In recent time, most of the business opted for online mode in order to accomplish their business goals and objectives. Barocas and Nissenbaum (2014) stated that online business offers scalability to the users, ease of findings their desired items and also allow them to make the selection and purchasing process efficiently. User makes purchases of some products by giving payments details. In some other services like admission in academic institutions and patients details on booking for counselling regarding some unseals diseases, users share details like their name, address, contact number, e-mail address (Davis 2012). In all these cases, the organization needs to safeguard the details of the users and keep the data anonymous from other users.
Spiekermann et al. (2015) highlighted that privacy refers to the situation when organization keep data to themselves and never broadcast the details to any other person. Wilkowska and Ziefle (2012) on the other hand stated that anonymity is different than privacy and organization can broadcast the action of the users but hide the details, who have done by hiding the details of the users. Organization like hospitals, government agencies and consultancy services adopts the methods of keeping the user data private so that no other person knows about other people’s activity (Pardo and Siemens 2014). Dawson (2014) moreover stated that online marketers and academic organizations utilizes the concept of anonymity in case of sharing users comments on the products review sections, details of the experience of the students regarding the course, facilities offered and faculties. Thus, it can be sad that IT professionals need to maintain the computing ethics of maintaining privacy and anonymity for protecting the user’s details and activity information. Thus, this proposal highlights the ethics of privacy and anonymity for handling online data by the IT professionals.
- How the IT professional maintain privacy and anonymity of the online data?
- What are the issues faced by these professional while maintaining privacy and anonymity of user data?
Overview of Privacy
Chen and Zhao (2012) stated that privacy is protection of user details against discovery and misuse of identity. However, in order to maintain proper privacy, some requirements are necessary to follow among which anonymity, pseudonymity, unobservability and unlinkability. Moreover, the process of prevention of the discovery of a user by other users is referred as privacy. In mid-1960s, American government formulated databases that contain data of the private citizens in order to built tax records, census data, welfare records and military service records (Hashem et al. 2015). The final outcome or statistics of the collected data is broadcasted and the individual perception shared by users is kept in private. The US congress had also taken the initiative to assign a personal identification number, which should be used for gathering all the government's data (di Vimercati et al. 2014). The problem arises when cyber criminals and intruders aims to gather, store, search, compare, retrieve different kinds of sensitive information. Moreover, in recent times, the risk like data-mining, data matching and recording of the click trails on the webpages have developed as the use of internet, world-wide-web, user-friendliness of the sources make immense growth.
Overview of Anonymity
di Vimercati et al. (2014) depicted that when a user may use resources and services without disclosing the identity of the user is known as anonymity. Thus, it can also be said that anonymity does not refer to hide the subject identify but it protects the users, who have formulated the subject. Some organization like government agencies, online marketers opts for anonymity of data as without which users can lose the ability to track the government’s initiatives and organization’s service details respectively. Anonymity also provides the provision of preventing different users being targeted or discriminated by other people based their perceptions, situation and opinions (di Vimercati et al. 2014). Anonymity on the Internet is common and many internet services allow the users to use a pseudonym to share their concern regarding the products or starting a chat with some service company. However, Chen and Zhao (2012) argued that the security system for the anonymous user is no effective or high on the internet. Every computer system has a unique IP address which also has the host name and the computer experts can take these details in order to find the name of the actual user. Hashem et al. 2015) highlighted that user can maintain anonymity by assigning a temporary IP address for single sessions but Chen and Zhao (2012) present an counter statement that in this case also the temporary IP address is logged by the Internet Service Provider (ISP). Thus, ISP assists in finding the actual user along with the details like who used IP number in what time. Thus, it is important for the IT professional to handle the data with proficiency so that none of the user’s self fulfillment, peace of mind and human values is compromised.
