Page 103 - Data Science class 11
P. 103
1.4 Why Do Data sciEntists nEED to UnDErstanD Ethics?
Definition of Ethics: Ethics examines the rational justification for our moral judgments; it studies what is morally
right or wrong, just or unjust organisation must have a policy to deal with the data ethically. It's not merely a
legal requirement but essential for long term success of any organisation. Any organisation that deals with a large
environment and wants to adjust on long term basis, must follow data ethics.
As data scientists who get access to a vast amount of data in their data analysis, it is rather essential for them to
adhere to ethical guidelines. The use of protective mechanisms and policies to discourage the mishandling and
unethical use of data should be made part of best practices.
You will observe from the examples given below, how unethical data handling resulted into not only loss of reputation
but also loss of customers. This is because negative scenarios arise if ethical guidelines are disrespected.
1.4.1 a Few miscreants can do an immense amount of harm
During year 2010–2020, we have seen many organisations have suffered due to data breaches. Hackers worldwide
have become very active and are on the lookout to crack through a reputed organisation's firewalls and steal important
data from their servers. The stolen data-set is then sold out for a hefty sum.
Adobe reported that in early October 2013, hackers had stolen almost three million encrypted customer credit card
records and login data for an undetermined number of user accounts. Days later, Adobe increased that estimate to
include IDs and encrypted passwords for 38 million ‘active users’. Security blogger Brian Krebs then reported that a
file posted just days earlier “appears to include more than 150 million usernames and hashed password pairs taken
from Adobe”. Weeks of research showed that the hack had also exposed customer names, password, and debit
and credit card information. An agreement in August 2015 called for Adobe to pay $1.1 million in legal fees and an
undisclosed amount to users to settle claims of violating the Customer Records Act and unfair business practices. In
November 2016, the amount paid to customers was reported to be $1 million.
Yahoo announced in 2016 that the account information of at least 500 million users was stolen by hackers two years
ago—this is the biggest known intrusion of a company’s computer network.
In a statement, Yahoo said that user information—including names, email addresses, telephone numbers, birth dates,
encrypted passwords and, in some cases, security questions—was compromised in 2014 by what it believed was a
“state-sponsored actor”.
While Yahoo did not name the country involved,however the company discovered the hack after nearly two years
offered a glimpse at the complicated and mysterious world of the underground web.
Till date, Yahoo holds the title for the largest data breach in the history of the Internet. This data breach had exposed
the email addresses, names, dates of birth of around three billion people.
Another example of a data breach is that of Marriott (Starwood) hotel. In 2018, Marriott’s data team had confirmed
that around 383 million accounts of the guests were hacked two years back (2016). The breach had exposed the
names, addresses, contact numbers, and passport information of the guests whose accounts were compromised.
In April 2019, it was revealed that two datasets from Facebook apps had been exposed to the public Internet. The
information related to more than 530 million Facebook users included phone numbers, account names, and Facebook
IDs. However, two years later (April 2021), the data was posted for free, indicating new and real criminal intent
surrounding the data.
It is doubted that Cyber thieves may have stolen names, email addresses, telephone numbers, dates of birth and
encrypted passwords, the company said. But unprotected passwords, payment card data and bank account details did
not appear to have been compromised, indicating that some of the most useful user data was not taken.
1.4.2 Lack of consent
One of the leading social networking sites experimented to elicit a reaction from the users, wherein without consent,
they purposely fed the users highly extreme point of view and particularly incendiary part of the news in their
Ethics in Data Science 101

