Nowadays, most companies seek to collect as much user data as possible. This data helps these companies improve their services and grow their user base, but some companies use this data to obtain direct benefits without the users' consent. This is done unethically by directly selling this data or passing it on to other companies without the customer's permission.
Personal Data Privacy
According to (Long & Quek, 2002), this term can be defined as the right of the customer to have complete control over his/her data with companies, companies must have his/her permission to collect, process and share data, even deleting it if he/she wants to.
Personal Data Protection:
According to (De Hert & Papakonstantinou, 2016), Data Protection means the set of measures the company takes to protect the data of its users; it is kept away from any third party, either by willful disclosure or by hacking.
Data Breach:
It is the intentional disclosure of user data; unfortunately, so far, the United States does not have a law that grants privacy to all user data, but several different laws try to solve this problem, such as the following laws: FCRA, FERPA, GLBA, ECPA, COPPA, VPPA, HIPAA, (Cheng, Liu & Yao, 2017).
An example of an unethical approach to using data:
In 2002, WorldCom manipulated its customers' financial statements to make its company look better. This manipulation deceived investors and transmitted a fake image of their users' data. The company raised nearly $4 billion through accounting fraud and customer data manipulation. It ended up incurring fines and losses of more than 6 billion dollars, and the CEO was sentenced to 25 years in prison (Lyke & Jickling, 2002).
The best ways to achieve privacy and data protection:
According to (Klosowski, 2021), from an ethical point of view, the company must achieve maximum protection for the data of its users, providing a firewall against any external tampering with this data without additional fees to the user; it should also collect only what they need of data for the service they are doing and not to sell the data to a third party, the company must also ask the customer how to control his/her data or delete it if he/she wants.
Conclusion
According to (Kovacevic, 2019), there are now recognized ethical standards in the business world regarding how personal data is collected and used; this ethics begins with a question the company must ask itself, Is what the company does with user data the right thing to do or not? A company that aspires to profit quickly from the misuse of user data promptly subjected itself to huge fines, curtailed its work, and put it under threat of law and regulatory authorities.
References
Cheng, L., Liu, F., & Yao, D. (2017). Enterprise data breach: causes, challenges, prevention, and future directions. Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery, 7(5), e1211.
De Hert, P., & Papakonstantinou, V. (2016). The new General Data Protection Regulation: Still a sound system for protecting individuals?. Computer law & security review, 32(2), 179-194.
Long, W. J., & Quek, M. P. (2002). Personal data privacy protection in an age of globalization: the US-EU safe harbor Compromise. Journal of European Public Policy, 9(3), 325-344.
Lyke, B., & Jickling, M. (2002, August). WorldCom: The accounting scandal. In the Congressional Research Service Report for Congress, August (Vol. 29, pp. 1-6).
Klosowski, T. (2021). The State of Consumer Data Privacy Laws in the US (And Why It Matters). New York Times.
Kovacevic, A. (2019). Big tech faces data collection scrutiny, but extensive insurance might be next. San Jose: Newstex. Retrieved From ProQuest One Academic in the TUW Library.