Markkula Center of Applied Ethics

Unauthorized Transmission and Use of Personal Data

By Michael McFarland, SJ

One of the great advantages of the computer is that it provides such easy access to data, through powerful search facilities, ease of communication, and sophisticated analysis capabilities. When the data is sensitive and personal, however, this can lead to serious abuse, because it opens the way for the data to be used for purposes quite different from its intended use. This can happen for a number of reasons. The rules governing who can use the data and for what purpose may not be clear or restrictive enough to protect the intentions and interests of the subjects. Or those who control the data may not enforce the rules. Or they may not have sufficient control over who accesses the data. 1 Whatever the reason, this can lead to severe problems.

Potential employers, for example, have a great interest in the medical, financial and criminal records of applicants. They often request and receive such information. A congressional survey in 1978, for instance, found that 20 percent of the criminal history records given out by the states went to private corporations and government agencies not involved in criminal justice. 2 Employers can also obtain credit records, medical and insurance records, and histories of workers' compensation claims. 3 If they are willing to pay investigative services that operate outside the law, they can also get bank records, credit card charges, and IRS tax records, among others. 4

Some of this information is no doubt relevant to employment decisions. One should not hire a convicted child molester as a day care worker. But much of the information is not relevant, and its use can be discriminatory and unfair. An arrest without a conviction should certainly not be grounds for denying employment. Lots of people get arrested for all kinds of reasons, most of which have nothing to do with their employability. Yet, as noted earlier, studies show that many employers will reject an otherwise acceptable candidate if the candidate has an arrest record. Even if there was a crime, if it was minor, unrelated to the responsibilities of the job in question, or far in the past, it should not determine whether someone should be employed or not. That can make large segments of the population unemployable. Furthermore it can make it impossible for those who want to turn their lives around to do so, since their pasts follow them around and frustrate any attempts to change. 5 In the same way, information from medical records or insurance claims, such as disabilities or past illnesses, should not be used to refuse employment, yet they often are. Thus the easy availability of this kind of information frequently leads to unfair and discriminatory treatment of those seeking employment.

In addition employers can often gain access to employees' and applicants' profiles on social media, including photos, comments, histories and lists of associates, either because the subject did not make them private or because someone who had access made them available. Some of this information, though it may seem innocent enough in context, such as pictures taken at a party, can compromise the subject's professional identity. Or the employer may see remarks critical of the company or its management that was meant only for a few trusted colleagues. This violates one of the fundamental principles of privacy, that a person must be able to control how much personal information is revealed to different parties, depending on the nature of the relationship and level of trust with each one.

Marketers have an immense appetite for personal information too. They use collective data, along with sophisticated statistical analysis techniques and psychological models, to predict peoples' purchasing preferences and behavior and to identify those factors that most strongly influence consumers' loyalty and choices. 6 They then combine this intelligence with detailed information on specific individuals and subgroups of consumers to try to engage them and influence their buying decisions. Not only do they want contact information, such as names, addresses, phone numbers, email addresses and net IDs, but also more personal information, such as shopping habits, amount of assets, type of car owned, family situation, age, gender, and so on, to target and adapt their advertising. This information can be purchased from credit agencies, motor vehicle departments, the post office and many other sources, as well as gleaned from public records. It can also be generated internally. Supermarkets, department stores and other retailers can now keep track of the items purchased by each customer, both online and in-store, and, if the customer uses a credit card, bank card or store identification, can link the purchases with the customer's name and address, age, gender and other characteristics. But the richest and most lucrative source of information, as well as direct contact with consumers, is through information portals like Google and social networks, particularly Facebook. This information can be used to personalize ads according to the characteristics, circumstances and preferences of each individual, especially when the ads are delivered directly online. Now, with the development of mobile apps that track a user's location in real time, the ads can even be adapted to the recipient's current location. 7

