Running head: ETHICS IN BIG DATA
Ethics in Big Data
Kris Kirk
Liberty University
1
Abstract
Today, information systems produce a staggering amount of data. This data is currently being used by every sector of business; everyone from department stores to hospitals. While this
“Big Data” is very useful and, for the most part, being used properly, there have been instances where corporations and the public have clashed because of the way the information is being used. Because of this, there has been an outcry on the part of the public to establish some form of ethical behavior in the use of this data. While there have been changes made in how business is using this data, it is usually a reactive response, rather than proactive planning. While both business and the public work out their differences in regard to the use of Big Data, ethics in Big
Data may continue to be established as an afterthought for a very long time.
ETHICS IN BIG DATA 3
Ethics in Big Data
The term Big Data has been bandied about with increasing frequency over the past couple of years. The purpose of this article is to discuss Big Data and the ethics involved in Big Data management. Before a discussion of any type gets underway, it is usually customary to identify the terms to be discussed. Where did the term Big Data come from? What are ethics?
How is Big Data defined today? How is Big Data being used for good?
So, where did the term Big Data originate? According to Steve Lohr, in his article “The
Origins of ‘Big Data’: An Etymological Detective Story,” the term was first used by John
Massey while working at Silicon Graphics to “convey that the boundaries of computing keep advancing.” Mr. Massey’s use of the term best fit the way the term is used today (Lohr, 2013).
The term today does not begin to tell the story of just how much data is being generated currently in the world. It also does not define how big data must become to be classified as Big
Data. Today, Big Data is said to exceed the processing capacity of conventional database systems, and that the data is too big, moves too fast, or does not fit the limits of existing database architectures (Dumbill, 2012).
Google’s web page indexing service now has more than 100 million gigabytes of information (Koetsier, 2013). The problem is that the index also stores the information contained inside the databases of those companies that have still not fix the SQL injection flaw associated with those databases. That includes millions of records of user’s credit card information and other personal data. Additionally, there are over 300 hours of video uploaded to
YouTube every minute, and more than 5,700 years of video available to watch as of October 10,
2014 ().
ETHICS IN BIG DATA 4
Ethics, as linked to Big Data, are described as related to a person’s values or morals.
Values are at the heart of how a person balances the promise of useful innovation against the risk of harm. Whether a person is aware of them or not, values inform a person how to conceive of and execute on designs for products and services based largely on information gleaned from massive amounts of data. “Ethics are critical inputs to the calculus you perform when weighing the promise of those benefits against the risks of unintended consequences” (Davis & Patterson,
2012).
Ethics in the workplace can be a very sticky issue. Because ethics are pinned to a person’s morals or values, and morals differ from person to person, it is hard to say who is right and who is wrong without intruding on someone’s beliefs. One person may think that data is being misused, while another thinks the data is being used fairly. Over the last few years, businesses and their customers have been in constant conflict over the use of Big Data. One of the concerns of the customers is that there is no transparency on the part of the business in the use of the data. For the most part, business decisions are made without the knowledge of the customer. The business then feels the backlash when the customer doesn’t agree with how their information is being used. It is also a concern of the customer when a business does not explicitly outline how they use Big Data. Those businesses that are explicit in how they use Big
Data fair better with the consumer. For this reason, it is very important for a business to be both explicit and transparent with how Big Data is being used (Davis & Patterson, 2012).
While many companies are gathering data to give customers a more tailored or personal experience, there is growing concern that those who gather and use the Big Data may be doing so without our knowledge. Google was caught using its Street View cars to snatch “emails, text messages, browsing histories and passwords - from unsecured wireless networks as its cars
ETHICS IN BIG DATA 5 patrolled neighborhoods, snapping photos around the world” (Vass, 2013, para. 2). Nordstrom
“used sensors from analytics vendor Euclid to cull shopping information from customers' smartphones each time they connected to a store's Wi-Fi service” (Waxer, 2013, para. 5). Target now says it can tell when a girl is pregnant just by her buying habits. The question many are asking is, “Should the Big Data that Target is gathering on our purchasing habits be used in this manner” (Hill, 2012)? These examples show that there is a need for some kind of ethical over site in the business world. Gathering techniques need to be exposed and a decision made as to what happens to the data gathered. The question as to who the data belongs to, the individual or the business, needs to be answered. Deciding what will be done with the data will create an ethical dilemma for big business. Should they use it to better serve their customers or dump the data, altogether?
