Transparency is a term thrown around as a buzzword in the
tech industry, usually to describe the principle that companies will inform you
about what happens to your data. Terms like data transparency provide you with
the sense that companies that conduct business online will keep your information
secure and inform you if your data happens to be compromised in some way. This
does not always reign true for most companies and brings up the question of what,
if any, ethics are involved in the transparency of information in the digital
age. Everybody’s information, ranging from photos of you posted on Facebook all
the way to location information from your phone’s GPS and credit card
information, is online in some fashion and has the possibility of being
compromised at any time. This is where ethics comes into play. Is it more
ethical to immediately inform people of their data begin compromised or
potentially hide the fact data was compromised and try to fix it behind the
scenes?
An example from recent history is the largest data breach so
far, the 2017 Equifax breach. “Equifax on Sept. 7 announced the cybersecurity
incident, one of the largest in history. Unauthorized data access occurred from
mid-May through July 2017. The breach was discovered on July 29.”1 How
come it took Equifax over a month to disclose to the public that there was a
data breach that affected almost half of the country, roughly 149 million
people?
Turilli and Floridi say in their paper titled, The Ethics of
Information Transparency, “For these companies, it is crucial to disclose
information about how they manage the flow of personal and Internet usage
information, in order to prove to their customers that there is no correlation between
their identity and their activities online.”2 Both authors bring up
the idea that it is crucial to disclose this type of information, however most data
companies that discover a data breach will wait to disclose it. I believe this
is unethical as much damage can be done with the stolen data, such as fraudulent
purchases on your credit card, in a short amount of time. Companies should be
more inclined to notify people of a breach immediately once it is discovered as
well as work to improve security.
Sources:
1. Symanovich, Steve. “Equifax Data Breach Affects Millions of Consumers. Here's What to Do.” LifeLock Official Site, www.lifelock.com/learn-data-breaches-equifax-data-breach-2017.html.
2. Turilli, Matteo, and Luciano Floridi. “The Ethics of Information Transparency.” Ethics and Information Technology, vol. 11, no. 2, Oct. 2009, pp. 105–112., doi:10.1007/s10676-009-9187-9.
Good post! I agree that companies should be more proactive about notifying their users, especially if they're such an important company like Equifax. A lot of these big companies don't think transparency is important, and they might announce a data breach late because it's economically strategic. Your reference to the Floridi article was good, but I think you could have referenced it earlier and continued to build on it. Maybe if you reversed the post a bit, having the references at the beginning and your current opening paragraph as the concluding one, this post could be really great.
ReplyDelete