Through your work in this module, you should have gained a good understanding of data ethics, and gained experience using ethical principles to think through responsible treatment of user data in a cybersecurity context. Next, we’ll be turning to corporate social responsibility to think about moral obligations that businesses have to the public.
Before going on to the next module, take a minute and write down:
- Something about data ethics that makes sense to you now that didn’t before, or
- Something about data ethics that you thought made sense before that you realize now does not, or
- Something that you’re still trying to figure out about data ethics.
A part of data ethics that I knew about was consenting to the terms and conditions of applications to use them, but I never realized the several faults that exist with the current system. An example of these faults is a long document of text or overall process that organizations know consumers won’t read nor care for, which is a method for disincentivizing users to look into or think about what they consent to. In opposition, the possibility of a simplified terms and conditions agreement form is rarely used for applications that are used daily. Another example was with data mining and data analysis and how its primary method is going behind a user’s back to be used in multiple ways. Looking at the case analysis, policies like the right to be forgotten or complete opt-out processes are also a rarity for users. Examples like these prove that while I knew about consent for user data, I now realize that I didn’t know how deep its conversation could extend.
In short, this module helped me to gain a deeper understanding of the nature of consent regarding user data. It paints a picture of how the current security policies for users in place need to be changed to have users be involved and informed about what’s happening to their data.