The media likes to dwell on the negativity of Big Data because it brings headlines, and headlines bring more revenue. The question not often asked is, “Does any good come out of Big
Data?” The answer, of course, is yes, absolutely. Big Data is used to bring consumers a better experience. Netflix is able to tailor your viewing tastes by what you are already watching. The healthcare industry uses Big Data to decode entire DNA strings in minutes allowing them to find new cures and better understand and predict disease patterns (Marr, 2013).
An information system should have values built into it during the initial design process; however, the article, “Computing Ethics Values in Design” talks about how values are usually left out of the equation until after the design and launch of the information system. In many cases, this can leave the user exposed to things ranging from a data breach to unwittingly permitting the sharing of all personal data to parties unknown. As stated in “Database Design,
ETHICS IN BIG DATA 6
Application Development, and Administration, “values often play out in information technologies as disasters needing management” (Knobel & Bowker, 2011).
According to the Values in Design Council, created by Helen Nissenbaum, there are three values that need immediate attention. These include the trade-off between security and privacy; hardwire design for Digital Rights Management (DRM); and cultural valence (Knobel &
Bowker, 2011).
Over the last few years, hackers have gained access to billions of personal and private records and activist groups, such as Anonymous, have been terrorizing people all over the world
(McGregor, 2014). Balancing the two values; security and privacy, against each other has become increasingly hard. Those collecting data wish to use it to their benefit, but people want their data to be secure and at times it seems more and more as though those collecting the data have no idea how to protect it from individuals and organizations wishing to use it immorally.
The trade-off of one over the other is not a very good solution. The collection of data, any data personal in nature, should inherently include the means, by which, to secure it. Jeremiah 33:6
ESV states, “Behold, I will bring to it health and healing, and I will heal them and reveal to them abundance of prosperity and security.” We can always rest assured that we are secure in Jesus
Christ.
So, what is the issue? How are hackers getting this information? To answer these questions we need to delve into the world of information security and ultimately the realm of the hacker itself. The name hacker hasn’t always carried with it a negative connotation. As a matter of fact, hackers were considered to be adventurous, visionary, risk-takers, and even artists, because they most clearly saw why the computer was a truly revolutionary tool (Levy, 1994).
ETHICS IN BIG DATA 7
Today, hackers are classified into three different varieties. First, there is the black-hat hacker. These are the bad guys; those who use their talents for evil. There are white-hat hackers, those who operate within the laws of the information security community. The third class of hacker is the grey-hat hacker which works somewhere in between.
When a programmer creates an application, it may contain a vulnerability. A vulnerability is a flaw in the programmer’s code that a hacker may be able to exploit. Hackers use their abilities to find these vulnerabilities. Once found, the hacker must then decide whether to use this information for good or bad. Hackers have the option to notify the software programmer of the flaw so that they can remediate it or to use it for immoral purposes. It is when they decide to exploit the flaw that we should be concerned.
There have been many flaws found in database applications over the years; however, not one as bad as the flaw of SQL injection. SQL injection allows the hacker to inject code, or SQL commands, into a blank form. Many times when you go to a website, it will have you login or fill in a form with some type of demographical information. However, what if instead of your username and password, a hacker was able to type in a SQL command to request all user information, including credit card data? In that instance, the website is said to have been hacked, because the hacker exploited a vulnerability of the website and the database running behind it.
Many security professionals would be considered white-hat hackers. They work to expose vulnerabilities so that programmers can then add to or rewrite the code to remediate or repair the vulnerability. A security professional’s job doesn’t stop there. They then monitor the network for all other types of exploitation by hackers. The white-hats and the black-hats are in a constant battle over the network and the data stored there.
