5. The Principle of Public Data

Just because data about people are publicly available, it does not always mean that a company may collect or use these data. Publicity is not a carte blanche.

Waiving Rights

In the Principle of Data Ownership (Principle 1), we saw that people often lose their control rights over their data, when they make these data publicly available. When Smith walks down the street, and Jones can see Smith’s physical appearance, Smith has waived his control right over data about his physical appearance. All else equal, Jones may now tell his friend Peter about Smith’s physical appearance.

There are many cases where it is not so straightforward to determine whether someone has waived control rights over data. This applies especially to the online world. Lets us consider a few examples.

principle 5

Examples

Imagine that Smith is keeping a diary. Unbeknownst to Smith, Jones opens the diary and takes pictures of the pages and uploads them on a social media platform. Many personal informations about Smith are now publicly available.

Does that mean that anyone may now use these data as they wish? Clearly not. If for example Peter sees the pictures, and he knows that Smith did not want them to be published, then Peter should not distribute them further. And, Peter should not store the pictures for future use.

Similarly, if people’s security numbers - or other personal information about people - are leaked for public display, due to an accident or a cyber attack, then other companies should not access these information or store them for future use in their databases.

What these examples show is that data are not always published voluntarily by the data subject. In those cases, the data subject has not waived her rights over these data, so others should abstain from accessing, storing, using or further distributing these data.

Data Ethics example 5.1

Borderline Cases

Most people will probably find the Principle of Data Use fairly uncontroversial. It seems intuitive enough that if people publish personal information voluntarily, then they lose their right to control the information. And if people’s personal information are publish involuntarily, then they have not lost this right.

But it can be very hard to determine exactly what the limit is between being private and being publicly available.

Imagine that Smith is sitting on a bench in the public park with his friend Carl. A few people are walking by, but no one seems to be paying attention to Smith and Carl’s conversation. Smith tells Carl all sorts of personal information about his sex life. Unbeknownst to Smith and Carl, Jones is eavesdropping on their conversation.

Data Ethics example 5.2

Smith has decided to talk about personal information in a public space, but does that mean that Jones can eavesdrop on the conversation, use and distribute the information further as he wishes? People may have different moral intuitions about this case.

In order to be on the safe side, and in order to avoid breaking the Principle of Trust (Principle 4), it is a good idea to only collect publicly available data if these data are clearly published voluntarily by the data subject itself. In a time where personal information is flowing more or less freely online, it is important to remember: Publicity is not a Carte Blanche.

The Principles of Data Ethics

So what exactly is Seluxit doing about data ethics? Seluxit has taken the initiative to employ a PhD student in the field of philosophy with a specialization in ethics, and is writing a collection of principles of data ethics.
These principles have general application but stem from questions that arise in our daily work. The principles will serve to guide the decisions we make in our work. The principles, which can be browsed here on our website, are being published in a series.