As the internet becomes more integrated in our daily lives the more, we are storing and transmitting our sensitive information online. Every day million of users are entering their credit card numbers to pay bills, social security numbers for applications, and other personal information for the sake of convenience. Which heightens the needs for understanding of what is right and wrong; ethical or unethical. There have been a number of ethical issues that have arisen with the increase of information storing and sharing online. Four of these ethical concerns include accuracy, confidentiality, data selling, and disclosure.

Accuracy

There are regulations regarding individuals providing accurate information online to organizations. There is also a duty for that organizations security program to protect sensitive information from manipulation. This relates to the most important principle of the CIA triad which is integrity. This is to ensure that our stored and shared information should be accurate and not altered. For example, if a hacker were to remove a valid traffic violation in the DMV system, then that will directly impact insurers by not being able to assess driving risks correctly due to an inaccurate driving record. This results in a small loss if just one person. However, if you multiply that by a couple hundred people, the monetary losses could be significant.

Confidentiality

Confidentiality is another key ethical concern. When I am providing my sensitive information online, I need to have faith that the information is going to be only seen and used by those that need to. This is important to prevent breaches and leaks. Confidentiality is not to be taken lightly, because breaches can directly put consumers harm’s way financially and physically.

Selling Data

Data being sold has become a buzz topic amongst individuals, businesses, and government. Organizations sell consumer data to other organizations for a profit. This is a mutually beneficial relationship between organizations. Organization A benefits from the profits gained, and Organization B now can tailor products and offers to make consumers more likely accept. This has caused ethical concerns with ownership of data and privacy.

Disclosure

Lastly, with the rise of breaches and leaks disclosure surrounding when to notify consumers has been a concern as well. Companies have decided to end their public notification systems. I think consumers should be notified right away if their information has been compromised. However, some organizations practice responsible disclosure. This is when companies do not disclose till there is a solution available. This can cause transparency concerns for individuals.

Reference: Responsible Disclosure: Cyber Security Ethics | CSO Online