Privacy Failures

Category: When Analytics Works

As the Cambridge Analytica scandal mentioned above shows, even when privacy is desired and expected, it can be violated or break down. This is a case where analytics works as designed, but the supporting systems and environment do not. There have been numerous instances of failure over the years.

One class of failure occurs when the company in question breaches what is normally considered to be the ethical acquisition of data. For example, in one of the most high profile the inBloom service was closed down on April 21, 2014 (Kharif 2014). In another case, the data from rented tablets with pre-installed apps was used without the informed consent of the parents (Griffiths, et.al., 2016:4).

The second class of breach occurs when the collection of data collection itself is of questionable ethical value. This is the case in the Cambridge Analytica breach (Cadwalladr and Graham-Harrison, 2018) where the data described not only the user but also their friends and contacts. A similar case involved the credit-monitoring firm Equifax, which compiles data on people whether they want them to or not (Fruhlinger, 2019). In Holland, a System Risk Indication (SyRI) was designed by the Dutch government to identify people likely to commit benefits fraud. In a recent case, the District Court of the Hague ruled that it " failed to strike a balance between the right to privacy and the public interest" (Privacy International, 2020).

Examples and Articles

Annual number of data breaches and exposed records in the United States from 2005 to 2020
"In 2020, the number of data breaches in the United States came in at a total of 1001 cases. Meanwhile, over the course of the same year over 155.8 million individuals were affected by data exposures." Statistica, Mark Johnson, March 3, 2021. Direct Link

Do you have another example of Privacy Failures? Suggest it here

Force:yes