Ethics of Big Data and privacy policies
In Dexit's never-ending search for privacy policies, terms and conditions, and terms of agreements, they came across a very interesting article written almost 16 years ago. Dr. McDonald together with Professor Cranor, published research in 2008 pointing out that it would take the average American 76 workdays out of the year to read every privacy policy they encountered in that year. This was particularly interesting research because in the age of instant gratification, signing up for various online accounts is today easier than ever! Users tend to be lured by the immediate beautification and ease in apps and websites and reading the terms and agreements is going to take ten minutes too long. What would it take someone today to read the privacy policies online? How much “extra” have people signed up to since 2008?
People tend to think that not only do all privacy policies behave the same way for each company but the presence of privacy policy on a website means that their privacy policy is protected. This is not really the case. People assume that while they are alive it’s okay when different websites have access to their private data. However, the situation changes when access to private data is granted after the user dies. As of today, legal privacy data protection ends with someone’s death in the US. This means that the leftover, undeleted data that still remains on the servers of the companies where accounts were open is able to be monetized or used in some capacity.
Some of the Ethical Questions about Big Data to consider:
· Who will be able to stop "Big Data Companies" if no government laws or policies are protecting dead people's data? The companies who own your data, own the rights to your data, own the rights to using them for their purpose, and own the rights to alter any effect they may want to have on tomorrow's future. There is a sinkhole between what we think they have on us and what they actually do have, and of course, how it will impact our children's future may end up fully in their hands.
· How might insurance rates be affected when they are using private data to determine their cost of risk of insuring you and your family? Here we can look broadly at insurance companies in general. They take on risk and provide you an insurance policy. Let’s look at at health care insurance, where some of these trends have been happening for a long time already. Have you ever been asked if you used nicotine, smoked cigarettes or used tobacco? Well fast forward to today, they don’t have to ask you anymore, they already know. This is why they promote preventative care, to lower their risk and increase their bottom line. Let’s use another example; car insurance. They already calculate risks based on driver ages, driver records and the vehicles themselves. What if they had access to your Waze or Google maps records and would know that 80% of the time you drive “comfortably on the highway”, you are going 80mph? Your premiums may look quite different!
· Will companies who own private data be allowed to rewrite history according to someone’s views, politics, and trends? This question was addressing the fact that this immense power sits in the top few percent of tech companies. Many tech platforms provided fun interactive community building apps, which provided them a wealth of data that could be used, manipulated and repurposed to the general public. The last election already showed the world how this algorithmic data can manifest itself within online communities. What could happen if they had not just power to affect our actions and decisions today and tomorrow, but could completely erase our past?
Many of us operate under the assumption that our online activities are private and secure. We entrust our personal information to websites, social media platforms and online services, often without completely understanding the implications of doing so. However, the reality is that our data is constantly being harvested, tracked, and monetized by companies that are eager to capitalize on our digital footprint. From targeted advertisements to data bridges, our private information is routinely exposed to potential threats.
Currently, the US has a patchwork of Federal and state laws trying to protect consumers’ private data. No uniform or single law addresses every aspect of privacy. Moreover, no Federal or State body of authority guards that privacy. People assume that data privacy is a right that is protected under the law. This is not currently the case.
Some of the comprehensive laws today are the California Consumer Privacy Act of 2018 (CCPA) and the California Privacy Rights Act (CPRA) of 2020 give consumers more control over their information which includes: knowledge of what kind of data is being collected, business purposes for which personal information is used, deletion of their information, opt-out of sale of their personal information, etc. Those laws protect the consumer, however; they are currently only in California. Nevertheless, several other states have recently passed similar laws.
Another hurdle is that privacy consumer advocacy groups encounter requests for powers of attorney and other impossible paperwork demands. After someone dies it is almost impossible to keep the data contained. This has to be done during the lifetime of the person. As soon as we leave our footprint online, that information is transferred, sold, and resold to companies involved in different aspects of our lives.
What about data breaches? Our data is at risk of hacking every day. There are specific thresholds that require companies to disclose data breaches to their customers. If the data breach does not reach that threshold, the customer is not notified and consumers have no idea that their data was compromised.
It’s important to take control of your accounts and your data. Dexit’s mission is to help people take control of their private data during their lifetime and after death. Dexit aims to continue to educate people on the importance of private data being kept private and not being a subject of monetization, identity theft, or change. It is important to address the data held in your online accounts today while still alive, so that your digital legacy is still your choice.
