Question
Address the interaction of laws and new technologies and how they have evolved each other in recent years based on the below article... BIG DATA
Address the interaction of laws and new technologies and how they have evolved each other in recent years based on the below article...
BIG DATA "Privacy Versus Progress" : A Necessary Sacrifice, By Garry E.Hunter
Big data is a controversial issue in modem society, as it directly impacts the majority of social structures, norms and foundations of privacy that were once believed to be fundamental rights. On one hand, we have the various promises that emphasize the positive aspects of data collection in various fields: notably the medical field (healthcare); anti-terrorism; law enforcement and a variety of other functions. Many times these are assumptions with no fact based evidence to support utopian claims. On the other hand, we can clearly see numerous transgressions and blatant violations to the most basic rights of privacy on a macro-level from federal and state governments. The majority of laws have been altered or written to ensure that powerful corporations can interact with the federal and state governments to bypass previously existing laws and legal codes which would prevent access to privileged and protected information.
It is certainly true that collecting large amounts of data and running powerful algorithms through databases will show correlations and other information that could be used in a positive manner to form various important theories with positive implications. Many of these challenges are being beneficially implemented via big data analytics. Unfortunately, the vast amount of academic literature suggests that big data is being used primarily for economic gain, while subjecting individuals to privacy invasions at a level that was previously thought unimaginable. Therefore, it is sociologically nave and illogical as well as pragmatically and semantically embarrassing for society to interpret and define "big data" in a narrow context. Big data that is used to fight terrorism or cure cancer should not be defined and studied in the same light as big data that is used to increase commercial sales, and allow giant multinational global corporations to steal information from the general public in order to get ahead of the competition.
Arguably, the most disturbing aspect of big data collection on a sociological level is the fact that this massive wave of privacy invasion is increasing resulting in exclusionary advertising and targeted media saturation. If big data can define who individuals are, it can be used to shape them into whom one "should be", or narrow the existing possibilities for individual transformation. On a political level, individuals and groups in the future may be at risk of exposing their most guarded secrets via unethical data collection, therefore they may be forced to conduct activities defined culturally as transgressions in the shadows, and in many cases will choose not to act counteractive to socially defined norms in fear of persecution or exposing a perceived element of deviance. It is clear that the "big data" does not exist as a definition of anything objective or concrete, to use the term as a generic or "catch all" phrase is to undermine the substantial impact it is having on our private and institutional lives. Big data is made of little data, and how it is used and collected will determine the multifaceted effects upon our world. What is Big Data?
Big data is a term used to describe "the exponential growth and availability of data, both structured and unstructured."2 In 2001, industry analyst Doug Laney further defined big data using three V's: Volume; Velocity and Variety. Transaction -based data storage, unstructured data streaming (i.e. social media) and increasing amounts of sensor data and machine to machine data being collected have been contributing factors to the increasing amount of data volume.3 In the present day, data is streaming at unexampled rates of speed and as a result can present challenges for organizations who are trying to react to the information in a timely manner. Lastly, data can come in a variety of formats. Some examples include: "unstructured text documents; email; video; audio; stock ticker data and financial transactions; and structured, numeric data."4 Many organizations face the difficult task and struggle with managing, merging and organizing massive amounts of data.5
In considering Laney's three core principles of big data, the group at SAS poses two more dimensions of big data to consider: variability and complexity. In terms of variability, one needs to consider that data flows can be "highly inconsistent with periodic peaks."6 An example of this phenomenon would be whether or not something is trending on social media. Managing these types of events and data loads can prove quite difficult. As today's data comes from multiple sources and can pose quite a problem to "link, match, cleanse and transform data across systems", indicating the complex nature that big data systems pose.7 As big data can be important for linkages, it can also be a double edged sword and create chaos and confusion. In this day and age, it is important that privacy risks are weighed against the benefit rewards. There are many concerns among privacy advocates that emerging advances of big data will disrupt the power relationships between government, business, and individuals. As a result, this could lead to many unwanted consequences such as profiling, discrimination, over-criminalization and the restriction of individuals' freedoms.8
For businesses and organizations that are acquiring big data, it is important to know what to do with it once you are attaining it. The goal is that organizations will be able to "take data from any source, harness relevant data and analyze it to find answers that enable 1 ) cost reductions, 2) time reductions, 3) new product development and optimized offerings, and 4) smarter business decision making."9 With the benefits of combining big data and high-powered analytics, it will be possible to accomplish the following:
* Determine root causes of failures, issues and defects in near-real time, potentially saving billions of dollars annually,
* Optimize routes for many thousands of package delivery vehicles while they are on the road.
