This paper examines the ethical dimensions of benign (voluntary) surveillance in Internet commerce, focusing on the collection, storage, and analysis of consumer data through technologies such as cookies, clickstream tracking, data warehouses, and personalization systems. The paper explores how companies use this data to build loyalty programs and segment customers by profitability, raising ethical concerns about consent, transparency, and potential identity theft. Drawing on case studies including Facebook's Beacon initiative and the Certegy Financial Services data breach, the paper argues that consumers are increasingly demanding opt-out rights and corporate social responsibility. It also considers the role of the Fourth Amendment, the ACM code of conduct, and social networking as forces reshaping ethical standards for data use.
The Internet's rapid evolution as a publishing and commerce platform has extended its ability to serve as a marketing, selling, and service channel for companies globally. Yet with this potential for revenue growth comes the ethical responsibility of managing customers' data vigilantly. The issue of benign or benign surveillance β the providing of personal information by the public to complete transactions at ATM machines, automated pay terminals in shops or restaurants, or through the online purchase of products or services β is considered by many to be one of the defining characteristics of living in a highly developed technological society.
Included in this discussion of benign surveillance are technologies such as personalization engines, cookies (small files that capture a website visitor's specific information), and the continual recording of clickstream data as users navigate a site β all of which are captured, organized, and analyzed through data warehouses and data marts. The ethics of capturing so much customer data, creating data warehouses and data marts, and then analyzing that information to find new strategies to encourage customers to buy more raises significant ethical dilemmas. The unethical practice of reselling information captured from Internet-based marketing campaigns places these dilemmas at the forefront of many companies' operations.
In addition, the collection of customer data from website visits and responses to email campaigns creates the risk of potential identity theft, given that so much information about prospects and customers is concentrated in a single series of databases. The collection and analysis of customer data captured without consent raises ethical dilemmas for companies and also creates potential conflicts of interest relating to the capture, analysis, or sale of customer information without their knowledge.
The ethical question of whether benign surveillance is simply a commentary on modern high-tech society or a precedent for ethical misconduct and harm is central to this discussion. There are also considerations of how data captured and stored in data warehouses is used by programmers and management analysts in devising selling and loyalty program strategies (Albrechtslund, 63). The ethical considerations of using data warehouses and data marts constructed from data accumulated through benign surveillance require an entirely different set of standards, practices, and processes (Danna & Gandy, p. 374, 375). The ethics of strategies based on data obtained through benign surveillance have conflicting assessments (Ess, pp. 220β221) that highlight the polarity between using online data and enterprise-class predictive analytics software to ascertain customer segments and understand their preferences. Harrah's Casinos and Entertainment practices this pervasively with their customer base, sending the least profitable customers to competitors while offering the most profitable ones complimentary hotel stays and casino rewards globally β relying on insights from predictive analytics applications to define and execute this strategy.
The use of data obtained through benign surveillance to specifically "fire" unprofitable customers and segment them based on profitability is considered unethical by ethicists studying information technologies (Lacey & Sneath, pp. 459β460). Floridi (pp. 109β110) discusses in detail the ethical considerations of data privacy and the need to ensure there is "opt-in," or specific approval from consumers, for their data to be analyzed and used in the creation of strategies (Peeples, pp. 27β28; Tavani, pp. 268β269).
Websites and other forms of electronic initiatives that companies use to capture customer data are increasingly being seen as untrustworthy by consumers, largely as a result of reported unethical uses of their data (Vedder, pp. 276β277; Triplett, p. 79; Phukan, pp. 235β237). The erosion of trust in many forms of electronic payment systems is one of the largest inhibitors of their global adoption (Peterson, p. 347). The ethics of using consumers' data without their permission have brought greater scrutiny than ever to loyalty programs (Lacey & Sneath, et al.) and customer abandonment behaviors (Ingram, Skinner & Taylor, pp. 238, 240β241).
