Prince Sultan Universityomarine-alrafie.yolasite.com/resources/Computer... · (credit cards, not subscribe in magazines, not take a loan, no health insurance, never access information

Prince Sultan UniversityBy: Miss Fadwa Al-Ghreimil

PSU, April 2009, © Fadwa Al-Ghreimil 2

Course Outline

1. Introduction: Why computer ethics?

2. Ethics and Information Technology

3. Ethics in IT-Configured Societies

4. Information Flow, Privacy & Surveillance

5. Digital Intellectual Property

6. Digital Order

7. Professional Ethics in Computing


Chapter Four

1. Introduction: Why computer ethics?

2. Ethics and Information Technology

3. Ethics in IT-Configured Societies

4. Information Flow, Privacy & Surveillance

5. Digital Intellectual Property

6. Digital Order

7. Professional Ethics in Computing


Chapter 4: Privacy

How computer and IT has changed the collection and distribution

of personal info.

The traditional of privacy and storing info.

The trade-off between individual interests in controlling info &

and the improvement of decision making by using this info (for

example employers).

Individual privacy as an individual good vs social good.

The importance of privacy and democracy.

Finally discussing a variety of possible approaches to improve

the protection of privacy.


Scenarios

4.1 E-mail Privacy and Advertising

4.2 Workplace Spying: The Lidl Case

4.3 Data Mining and e-Business


Introduction: Info Flow with and without IT

IT Configured Societies

1. The scale of personal

information gathering expanded

2. New kinds of info (TGI)

3. Distribution of info (buy, sell,

trade, exchange, stolen) with or

without ones knowledge,

intentionally or unintentionally

4. Endures for longer period of

time

5. Errors are magnified – cant

track them down since they

spread so quickly

Before IT Configured

Societies (Paper-and-Ink)

1. Costly and labor intensive

to collect information

2. Records were paper and

stored in files, this made the

storage limitations of

gathered info

3. Access limitation

4. How long they were kept

was also limited


Introduction: Info Flow with and without IT

Conclusion

With IT records have no limitations, are easy to

collect, store, maintain, manipulate, search and

share.


Why Care About Privacy?

Outline

“No Need to Worry”

The Importance of Privacy

Privacy as an Individual Good

Privacy as Contextual Integrity

Privacy as a Social Good Essential for Democracy

Autonomy, Democracy, and the Panoptic Gaze

Data Mining, Social Sorting, and Discrimination

Crude Categories

Summary of the Arguments for Privacy and Against

Surveillance


Why Care About Privacy?

What is the value of privacy?

If there is no privacy, what will be lost?

How does surveillance affect institutions, and

practices?

What sort of being do we become when we live

in surveillance societies?


“No Need to Worry”

Possible Counter Arguments to the Right

of Privacy

1- Individuals who have done nothing wrong, have nothing to fear. It

even protects ppl who have something to hide.

A: Information can affect your life stolen car

B: Organizations may use misleading & irrelevant information for

important decisions discrimination, women and the landlord

Conclusion

The way in which info is gathered, exchanged and used in our

society affects ALL OF US



of Privacy

2- Individuals do have control over their relationships with organizations,

we could refuse to give out info. But they chose to give info in order to

receive benefits in return.

If individuals had more options they wouldn’t chose to have less privacy

They might be naïve and uninformed

It hides the fact that the price paid for our privacy is high

(credit cards, not subscribe in magazines, not take a loan, no health

insurance, never access information on the web)

The cumulative effects of giving up privacy is enormous

Conclusion

One has to give up a great deal for the sake of ones privacy. The cost

is extremely high and goes against the idea of living in a free

society. There is no proof that individuals don’t value their own

privacy.



of Privacy

3- Personal information-gathering can be beneficial to organization who

gather it and to the customers they serve.

Organizations would make better decisions with the use of the

gathered info

How accurate are they using it, Is it relevant to the decision they need

to make?

This argument is utilitarian, the claim is that the intensive gathering

and flow of personal information has significantly good

consequences.

Conclusion

This argument needs to be further analyzed



Two Forces Threaten Our Privacy

1. The growth of information technology, with its

enhanced capacity for observation, communication,

computation, storage, and retrieval.

2. The increased value of information in decision-

making. Information is increasingly valuable to policy

makers; they want it even if acquiring it invades

another's privacy.