ETHICS IN BIG DATA 8
Hardwire design for Digital Rights Management (DRM) is a method of using physical and virtual methods with technological restrictions, to ensure that an entity does not lose its proprietary information. “Let the thief no longer steal, but rather let him labor, doing honest work with his own hands, so that he may have something to share with anyone in need”
(Ephesians 4:28 ESV). As it turns out, this method of rights management may be encroaching on your privacy also because each time you use the item protected by DRM, information is sent back to the creator letting them know such things as when you last accessed the information.
They would know how many times you watched a movie and even the time of day you watched it (Cohen, 2003).
Cultural Valence can be considered unwanted influence imposed on one culture by another. The issue with cultural valance is that different cultures have different beliefs and value systems. Christians would cry foul if they were to have Muslim beliefs forced on them and viceversa. Ephesians 4:2-5 ESV says that with all humility and gentleness, with patience, bearing with one another in love, eager to maintain the unity of the Spirit in the bond of peace. There is one body and one Spirit—just as you were called to the one hope that belongs to your call— one
Lord, one faith, one baptism. If only the entire world, all cultures, would see it that way, the world would be a better place.
Information systems need to have a good balance of values and ethics incorporated into them. With the amount of collected data growing exponentially, managing it should be our number one priority. It is important that as we go about our jobs and are involved in such projects that we start the discussion of values and ethics prior to the information system going live. Whether we like it or not, Big Data is here to stay because not all uses of Big Data are bad.
ETHICS IN BIG DATA
The use of Big Data will better serve the corporate world and the consumer if we work together to decide the limits of its use.
9
ETHICS IN BIG DATA 10
References
Cohen, J. E. (2003). DRM and privacy. Retrieved from http://scholarship.law.georgetown.edu/cgi/viewcontent.cgi?article=1060&context=facpub
Davis, K., & Patterson, D. (2012). Ethics of big data
. Sebastopol, CA: O’Reilly Media.
Dumbill, E. (2012). What is big data? In D. Futano (Ed.), Big data now (2012 ed., pp. 3-17).
Sebastopol, CA: O’Reilly Media.
Hill, K. (2012). How target figured out a teen girl was pregnant before her father did. Retrieved from http://www.forbes.com/sites/kashmirhill/2012/02/16/how-target-figured-out-a-teengirl-was-pregnant-before-her-father-did/
Knobel, C., & Bowker, G. C. (2011). Computing ethics values in design: Focusing on sociotechnical design with values as a critical component in the design process. Retrieved from http://web.b.ebscohost.com.ezproxy.liberty.edu:2048/ehost/pdfviewer/pdfviewer?sid=dc8
45d42-5f00-46e1-8413-9999c77dbc63%40sessionmgr111&vid=1&hid=124
Koetsier, J. (2013). How Google searches 30 trillion web pages, 100 billion times a month.
Retrieved from http://venturebeat.com/2013/03/01/how-google-searches-30-trillion-webpages-100-billion-times-a-month/
Levy, S. (1994). Hackers: Heroes of the computer revolution . New York, NY: Doubleday.
Lohr, S. (2013). The origins of ‘big data’: An etymological detective story. Retrieved from http://bits.blogs.nytimes.com/2013/02/01/the-origins-of-big-data-an-etymologicaldetective-story/?_r=0
Marr, B. (2013). The awesome ways big data is used today to change our world. Retrieved from https://www.linkedin.com/pulse/20131113065157-64875646-the-awesome-ways-bigdata-is-used-today-to-change-our-world
ETHICS IN BIG DATA
McGregor, J. (2014). The top 5 most brutal cyber attacks of 2014 so far. Retrieved from http://www.forbes.com/sites/jaymcgregor/2014/07/28/the-top-5-most-brutal-cyberattacks-of-2014-so-far/
Vass, L. (2013). Google: Yep, our cars steamrolled your privacy. Retrieved from https://nakedsecurity.sophos.com/2013/03/14/google-street-view-privacy/
Waxer, C. (2013). Big data blues: The dangers of data mining. Retrieved from http://www.computerworld.com/article/2485493/enterprise-applications-big-data-bluesthe-dangers-of-data-mining.html
11