From the perspective of trust as defined through empirical studies (Weckert, p. 93), a dichotomy emerges from the impact of benign surveillance-based data carrying an implied warranty of remaining private (Soraker) and the development of loyalty programs β with or without the knowledge of consumers (van Wel & Royakkers, et al.). Ethicists may argue the points of implied warranties of privacy, yet the public, through the use of social media including blogs, wikis, and other forms of social networking, is quick to condemn a violation of this trust.
In many respects, the role of a more communicative and collaborative web β defined as Web 2.0 (Bernoff & Li) β is forcing a high level of transparency into how data collected through benign surveillance is used. While a multitude of standards are being deployed to force transparency, including those from the Association for Computing Machinery (ACM) (Peslak, et al.), the immediacy and reach of social networking is redefining and clarifying what level of data use is considered part of modern living and which constitutes a clear violation of ethics leading to a deterioration of public trust (GΓ³rniak-Kocikowska, p. 48).
There is no specific benchmark or ethical standard applicable globally across the spectrum of data analyses, marketing, and sales plans based on data collected through benign surveillance. There is, however, a significant increase in the volume and intensity of consumers' concerns as voiced through social media and social networking sites. The collection of technologies Bernoff and Li (pp. 36β37) discuss and analyze are forming the foundation that quickly redefines what is acceptable versus unacceptable in the use of such data sets. Social networking and Web 2.0 are together defining which specific uses of benign surveillance-based data are part of living in a technologically advanced society and which represent unauthorized data mining and unethical use of personal information (Phukan, pp. 234β235).
This is not to say that "the wisdom of the crowds" fully defines ethical behavior through social networking. It does suggest, however, that consumers whose data is being used for analysis have the right to say how that data will be used β regardless of the prevailing and often imprecise ethical standards that vary significantly between those who seek advantage from the data in marketing and those whose data it actually is (Johnstone, et al.).
The ethics of capturing data through benign surveillance is one factor in the debate over this activity, yet the development of strategies based on its use β including the use of such data in programming contexts and environments β raises additional concerns (Himma, pp. 226β227). For example, the development of an entirely new service offering from a bank or credit union that capitalizes on trends found in data obtained through benign surveillance requires the participation and cooperation of several different groups of employees. As a result of these projects, confidential purchasing data and consumer trends become easily accessible to any member of the development team, accelerating concerns that benign surveillance may function as a liability to consumers (Bynum, 2006, pp. 157β158).
From the initial uses of data obtained through benign surveillance in financial services over the past several years, the extent of potential breaches has grown exponentially (Bynum, 2001, et al.). Examples of these risks from a personal privacy perspective include the extensive capture of personal loan and financial information by prospective lenders through voluntary mass surveillance, the transfer of that information to other firms, and the theft of data during the development process (Bynum, 2001, et al.). Globalization is forcing the distribution of development teams across the globe, further complicating governance and control over the use of confidential data.
These examples underscore the critical need for defining ethical standards for financial professionals, including developers who work with data obtained through voluntary mass surveillance. The ethics of working with data not specifically derived from opt-in consent present ethical dilemmas for developers (Pemberton, pp. 77β78; Tavani, p. 37). Ethical governance is critical during the development phases of new financial services applications, as there are many documented cases of data being either stolen or resold without consumers' consent.
The Certegy Financial Services data breach involving 8.5 million checking account customers is a case in point. A systems administrator in the IT department stole backup tapes containing account names, social security numbers, and checking account and routing numbers, intending to resell them to an undercover FBI agent. Fortunately, only the last four digits of account numbers were exposed, and the FBI apprehended the administrator and secured the data sets before they could enter the black market and be resold to criminals β preventing what could have amounted to billions of dollars in losses. Clearly, cases like this demonstrate the critical need for safeguards on consumer data captured over the Internet, whether collected on an opt-in basis or not.
"Facebook Beacon case and corporate social responsibility"
"Legal precedent and Fourth Amendment privacy rights"
"Consumer opt-out demands and future of data ethics"
Always verify citation format against your institution’s current style guide requirements.