Why do organizations obtain info? banks, FBI, Amazon, advertisements, insurance

Public & private institutions as well as gov. agencies

collect data to improve their decision-making

Privacy is both an individual & a social good

Conclusion

A need to balance all the good things that are achieved

through info gathering and exchange against the desire

or need for personal privacy



Privacy is a complex value that gives autonomy,

equality, and democracy, and its importance ought to

recognized by IT-based practices.

Is privacy and instrumental or intrinsic value?

Value of privacy:

Instrumental vs intrinsic Instrumental privacy is important for building relationships and

democracy

Intrinsic privacy is important to have autonomy



Privacy as an instrumental good:

Privacy is instrumental for certain kinds of human relationships, or

for the diversity of the relationship.

Fried (1968) argued that friendship, intimacy and trust could not

develop if we live in a society with constant surveillance.

Rachels (1975) argues that privacy (control of information about

ourselves) is necessary to maintain a diversity of relationships

The relationships we build with others is based on the kind of information

we have about each other

E.g. dentist



Rachels sees privacy as instrumental to a diversity of

relationships, which in return is an intrinsic good

because a diversity of a relationship will allow trust,

intimacy which are intrinsically good.

When we lose control of information, we lose control of

relationships Gossip – no control over what is being

said and who the info is given to.

You lose control over what ppl will think about you and

how they will be treating you.



Control of info about ourselves is an important

component of our autonomy.

This doesn’t mean ppl should have absolute control

over their info

E.g. Applying for a job

This insight can be developed into two different

directions:

1. Contextual norms

2. Democracy



Nissenbaum’s Account (2004) of privacy as contextual

integrity

There are information norms in every domain of life

Those norms contain certain expectations:

1- What kind of info are appropriate and inappropriate

e.g. bank/loan - doctor

2-How that info will be distributed

e.g. medical records – friend’s secret



Norms are culture relative and change over time

Organizations usually use whatever norms they have to

collect desired information without making their clients

aware of the matter.

e.g. Google Gmail case, clients became aware of what

their ISP is collecting about them only when the gov.

asked for the records of webblogs from Google.



Findings from Nissenbaum’s Account :

1. That’s why you would find different policies for privacy in

different domains of life

2. It also explains why privacy is so difficult to protect since IT tools

are often invisible in the domains in which they are used and they

are used without public announcement.

Conclusion

Clients are unaware of information norms in many contexts. They have

no reason to ask about the things they aren’t aware of. So one

doesn’t really know whether one is being treated appropriately or

not.


Privacy as a Social Good Essential for

Democracy

Utilitarian theory can be applied to justify privacy as a

social good

Author Regen concluded that when individual privacy is

balanced against social goods such as law enforcement

or government efficiency, personal privacy loses.

Privacy can be used by police and higher powers to

catch criminals


Autonomy, Democracy and the Panoptic

Gaze

We are building a world that is a “Panopticon”

in which everything we do is observed

When individuals believe they are being

watched, they are compelled to behave

differently than they might if they weren't being

observed.


Autonomy, Democracy and the Panoptic

Gaze

There are two different concerns about privacy in IT-

configured societies:

1- The feeling of having less autonomy and freedom

2- asking about who are our watchers? How they select the

information by which they would evaluate us

Conclusion

Privacy is not just instrumental to democracy and

autonomy; it is essential to both


Data Mining, Social Sorting, and

Discrimination

The main concern is Ppl may not know the info norms in a

particular context – even when they know they are being tracked or

watched they wouldn’t know how the info is being collected or used.

Organizations have goals which they want to achieve efficiently, this

can be done with more information in hand to make better

decisions.

Clickstream

What Organizations Do May be Looked at in Two Ways:

1. Predicting clients behaviour to, in return, treat them accordingly

2. Injustice and prejudice sine ppl are treated as members of a class

rather than as individuals (stereotyping)


Data Mining, Social Sorting, and

Discrimination

To avoid this stereotyping, organizations avoid sorting by

race or gender.

Conclusion

With this IT tool ppl are sorted in groups which leads to

inequality. Different categories of individuals are treated

differently. This then leads to having different

opportunities


Crude Categories

If no info would be collected and everybody is treated alike:

Info of political campaigns would be distributed equally

Consumer-marketing firms would send one ad to all

consumers

Employers would have to give all employees the same

benefit.

