Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
Prince Sultan UniversityBy: Miss Fadwa Al-Ghreimil
PSU, April 2009, © Fadwa Al-Ghreimil 2
Course Outline
1. Introduction: Why computer ethics?
2. Ethics and Information Technology
3. Ethics in IT-Configured Societies
4. Information Flow, Privacy & Surveillance
5. Digital Intellectual Property
6. Digital Order
7. Professional Ethics in Computing
PSU, April 2009, © Fadwa Al-Ghreimil 3
Chapter Four
1. Introduction: Why computer ethics?
2. Ethics and Information Technology
3. Ethics in IT-Configured Societies
4. Information Flow, Privacy & Surveillance
5. Digital Intellectual Property
6. Digital Order
7. Professional Ethics in Computing
PSU, April 2009, © Fadwa Al-Ghreimil 4
Chapter 4: Privacy
How computer and IT has changed the collection and distribution
of personal info.
The traditional of privacy and storing info.
The trade-off between individual interests in controlling info &
and the improvement of decision making by using this info (for
example employers).
Individual privacy as an individual good vs social good.
The importance of privacy and democracy.
Finally discussing a variety of possible approaches to improve
the protection of privacy.
PSU, April 2009, © Fadwa Al-Ghreimil 5
Scenarios
4.1 E-mail Privacy and Advertising
4.2 Workplace Spying: The Lidl Case
4.3 Data Mining and e-Business
PSU, April 2009, © Fadwa Al-Ghreimil 6
Introduction: Info Flow with and without IT
IT Configured Societies
1. The scale of personal
information gathering expanded
2. New kinds of info (TGI)
3. Distribution of info (buy, sell,
trade, exchange, stolen) with or
without ones knowledge,
intentionally or unintentionally
4. Endures for longer period of
time
5. Errors are magnified – cant
track them down since they
spread so quickly
Before IT Configured
Societies (Paper-and-Ink)
1. Costly and labor intensive
to collect information
2. Records were paper and
stored in files, this made the
storage limitations of
gathered info
3. Access limitation
4. How long they were kept
was also limited
PSU, April 2009, © Fadwa Al-Ghreimil 7
Introduction: Info Flow with and without IT
Conclusion
With IT records have no limitations, are easy to
collect, store, maintain, manipulate, search and
share.
PSU, April 2009, © Fadwa Al-Ghreimil 8
Why Care About Privacy?
Outline
“No Need to Worry”
The Importance of Privacy
Privacy as an Individual Good
Privacy as Contextual Integrity
Privacy as a Social Good Essential for Democracy
Autonomy, Democracy, and the Panoptic Gaze
Data Mining, Social Sorting, and Discrimination
Crude Categories
Summary of the Arguments for Privacy and Against
Surveillance
PSU, April 2009, © Fadwa Al-Ghreimil 9
Why Care About Privacy?
What is the value of privacy?
If there is no privacy, what will be lost?
How does surveillance affect institutions, and
practices?
What sort of being do we become when we live
in surveillance societies?
PSU, April 2009, © Fadwa Al-Ghreimil 10
“No Need to Worry”
Possible Counter Arguments to the Right
of Privacy
1- Individuals who have done nothing wrong, have nothing to fear. It
even protects ppl who have something to hide.
A: Information can affect your life stolen car
B: Organizations may use misleading & irrelevant information for
important decisions discrimination, women and the landlord
Conclusion
The way in which info is gathered, exchanged and used in our
society affects ALL OF US
PSU, April 2009, © Fadwa Al-Ghreimil 11
Possible Counter Arguments to the Right
of Privacy
2- Individuals do have control over their relationships with organizations,
we could refuse to give out info. But they chose to give info in order to
receive benefits in return.
If individuals had more options they wouldn’t chose to have less privacy
They might be naïve and uninformed
It hides the fact that the price paid for our privacy is high
(credit cards, not subscribe in magazines, not take a loan, no health
insurance, never access information on the web)
The cumulative effects of giving up privacy is enormous
Conclusion
One has to give up a great deal for the sake of ones privacy. The cost
is extremely high and goes against the idea of living in a free
society. There is no proof that individuals don’t value their own
privacy.
