My literature review on "Data Privacy"

Usage of information communications technologies (ICT) are beneficial in a way that individuals are able to solve their regular problems which are hard and cumbersome. Although ICT provides people with advantages, there can be social and ethical issues revolving around it. Issues may vary depending on purposes of ICT use. It is visible that most of those issues are related with online personal information privacy, accuracy of the information used, intellectual property rights and equal access rights. These mostly ignored issues grow along the time and it has created an opportunity for researchers to dig more deeper and find solutions in order to make the web more safer for online private information by stopping or minimizing the distribution of them. (Kuzu, 2009). In this review, personal information generated by various transactions and privacy problems resulting from the regular usage or sharing of them are addressed in deep in conjunction with legal support and solutions.

If privacy problems divide into two main categories, information reuse and unauthorised access can be taken. Information reuse means company making new uses of collected personal information legally. Unauthorised access violates either laws or corporate policies. Both issues can be harmful for a company in its customer relationships, share holders and regulators. As examples for information reuse, aggregation of data, data mining, new uses and sharing can be taken. It harms company due to incorrect inferences, decisions based on errors, exclusions and intrusions. Apart from reuse, unauthorized access is the most common way of breaching privacy. As examples unauthorised access to personal information and breaking into a system by a hacker can be taken. As well as accessing data from a stolen or unattended computer and failing to dispose sensitive data which leads to chaos can be taken too. (Cuinan & Williams, 2009)

If consider why people need privacy, information privacy can be divided in to three. First category is individuals or professionals who don’t want them selves to reveal their private secrets to public. As an example, a person may not allow anybody to access his medical files. The second category expects some sort of behaviour from co-workers to be protected. As an example, employees should not leave personal information on their desks and photocopier machines by mistake. The control is at their own hands. Finally the third category concerns data that looks non-sensitive but sensitive in reality. As an example, a whole story can be made out of small chunks of information which does not seem harmful picked from different places. In overall, individuals should be extra careful about their privacy at their work places. (Palm, 2009)

So if consider about legal support for this issue, fair information practices are global data protection principles which address privacy issues by defining guidelines. In most countries, fair information practices are implemented through common laws. In USA it is bit different. Laws are tailor made to a specific industry’s needs. As additional legal support for this in USA, Gramm-Leach-Bliley Act (GLBA), Health Insurance Portability and Accountability Act Regulations (HIPAA), Section 5 of the Federal Trade Commission Act, Massachusetts Security Rule (201 CFM 17.00) and Payment Card Security Standard (PCI–DSS) can be taken. (Cuinan & Williams, 2009)


As solutions for privacy leakage, some preventive actions can be taken as follows. When designing office layouts, extra effort should be taken in to account in order to design it in a way which protects employee’s privacy. As examples, not placing seats next to each other and separate work cubicles can be taken. (Palm, 2009) .Findings have revealed that even ICT professionals are not aware of ethics regarding data privacy. So formal education on ethical practices might help professionals to develop their knowledge in computer ethics. And also it is important to update company’s privacy policy regularly as necessary and make sure everybody know and follow it. Some employees are not aware of it since they read it for first time when they were recruited. (Kuzu, 2009). Apart from company’s perspective, everyone should take this issue serious and take actions against it in order to secure their privacy more. This review addressed personal information generated by various transactions and privacy problems resulting from the regular usage or sharing of them, reasons for protecting privacy, legal support and solutions for overcoming privacy related issues in depth.



References:

Cuinan, MJ & Williams, CC 2009, 'HOW ETHICS CAN ENHANCE ORGANIZATIONAL PRIVACY: LESSONS FROM THE CHOICEPOINT AND TJX DATA BREACHES', Mis Quarterly, vol. 33, no. 4, Dec, pp. 673-687

Kuzu, A 2009, 'PROBLEMS RELATED TO COMPUTER ETHICS: ORIGINS OF THE PROBLEMS AND SUGGESTED SOLUTIONS', Turkish Online Journal of Educational Technology, vol. 8, no. 2, Apr, pp. 91-110

Palm, E 2009, 'Privacy Expectations at Work-What is Reasonable and Why?', Ethical Theory and Moral Practice, vol. 12, no. 2, Apr, pp. 201-215