Ethical considerations: dealing with privacy issue of Aura

Privacy is a very wide concept that involves many facets, including “freedom of thought, control over one’s body, solitude in one’s home, control over personal information, freedom from surveillance, protection of one’s reputation, and protection from searches and interrogations” [1]. Especially in the field of personal information security protection on the Internet, the privacy issue is discussed intensely. With the development of the so-called Web 2.0, social networking sites have benefited people through providing an online community that allows them to communicate with others easily and to expose an enormous amount of personal information when they rely too much on social networking sites. In the social network field, privacy is defined as control over users’ personal information flow, including the transfer and exchange of that information (or data) [2]. Currently, privacy has become a global issue that many countries have created regulations to protect the privacy of Internet users. Some examples of policies already developed are the Data Protection Directive in EU and Data Protection Act in the UK [1].

However, people may have different perception regarding such regulations.A privacy survey conducted by [3], divided people’s attitudes into three classifications according to their responses to their degree of concern about privacy protection:

• The privacy Fundamentalists distrust websites’ intention to ask for people’s personal information and their ability to protect information. This group of people will ask for formal laws and rules to regulate the market. They account for about 25% of overall people.
• The Pragmatic show more trustful towards organizations and websites. They measure benefits of consumers opportunities and services with exposure of information, protection of privacy and the government’s involvement of privacy control. According to the statistics, they would like to decide whether their personal information can be used or not by themselves. People with this attitude represent more than half (57%) of all.
• The Unconcerned Internet users fully trust organizations and websites to get users’ personal information. They agree that there is no possibility to propose new laws and regulations to protect privacy. They are 18% of all.

It reflects that people may have different degrees of acceptance of privacy issues. Therefore, it is a topic that requires debates.

How will Aura cope with Privacy?

Aura would like to apply prevention and transparency rules to ensure our customers’ information will be used appropriately and there will not be disclosure of information. Encryption scheme will be used or data security. Encryption scheme includes a public key and a private key to encrypt and decrypt information [4]. If a user wants to post something or update his/her personal profile, the client-side JavaScript encrypts the message with the necessary public keys; while his/her friends or people who get his/her access right request these contents, private keys will decrypt messages and information that encrypted by public keys [4]. This scheme will benefit both peer-to-peer and one-to-many communication.

Aura will also apply data anonymization to prevent information disclosure. Data anonymization is a type of data protection, which can either encrypting or removing personal information that will show users’ personal identification from datasets, so the people whom the data described will remain anonymous. Therefore, our users do not need to worry their personal information will be disclosed to other commercial companies, such data like name, email address, telephone number.

Aura will be transparent to users about its privacy policy because usage of their information ought to be transparent so they can check if their information is used appropriately [3]. The UK Data Protection Act states that “The Data Protection Act gives you the right to find out what information the government and other organisations stores about you” [5]. Aura will ensure our users’ right of being informed especially the usage of their perosnal information.

To sum up, we will try our best to ensure the information security of our users and prevent information disclosure through prevention and transparency perspectives.

Reference

[1] Solove, D. (2008). Understanding privacy. Cambridge, Mass.: Harvard University Press.

[2] Shin, D. (2010). The effects of trust, security and privacy in social networking: A security-based approach to understand the pattern of adoption. Interacting with Computers, 22(5), pp.428-438.

[3] Weitzner, D. J., Abelson, H., Berners-Lee, T., Feigenbaum, J. and Sussman, G. J. (2008). Information Accountability. Communications of the ACM , 51 (6), pp. 82-87

[4] Lucas, M. M. and Borisov, N. (2008). FlyByNight: mitigating the privacy risks of social networking. In Proceedings of the 7th ACM workshop on Privacy in the electronic society, pp.1-8.

[5] GOV.UK. (2018). Data protection: Find out what data an organisation has about you. [online] Available at: https://www.gov.uk/data-protection/find-out-what-data-an-organisation-has-about-you [Accessed 20 Apr. 2018].