PSU, April 2009, © Fadwa Al-Ghreimil 12
Possible Counter Arguments to the Right
of Privacy
3- Personal information-gathering can be beneficial to organization who
gather it and to the customers they serve.
Organizations would make better decisions with the use of the
gathered info
How accurate are they using it, Is it relevant to the decision they need
to make?
This argument is utilitarian, the claim is that the intensive gathering
and flow of personal information has significantly good
consequences.
Conclusion
This argument needs to be further analyzed
PSU, April 2009, © Fadwa Al-Ghreimil 13
The Importance of Privacy
Two Forces Threaten Our Privacy
1. The growth of information technology, with its
enhanced capacity for observation, communication,
computation, storage, and retrieval.
2. The increased value of information in decision-
making. Information is increasingly valuable to policy
makers; they want it even if acquiring it invades
another's privacy.
PSU, April 2009, © Fadwa Al-Ghreimil 14
The Importance of Privacy
Why do organizations obtain info? banks, FBI, Amazon, advertisements, insurance
Public & private institutions as well as gov. agencies
collect data to improve their decision-making
Privacy is both an individual & a social good
Conclusion
A need to balance all the good things that are achieved
through info gathering and exchange against the desire
or need for personal privacy
PSU, April 2009, © Fadwa Al-Ghreimil 15
Privacy as an Individual Good
Privacy is a complex value that gives autonomy,
equality, and democracy, and its importance ought to
recognized by IT-based practices.
Is privacy and instrumental or intrinsic value?
Value of privacy:
Instrumental vs intrinsic Instrumental privacy is important for building relationships and
democracy
Intrinsic privacy is important to have autonomy
PSU, April 2009, © Fadwa Al-Ghreimil 16
Privacy as an Individual Good
Privacy as an instrumental good:
Privacy is instrumental for certain kinds of human relationships, or
for the diversity of the relationship.
Fried (1968) argued that friendship, intimacy and trust could not
develop if we live in a society with constant surveillance.
Rachels (1975) argues that privacy (control of information about
ourselves) is necessary to maintain a diversity of relationships
The relationships we build with others is based on the kind of information
we have about each other
E.g. dentist
PSU, April 2009, © Fadwa Al-Ghreimil 17
Privacy as an Individual Good
Rachels sees privacy as instrumental to a diversity of
relationships, which in return is an intrinsic good
because a diversity of a relationship will allow trust,
intimacy which are intrinsically good.
When we lose control of information, we lose control of
relationships Gossip – no control over what is being
said and who the info is given to.
You lose control over what ppl will think about you and
how they will be treating you.
PSU, April 2009, © Fadwa Al-Ghreimil 18
Privacy as an Individual Good
Control of info about ourselves is an important
component of our autonomy.
This doesn’t mean ppl should have absolute control
over their info
E.g. Applying for a job
This insight can be developed into two different
directions:
1. Contextual norms
2. Democracy
PSU, April 2009, © Fadwa Al-Ghreimil 19
Privacy as Contextual Integrity
Nissenbaum’s Account (2004) of privacy as contextual
integrity
There are information norms in every domain of life
Those norms contain certain expectations:
1- What kind of info are appropriate and inappropriate
e.g. bank/loan - doctor
2-How that info will be distributed
e.g. medical records – friend’s secret
PSU, April 2009, © Fadwa Al-Ghreimil 20
Privacy as Contextual Integrity
Norms are culture relative and change over time
Organizations usually use whatever norms they have to
collect desired information without making their clients
aware of the matter.
e.g. Google Gmail case, clients became aware of what
their ISP is collecting about them only when the gov.
asked for the records of webblogs from Google.
