Information Technology and Ethics/Privacy Policies
For any privacy policies to be effective, it should be clear and conspicuous, posted in a prominent location, and readily accessible from both the site’s home page and any web page where information is collected from the consumer. It should also be unavoidable and understandable so that it gives consumers meaningful and effective notice of what will happen to the personal information they are asked to divulge. As mention before, the statements within a privacy policies should reflect the spirit of the privacy principles created by the FTC and/or OECD.
Privacy on the Internet is a concern because there is valuable information that is sent and received online. Therefore, the Federal Trade Commission has developed five principles for fair information practice which are: notice/awareness, choice/consent, access/participation, integrity/security, and enforcement/redress. European countries have similar principles which are called the OECD privacy principles.
The FTC has identified five principles to ensure that the practices surrounding the collection and use of electronic information are fair and provide sufficient privacy protection. The principles are commonly referred to as FIPP (Fair Information Practice Principles); they are: Notice/Awareness; Choice/Consent; Access/Participation; Integrity/Security; and Enforcement/Redress. Depending on the industry an online merchant conducts business in, they must adhere to these principles accordingly .
Notice/awareness - requires the company to provide consumers with a notice before collecting their personal information. Choice/consent - allows consumers to control how their information is used. Access/participation - allows consumers to view the data collected about them and gives them the opportunity to correct any incorrect information about them. Integrity/security - requires the information collected to be stored safely and securely. Enforcement/redress - the above four principles are enforced.
International countries such as Canada and nations in the European Union have to enforce and adhere to the OECD privacy principles. These principles are similar to FIPP in rhetoric and composes of eight fundamental principles for privacy protection that can be used as the benchmark for assessing organizations’ privacy policies : collection limitation, data quality, purpose specification, use limitation, security safeguards, openness, individual participation, and accountability. These principles apply in the public and private sectors, and “outline the rights and obligations of individuals in the context of automated processing of personal data, and the rights and obligations of those who engage in such processing.”  Of the eight principles mentioned, use limitation, security safeguards, data quality, openness, individual participation, and accountability closely relate and identify with the FTC’s FIPP.
There are many companies that have been known to violate these principles. Some of these companies include large technology companies such as Apple, Facebook, and Microsoft. For example, in April 2018 Mark Zuckerberg of Facebook faced Congress regarding Facebook’s data practices. It was discovered that the information of the 2 billion users on Facebook was being scraped by malicious actors. Congress warned Zuckerberg that it would look into regulating Facebook because the executives at Facebook have not been able to do so.
With the privacy policies of Facebook, users blindly agreed to Facebook’s Terms and Conditions without reading them. Amanda Scherker states, “Carnegie Mellon researchers determined that it would take the average American 76 work days to read all the privacy policies they agreed to each year”. In the article she summarizes what the users agreed to during the signup process. Nothing on a Facebook account is private. Facebook observes what posts their users wrote but decided to not post. No information on a deactivated account goes invisible. Facebook owns the right to track your web surfing anytime you logged into a site. They even work with companies to track users purchases in real life. Facebook uses the location services that use mobile phones to locate their users. Eventually, the locations the users will be visiting will be used to sell them things. Users can also be subjects to research without being informed. Even for users who have read the terms and conditions, Facebook hold the right to change them at any time. Users’ information is used for profit with no compensation to the users.
There are Facebook’s business partners that trick their users to take surveys or little quizzes or some games. Many users take quizzes that will predict things like “Who loves you?” “Who will you marry?” or “What movie star are you like?” All of these questionnaires will tell the users they will be using their profile information to make their predictions but they never stop using their profile information even after the predictions are made. Then this data is used to make profit by selling it to other companies without informing their users.
There are privacy procedures that users may take upon their own hands to guard themselves from data being stored by Facebook. It is also important to notice that most users are not aware of such tools and Facebook’s settings are too complex to find where to disable the features. As Dann Albright writes in his article, “right now, the information that Facebook sells to advertisers has to do with your activity on Facebook: pages you like, people you follow, apps you connect, and so on. Until now, Facebook hasn’t sold any of the data it collects about your browsing outside of Facebook.” In other words, Facebook has set up some cookies that can keep track of certain websites that you visit and what you do within them. For example, many articles posted on the internet now have a logo that allows the viewer to share that article onto their Facebook timeline. These are all activities that Facebook keeps track of, even when no direct connection is made to the user’s Facebook profile. Now, they have intended on selling that information as well to other advertisers. In the article, Albright (2014) presents his opinion about Facebook as a company that will do whatever it takes to make more money because there is no chance of billions of users all closing their account. The protection of personal information still holds important values to everyone but the definition of personal information varies among individuals. Therefore, the policies of Facebook should give the right to their users to decide what information should and should not be in the market for bargain.