ethics and big data
TRANSCRIPT
Ethics and Data
Lee Rainie Director, Internet, Science, and Technology Research
Pew Research [email protected]
12.12.16
Digital life in 2025 - Metaverse
The internet will become ‘like electricity’ — less visible, yet more deeply embedded in people’s
lives for good and ill
Theme 1) Information sharing over the internet will be effortlessly interwoven into daily life making us smarter,
safer, more efficient. ‘Computication’ involving ‘smart agents’ will be commonplace.
Theme 2) Artificial intelligence, augmented reality, wearable devices, and big data will make people more aware of
their world and their own behavior – which will especially aid in health care.
Theme 3) Social and business encounters will be shaped by virtual reality and telepresence. Interfaces with data and
objects will change and become easier. Speech and gesture interaction will matter more
Why big data are different and need fresh attention from ethics perspectives
• Volume (organic) • Velocity (real-time)• Variety (Internet of Things)• Valence (give analysts more insight)– Longitudinal– Location specific– Combinatorial & searchable– “Understood” by algorithms
• Variable valuation over time (in ways not fully known at time of collection)
How ethics enters the picturePrivacy = control of access
Freedom from intrusion—into the body, home, protected spacePhysical security—protection from bodily harm done by intrusionDignity—not being subject to contacts regarded as degradingIntimacy—the role of controlling access to the person in creating intimate relationshipsAutonomy—controlling access to the person is important to the individual’s ability to make central choices about his/her lifeIdentity—protecting access is critical to individual or group identityEquality—ease of access to some but not to others may affect social positions (e.g. equality of women, racial/ethnic minorities)
1. The balance of forces has shifted in the networkedage. People arenow “public bydefault and private by effort.” -- danah boyd
• Half of internet users say they worry about the amount of information available about them online – up from 30% in 20
• Considering the Future of Privacy, experts argue that privacy is no longer a “condition” of American life. Rather, it is becoming a commodity that would be purchased.
Implications for big data
• Americans want data-sharing arrangements to be secure
• If security is breached, Americans would like disclosure mechanisms to be clear and swift
• Americans would like to know if re-identification processes have compromised their identities
• They would appreciate a process to gain redress from harms caused by data breaches or re-identification efforts
2. Privacy is not binary / context matters andmany are in transactional frame of mind
Implications for big data
• Americans are not instinctively opposed to data collection and use. They want to understand the tradeoffs.
• This puts some burden on big data analysts to make the case for their work and the benefits that will emerge from it.
3. Personal control / agency matters
Implications for big data
• Consent is so context specific, it is hard to know for certain how to apply it for non-obvious uses of the data post facto
• Would “due process” mechanisms be better suited?
• Would “participatory consent” be possible?
4. Many know they do not know what is going on …. Those who know the most are more worried and wary
Implications for big data
• People do not like surprises and will be unhappy if their data were used in ways they did not anticipate or that seem “out of the blue”
• Is a re-consent process possible?
5. Many are resigned – some are even hopeless – and their trust is fading
How confident are you that your records at these places will remain private and secure?
Online advertisers
Social media
Search engines
Retailers
Email provider
Cell telephone
Government agencies
Cable TV
Landline telephone
Credit card
0% 10% 20% 30% 40% 50% 60% 70% 80%
76%
69%
66%
61%
57%
56%
55%
54%
50%
46%
Not too confident / Not at all confident
Implications for big data
• Transparency (including about data transfers)• Consider new, networked trust-building
mechanisms– Third party validation– Updated ethics codes – “Hold harmless” mechanisms?
• Algorithmic validation / replication
(1) Consumer Privacy Bill of Rights (2) OECD Fair Information Practice Principles 2013
Transparency: easily understandable and accessible information about privacy and security practices
Openness Principle: companies should be open about their practices and policies related to personal data
Individual Control: consumers have a right to exercise control over what personal data companies collect from them and how they use it
Use Limitation Principle: personal data should not be disclosed without consumer consent except when authorized by law
Respect for Context: users have a right to expect that companies will collect, use, and disclose personal data in ways that are consistent with the context in which consumers provide the data
Purpose Specification Principle: companies should specify the reasons why data are collected no later than the time of collection, and the uses of data should be compatible with the stated reason for data collection
Focused Collection: users have a right to reasonable limits on the personal data that companies collect and retain
Collection Limitation Principle: there should be limits on the amount of personal data collected and, where appropriate, the company should receive consumer consent
Security: users have right to secure and responsible handling of personal data
Security Safeguards Principle: personal data should be reasonably protected against risks such as loss or unauthorized access, destruction, use, modification, or disclosure of data
Access and Accuracy: user have right to access and correct personal data in usable formats, in a manner that is appropriate to the sensitivity of the data and the risk of adverse consequences to consumers if the data are inaccurate
Individual Participation Principle: consumers should be able to receive confirmation that an entity controls their personal data, and they should be able to access their data within a reasonable time, in a practical manner, and in an intelligible form
Data Quality Principle: personal data should be relevant to the purposes for which they are used, and, to the extent necessary for those purposes, the data should be accurate and kept up-to-date
Accountability: users can expect that their personal data will be handled only by companies with appropriate measures in place to ensure they follow the Consumer Bill of Rights
Accountability Principle: entities that control data should ensure the compliance the other principles
(1) Consumer Privacy Bill of Rights (continued) (2) OECD Fair Information Practice Principles 2013 (continued)
New Deal on DataMIT’s Sandy Pentland
1. You have the right to possess data about yourself
2. You have the right to full control over your data
3. You have the right to dispose of or distribute your data
Sources• The State of Privacy in America: What we learnedhttp://www.pewresearch.org/fact-tank/2016/01/20/the-state-of-privacy-in-america/
• Privacy and Information Sharinghttp://www.pewinternet.org/2016/01/14/privacy-and-information-sharing/
• Americans’ Attitudes About Privacy, Security and Surveillance http://www.pewinternet.org/2015/05/20/americans-attitudes-about-privacy-security-and-surveillance/
• Americans’ Privacy Strategies Post-Snowdenhttp://www.pewinternet.org/2015/03/16/americans-privacy-strategies-post-snowden/
• Public Perceptions of Privacy and Security in the Post-Snowden Erahttp://www.pewinternet.org/2014/11/12/public-privacy-perceptions/
• The Future of Privacyhttp://www.pewinternet.org/2014/12/18/future-of-privacy/
• Anonymity, Privacy, and Security Onlinehttp://www.pewinternet.org/2013/09/05/anonymity-privacy-and-security-online/
• More Support for Justice Department Than for Apple in Dispute Over Unlocking iPhonehttp://www.people-press.org/2016/02/22/more-support-for-justice-department-than-for-apple-in-dispute-over-unlocking-iphone/