* Analyze millions of SKUs to determine prices that maximize profit and clear inventory.
* Generate retail coupons at the point of sale based on the customer's current and past purchases.
* Send tailored recommendations to mobile devices while customers are in the right area to take advantage of offers,
* Recalculate entire risk portfolios in minutes,
* Quickly identify customers who matter the most,
* Use clickstream analysis and data mining to detect fraudulent behavior.10
Chief Data Officer
It is believed that most agencies should have a Chief Data Officer (CDO) on their staff. Currently, around half of the major federal agencies currently employ a CDO; however there is confusion on how to integrate the CDO's role within the agencies business structure. The question remains as to why agencies want to employ a CDO." According to Tyrone Granderson, Commerce Department Deputy CDO, he believes:
The CDO could fill one of many roles, they could be an advisor for the overall structure of different departments, they could be technologist that could see the direction you need to be taking-and the data that drives the direction-or they could just be developers for whole data departments.12
Jon Minkoff, the Federal Communications Commission Enforcement Bureau's CDO, believes that every agency has an individual functioning in some capacity as the CDO. In other words, there is someone within every agency that knows where data is stored and how the data is compiled. He suggests that if agencies hired a Chief Data Officer specifically for this purpose then there would be no emergent need to find this information at times and there would be "some data management and governance that is put in action, and people could leverage those assets much better."13
Skills that are essential to the Chief Data Officer must include: "technical, statistical and analytics skills that a typical person in management lacks, as well as broad-based appreciation of data."14 The CDO needs to have the skills available to be a good strategist and the abilities necessary to be able to structure that data. Being a team player is also an important quality needed for an individual to be a CDO. According to Minkoff, a CDO will need "to have legitimacy, you have to understand the business process, you have to understand exactly why you're looking for that data..."15 It is likely that in the future organizations are going to look towards the implementation of CDO's for data management.
Practical Implementations of Big Data
One positive example of utilizing these practices and analytics is demonstrated by the programs implemented by UPS. UPS has been tracking movements on their packages as early as the 1980's. With an average of 39.5 million tracking requests per day the company stores more than 16 petabytes of data.16 Using over 46,000 vehicles in its fleet, UPS has upgraded their big data collection by the use of telematic sensors. These sensors for example, can collect the vehicle speed, direction, as well as the braking and drive train performance. The initiative entitled ORION (On-Road Integration Optimization and Navigation) is "arguably the world's largest operations research project."17 The project has seen rout reconfigurations and led to savings in 2011 of more than 8.4 million gallons of fuel by cutting 85 million miles off of daily routes.18 At the current time of this article, UPS is also hoping to apply these analytics to all air flights they conduct with the hope that they can achieve similar results.
In the arena of health care, big data is purported to be a component of "the learning health care system", which in theory will use data sets in order to increase the knowledge of health care information.19 Patterns are said to emerge within big data that will increase the successes of prevention as well as treatment strategies, while increasing quality and effectiveness. The Health Information Technology for Economic and Clinical Health Act (HITECH) is an electronic medical record which 80% of individuals are now acquiring clinical data from.20 This program among others has increased the availability of clinical research data, using data concerning health and wellness via "personal health record tools, mobile health applications, and social networking sites".21 These tools enable individuals to access important health information in regards to their needs. In recent studies, the great majority are in favor of these data sharing systems, but many are concerned about the privacy of their personal information.22
In order to increase public trust in a health driven big data system, the technology available must provide privacy for health data while increasing the amount of analytics available to increase knowledge of prevailing health problems.23 It is also important that the entities supplying the information and their mechanisms be held accountable and thus would increase the likelihood that they will adhere to the rules of privacy practices.24 This would include providing incentives for those who adopt mechanisms utilizing privacy enhancing methods of collecting and distributing data. The Fair Information Practices Principles could be a great starting point in creating versions of these programs which concentrate on providing privacy within the framework of the data processes.25 The clinician-patient relationship is of prime concern when generating data for increased knowledge of health practices and principles. Big data in the medical field would also benefit from increasing transparency in regards to patient knowledge and consent, while encouraging engagement and trust in the information. Big data programs utilizing privacy enhancing elements have yet to be introduced to the field of health care.26
The issue of terrorism is one in which big data analytics has shown potential to curtail terrorist activities. The use of video, images, texts, sensor data and other technological producers of data are analyzed and converted into information which may be used to track and neutralize terrorists.27 Militaries purchase or construct software programs that are designed to accomplish such goals. Popular social media sites and streaming video can also be used to monitor suspicious activities.28
