In this era of digital connectedness, it is increasingly difficult to live an offline lifestyle. We rely on countless organizations to keep our personal information safe and secure. Sometimes, the trust between customer and organization is broken due to a data breach or other loss of data. While there are benefits to being able to store your information this way, there are also many ethical drawbacks.

The most obvious, and typically most threatening, ethical issue is theft and what happens with the stolen data. Under most ethical philosophies, stealing personal information is considered to be immoral. However, there are instances where the ethical lines are blurred. White hat hacking is seen as a major ethical issue because of the blurred lines. When the information is taken in order to expose organizational mismanagement or cybersecurity risks, it raises many questions on ethics. Some theories argue that it’s okay because it exposed something that put many people at risk, while others argue it’s wrong regardless of intention.

The second ethical issue is that of privacy. This issue is best demonstrated by the Taste, Ties, and Time Harvard study from 2006. The researchers involved in the study collected Facebook data from over 1,000 “anonymous” students. The data was not actually anonymous and raised several ethical questions, the biggest being “was this a breach of privacy”? In general, people expect their data to be private when they want it to be. Still, how much privacy should users expect when giving information to an organization?

Another issue that usually goes hand in hand with privacy is autonomy. How much control should users have over their own information? Once it’s given to an organization, should it be assumed that control has been handed over as well? This is especially prevalent in the medical field, where patient autonomy is paramount. However, this is a common issue across all platforms.

Finally, we must deal with issues that arise in the aftermath of a cybersecurity event. Many organizations have to ask when it is necessary to notify the public. Should it be any time an event occurs or just when actual harm has taken place? Each organization has different disclosure policies. While legislation and regulations, such as the EU’s GDPR, have tried to create a standard, it still varies. This is another instance where public sentiment tends to go against expert opinion.

Altogether, there are countless ethical issues that arise from storing electronic information. Further, there are few perfect solutions. The four listed above are major, but hardly capture the ethical complications that technology creates for us. It will continue to be a concern for time to come for both users and experts alike.