There are some advantages to this kind of targeted marketing. It has the potential to get specific information about products to those who are most likely to use it and to craft it in a way that is most appealing to them. Thus consumers will find out about the products they are most likely to want. Moreover, the data can help retailers and providers of services to understand their markets much better and develop products that best meet their customers' needs and desires. 8 Advertisers can get a larger payback on their investment because they can identify and reach their target audience more efficiently and effectively. Because the detailed and personal data is so valuable and because the ability to reach the target market directly online is so desirable, services such as Google and Facebook, which both provide the data and serve the ads to the intended recipients, are paid well for their part in the process. Indeed targeted advertising is by far the greatest source of revenue for their businesses and what makes it possible for them to provide their services to their users free of charge. The idea, therefore, is that in taking advantage of the free services, the users in return agree to give the company access to their personal information, which it then uses to generate revenue that covers the cost of providing those services. It seems that everyone benefits.

The arrangement is legitimate as long as the users have knowingly consented to the collection and use of their personal data and that use is limited to what was agreed to. However, in many cases it is questionable whether these conditions have been properly met. Many users of these services do not realize that service providers are constantly monitoring users' online behavior and the information they store and communicate through the site, storing, compiling and analyzing the results, using it for the service's own purposes and sharing it with others. The companies point out that this information is contained in their terms of service and/or privacy policies, and claim that anyone who uses the service implicitly agrees to those terms. However, the policies are generally very long and complex. In many cases the user is not required to read them, let alone take some positive action to acknowledge that he or she accepts the terms. 9 Also the conditions are often all-or-nothing. Either users agree to surrender all control over thei personal information or they cannot use the site. 10 Moreover companies frequently change their privacy policies and practices without giving users adequate notice. Facebook, for one, has done this a number of times. 11 In particular in 2009, Facebook users were stunned to find out that personal information they thought was available only to their chosen "friends" had been made public. Google has also run into trouble a number of times for changing its privacy policy or practices. 12 Just recently, in response to pressure from governments, consumer groups and other critics, some companies have begun to give users better control over how and where their information is collected, stored and used, through providing "opt-out" provisions and finer privacy controls. 13

Even when users give consent, it is questionable whether they do so freely and knowingly. As one critic put it, "too much is made of consent in this context. To be meaningful, consent must be informed and freely given. However, most users are probably not aware that their transactions with Google leave a personally identifiable, permanent track record, much less agree to such a result. Thus, user consent is not well-informed, nor is it freely given." 14

Moreover, since similar sites all have essentially the same policy, any user who wants to use a search engine, virtually a necessity today, has to accept that searches will be monitored, stored, aggregated, cross-referenced, analyzed and used for unspecified purposes. The situation with social networks is even more restrictive. If one wants to connect with people, and increasingly institutions, who are on Facebook, which now encompasses most of the U.S. population and an increasing percentage of the rest of the world, one has to be on Facebook. Opting out is not a serious option for many. This is a "market failure," because consumers really have no power to negotiate and are therefore forced to accept whatever terms the companies set. 15

An even greater concern is these sites' selling or other transmission of users' personal data to third parties without users' effective knowledge or consent. This is a serious point of tension between online retailers, search and information services and social networks, and those who care about privacy. 16> For those companies especially that provide free information and communication services to their users, the data they gather from those users are their greatest resource, and turning it into revenue is at the heart of their business model. Therefore they want as few limits as possible on what they can do with that data; and their privacy policies reflect that. For example, one generally sympathetic chronicler of Facebook has noted, "The reality is that nothing on Facebook is really confidential. The company's own privacy policy is blunt on this score. Any of your personal data may become publicly available." 17 Even when companies give assurances, as Google and Facebook currently do, that they do not sell their data to unaffiliated outsiders, it is still available to their advertising "partners," which gives the companies, not to mention the subjects of the data, even less control over where it goes and how it is used. Moreover it can be commandeered by government bodies for use in surveillance, investigations, and criminal and legal proceedings. The record of these companies in defending user privacy against government intrusion has been mixed at best. 18 Most users have no awareness that their personal thoughts, interests and habits are so exposed. "When you enter a search query in Google you simply do not expect it to haunt you in criminal or civil proceedings, nor do you expect it to be transferred to third-party businesses for marketing or data-mining purposes." 19

