanced data literacy. A centralized model where a user would be able to see the entirety of his or her data that is available to aggregators and determine the boundaries of its applications would be optimal, as it would eliminate a wide variety of unexpected and undesirable interactions.
Conclusion
The continuous development of information technology makes the creation and maintenance of an updated set of laws a challenging task for the government. Privacy is a particularly relevant topic, as the data gathering and analysis methods that have evolved recently can guess large amounts of personal information accurately if provided with sufficient input. The primary issues are the lack of awareness among the consumers, irresponsible development practices, and the development of group privacy concerns. The latter can only be resolved through extensive multidisciplinary research, but improved data science education, adjusted general legislation, and enhanced manufacturer responsibility should prove useful at addressing the overall situation surrounding the issue.
Reference List
Clubb, C, Kirch, L & Patwa, N 2015, The ethics, privacy, and legal issues around the internet of things. Web.
Damen, J, Köhler, L & Woodard, S 2017, The human right of privacy in the digital age. Web.
Matzner, T 2018, ‘Data science education as contribution to media ethics,’ in Paderborn symposium on data science education at school level, Paderborn University, Paderborn, pp. 28-32.
Steiner, CM, Kickmeier-Rust, MD & Albert, D 2017, Let’s talk ethics: privacy and data protection framework for a learning analytics toolbox. Web.
Taylor, L, Floridi, L & van der Sloot, B (eds) 2017, Group privacy: new challenges of data technologies, Springer, Dordrecht.
van der Hoven, J 2017, ‘Ethics for the digital age: Where are the moral specs?’, in H Werthner & F van Harmelen (eds), Informatics in the future, Springer, New York, NY, pp. 65-76.