Big Data is also purported to have led to an increased efficiency in the delivery of electrical power, reduced congestion of traffic, improvements in chain of supply management. Many of these studies showing the social value of big data point to economic increases in various stages of marketing and manufacturing. They are primarily based on increased technological, marketing, and manufacturing efficiency.29 Sources of Big Data
Big data generally falls into one of three categories, streaming data also called the Internet of Things (IoT), social media data, and publicly available sources. Streaming data includes "data that reaches your IT systems from a web of connected devices."30 As this information comes in, organizations can make decisions on how to proceed with the data. Social media data has become increasingly popular especially for the purposes of marketing, sales and support functions; however, the vast quantity of data and the challenge of analyzing the data pose many obstacles.31 There are some publicly available forums to access massive amounts of data. Some examples include US government's data.gov, the CIA World Factbook or the European Union Open Data Portal.32
The most basic and important problem that arises from the expansion of big data is the fact that there are major privacy issues that arise within the vast collection of data from various sectors of society. The loss of personal freedom via big data collection methods is typically accompanied by the defense that the risk is worth it due to the utopian like discoveries that are promised. Modern technology via algorithmic analysis has shown to yield various patterns and correlations which can be contextualized in both positive and negative lights depending on who it is determining the social and economic value of the data. From a privacy standpoint, the modern mechanism that verifies consumer acceptance or forfeiture of their privacy is the "notice" or "choice" characterized by the ability to click a box which allows data collection via the internet.33
There is much debate concerning "restrictive implementation" such as these which are purported to abide by the standards of the Fair Information Practice Principles. These guidelines are purported to offer guidelines which regulate "transparency, error correction, and the restriction of use of data purposes stated at the time of collection, deletion of data when it is no longer used for that purpose and data security".34 Regrettably, these guidelines are rarely followed as the majority of the research into big data shows that there is legal framework and loopholes which allow big data to be collected indiscriminately in most instances.
Big Data can be defined as "a problem-solving philosophy that leverages massive datasets and algorithmic analysis to extract hidden information and surprising correlations".35 Big Data has become a controversial topic with a variety of critics and proponents on polar opposite sides ideologically. The proponents claim that big data has the potential to revolutionize society on various fronts ranging from cancer prevention to unlocking the human genome.36 Stanford Law Review and various academic institutions take a much more dystopian point of view, pointing out various ways in which big data can be used as base of information with the potential to control and manipulate populations. Legally, the primary issue is that of privacy. Big data could be exploited in order to spy on the general population and essentially reshape social relationships via exclusionary tactics, reshaping social norms and relationships, as well as generating evidence in criminal cases.37 Traditionally, data was legally separated between private holder data and government held data. Law has been changed and altered in order for the merging all data, complicating privacy issues, and preventing legal sources from representing traditional privacy norms.38
One of the major ways that big data is utilized is that of consumer manipulation. Thru the use of social network intermediaries, companies buy information via third party systems. The actual internet user is typically unaware that the third party system is operating by generating and distributing their data. This allows brands to "manage all communications about them on multiple social network services across the social web".39 The providers of these services operate anonymously to the user legally under strict standards such as the 1995 European Privacy Directive.40 The rights of the user/consumer are not protected, as their information is used in order to construct a profile and categorize their interaction.41 The data is technically public, but processed without consent to corporations who do not recognize privacy rights for individuals who are processed numerically. In most instances, the user has no notice of the data collection process, they give no consent, and in most countries they are not offered the right to have their information deleted from data storage.42 The internet user is considered non-existent contextually using classic notions of privacy and notice legalities.43
The EU Data Privacy Directives accounts for this relationship between brands and social media information to some degree. They have set requirements and obligations for those who control the data and those companies wishing to possess the data. This is achieved by acting as an intermediary between the two groups. Data Transfer Agreements are used to ensure provisions known as "Standard Contractual Clauses".44 In theory, they attempt to control what data is processed and how it is used in the transfer. Many organizations operate with these goals in mind, but the average user is unaware of the agreements, and unable to understand and participate in the construction and utilization of the intended data minimization.45 Examples of these organizations include: The Federal Trade Commission, the European data protection authorities, and the Swiss Federal Data Protection and Information Commissioner.46