Defenders of the unconstrained collection, storage and use of users' personal data claim that in this networked world, where everyone is living online and putting their personal lives out there for everyone else to see, people no longer care about privacy, especially teenagers and young adults. As former Sun Microsystems' CEO Scott McNealy famously said, "You have zero privacy anyway. Get over it." 20 Yet the data belies those claims. A 2010 study by the Pew Research Center found that "More than half (57 percent) of adult Internet users say they have used a search engine to look up their name and see what information was available about them online, up from 47 percent who did so in 2006." Moreover the study found that young adults are even more careful about what they reveal about themselves online and with whom than older users. 21 MIT scholar Sherry Turkle, in a thorough and thoughtful study of how teenagers use and are affected by social networks, found that those she studied were very careful and intentional about how they crafted their online identities. These young people cared a great deal about their privacy, but were often naïve about the rules under which they were operating and about how their personal information could be used. 22 Their age and lack of experience and wisdom leaves them very vulnerable to exploitation. Furthermore, they are at an age when they are discovering and defining their identities. They need room to experiment, explore and, inevitably, make mistakes. It is essential that they have a safe, protected space in which to do this. That is why privacy is especially important for adolescents. 23 Their participation in social networks and other online activities should not be taken as permission to collect, use and broadcast their personal information. This becomes even more of a concern with reports that Facebook is considering allowing children under 13 to join. 24

Another abuse of privacy is the publication or distribution of supposedly confidential information. Many public figures have been victimized in this way. For example, in 1992, when Rep. Nydia Velazquez was running for office, information from her hospital records, including a record of a suicide attempt, was taken from the computer and leaked to the media. 25 In a less public but more extensive case, an investigation by the Internal Revenue Service found that hundreds of IRS employees were accessing information on tax returns without justification, in some cases out of curiosity about friends, neighbors, antagonists or celebrities, in other cases to check up on business associates, and in some cases to alter the tax returns. 26 There have also been many cases of hospital employees and others looking up the computerized medical records of patients without authorization. 27

The heavy reliance on electronic communication also leads to greater possibilities for outsiders to tap into sensitive personal information. One spectacular example of this abuse is the British phone hacking scandal, where it was revealed that reporters at Rupert Murdoch's News of the World had been accessing the voice mails and phone records of hundreds of subjects, including members of the Royal Family, and using the very personal information thus gained in published stories. Those charged claimed this was routine practice among the British tabloids. 28

What characterizes all of the situations in this section is that personal data is used for purposes other than those for which it was intended. This is a serious attack on the autonomy and dignity of the individual subject. If someone reveals personal information as part of an application for a credit card, it is because the person decides it is worth the benefit, and because the person is establishing a relationship of mutual trust with the credit provider and its agents. It should be the same with an online retailer, email provider, search service, or social network. If the holders of the information provide it to an employer or sell it to a marketer without authorization, they are violating the intent of the subject and committing a breach of trust. A patient gives a hospital permission to keep a medical history with the expectation that it will facilitate medical care. If this very sensitive and personal information is handed over to an employer or appears in the newspapers, the patient has lost control over an important aspect of his or her life. In effect part of the patient's person has been taken away and used for someone else's purposes and benefit. When that happens, the reaction is often that of Rep. Velazquez, who said she felt "violated" when her medical history became public knowledge.

Michael McFarland, S.J., a computer scientist with extensive liberal arts teaching experience and a special interest in the intersection of technology and ethics, served as the 31st president of the College of the Holy Cross.

