The four ethical issues I want to discuss that arise when storing electronic information about individuals is who will that information be shared and or sold to, how will the data be used by the organization storing it, what level of effort will the organization put into the protection of the data while it’s being stored, and last what rights/options do the individuals have to stop the organization from storing this information about them.
Like with anything else in society and more than likely a common theme of this writing, if there is a way to circumvent a law, someone will find a way to do so to achieve their own objectives. Unknown to most people are the existence of data brokers. Exchanges where the collectors of all this information can sell that data and then from there it’s resold like any other commodity. Currently we technically have laws in this country with regards to what kind of information a federal agency can directly collect from its citizens, but then we reach a grey area and another ethical dilemma with regards to what they can buy about you. As Wired magazine pointed out (https://www.wired.com/story/opinion-data-brokers-know-where-you-are-and-want-to-sell-that-intel/) government agencies are purchasing this data raising yet another ethical issue, should this even be allowed.
There is also the question of how organizations will use this data. If anyone has ever read the privacy statement for a company, getting the specific details surrounding the who, what, when, where and how they will use your data is impossible. Instead they are merely high level documents, which their legal team has gone through great length to construct to not give you a sense of safety or security, but to keep them from liability while allowing them to do what they will with your information. However this isn’t a discussion on what is legal, but rather ethical. With the information beyond it’s supposed intended use, in some cases the claim is just for metrics to make the service better, is it ethical to use it to then target people for the purchase of additional goods and services? We see it done all the time and it’s presented as a value add, but is that really ethical? If so to what extent is it ethical to create a profile about someone to target them for these goods and services. If the organization is able to piece together that they have experienced a recent tragedy, is it ethical to take advantage of that to extract more money from them? Is it ethical to target that person with advertising to try and change their religious, social, and or political ideology? All questions that deserve further debate and the answer to which I don’t believe is necessarily as black and white as a yes or no.
Spiderman has taught us two things, one is that not everyone in Hollywood is cut out to be play a villain in a Marvel movie (I’m looking right at you Jamie Foxx) and two the lesson that with great power comes great responsibility. The economist wrote an article saying that data is now more valuable a commodity then is oil (https://www.economist.com/leaders/2017/05/06/the-worlds-most-valuable-resource-is-no-longer-oil-but-data). My takeaway from that is that organizations have the great responsibility to secure that commodity they same as they would oil fields, gold reserves, or their most valuable of intellectual property. Wars have been fought and military’s defend oil reserves, one of the most secure military installations is Fort Knox which stores the gold reserves for the United States, and there are volumes upon volumes of law written to protect an organizations intellectual property so surely there would be equally as stringent measure to protect such a valuable commodity as data, no? There in lies the ethical question. The damage done to a person’s life if their data were released in some cases could and does devastate their life as they know it, they have little to no recourse, the organization who allowed the breach has already transferred the risk to an insurance company, and everyone goes to sleep all the same at night without a care or concern that someone one or millions of people will forever have life as they know it changed. This raises the ethical questions as to how much time, money, and effort should holders of this information be forced to expend in protecting it especially given it’s value surpasses that of commodities which wars have been waged over.
The last ethical issue I wanted to discuss is what rights do the individual have over their own information. As I mentioned earlier this is a valued commodity that we are talking about, it belongs to the individual who is the subject of the data, I don’t know anyone that should not be compensated for the use of their own commodity, not should anyone not have some say in it’s use or who they will entrust it to. Have you every tried to delete your account with an organization and all the associated data? It’s a lot harder then you would think. The concept of deleting your account is one thing, the idea of deleting your data with them is a completely different. Some websites and apps don’t even have the “delete my account option”. I recently had an issue trying to delete my account and data with a parking garage that I used for work before covid. I sent no less then five emails and made several calls, they wouldn’t come right out and say it, but they refused and still do refuse to delete my information from their system. I have no realistic recourse. It’s my data, my information, I’m no longer a customer, you shouldn’t need anything about me anymore, I have no outstanding debt to this organization, yet they refused to remove me from their system. This is I believe is the most serious of all the ethical issues raised when storing information about individuals.