Data deletion or the right to have data deleted in the form of "opting out" has been discussed is Europe. The EU has explored heavy reform in EU data protection law including a "right to be forgotten" to users who do not want their data stored, processed, and distributed.47 Spain in particular has implemented this on a small scale via public options in Search engines.48 Google in particular continues to fight this legislation. Because those wishing to be deleted do not have knowledge of all of those who collected their data, this policy will be hard to maintain or enforce.49 Data intermediary issues also face a variety of obstacles. They are dependent upon trust between the user and those who would be responsible for deleting the data which the individual did not want to be shared nor used for purposes outside of their knowledge.50 This relies upon the assumption that companies are highly motivated to enforce privacy regulations, as well as have the technology to do so.51
The contexts in which big data operates makes it difficult to protect civil liberties as they are top down and the relational data gathering methods typically fall outside of traditional legal domains.52 It is likely that big data will infiltrate legal environments, while remaining in a shroud of secrecy. The NSA's PRISM surveillance program revealed that various major providers of technological resources provided them with illegally collected data.53 The fact that the public outrage was minimal is a great example of the ways in which the public has become generally apathetic as they expect relational data to be shared and illegally obtained.54 The general public in their apathy is typically ignorant of the ways data is obtained and analyzed, resulting in civil liberty issues.55
The power that big data generates has the potential to disrupt freedom of speech as well as freedom of information.56 In a vastly broad spectrum it also threatens the "individual's willingness to participate in public and democratic debates, or even in social interactions on an individual level.57 This is a result of the fact that big data allows great power in the hands of a select few, and brings about apathy in the form of expected observation and analysis. These issues paint a picture of a panoptical virtual prison in which individuals in fear of being spied upon will not deviate from the norm. Fearing potential classification via threats of observation, individuals may conform to given expectations, decreasing personal freedoms both private and political. Out of fear of persecution or being labeled transgressive, individuals may choose not to behave in a free manner and withdraw from participating in controversial issues. They may also steer clear of independent thought, while abandoning original ideas and innovation.
In Europe, there are laws in place to protect individuals from the invasions of privacy we find in big data collection methods. "The European Convention for Human Rights (ECHR) as well as the Charter for Fundamental Rights (EUCFR) protects the individual's private and family life (Art. 8 ECHR, Art. 7 EUCFR) as well as his or her personal data (Art. 8 EUCFR)." These rights are considered fundamental and are "incorporated into European data protection law (Directive 95/46/EC), which on the basis of the protection of the individual's right to personality, is the main approach when dealing with big data processing."58 These rights are based upon the agreement that "fundamental principles of consent, transparency, purpose, limitation, data minimization, security and proportionality are key to restricting the processing and evaluation of big (personal) data sets".59 In the United States and other countries, these rights are not expected as an apathetic attitude has become ingrained in the norms of society. Legal contracts and legal norms are not "democratically legitimized by legal norms, whereas the informational relationships between private entities and consumers are governed by the freedom of the contract".60 This illustrates various divisions and questions surrounding the interpretations of norms and there legal standing.
Privacy Substitutes
The debates around privacy issues center around two conflicting interests: "a lucrative or beneficial technology, as against privacy risks to consumers."61 In attempts to remedy these conflicts, policy makers typically choose one of three types of solutions: complete ban; no regulation; or form a policy that falls somewhere in the middle. In discussing those polices that fall in the middle, the term privacy substitute is used to describe "the spectrum of technology alternatives that trade off functionality and profit for consumer privacy."62 Through the disconnected policy and computer science perspective, policy stakeholders view information privacy as a balancing scale. On one side, sits consumer privacy and on the other are the benefits socially and commercially.63 In the end, "where privacy tips the balance, a practice warrants prohibition; where privacy is significantly outweighed, no restrictions are appropriate. When the scales near equipoise, practices merit some (questionably effective) measure of mandatory disclosure or consumer control."64
Many computer scientists have acknowledged that with technology there are always going to be tradeoffs. When applying technology, there is going to be a varying spectrum on which privacy versus functionality exists. Economically, "technology enables a robust production-possibility frontier between privacy and profit, public benefit, and other values."66
In many cases it has been found that privacy substitutes can provide the same necessary functionality by using the privacy-preserving designs that the same intrusive designs can provide.68 In the corresponding material, the following example designs will be examined: web advertising, online identity and transportation payments. These examples seek to show how engineering "can counter intuitively enable privacy tradeoffs."69
Within the web-advertising industry one company displays an ad on a website while third party websites can attach cookies to the ad. In a sense, the user's web browser becomes a virtual barcode that tracks what is viewed by the individual's web browser. As a result, "all advertising operations-from selecting which ad to display through billing-can then occur on advertising company on backend services."70 This method has been highly criticized by policy makers and privacy advocates alike as this method tracks and includes the collection of a user's browsing history.
