Ethics, Privacy, and the Web

The widespread use of web and social media tools has significant philosophical and practical implications for the privacy of casual users, employees, and employers. Philosophically, the diffusion of computer technologies and the new communication mechanisms and relationships the technologies fostered have encouraged a reevaluation of the concept of privacy itself. According to Bynum (2011), definitions of privacy have evolved from those stressing control over personal information to those stressing restricted access to those accounting for public circumstances. These shifting concepts mirror the rise of web and social media platforms that facilitate the production, storage, aggregation, and use of huge volumes of data; in today’s web environment, thousands of entities collect billions of data points in an effort to quantify, categorize, and monetize all aspects of human behavior. From social relationships to shopping habits or work preferences, actors on the web use data mined from searches, browsing histories, and social media interactions to build comprehensive profiles that trigger targeted advertisements or content. When combined with the ubiquitous nature of social networking sites with access-based privacy standards, this shift toward a personalized web experience has certainly facilitated the evolution of ‘privacy’ and indicates current web interactions encourage behaviors that define privacy in terms of access rather than control.

Practically, the web and privacy intersect in several broad areas, including the legal realm, the employment realm, the data collection realm, and the data storage realm. First, current laws do not account for the recent growth in social media and other web technologies and, as such, do not offer adequate privacy protections to system users. Loeffler (2012) explained that social media is governed by the same privacy laws applicable to the general online environment; in the United States, this translates into a patchwork of laws and regulations that address privacy issues for different segments of personal information, consumers, or industries. Several major privacy-related areas within this patchwork, especially the scope of employer surveillance, employee representation requirements, and the depth of pre-employment social media examinations by prospective employers remain unsettled, ensuring confusion and conflicting policies on the collection of data and the conduct of potentially invasive activities by employers. These actions have significant privacy implications, and the law must catch up to the social media environment to offer clarity and structure.

In the employment realm, web and social media technologies pose privacy concerns to prospective employees, current employees, and employers.  In general, the boundary-crossing nature of social media platforms, the availability of sensitive personal data in the online environment and the advertising and marketing potential of social media sites have the potential to impact privacy, and in aggregate have contributed to the philosophical reevaluation of what ‘private’ means. Sánchez Abril, Levin, and Del Riego (2012) suggested although employer invasiveness leads to negative personal and professional outcomes among employees, most employers have compelling business reasons and possess the technologies to surveil employees’ and applicants’ online activities.  This monitoring can help companies identify character flaws or negative personality traits and protect intellectual and physical property, but it can also result in privacy invasions, the collection of inappropriate data, and the execution of improper hiring, firing, and personnel decisions based on private data. Furthermore, the widespread use of social media platforms has blurred the work-life boundary and inspired companies to place restrictions on extracurricular activities that could harm the company’s reputation. Sánchez Abril, Levin, and Del Riego (2012) indicated this significantly complicates the line between the private individual and the company representative, and explained a more public digital existence can threaten the privacy of both employees and their employers by making it easier for private dealings to reflect on organizations, enabling disgruntled employees to divulge company secrets, and allowing organizations to try and regulate off-duty conduct. With a blurred line between on- and off-duty, previously private employee activities are becoming more relevant to company operations and forcing employees to disclose or even terminate formerly private actions.

Finally, today’s web and social media technology contains items that collect, track, and use sensitive personal data for advertising and other businesses purposes. Cookies and other advanced technologies track online movement and gather data without user knowledge, this data is gathered, stored, and analyzed, and the process minimizes privacy in favor of finely targeted commercial activities. Tracking mechanisms and personalized advertising have made it extremely difficult for users to operate privately on the internet, and anonymity is almost impossible on today’s web. Data-collection applications and web communities such as Facebook that gather personal data and leverage it for targeted advertising have the capability to aggregate massive amounts of information and, in doing so, develop sophisticated personal profiles for millions of users. This process provides these companies and the entities that purchase personal information with data on users’ friends, habits, likes, dislikes, shopping habits, and other personal/private topics. This information was not collated and aggregated to this degree prior to the rise of the web and social media platforms, and the existence of these capabilities and the resulting databases have significant privacy implications for all web users.

As the web evolves and social media platforms mature, internet users will become more familiar with the privacy threats associated with ‘big data,’ and the law will change to reflect the web’s influence. Today, however, the explosion of social media sites, the unclear legal environment, the massive data-collection capabilities of online companies, and the ongoing redefinition of ‘privacy’ have combined to create an environment where traditional concepts of privacy are not sufficient to protect individuals and businesses in the online world. During this transition phase, this has resulted in the existence of serious privacy threats and the rise of a billion-dollar data-collection industry devoted to obtaining personal data and leveraging it for consumer and professional purposes. In the short term, this trend has caused web users to forgo or limit traditional privacy conceptions, and I see this trend continuing as social media grows in popularity and cultural acceptability.

