Digital Citizenship: Navigating the Ethical Challenges of a Connected World
Analysis of data security issues and reflection on my exploration of themes
Digital and technological advancements have made our lives more convenient, saving us time and energy. Nevertheless, there is a need to consider the ethical implications that the digital world would have on our present and future world. This blog post is divided into two sections. In the first part, I would be discussing an alarming issue, whereas, in the second part, I would be reflecting on what I have learned through my studies and research of the topics in the Digital Society module.
Data Security
Balancing Freedom of Expression and Right to Privacy
The freedom of expression is a right enshrined in Article 10 of the European Convention of Human Rights, whereas the Right to Respect for Family Life is enshrined in Article 8 of the same convention. The issue at hand is that both of them are qualified rights, also signifying that they are equal in status. The balancing exercise between these two rights has been the focus of legal issues such as defamation and misuse of private information. While both the case on Panama Papers and the Ashley Madison case were cases of data breaches, students of the Digital Society course were asked to identify whether they felt differently about the two cases. The difference between the two cases was that the Panama Papers leak disclosed the information of partakers of illegal tax evasion and money laundering, while the user data of a dating site that promoted affairs was stolen in Ashley Madison’s scenario. There were a few arguments made, including
- that the Panama Papers case is more serious than the Ashley Madison case,
- that both cases are equally unlawful,
- that the Ashley Madison leak is more impactful.
These assertions would be analysed in relation to the laws under data breach and the tort of misuse of private information. Both of the cases would be data breaches under the UK General Data Protection Regulation (GDPR) and the EU GDPR. As defined in the GDPR, a data breach would be an infringement of secure or confidential personal information by an unauthorised party. In both cases, the personal data of the individuals were stolen without their consent, therefore, is a breach of the GDPR. Considering this, it could be understood that the data breach in both cases is unacceptable.
The act of leaking private information in itself could give rise to a claim for misuse of private information. This comprises a two-stage process. The first stage is where a reasonable expectation of privacy in the information must be shown by the claimant. After establishing the first stage, the second stage is where the Court would balance all the competing rights, including the rights of both parties and any third parties involved. Whether there is a public interest that outweighs the party’s right to privacy is also considered.
I would use the principles to critically analyse the implications of both cases. The Court held that the disclosure of ‘bare facts’ are acceptable. In the Ntuli v Donald case, the fact that both parties were in a relationship was not restrained, while further details of their intimacy were not allowed. Therefore, just disclosing the fact that certain people had an online relationship with someone else may be acceptable. Some Digital Society participants, though, think that the leak would only tear family relationships apart and as having affairs was not an illegal activity, it was not necessary to leak the information. An opposing argument could be made that people’s sex lives are their own private lives, as the Court mentioned in the Mosley v News Group Newspapers case. Also, it is seen from the PJS v News Group Newspaper case that there is prima facie no public interest in disclosing private sexual encounters, even when they concern an affair. Further, the third parties may be the children of the users of Ashley Madison, as the disclosure of the information would affect the children. The best interests of children are substantial and therefore it may be wrong to disclose the information in such cases. In conclusion, I would think that the users’ rights to privacy are more important in the Ashley Madison case.
In a case like Panama Papers’, there would be a reasonable expectation of privacy in view of the sensitive and private nature of the information. However, information about wrongdoing or iniquity is unlikely to engage the rights of privacy. This is especially so regarding public figures, which are not restricted to only politicians but also extend to the world of arts and sports, as stated in Spelman v Express Newspapers. Also, there is a limit to the application of the concept of ‘private life’ will not encompass all of a person’s business, professional life or leisure activities. Therefore, it is seen that freedom of expression would triumph when the issue concerns public policies, in this case, the information of the illegal activities engaged.
Conclusion of my thoughts on the cases
The answer to whether I feel differently about the two cases is yes — committing crimes of tax evasion and money laundering are serious issues, therefore I think that the leak was more justifiable. However, both cases were data breaches and were unlawful.
Ways to keep data secure
Additionally, here are some ways to prevent data breaches:
- Encryption of sensitive data to prevent unauthorised access or disclosure. This is a great solution as they have relatively low costs of implementation and is an accessible solution.
- Cybersecurity training for employees to increase their awareness of cybersecurity issues and good practices, encompassing phishing prevention.
- Use strong passwords and multi-factor authentification (MFA). MFA allows a more secure identification process.
- Creating an Incident Response Plan. This can help the organisation to respond speedily to any occurrence of data breaches.
- Ensure software is up-to-date and install antivirus software. Antivirus software helps to detect malware and viruses.
Reflection on how I have developed through the Digital Society course
The Digital Society module was special in many ways — being completely online and asynchronous, and the assessment was in the format of writing blog posts. The themes in this module were eye-opening. After reading the topic of ‘Chatbots and Questions of digital conversation’, it made me question the social cues I would look for when determining the gender of a person through online chatting. Thinking back, as a female, I found it easier to relate to other females, which makes me associate agreeableness with the female gender, to which I agree with Butler’s statement that gender is ‘an identity instituted through a stylized repetition of acts’.
The ‘Smart Cities’ theme was very intriguing. I found that there was room for creative thinking as we were asked to think of possibilities for advancements for cities. In my city, our carpark payments are made using our mobile phones through applications, allowing us to pay in the car and leave conveniently. On the other hand, we could improve our use of automated machines, for example, automated checkout systems in supermarkets and automated border control system in airports.
For the topic of ‘The individual, identity and ethics’, the data security subtopic piqued my interest. As a law student who loves science and technology, it was always one of my aims to find the bridge between law and technology. Cybersecurity was one of the areas I have always been interested in, but as I have not been exposed to it, I find myself reluctant to engage with it. Through this assessment, I had the chance to research it, which is something I am grateful for.
A major challenge I faced was critical analysis— widening the scope of reading and considering the differing opinions was my way of overcoming this. There were lots of different opinions and reasonings submitted by students for the questions in the blogs. Reading a few perspectives on an issue allowed me to assess the deeper implications and the variety of responses that an issue poses.
I also found it to be a challenge to decide on the topic for the final assessment, as there were many topics to choose from. I changed my topic a few times, and I still feel insecure about my performance in my current topic. Nevertheless, I attempted to combine the elements that have helped me grow and would be beneficial for me, including assessing the different opinions people have regarding an issue, critically analysing information, and writing an essay on a topic that encompasses both law and the digital world. Another essential skill that I acquired from the course is the understanding of issues of intellectual property.
I feel regretful that I have not done further research into more topics, and for this assessment, I hoped to consider two different issues, but with the restriction of word limit, I only managed to focus on one topic. That being said, on the top of my to-do list during the summer holidays would be to do more research into the skills that I would require to prepare myself for a digital future!