Airlines would have to sell their tickets with the same

prices all over the world.


Crude Categories

Advantages of being equally treated would be:

1. Individuals would have more privacy.

2. Individuals would be treated much more as autonomous beings

instead of having their behaviours watched with inference made

about who they are and what they want, individuals would have to

be asked. (i.e. companies ask clients about their preferences and they

respond, rather than their response being predicted)

3. Individuals would be treated as changeable, because they have

autonomy. They do their own choosing rather than being put in a

category and presented with information accordingly.


Crude Categories

Conclusion

This proposal is not without drawbacks, but it adds

to the picture of the importance of privacy.

Q: How would the deontological theory look

at the matter of how organizations are

gathering info about individuals?


General Strategies for Privacy Protection

Is Privacy Over?

“Privacy is over, forget it” – this shows that ppl think that

there is too much personal information available, and

once it is in any database in the world then it’s

impossible to control it’s flow.

In some cases this has an advantage Being in an accident in a foreign country

So we are not asking for absolute privacy. In certain

domains like “medical records”, we want the norm of

distribution to be such that medical professionals would

be able to get access to them as quickly as possible.


Legislative Background in the US

P. 101 - Websites

Information on current privacy issues & proposed

legislations

e.g. each state has its own law protecting various

aspects of privacy – www.epic.org

http://www.epic.org/


EPIC Online



Fair Information Practices

Code of Fair Information Practices:

1. There must be no personal data record-keeping system whose

very existence is secret

2. Individuals must know what kind of info is being collected and how

it’s being used

3. Individuals must be able to prevent the usage of their information

for other purposes than what they were collected for

4. There must be a way to correct or remove ones information after

its been obtained

5. Organizations must assure the reliability of the data for their

intended use and must take precautions to prevent the misuse of

data.


Proposals for Better Privacy Protection

1. Broad conceptual changes and legislative initiatives

2. Institutional policies

3. Technology

4. Computer professionals

5. Personal actions


1- Broad Conceptual Changes and

Legislative Initiatives

In the US there are laws to protect businesses

from the gov, but no laws to protect individuals

from powerful businesses


2- Institutional Policies

While laws are missing or are

unclear, the organization can set

their own internal policies of how to

handle privacy matters

Transparent policies should be set

Opt-in vs. opt-out


3- Computer Professionals

Computer professionals can play an important role,

individually and collectively. They must not wash their

hands of privacy issues.

Computer professionals are in the best position to point

out privacy matters to clients or employers when building

databases containing sensitive information



The original ACM Code of Professional Conduct

(passed by the ACM Council in 1973)

Whenever dealing with data concerning individuals one

shall always consider the following principles:

1. To minimize the data collected.

2. To limit authorized access to the data

3. To provide proper security for the data.

4. To determine the required retention period of the data.

5. To ensure proper disposal of the data.



In 1992 – Those principles were not included in the new

code, they are just seen as useful guidelines.

1992 ACM Code of Ethics guidelines explain that: "It is

the responsibility of the professionals to maintain the

privacy and integrity of data describing individuals. This

includes taking precautions to ensure the accuracy of

data, as well as protecting it from unauthorized access or

accidental disclosure to inappropriate individuals.”


4- Technology

PETs – Privacy Enhancing Technologies are now being

developed

IT tools

detect the privacy level of a webpage before entering


Personal Actions

P.106


Conclusion

Privacy could be considered the most important ethical

issue in computer technology

It has a major effect on human behaviour – panopticon

Protecting personal privacy is not easy

Infos about individuals are extremely valuable both in

public and private sectors

It’s not getting better unless we do something about it


Further Readings

It is available in Amazon


Good Online Source

Contains most topics on computer ethics

http://ethics.csc.ncsu.edu/

Epic Publications

http://epic.org/bookstore/epic_books.html

http://ethics.csc.ncsu.edu/

http://epic.org/bookstore/epic_books.html


HW

Q: 12

Q: Did your perception change about the intensity

of privacy in the IT configures societies we are

living in? How did it change? And how will you

react?

Documents

Prince Sultan Universityomarine-alrafie.yolasite.com/resources/Computer... · (credit cards, not subscribe in magazines, not take a loan, no health insurance, never access information