To help better understand these concepts, frequent buyer programs can shed some light on the subject. If a business starts a promotion which provides an example of an individual purchasing 10 items in which they subsequently get the eleventh purchase for free. One way to keep track of the purchases would be to provide the individual with a swipe card so that with each purchase the electronic card would keep track of the number of purchases. The downside to this approach according to privacy advocates is the fact with electronic swipe cards it keeps track of additional information that could be seen as intrusive. These swipe cards would have the ability to keep track of what was purchased and when it was purchased. A secondary method that could be implemented for this type of promotion would be to use a punch card. With each purchase the individual would obtain a punch out the punch card. This implementation is less intrusive as it only tells the business the information that it needs to know and in this case that would be the number of purchases.71
Through centralized identity management, individuals can experience the benefits of both convenience and more security. However, these systems can prove to be problematic as the identity provider can track the individual's activities. For example, an individual goes to a bar where the bouncer checks their ID for validity. The bouncer can choose two options in order to verify that ID. In the first option, the bouncer may contact the DMV to verify the authenticity of the driver's license. This method however, inherently allows the DMV to know where an individual currently is located. In the second option, the bouncer simply verifies a person's ID by checking for official markings which would be difficult to forge. In doing so, the bouncer does not notify the DMV of the individuals' whereabouts and the bouncer has appropriately verified the driver's license.72
Despite indicating a move towards implementation of privacy substitutes, technology organizations have yet to take this step. The factors plaguing this implementation commercially are: engineering conventions; information asymmetries; implantation and switching costs; diminished private utility; inability to internalize; organizational divides; and competition barriers. Traditionally, information technology "emphasizes principles including simplicity, readability, modifiability, maintainability, robustness, and data hygiene."73 In this day and age, the trend has been to collect as much information as possible or otherwise called the practice of data over collection. There is a general consensus that it is better to have as much data as possible in case it may be needed later. However, privacy substitutes disrupt this practice as it seeks to limit the amount of information collected.74 The cost of implementing privacy substitutes can be substantial and business that are in their beginning stages will not be able to afford it, with established businesses they "face path-dependent switching costs owing to past engineering decisions."75 Another issue is that "intrusive systems often outperform privacy substitutes (e.g. in speed, accuracy, and other aspects of functionality), in some cases resulting in higher private utility."76 The inability to internalize, in theory, should allow the possibility of consumers or business partners to compensate those who have initiated privacy substitutes. This however, is a challenging notion as it has been difficult to prove the pro-privacy notion. It is hard when consumers are unaware of the systems they use so it is safe to say they have no idea about privacy systems. Secondly, if consumers were aware if would be difficult to differentiate those consumers who would pay for extra privacy measures versus those who would not be willing to pay. When looking at business partners:
They too have information asymmetries and reflect (indirectly) lack of consumer pressure. Coordination failures compound the difficulty of monetizing privacy: without clear guidance on privacy best practices, users, businesses, and policymakers have no standard of conduct to which to request adherence.77
In some instances technology firms do face pressure to enact privacy substitutes. The entities that they typically face pressure from are government agencies, policymakers, and lawyers. Non-technological agencies however, do not have the resources to make adequate suggestions for implementing privacy substitutes themselves or seek the advice of engineers.78 The potential lack of competition also poses an issue for the implementation of privacy substitutes. Even if there was pressure by consumers and businesses for improved privacy measures, the lack of competitive pressure would make it less likely that there would be a response.79
In order to circumvent the issues that arise when talking about implementing privacy substitutes is to encourage the practice of using privacy substitutes through normal regulatory practices. It is important when tackling this issue that "policymakers should begin by exploring not only the relevant privacy risks and competing values, but also the space of possible privacy substitutes and their associated tradeoffs."80 If policymakers deem that privacy substitutes are socially beneficial then they should provide incentives for the enactment of the privacy substitutes. It is also important that policymakers look at the reasons privacy substitutes fail to be adopted. Interacting with industry engineers directly can help reduce the organizational divides and information asymmetries.81 Standardization of privacy substitutes can also prove useful for implementation. Lastly, policymakers should push the use of privacy substitutes by providing incentives like providing grants and competitions which could encourage research in academics and industry.82
Big Data: The Privacy Conundrum
Big data is of course composed of little data obtained from individuals, in the form of cell phones, internet click patterns, and other points of input. This information is stored in large highly secured data centers. Individuals typically have no clue what information is being obtained from them.83 A primary assumption put forth by big data advocates is that data collection makes information more transparent for everyone. This is in direct conflict with the fact that it is obtained with the utmost secrecy and designed to be protected in various legal, physical, and technical means to evade transparency. There is no "Technological Due Process" as proposed by Danielle Citron.84 In order to increase transparency it would require various levels of leadership including technical, legal, business, government, and political officials to work together to put a dent in the current system of invisible collections, which gives the decision makers of data collection free reign to work in the shadows.85
The power that big data yields is tremendous in the various ways in which it can manipulate individual choice via persuasion and exclusion. This applies to internet use to a great degree, as search engines commonly use data to determine what users are exposed to and to nudge them in a predetermined particular direction. This opens up the door for shaping identities and excluding intellectual choice.86 Classifying human behavior and activities via algorithmic data analysis is ethically dangerous and threatens to craft "people's identities, aspirations, and dignity".87 This is the opposite of what big data proponents have purported, it "traps us in patterns that perpetuate the basest or narrowest versions of ourselves".88 Big data promises to open up a world of opportunities, but classification and categorization can lead to the manipulation of how we see ourselves, and restricts our actions and choices.
One possible theory is that of "preemptive predictions". This is "the potential social impact of big data in relation to the promise of increased "efficiency, reliability, utility, profit, and pleasure", in relation to the potential negative impact of justifying ideological shifts in punishment and penalties in the legal arena.89 This includes altering the presumption of innocence, assumed privacy and due process matters.90 If data can be pulled from the data banks concerning past behavior, it may be a presumed to predict a pattern of behavior, opening up many gray lines in the legal and private environments. This is now used to predict the level of supervision a parolee may require following release, based upon data. Another simple example of this is the corporate activity of accessing big data in order to predict the future behavior of job candidates, and thus ignoring traditional hiring techniques91. The presumptive nature of big data also purports to predict potential criminal behavior, and thus forestalling assumed or perceived future criminal behavior.92 The fact that individuals are "not able to observe, understand, participate in", or respond to data used in preemptive decision making violates due process values.93
Public disclosures in the form of socially shared information which are argued by courts and public policy makers as public information.94 It can be argued that this is not true because the data remains under the control of a select few, and is not easily accessible to the majority of users.95 This fact "threatens to erode those structural protections and the common law which is the traditional legal regime for helping individuals seek redress for privacy harms".96 In particular, the "Fair Information Practice Principles deidentification techniques, sectoral legislation protecting particular datasets, and regulatory efforts to improve data security, and safe international data transfers".97 Because a great deal of our social relationships are now in data form, big data has the potential to disrupt privacy in the majority of social sectors.98 If it is assumed that correlations found in the datasets are indicators of specific traits or issues, people are at risk of exposing "sensitive personal details".99 The gray area around how we value privacy makes "problems of scale, aggregation and accessing harm" murky and the consequences of privacy violations unpredictable.100
Tort law in particular has become vulnerable as big data has devalued privacy laws to the point that courts regularly rule in an inconsistent manner.101 "Some courts have found that privacy interests exist in involuntary exposure to the public, while others found that overzealous surveillance in public which discloses confidential data can violate privacy interests".102 Courts have also found in an inconsistent manner that privacy is primarily a matter existing in specific social groups.103 If we take this into consideration it becomes necessary to ask if "invasive data surveillance" will be illegal, as well as ascertaining the information obtained outside of the group in question.104 In the intrusion tort cases, it is up for debate if big data information is secluded and if their methods are offensive to individuals.105 If laws exist to protect individuals within groups, it is necessary to ask why there should not be laws in place in order to protect individuals outside of a given group from the information gathering techniques of big data.106
These issues are matters of ethics and obviously require legal attention whenever possible. The various obstacles preventing legal actions and policy direction are often based upon the assumption that big data must be excluded from legal technicalities do to the highly sensitive nature of national security, trade secrets and intellectual property.107 As long as these obstacles remain, big data will continue to collect data on individuals and alter our lives in unknown directions.
Privacy concerns generating from hyper expanded government and corporate surveillance organizations have redefined privacy into a commodity. It is bought and sold to the highest bidder and violates what many consider to be basic human rights.108 Corporations sell browser add-ons that are purported to reveal the dollar value of individual's online privacy to corporations.109 This is referred to a "monetized privacy", and few are able to pay for services to protect their online privacy. Privacy protection debates are typically centered upon how data can be used in the realm of privacy rather than limiting what data can accessed and obtained.110 Other corporations are marketing privacy and attempting to build "trust" with the consumer by offering this option.
