This article by Palmer is about GDPR (General Data Protection Regulation), what it is and how it affects the European Union. This article is a general overview of GDPR, and how the GDPR protects the general public’s information. Every aspect of our lives revolve somewhat around data and GDPR can help protect our information. This new regulation plan was effectively implemented on May 25, 2018. The GDPR enforced rules and regulations that helped protect individuals’ information, and held companies accountable for potential lost information. Palmer also goes into some of the key aspects of GDPR. Like who the GDPR applies to and how they have to conform to those rules and regulations of the GDPR. In this Case Analysis I will argue that Contractarianism shows us that the United States should follow Europe’s lead because the GDPR protects individuals information, and holds companies accountable for personal data.
One central concept that Zimmer used regarding the Facebook case was ethical impact and considerations that should have been used when public when sensitive data was released for the public to see. Especially on social media platforms like Facebook, we should consider the impact of data that is sensitive no matter public or private. If a researcher gets public data and uses it without the consent of the individual, this is still an ethical issue as Zimmer implies. Even after this happened, the T3 research team tried to remove the data and mitigate the damage that could be done further. But the damage was already done and the information was quickly discovered. This raised questions and concerns in regards to protection on social media. Zimmer stated that the T3 team used 5 steps to protect individuals’ data when accessing that data for research purposes. Even when using the 5 steps listed, Zimmer stated that these steps were in good faith, but the T3 team failed to fully understand the nature of privacy in social media spaces. While the T3 team stated that they only accessed data that was already only on Facebook, this does not excuse them from being responsible. You still have to take privacy into account when grabbing public information. Through contractarianism these researchers may have violated the agreement of identifying and respecting the individual’s privacy. Trust is essential in making sure that we create a healthy social environment. Researchers need to obtain individual consent before accessing sensitive information whether it is private or public information. The US should adopt something similar to the GDPR to help create a more secure environment for individuals. This would also hold companies accountable for making sure that individuals’ information was secure on social media platforms like Facebook and Twitter. I think using something similar to the GDPR would be beneficial to make sure that something like this does not happen again in the future. Being able to give individuals the ability to choose whether to consent to privacy and/ or intelligence is crucial for the longevity of freedom on the internet. Using the GDPR to get companies like Facebook to get a greater control over their information, so research like this cannot be done at will. The GDPR could also be used as a means for users to gain greater control over their information even if used on the Facebook platform. Giving users more control over their information would prohibit research on individuals’ information, if they don’t consent. Overall, the GDPR would be beneficial for a case like the one highlighted by Zimmer for the reasons stated above. The GDPR would make sure that research in the future would be done in an ethical manner. I think this is what should be done in this case. However, as mentioned later, I think the GDPR should be implemented to mitigate cases like this, but it should be implemented in a case where it is similar to the European Union but not exact. The US should look at data released by the European Union, and work with them to see what worked efficiently and what didn’t.
One central concept that Buchanan stated in this article is that Big Data research is not privacy friendly. Buchanan states that big data research does not necessarily give individuals the opportunity to consent to either research analysis or intelligence research. There are ethical considerations that arise when we talk about big data research like especially privacy and consent. In this case big data research was used to analyze data from individuals searching ISIS/ISIL using the twitter application/website. Ethical implications come into play when research is used to get individuals information when expressing support for ISIS/ISIL. This has a potential negative impact on society because although people may know that they are using this platform to express their ideas openly. They did not expect their information to be used as a part of research or intelligence gathering. With regards to this situation, consent and privacy concerns come into play. When talking about contractarianism, did the researchers apply with twitter and the policy and fairness agreement. If not, does this violate the individual’s agreement with twitter and does this affect the relationship between the individual and the company? How can companies like twitter be held accountable to protect their consumers information. Through the earlier mentioned article by Palmer, if the US adopted something like the GDPR companies like Twitter and Facebook could be held accountable for privacy and consent concerns. An overall policy and procedure mandate like the GDPR could create an environment for individuals to freely express their ideas and opinions without fear of being used for research and/ or intelligence purposes. Implementing the GDPR would help secure privacy for people using these social media platforms. A policy and procedure like the GDPR would mandate companies like Twitter to have consent before giving out consumer information. The GDPR would also make sure that companies like Twitter would be held accountable for violations of privacy or consent policies. The GDPR would also grant individuals certain rights over their personal information. Some of these rights could include things such as the ability to access their information. Overall, I think the access of key phrases by entities like the US government should be allowed for national security purposes. This should be allowed for an instance like this one. People being in favor of extremist groups, could be leaning towards joining one themselves. This could cause irreparable damage to the general public. I think other things like general opinions on the internet through platforms like Twitter should be allowed to be secure and individuals should have rights over their own privacy, and consent of their ideas in most cases. However, I think something like the GDPR should be incorporated by the US government in some sort of capacity. Maybe taking some of the ideas, and looking at what worked and what didn’t work in the European Union using the GDPR. Then look at what to establish and what not to establish. The US should implement something like the GDPR, but not everything that the European Union implemented, but if they do they need to open it up to where the US government can still look at user data for intelligence purposes.
In conclusion, I think that the US government should implement something like the GDPR to mitigate cases like the two mentioned above from occurring again. Making sure individual concerns are addressed in regards to privacy and consent. I think the US should look at the European Union and identify how to implement the GDPR in a more efficient way that works for the United States and their political goals. I think there are some drawbacks to my position as hinted in the last sentence. I think implementing the GDPR may hinder the United States and their political goals. I think like the second case I stated about Twitter and ISIS/ISIL, is a great example of why the GDPR cannot be implemented and never will. Can the United States intelligence agencies work the way they have been working, and comply with previous laws/acts with the GDPR? I think they cannot implement something like the GDPR, but I think it has to be something that secures the internet more. This may not include offering individuals increased rights over their personal data. Whatever is on the internet in a public/private domain can be and will be used for intelligence purposes. I think there are pros and cons to this, and implementing a GDPR similar to the one the European Union adopted would be unlikely.