PSU, April 2009, © Fadwa Al-Ghreimil 21
Privacy as Contextual Integrity
Findings from Nissenbaum’s Account :
1. That’s why you would find different policies for privacy in
different domains of life
2. It also explains why privacy is so difficult to protect since IT tools
are often invisible in the domains in which they are used and they
are used without public announcement.
Conclusion
Clients are unaware of information norms in many contexts. They have
no reason to ask about the things they aren’t aware of. So one
doesn’t really know whether one is being treated appropriately or
not.
PSU, April 2009, © Fadwa Al-Ghreimil 22
Privacy as a Social Good Essential for
Democracy
Utilitarian theory can be applied to justify privacy as a
social good
Author Regen concluded that when individual privacy is
balanced against social goods such as law enforcement
or government efficiency, personal privacy loses.
Privacy can be used by police and higher powers to
catch criminals
PSU, April 2009, © Fadwa Al-Ghreimil 23
Autonomy, Democracy and the Panoptic
Gaze
We are building a world that is a “Panopticon”
in which everything we do is observed
When individuals believe they are being
watched, they are compelled to behave
differently than they might if they weren't being
observed.
PSU, April 2009, © Fadwa Al-Ghreimil 24
Autonomy, Democracy and the Panoptic
Gaze
There are two different concerns about privacy in IT-
configured societies:
1- The feeling of having less autonomy and freedom
2- asking about who are our watchers? How they select the
information by which they would evaluate us
Conclusion
Privacy is not just instrumental to democracy and
autonomy; it is essential to both
PSU, April 2009, © Fadwa Al-Ghreimil 25
Data Mining, Social Sorting, and
Discrimination
The main concern is Ppl may not know the info norms in a
particular context – even when they know they are being tracked or
watched they wouldn’t know how the info is being collected or used.
Organizations have goals which they want to achieve efficiently, this
can be done with more information in hand to make better
decisions.
Clickstream
What Organizations Do May be Looked at in Two Ways:
1. Predicting clients behaviour to, in return, treat them accordingly
2. Injustice and prejudice sine ppl are treated as members of a class
rather than as individuals (stereotyping)
PSU, April 2009, © Fadwa Al-Ghreimil 26
Data Mining, Social Sorting, and
Discrimination
To avoid this stereotyping, organizations avoid sorting by
race or gender.
Conclusion
With this IT tool ppl are sorted in groups which leads to
inequality. Different categories of individuals are treated
differently. This then leads to having different
opportunities
PSU, April 2009, © Fadwa Al-Ghreimil 27
Crude Categories
If no info would be collected and everybody is treated alike:
Info of political campaigns would be distributed equally
Consumer-marketing firms would send one ad to all
consumers
Employers would have to give all employees the same
benefit.
Airlines would have to sell their tickets with the same
prices all over the world.
PSU, April 2009, © Fadwa Al-Ghreimil 28
Crude Categories
Advantages of being equally treated would be:
1. Individuals would have more privacy.
2. Individuals would be treated much more as autonomous beings
instead of having their behaviours watched with inference made
about who they are and what they want, individuals would have to
be asked. (i.e. companies ask clients about their preferences and they
respond, rather than their response being predicted)
3. Individuals would be treated as changeable, because they have
autonomy. They do their own choosing rather than being put in a
category and presented with information accordingly.
PSU, April 2009, © Fadwa Al-Ghreimil 29
Crude Categories
Conclusion
This proposal is not without drawbacks, but it adds
to the picture of the importance of privacy.
Q: How would the deontological theory look
at the matter of how organizations are
gathering info about individuals?
PSU, April 2009, © Fadwa Al-Ghreimil 30
General Strategies for Privacy Protection
Is Privacy Over?
“Privacy is over, forget it” – this shows that ppl think that
there is too much personal information available, and
once it is in any database in the world then it’s
impossible to control it’s flow.
In some cases this has an advantage Being in an accident in a foreign country
So we are not asking for absolute privacy. In certain
domains like “medical records”, we want the norm of
distribution to be such that medical professionals would
be able to get access to them as quickly as possible.
