IT Security Outsourced IT

Data Ethics

Data Ethics 

What is Data Ethics? Floridi & Taddeo1 define data ethics as, “…the branch of ethics that studies and evaluates moral problems related to data (including generation, recording, curation, processing, dissemination, sharing, and use), algorithms (including artificial intelligence, artificial agents, machine learning, and robots) and corresponding practices (including responsible innovation, programming, hacking, and professional codes), in order to formulate and support morally good solutions (e.g. right conducts or right values.” The authors go on to express that ethical challenges posed by data science can be delineated into three axes of research based on that definition: the ethics of data, the ethics of algorithms, and the ethics of practices. 

In the not-so-distant past it might have been amusing to imagine that organizations would need to take formal positions on the ethics of their data management, but here we are in these fascinating times. Organizations are data-centric and, as such, need to ruminate on what they believe their role/s to be in their varied relationships with data, as well as their associations with algorithms and practices. As is often the case, advances in technology have outpaced the development of the social and organizational cultures that tech resides within. Organizations that blindly embrace the technology can be forgiven for thinking that data is an inevitability in business today (because it is), but a single incident regarding the aforementioned problems related to data can transform what an organization might perceive as a swashbuckling spirit into what outsiders perceive as callousness or even criminality. Violations could lead to irrevocably broken trust, infringements of legal, business, and/or social varieties, or lead to foundational questions about the morality of an organization. And no one wants that!  

Worry not, it is not necessary to do a philosophical deep dive in order to move an organization towards ethical data responsibility. Here are four steps2 to take to get there: 

Identify a data risk expert in your organization. This leader needs to explicitly identify and mitigate risk of harm associated with data use. Look for an existing group that has already done the work of assessing risks and build from that existing framework. If no such group exists, and new one should be created from within your organization. 

Ensure privacy protection and appropriate transparency. Ethical data collection and analytics must, at a minimum, include informed consent, legal compliance, and anonymizing personally identifiable information so that it cannot be reverse-engineered to reveal identity. The risk leader needs to take a position on algorithmic ethics and transparency, and this position should be built into the framework. 

Anticipate and avoid inequitable outcomes. Managers need guidance on how to anticipate and address inequitably and biased outcomes. The risk leader can mitigate inequities by establishing standards for fairness and teaching fairness to managers. 

Align organizational structure with ethical risk assessment. The risk leader can work toward risk identification by establishing ethical accountability leaders within groups, ensuring consistent definitions and processes across groups through education and training, expanding groups’ perspectives on identifying and remediating ethical problems through collaborations with other groups, and creating incentives to build a culture that values data ethics. 

Appointing this one leader to address the three axes with these four steps can save your organization from countless ethical data problems.  

1 Floridi & Taddeo, 2016, “What is data ethics?” 

2 Shapiro & Blackman, 2020, “Four steps for drafting an ethical data practices blueprint”