Mobile apps have become an integral part of our lives, providing us with a wide range of services and entertainment. However, these apps often collect vast amounts of user data, which can be used for a variety of purposes, some of which may not be in the best interests of users. This raises serious ethical concerns about data privacy.
Gaming consoles and digital assistants are constantly listening to users, even when they are not being used. This raises concerns about privacy and surveillance. For example, if you are talking to a friend about a new product, your console or digital assistant may overhear the conversation and start showing you ads for that product.
How are tech companies collecting data?
Big companies make their apps run in the background and collect data without the user's knowledge in a number of ways. One common method is to use services. Services are background processes that run even when the app is not in use. They can be used to perform a variety of tasks, such as checking for updates, sending notifications, and collecting data.
Another method is to use background location tracking. This allows the app to track the user's location even when the app is not in use. This data can be used for a variety of purposes, such as targeted advertising and improving the app's features.
Third-party libraries are used by many apps to provide common functionality, such as analytics, advertising, and social media integration. However, some third-party libraries can track user data without their consent. This is known as intra-library collusion.
In a recent study, researchers found that 30,000 smartphones were vulnerable to mobile data theft from shared app libraries. The researchers found that a malicious actor could combine the access granted to each app in order to build a user profile or perform mobile data theft.
Finally, big companies can also collect data from the user's device without their knowledge by using hidden APIs. APIs are software interfaces that allow apps to communicate with each other and with the device's operating system. Hidden APIs are APIs that are not publicly documented and can be used to collect data from the user's device without their knowledge.
- Loss of privacy: When big tech companies collect user data, they are able to track users' movements, online activity, and even their thoughts and feelings. This data can then be used to target users with advertising, to sell to third parties, or to influence their behavior.
- Identity theft: If a big tech company's database is hacked, users' personal information could be stolen and used to commit identity theft. This could include things like users' names, addresses, social security numbers, and credit card numbers.
- Discrimination: Big tech companies can use user data to discriminate against users in a number of ways. For example, they could use data to deny users access to certain services or charge them higher prices.
- Manipulation: Big tech companies can use user data to manipulate users' behavior. For example, they could use data to show users ads that are designed to influence their political views or to buy things they don't need.
- Deepfakes: The collection of user data by big tech companies can also be used to create deepfakes and other forms of synthetic media that could be used to deceive or manipulate people. Deepfakes can be used to create fake news stories, to blackmail people, or to damage someone's reputation.
- Third-party sales: The sale of user data by big companies to third parties in the name of “diagnostic crash reports” also raises privacy concerns, as users may not be aware of how their data is being used or shared. For example, a big tech company could sell a user's data to a data broker, who could then sell it to other companies or even to criminals.
- Dark Web: The release of data into the dark web is another serious consequence of big tech companies collecting user data. The dark web is a hidden part of the internet that is only accessible through special software. If a big tech company's database is hacked and users' data is released into the dark web, it could be used for a variety of criminal purposes.
What do ethical frameworks say?
There are a number of ethical frameworks that can be applied to the collection and use of user data by big companies' apps. Some of the most relevant frameworks include:
- Act Utilitarianism: It evaluates actions based on their consequences and seeks to maximize overall happiness or utility. In the context of data collection and hidden services, Act Utilitarianism would likely encourage companies to consider the potential harm and benefit of such actions. If these practices result in a net increase in user well-being, such as by improving app functionality, Act Utilitarianism might support them. However, if they infringe on user privacy or cause harm, Act Utilitarianism would advise against them.
- Rule Utilitarianism: It focuses on the creation and adherence to rules that maximize overall happiness. It may advocate for the establishment of clear and ethical guidelines regarding data collection and background services. Big companies would be encouraged to follow these rules to ensure a more predictable and trustworthy environment for users, which, in the long term, contributes to greater happiness for all.
- Kantianism: It is an ethical theory that focuses on the duty of individuals to act in accordance with moral principles. Companies seeking permission for data collection and hidden services should ensure transparency and obtain informed consent from users. Kantianism would discourage deceptive practices that exploit users' lack of awareness or consent.
- Virtue Ethics: It focuses on the development of moral virtues in individuals and organizations. In the context of data collection, companies should cultivate virtues such as honesty, transparency, and integrity. Virtue ethics would discourage practices that undermine these virtues, such as concealing data collection activities or using hidden APIs without justification.
- Social Contract Theory: It emphasizes the idea of a mutually beneficial agreement among individuals or groups in society. Companies should consider the implicit social contract they have with users. Users provide data in exchange for certain services. Violating this contract by engaging in intrusive data collection or hidden activities would be seen as unethical, as it breaks the trust between the company and its users.
Reactions of United Nations?
The United Nations has also taken steps to address the issue of data privacy. In 2019, the UN Human Rights Council adopted a resolution that recognized data privacy as a fundamental human right. The resolution also called on governments to take steps to protect the privacy of their citizens' data.
- Be careful about what apps you install and what permissions you grant to apps. You should also use strong passwords and enable two-factor authentication whenever possible.
- Disable background location tracking for apps that don't need it.
- Use a privacy-focused browser such as Brave and a search engine like DuckDuckGo. These will block trackers and other third-party scripts that can be used to collect data about you.
- Install a VPN as it can encrypt your traffic and hide your IP address, making it more difficult for companies to track your online activity.
- Be transparent about how the data will be used.
- Only collect the data that is necessary for the app to function and to improve it over time.
- Obtain user consent before collecting or using any data.
- Give users control over how their data is used.
- Design such that it disables the permissions automatically while app not in use.
The collection and use of user data by big companies' apps raises a number of serious ethical concerns. There are a number of ethical frameworks that can be applied to this issue. The United Nations has also taken steps to address the issue of data privacy, but more needs to be done to protect users' privacy in the digital age considering the consequences of data breach as discussed in the article. It is important for companies to be transparent about how they are using user data and to obtain user consent before collecting or using any data.
It is important to consider the ethical implications of using user data for generative AI and third-party sales.
Developers of apps that use generative AI and third-party sales should carefully consider the ethical implications of their technologies and take steps to mitigate any potential risks.
