Big Data Ethics Paper Example

Introduction

The world is at a stage where technology has evolved to the extent that keeping electronic records has become an issue that requires legislative laws in order for people to keep their information private without breach. After World War II, the right to privacy was recognized as an international human right before it was included in any state constitution. Legal ethics requires that legal representatives keep their information secure and also ensure their client's information is also safe from the breach. Therefore, effective cybersecurity is vital for law firm operation and it's therefore important for lawyers to familiarize themselves with the principles of secure IT. Big companies that also deal with huge amount of data that could be at risk of breach also have an obligation to ensure that their client's information is safely guarded. Financial institutions have also an obligation to keep their records and those of their clients away from the breach.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

Issue

The world's principle privacy and data protection issues have once again addressed the challenges of transferring data between the European Union and the United States. From October 2017, more 2500 organizations had already certified compliance with the standards of the transatlantic Privacy Shield. With both sides expecting the Privacy Shield to survive the EU's first annual review of the Privacy Shield Operation. The fate of this case will be decided by the Court of Justice of the European Union. It's the same tribunal that previously invalidated the US-EU Safe Harbor Framework.Besides the judgment of the Privacy Shield.CJEU will deal with the issue of whether standard contractual clauses can effectively be used to transfer data to the United States ( O'Leary, 2018). The issue was referred to CJEU by the High Court of Ireland in another case brought by an Austrian student in his never-ending campaign to prevent any of his social media data from being transferred to the US headquarters of the social media company he prefers to use. Both the Privacy Shield and the Safe Harbor had their concerns transferred to the United States, and the Irish Court specifically addressed the viability of model contracts for transfers to the United States. Nonetheless, if the CJEU were to invalidate model contracts, in principle it could interfere with the transfers of personal information from the EU to any country whose data protection regime has not yet been deemed adequate. This could see a break on significant amounts of international trade, investments and business.

Furthermore, if the CJEU does not favour the United States, the EU and the United States would reach to a point where discrimination and denial of national treatment would become an issue. These could become a problem for the European Union since each of its Member States imposes on its own government's surveillance for national security and law enforcement purposes may not be equivalent to the safeguards imposed by the United States.

Rule

The new General Data Protection Regulation, which took effect on May 2018, has drawn the attention of business organization both in EU and outside Europe because of its likelihood of imposing tough penalties. The violation could result in a payment of $20 million or 4 percent of global turnover, which is very high. The GDPR imposes heightened obligations on companies to obtain consent from individuals about whom they collect data, and citizens will have powerful rights to object to online profiling which will also have to be advertised in a highly visible manner and to receive an explanation about significant decisions that affect them that were based on algorithms or automated processes.

The Data Protection Directive, as implemented into the national data protection laws of each Member State, imposes a number of obligations in relation to data subjects in relation to the processing of their personal data, it also provides several rights to data subjects in relation to the processing of their personal data. Member States that fail to comply with the Data Protection Directive will face a criminal offence and can result in significant fines and civil claims from data subjects who have suffered as a result.

In the United States, major data breaches continue to generate more significant cases, financial settlements and enforcement actions by the Federal Trade Commission and the state attorneys general. The FTC has also brought significant privacy cases, such as $2.2 million settlement negotiated with a TV manufacturer alleged to have been collecting viewing data from data from users of its television without their knowledge.

States have continued to put pressure on privacy and cybersecurity initiatives in order for them to comply. Washington State became the third to pass a legislative that is aimed at regulating biometric data, which deals with the collection, use and retention of biometric identifiers including fingerprints, voice prints, eye retinas, irises and other characteristics that would assist to identify an individual. Moreover, the law excludes physical or photograph video or audio recording; this suggests that the statute will have limited application in regards to facial recognition. The law controls the sale, lease and other disclosure of the data and requires its protection; it does not provide a private right of action.

In addition, the United States has balanced privacy and dataprotection as opposed to the EU and other countries. The United States recognizes the rights and interests that for societies to proper in different areas of interest such as economic growth, technological innovation, free speech and human rights, and the values that promote human dignity and (Zwitter, 2014). Therefore, counterbalancing privacy protection is the most vital aspect in the United States.

Companies have also an obligation to have a First Amendment right to communicate freely with their clients by exchanging information from both directions, so as to ensure information accuracy and safety (Whitman et al., 2018). In recent times, the courts have been constant disagreement with the plaintiffs in regards to data breach litigation, whether plaintiffs should be compensated where they cannot allege that the criminal actually misused stolen information.

Analysis

Safer storage of information data is very important, cyber security attacks, information leak that would put the public safety at risk should be dealt with to avoid issues like terrorism which has become a world problem. Misuse of stolen information would be used by the criminals to mislead the public and these acts could result in mistrust between the public and the government, companies and its employee etc. The federal government has increased its focus on cyber security after the government issued an executive order to curb major data breaches and attacks affecting both private and public sector, including election-related hacking, have made cyber security risks a subject of even more concern for the America population.

With the establishment of Cyber security framework as a way of dealing with companies and understanding their operations is only expected to grow with new regulations coming into place on how to better apply the framework in the private sector and across all connected devices. The courts have remained steadfast in defining and reshaping privacy rights and remedies. The courts go as far as adjudicating claims brought by regulators and private parties that seek to protect and define privacy and remedies. Foreign organizations could face federal or state regulatory action or private action if the organization satisfies the normal jurisdictional requirement under United States law.

Conclusion

Foreign organizations must take into consideration the residency of their data subjects. Massachusetts information security regulations apply whenever an organization processes of Massachusetts residence. Since Massachusetts was among the first states to enact information security requirements, it has become a de facto national standard. The United States does not have a general data localization requirement, although certain requirements do exist for government contractors. The United States does generally require data localization; it requires vendor oversight to ensure reasonable standards of data care. These foreign organizations operating in the United States should know that they are the responsible party under US law even if data processing is handled by the vendor outside the United States. In conclusion, to avoid continues breach and misuse of stolen data, regulators and law enforcement agencies experts should provide a sufficient and effective way of protecting personal data information, especially the big data information.

References

Whitman, M., Hsiang, Y., & Roark, K. (2018, August). The potential for participatory big data ethics and algorithm design: a scoping mapping review. In Proceedings of the 15th Participatory Design Conference: Short Papers, Situated Actions, Workshops and Tutorial-Volume 2 (p. 5). ACM.

O'Leary, E. (2018). Big Data Privacy, Ethics and Enterprise Continuous Monitoring Systems Available at SSRN: https://ssrn.com/abstract=3214807

Vayena, E., & Madoff, L. (2018). The ethics of big data in public health. In The Oxford Handbook of Public Health Ethics. Oxford University Press.

Spector-Bagdady, K., & Jagsi, R. (2018). Big data, ethics, and regulations: Implications for consent in the learning health system. Medical physics, 45(10), e845.

Richards, M., & King, H. (2014). Big data ethics. Wake Forest L. Rev., 49, 393.

Zwitter, A. (2014). Big data ethics. Big Data & Society, 1(2), 2053951714559253.

Metcalf, J., & Crawford, K. (2016). Where are human subjects in big data research? The emerging ethics divide. Big Data & Society, 3(1), 2053951716650211.