PSU, April 2009, © Fadwa Al-Ghreimil 31
Legislative Background in the US
P. 101 - Websites
Information on current privacy issues & proposed
legislations
e.g. each state has its own law protecting various
aspects of privacy – www.epic.org
PSU, April 2009, © Fadwa Al-Ghreimil 32
EPIC Online
PSU, April 2009, © Fadwa Al-Ghreimil 33
PSU, April 2009, © Fadwa Al-Ghreimil 34
Fair Information Practices
Code of Fair Information Practices:
1. There must be no personal data record-keeping system whose
very existence is secret
2. Individuals must know what kind of info is being collected and how
it’s being used
3. Individuals must be able to prevent the usage of their information
for other purposes than what they were collected for
4. There must be a way to correct or remove ones information after
its been obtained
5. Organizations must assure the reliability of the data for their
intended use and must take precautions to prevent the misuse of
data.
PSU, April 2009, © Fadwa Al-Ghreimil 35
Proposals for Better Privacy Protection
1. Broad conceptual changes and legislative initiatives
2. Institutional policies
3. Technology
4. Computer professionals
5. Personal actions
PSU, April 2009, © Fadwa Al-Ghreimil 36
1- Broad Conceptual Changes and
Legislative Initiatives
In the US there are laws to protect businesses
from the gov, but no laws to protect individuals
from powerful businesses
PSU, April 2009, © Fadwa Al-Ghreimil 37
2- Institutional Policies
While laws are missing or are
unclear, the organization can set
their own internal policies of how to
handle privacy matters
Transparent policies should be set
Opt-in vs. opt-out
PSU, April 2009, © Fadwa Al-Ghreimil 38
3- Computer Professionals
Computer professionals can play an important role,
individually and collectively. They must not wash their
hands of privacy issues.
Computer professionals are in the best position to point
out privacy matters to clients or employers when building
databases containing sensitive information
PSU, April 2009, © Fadwa Al-Ghreimil 39
3- Computer Professionals
The original ACM Code of Professional Conduct
(passed by the ACM Council in 1973)
Whenever dealing with data concerning individuals one
shall always consider the following principles:
1. To minimize the data collected.
2. To limit authorized access to the data
3. To provide proper security for the data.
4. To determine the required retention period of the data.
5. To ensure proper disposal of the data.
PSU, April 2009, © Fadwa Al-Ghreimil 40
3- Computer Professionals
In 1992 – Those principles were not included in the new
code, they are just seen as useful guidelines.
1992 ACM Code of Ethics guidelines explain that: "It is
the responsibility of the professionals to maintain the
privacy and integrity of data describing individuals. This
includes taking precautions to ensure the accuracy of
data, as well as protecting it from unauthorized access or
accidental disclosure to inappropriate individuals.”
PSU, April 2009, © Fadwa Al-Ghreimil 41
4- Technology
PETs – Privacy Enhancing Technologies are now being
developed
IT tools
detect the privacy level of a webpage before entering
PSU, April 2009, © Fadwa Al-Ghreimil 42
Personal Actions
P.106
PSU, April 2009, © Fadwa Al-Ghreimil 43
Conclusion
Privacy could be considered the most important ethical
issue in computer technology
It has a major effect on human behaviour – panopticon
Protecting personal privacy is not easy
Infos about individuals are extremely valuable both in
public and private sectors
It’s not getting better unless we do something about it
PSU, April 2009, © Fadwa Al-Ghreimil 44
Further Readings
It is available in Amazon
PSU, April 2009, © Fadwa Al-Ghreimil 45
Good Online Source
Contains most topics on computer ethics
http://ethics.csc.ncsu.edu/
Epic Publications
http://epic.org/bookstore/epic_books.html
PSU, April 2009, © Fadwa Al-Ghreimil 46
HW
Q: 12
Q: Did your perception change about the intensity
of privacy in the IT configures societies we are
living in? How did it change? And how will you
react?