Those who can afford to protect their privacy via purchasing it are typically limited to the upper economic classes.111 The economically disadvantaged are typically used to having their privacy limited, and used to exclusion, profiling, and discriminatory practices.112 It is possible that the poor will be sorted and categorized into specific generalities based upon their gathered data. One example is an individual who used his credit card on vacation at a location whose patronage had a low probability of repaying their debt. When he returned home, he found his credit limit had been significantly reduced.113 In order for social equality to be promoted in the arena of big data, the legal groundwork which focuses on limiting the data which can be collected and how it can be used must be established.
If we consider that big data collection has become an ethics of information dilemma, it is useful to turn to the scientific community for a broad based approach.114 This is useful if we consider that the consumers who provide big data to corporations have no rights and their data is used for reasons they do not know or typically comprehend. No subject in a scientific experiment would be subjected to these violations. Academic researchers must adhere to a strict protocol of ethical principles and guidelines which minimizes harm to the participant.115 The researcher must justify the experiment, and provide detailed data which provides the potential benefits of the experiment versus the potential harm. The information is then reviewed and discussed by a board of individuals who must weigh the evidence against federal regulations.116 Big Data operates freely without any restrictions or controls. Many times the data is used specifically to harm or profit from the consumer. Data collected at stores and websites are sold and ran through high powered algorithms that find patterns and information which can be used to manipulate the consumer.117
These corporations manipulate and control the circumstances with little or no limits.118 Firms employ individuals with advanced degrees and provide them with cutting edge technology and vast datasets. These individuals in turn write the legal terms and "design the virtual and physical spaces in which our interactions with the firms occur".119 A simple example here is the way that some banks have been documented to use software that maximizes consumer overdraft fees that consumers may accumulate via the manipulation of the time that transactions get processed. Also, these kinds of technologies could be used to manipulate an individual who is dieting by exposing them to unwanted food items at a vulnerable time.120
The engineering of addictive food additives is another example.121 Ethical consumer research and practices in the arena of big data could be developed through "principles and bylaws that help guide evaluation", and should enhance salutary dynamics".122 If Consumer Subject Review Boards (CSRB's) were involved in big data dynamics, they could help corporations in the area of public trust (legitimacy) and media relations, but much skepticism is assured in regards to accurately reporting big data analytics.123 CSRJB's may help consumers discover why they are being studied, which could be the start of transparency in some minuet form.
Big data is generated on a multi-dimensional level in which various entities are involved in mining, analyzing, and distributing profiles and targeted populations.124 This makes it difficult for legal regulators to identify civil liberty violations and risks. Commercial big data as well as law enforcement and national security agencies have emerged as the traditional multifaceted big data users. These agencies operate beyond the law on various levels, as "data brokers" are under no sectoral law.125 The data gathering or collection is thus not regulated, and in rare cases where statutory or contractual limits are imposed, data can be transferred to third party data collectors whom are not limited.126 The typical person who is the "target of an inappropriate or unlawful data collection" may find it impossible to identify the holder of the data in question.127 If data is reproduced and put up for sale to other "entities", it complicates the situation to a greater extent. "If fusion centers merge data from private and public sources into one master database, they presumably would not indicate that to the original subject so that person could not bring claims based on inappropriate use".128
An example of this is the Electronic Communications Privacy Act. This act directly effects how law enforcement can legally conduct surveillance. But this Act does not limit buying data in bulk from commercial dealers nor does it prevent hoarding data in "fusion centers", this enables the controversial use of preventative law enforcement.129 The Foreign Intelligence Surveillance ACT is another Act which fails to maintain credibility. This Act purports to "get rid of improperly intercepted communications of U.S. persons as soon as it is determined that they are not relevant to foreign intelligence".130 In order for this to happen, the data collection must remain with the collecting party. The USA Patriot Act, using anti-terrorism connotation, allows data collection regulation to be bypassed, despite statutes which limit how and why information can be gathered. These unconstitutional methods have violated civil liberties via the executive branch, and has allowed for the amassing of "a gigantic database filled with all of our personal communication information".131
The Privacy Act purports to put some limitations on the government collection of information. It does not however limit the collection of data via private entities. This means that cell phone data, e-mail data, and other collectors are free to sell our information to the highest non-governmental agency.132 Once they are owned by private corporations, those corporations are free to sell or hand over the data to governmental organizations. Companies in the United States are not required legally to "justify and explain all data usage practices at the time of collection.133 This Privacy Act in itself was conceptualized in order to provide the population with security against governmental intrusion of privacy.