June 2012


1. For example, an audit by the General Accounting Office of the information system for the Federal Family Education Loan Program, published on June 12, 1995, found that the system "did not adequately protect sensitive data files, applications programs, and systems software from unauthorized access, change, or disclosure." See also Robert S. Boyd, "In Cyberspace, Private Files are Becoming an Open Book," The Houston Chronicle, (December 8, 1995), p. 3.
2. Burnham, pp. 78-79.
3. Rothfeder, "Invasion of Privacy."
4. ibid.
5.Silverstein, "Applicants: Past May Haunt You."
6. Charles Duhigg, "How Companies Learn Your Secrets," The New York Times Magazine, (February 22, 2012), http://www.nytimes.com/2012/02/19/magazine/
shopping-habits.htm
.
7. Daniel Soper, "Is Human Mobility Tracking a Good Idea? Considering the tradeoffs associated with human mobility tracking," Communications of the ACM, 55(4), (April 2012), pp. 35-37.
8. Lucas Mearian, "Big data to drive a surveillance society: Analysis of huge quantities of data will enable companies to learn our habits, activities," Computerworld, (March 24, 2011), http://www.computerworld.com/s/article/9215033/
Big_data_to_drive_a_surveillance_society.

9. Ellen Nakashima, "Some Web Firms Say They Track Behavior Without Explicit Consent," The Washington Post, (August 12, 2008), http://www.washingtonpost.com/wp-dyn/content/
article/2008/08/11/AR2008081102270.html
.
10. See the critique in Paul M. Schwartz, "Property, Privacy and Personal Data," Harvard Law Review, 117(7), (2004), pp. 2056-2128, at 2075-2080.
11. David Kirkpatrick, The Facebook Effect, New York: Simon & Schuster (2010), pp. 199-215.
12. Sharon Gaudin, "Google privacy changes draw 'firestorm': Analysts explain the breadth of the Google data collection plan and how users can avoid it," Computerworld, (March 2, 2012), http://www.computerworld.com/s/article/9224820/
Google_privacy_change_draws_firestorm_
.
13. Tanzina Vega, "Opt-Out Provision Would Halt Some, but Not All, Web Tracking," The New York Times, (February 26, 2012), http://www.nytimes.com/2012/02/27/technology/opt-out-provision-would-halt -some-but-not-all-Web-tracking.html?pagewanted=all.
14. Tene, op. cit., p 1469.
15. Schwartz, op. cit., p. 2076.
16. Joel Stein, "You Data, Yourself: Every detail of your life—what you buy, where you go, whom you love—is being extracted from the Internet, bundled and traded by data mining companies. What's in it for you?" Time, (March 21, 2011), pp. 40-46.
17. Kirkpatrick, op.cit., p. 203.
18. Loek Essers, "Online services increased their efforts to protect user data, EFF says: The Electronic Frontier Foundation hopes to stimulate transparency and encourage companies to stand up for user privacy," Computerworld, (June 1, 2012), http://www.computerworld.com/s/article/9227663/
Online_services_increased_their_effort_to_ protect_user_ data_EFF_says.

19. Tene, op. cit., p. 1489/
20. "Private Lives? Not Ours!," PC World, (April 18, 2000), http://www.pcworld.com/article/16331/private_ lives_not_ours.html.
21. Mary Madden and Aaron Smith, "Reputation Management and Social Media," Pew Internet & American Life Profect, (May 26, 2010), http://pewInternet.org/Reports/2010/Reputation-Management.aspx.
22. Sherry Turkle,
Alone Together: Why We Expect More from Technology and Less from Each Other,
New York: Basic Books (2011), p. 254.
23. Ibid, p. 260. 24. Brandon Bailey and John Boudreau, "Facebook explores alternatives to banning kids under 13," San Jose Mercury News, (June 5, 2012), http://www.mercurynews.com/business/ci_20779017/ facebook-tests-accounts-pre-teens-which-are-currently.
25. Rothfeder.
26. Robert D. Hershey, Jr., "IRS Staff is Cited in Snoopings: 1300 Workers Have Been Investigated," The New York Times, (July 19, 1994): D1.
27. See, for example, Alison Bass, "Computerized Medical Data Put Privacy on the Line," The Boston Globe, (February 22, 1995): 1.
28. Don Van Natta, Jr., Jo Becker and Graham Bowley, "Tabloid Hack Attack on Royals, and Beyond," The New York Times, (September 1, 2010), http://www.nytimes.com/2010/09/05/magazine/05hacking-t.html.


New Materials

Center News