Bynum, T. (Spring 2011) “Computer and Information Ethics”, The Stanford Encyclopedia of Philosophy. Edward N. Zalta (ed.). Retrieved from

Loeffler, C. (2012, September-October). Privacy issues in social media. IP Litigator, 18(5), 12+. Retrieved from

Sánchez Abril, P., Levin, A. and Del Riego, A. (2012), Blurred Boundaries: Social Media Privacy and the Twenty-First-Century Employee. American Business Law Journal, 49: 63–124. doi: 10.1111/j.1744-1714.2011.01127.x


6 thoughts on “Ethics, Privacy, and the Web

  1. You mention the lack of clarity in privacy laws, particularly as they relate to the overlapping and confusing nature of federal and state regulatory actions. But can clarity be achieved when the user has little idea as to the nature of the personal data collected? We all are rightfully cautious about handing out our credit card number, but do we really think about the collection of data on what sites we visited as private information? If we walked into an area shopping mall, and were tracked by a shopping researcher (as it still common) we would have little recourse to complain. After all, the individual doing the tracking is only recording where we went in the mall (which stores, food court, etc.).

    But the same information harvested on-line builds a profile of me that can be easily extended to a very powerful and complete assessment of who I am and what I am doing. My employer might be very interested to know that I’ve been on various job sites, looking for new employment. Or my spouse might be interested to know that I told the dealer to reserve that brand new Corvette for me, and the new Kia for her (just kidding, in my house my spouse is the sports car nut).

    The challenge of course is that the information tracking may not be in the US at all. The sites that I’m visiting may be outside the United States, which creates legal barriers to any recourse I may wish to take. Can legal clarity be possible when tracking of web usage is really an international issue, not a state or federal action?

    • The structure of our legal system precludes the implementation of standard privacy laws at the state and local level, and privacy matters will continue to receive different treatment from jurisdiction to jurisdiction. I don’t think this is a bad thing…it just combines with the international nature of the web to create an environment where it is difficult to understand the laws and requirements that govern certain behaviors. If anything could or should change, it is consumers’ right to know what kinds of data is being collected – your point about users not knowing what data online entities collect is a good one, and this is the major privacy issue with web communications today. With a better idea of who is collecting what and why, consumers could take active steps to preserve the integrity of their data or modify their behavior to account for collection techniques they deem as too invasive. Without this information, web users simply do not know who is collecting on them and what they are doing with the information, and that is dangerous no matter what the actual information is.

  2. I also wrote about the same thing and realized just how much of a problem it is. While I myself am guilty of checking email, shopping, and even doing homework at work I never spend more than 30 minutes doing it and it is when there is literally nothing else to do. Every company will have workers that lack some work ethics. Unfortunately technology is making it easier to slack off because everything is at your finger tips and there is no escaping it. Just yesterday I attended a meeting and everyone was on their cell phone. I doubt anyone remembers anything from it.

  3. Nice summary, TIm. As you note, data is the next “big thing.” I find it interesting that Sebastian Thrun gladly gives his Artificial Intelligence course away for free (and 160,000 took it), but he was able to mine the data to turn around and sell the names of top coders within his class to Silicon Valley clients. So the work students do in class becomes a commodity.

    Earlier this week, I was reading a blog post by danah boyd (she uses lower case letters in her name). I have followed danah’s career for the past five years and was honored that she let me review her draft dissertation. She is now a researcher at Microsoft Research in Boston. She stated on Twitter that she would no longer use Mendeley now that they have been bought by Elsevier, as she (and many others) consider Elsevier evil. Over 13,400 academics boycott Elsevier publishing services because:

    – They charge exorbitantly high prices for subscriptions to individual journals.
    – In the light of these high prices, the only realistic option for many libraries is to agree to buy very large “bundles”, which will include many journals that those libraries do not actually want. Elsevier thus makes huge profits by exploiting the fact that some of their journals are essential.
    – They support measures such as SOPA and PIPA that aim to restrict the free exchange of information.

    danah’s initial tweet exchange with a Mendeley executive turned ugly on the web, and she then turned to her blog to more accurately lay out her rationale. Over the past three days, numerous comments have been added.

    It makes an interesting case study in openness, privacy, and ethics.

  4. Good post, Tim.

    I have to think the data on all of us was “out there” long ago, if you consider there were few restrictions at all on banks, insurance companies, and other data-rich entities from selling our info to others in the past. I do not, at all, disagree that technology has put this danger on steroids, but consider consumers normally used local banks and other “in-town” financial agents in the 1950s and 1960s. I think we’d be naive to think those transactions were private. The data just didn’t travel as fast or as far — but it didn’t need to.

    So, a question. Are we better protected today than we were 40-50 years ago because we’re aware of the dangers now or are we less secure because the dangers have expanded?


    • I think we are less secure because of the comprehensive nature of the data collected and stealth nature of the collectors. In the pre-web days, data was collected through personal relationships, while information today is gleaned from non-intrusive online surveillance that consumers don’t know even exists. The difference is significant and, when combined with the new tools that allow companies to store massive quantities of information, sell that information, and influence advertising and browsing decisions in real-time, I think today’s environment is more dangerous to privacy than the pre-web world ever was.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at

%d bloggers like this: