26.01.14 - 31.01.14, Seminar 14052

Ethics in Data Sharing

Diese Seminarbeschreibung wurde vor dem Seminar auf unseren Webseiten veröffentlicht und bei der Einladung zum Seminar verwendet.

Motivation

ACM’s ethical guidelines (as well as IEEE’s) are almost two decades old. The most relevant points to data sharing it makes are “Avoid harm to others” and “Respect the privacy of others.” The consequences of not complying with the code are “Treat violations of this code as inconsistent with membership in the ACM” while “Adherence of professionals to a code of ethics is largely a voluntary matter.”

In fact, in the current legal system, ethical behavior “doesn’t pay.” Such guidelines are insufficient for the numerous professionals working for corporations where privacy policies are dictated more by a company than by its employees. Nowadays, we have little control who receives our Personally Identifiable Information (PII), what PII they receive, where collected PII is transferred to, and what is the source of (mis?)information others have on us. This is especially alarming with the rapid progress of data mining, the constant discovery of flaws in data anonymization/sanitization techniques, and the vast amount of electronic data that exists. It is beyond the ability of a layperson to understand the privacy policy of organizations and their consequences on the individual.

The situation is even more serious when data is shared and disseminated among different countries that naturally have different ethical codes and policies for dealing with privacy issues concerning data sharing. Data transfer has no borders, hence, neither does data sharing, which renders ethical data sharing all the more challenging.

However, the recent EU proposals to update the legal framework of the Fair Information Principles, precisely with an eye to the emergence of hyperconnectivity and ubiquitous data analytics, has introduced the notion of Data Protection by Design. This may provide strong incentives to introduce purpose binding, informed consent, minimal disclosure and profile transparency into the design of the relevant computing systems.

The seminar will bring in researchers from all disciplines that involve data sharing across borders with ethical implications. The main focus will be on Computer System Security data and Electronic Medical Records. It is our intention to derive and implement a number of conclusions. At least, we expect to come up with some suggestions of code of ethics for computer professionals (including researchers) that will elaborate on existing codes in terms of data sharing. We hope the participants can come up with some agreement of what ideal regulations should be, how they can be implemented, and how they can remain current. Ideally, the participants can come up with specific call for actions for companies, organizations, and legislators.