In the past, private accumulation of data was not viewed as a major area of concern.134 When two agencies work together to collect, interpret, and store data, it becomes a great concern in various sectors of social life. The illegal collection of data by the NSA is now confirmed to be shared with the FBI in a joint effort.135 These agencies have managed to "gather up the giant metadata database" (consisting of internet and telephone data).136 It is clear that reform is needed as "the executive is operating under the weaker foreign intelligence standards to further ordinary law enforcement goals".137 It is suggested that agencies should be held accountable for their transgressions via a strong push for transparency. This could be accomplished in part with the help of independent experts and legal demands for reform.138 Data Minimization and Data Mining
Minimizing data collection through the construction of limitations should be a topic of importance for those advocating for big data reform. Because the commercial collection of data takes place without limitations, the threat of data breaches such as "external hacking". It is obvious that the threat of hacking will increase as the amount of data increases.139 The more data that there is to be stolen, the higher the value it is to the thief. Data breaches can reveal individuals "names, contact information, financial information, health data, as well as private or embarrassing information".140 Internal violations by transgressive employees also known as "data voyeurism" is also a concern in the world of commercial data collection.141 As data is passed between various individuals at various levels, many chances are made available for a given employee to access data and violate an individual's privacy.
Data minimization may be a key principle in the development of legal restrictions to curtail big data. Data minimization would require "that the only personal data that should be collected and stored is that data, which is necessary to obtain certain specific and legitimate goals".142 If the data that is collected and found to be non-relevant to the goal in question it then to be destroyed. Minimizing stored data is logical and decreases the likelihood of privacy breaches and other civil liberty issues. In order to promote data minimization, there must be a shift to a more user empowered ideology and away from the indiscriminate collection processes of big data.143 The concept of data minimization dates to the 1970's and it was based upon the belief that we must "limit the collection and storage of personal data in order to prevent powerful organizations from building giant dossiers of innocent people which could be used for purposes such as manipulation, profiling, and discrimination".144 The act of minimizing the data that is collected as well as the time that it remains stored seems like a common sense assumption.145
Data collection or "mining" takes on many forms. Techniques include: "classification analysis (takes data and places it into an existing structure), cluster analysis (clumps together similar things, events or people in order to create meaningful subgroups) and association analysis (captures the co-occurrence of items or events in large volumes of data)".146 Massive amounts of data are used via these techniques in order to automatically generate volumes of categories and hypotheses. The collected data is used to create hypotheses via algorithmic correlations which in many cases are random and without reliability or merit. Data minimization focuses on limiting these kinds of errors in order to prevent the misuse of faulty assumptions and patterns.147 This can be achieved in part by empowering individual users via increasing their access to their individual data, and attempting to make the data mining techniques transparent while limiting the time the data remains in circulation.148 Conclusion
Most people would agree that it would be beneficial if big data analytics would be used to prevent disease, and fight terrorism, poverty, while curing other social ills. It is certainly true that some positive outcomes have been identified and analyzed. I have provided many examples of the benefits of big data when it is used in responsible manner with the best interest of the majority as the primary objective. There is no doubt that big data has the capabilities to provide society with various remarkable and profitable solutions to major issues and contributions to the well being of society as a whole. The problems arise when we look at big data analytics on a macro level, and find that the collection methods which violate many of our constitutional rights are justified by the promise of the positive attributes. It is not intellectually sound to assume that society must trade basic human rights in order to benefit from the positive aspects of big data analytics. This is parallel to the legislative procedure of adding a fundamentally illegal rider to a progressive and inherently innovative and beneficial bill. The give and take political ideology of big data procedural collection methods has undoubtedly held back and decreased the inherent potential of the big data revolution.
From a legal perspective, it is obvious that mass reform would have to take place in order to place restrictions upon the vast privacy violations that are currently operating under the assumption of validity. Fair information practice principles have been completely abandoned as a source of protection against unethical big data collection.149 The long held legal norms which distinguished privately owned data from government controlled data has also been abandoned. The Electronic Communications Privacy Act does nothing to prevent law enforcement from obtaining big data information in the area of preventative law enforcement as they do not place any limits on the sale of data in bulk from commercial vendors nor the gathering of bulk data in fusion centers. 150
In addition to these "adjustments", both law enforcement data gathering and foreign intelligence data collection is now merged, further complicating any legal legislation which attempts to curtail privacy invasions.151 The FOREIGN INTELLIGENCE SURVEILLENCE ACT is another program which has now been bypassed by the federal government. They now collect data randomly on citizens without any provocation or probable cause to do so.152 Section 215 of the USA PATRIOT ACT has now been violated as well as we have found out via the disclosure of the PRISM program and other programs with the intentions of mass surveillance. The only thing that appears transparent within the facts stated above is that it is clear that no boundaries are being respected in regards to privacy or the laws which have been maintained in order to protect our fundamental rights.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started