Technique to maintain privacy and anonymity
Technique to maintain privacy
Privacy of the data can be maintained through encryption and is available in the wb services that users use to share their concern. Hypertext Transfer Protocol Secure (HTTPS) automatically activates the encryption for HTTPS for all the sites that supports this protocol (Hashizume et al. 2013). Liu et al. (2013) furthermore stated that e-mail encryption software like Pretty Good Privacy (PGP) prevents web-mail provider to read the messages that is sent by the users and customers. Taken for instance, Off-the-Record Messaging (OTR) is an encryption tool that is used by the users to keep their message confidential among the parties. In addition to that, almost all the organization have opted for globalization of the business and they have huge number of users data that across different geographic locations. Rainie et al. (2013) highlight that these companies often opted for cloud services to maintain the data of their users and the IT professional there need to maintain the client confidentiality and have to follow five commandments. They first have to understand their requirement regarding data storage and security along with details of vendor’s abilities (Schadt 2012). Secondly, the cloud computing professionals have to follow regulatory commandments especially for SaaS-based vendors, who work globally and need to follow all the data protection regulations and organizations internal policies for data retention and access covering all employees and applications (Chen and Zhao 2012). In addition to that, the third commandment is to learn and teach, where the organization is liable to make employee aware of the security awareness and client confidentiality and take regular assessments regarding how the employee will react to unethical situations (Zyskind and Nathan 2015). The fourth commandment is to verify the data privacy process to ensure that all the employees are utilizing the encryption tool effectively. The last commandment is that company has to use high level of service to their client and cannot utilize low level (SQL) means (Chen and Zhao 2012).
Chen and Zhao (2012) stated that fragmentation techniques can also be utilized where data manipulation process are enhanced, processing time for the data encryption is decreased, optimizing storage, facilitating data distribution and transportation of data from one server to other and distributing processing costs. In the fragmentation process, the entre message is splitting into many attributes producing different vertical views also known as fragments so that the view seen by the external providers do not violate confidentiality. This technique is used in case of handling sensitive messages and the non authorized users do not have the liability to join these fragments to read the sensitive message chunks.
Technique to maintain anonymity
There are some organizations that provide anonymity servers, where the message is received and resent the message under another identity (Barocas and Nissenbaum 2014). There are two different categories of anonymity servers- full anonymity servers and pseudonymous servers. Chen and Zhao (2012) stated that full anonymity servers do not forward those information that is easily identified by other people. Moreover, pseudonymous servers are those where message are forwarded by using a pseudonym. The server hides the original name behind the pseudonym and then on receiving replies for the sender, the server transmits the original message to the originator (Laurila et al. 2012). Taddei and Contena (2013) also stated that these servers utilizes the concept of encryption for communicating between the real user and the server. Some organization in order to achieve high security against threat and cybercrime, they opted for achieve high security (Barocas and Nissenbaum 2014). Taddei and Contena (2013) furthermore added that some organization also select anonymity servers from different countries that resulted in more difficulty in retrieving the original message from intruder.
Image: Hiding real identity through several servers
(Source: Chen and Zhao 2012)
Neuman (2013) stated that in order to answer the developed research questions, it is required to collect appropriate research data. The analysis of the collected data needs to be carried out carefully so that the research question can be answered accurately. Taylor, Bogdan and DeVault (2015) stated that research data can be through two methods- primary data collection and secondary data collection method. (Cleary et al. 2014) stated that when data are collected directly from the humans like employees of an organization, communal from society, they data is known as primary data collection process On the other hand, when data are collected through secondary sources like newspaper excerpts, research papers, journal articles and government websites, the data collection process is known as secondary data collection process. The analysis processes are of two types- qualitative and quantitative (Robson 2016). Qualitative method is utilised when the data are to be evaluated theoretically; whereas, when numerical data are present and the data need to be analyzed statistically, the analysis process is said to be quantitative analysis technique. There are several classifications of the research methods that have their own strength and weakness and it is important to select the most suitable research method so that the developed research questions can be answered with accuracy.
Survey and Questionnaire
Data when collected directly from a larger sample size, the method of survey and questionnaire can be utilized. De Vaus and de Vaus (2013) stated that in this method a set of closed ended question which is based on the research variable is formulated that can be answered simply in ‘yes’ or ‘no’ or can be measured through likert scale representations. These questionnaire set is also comprised of some demographic questions. Fowler Jr (2013) furthermore added that these questions are prepared for statistical analysis of the responses and highlighting the outcome to answer the research question. The questionnaire through has a little difference with the survey that is questionnaire can be both qualitative and quantitative; while the survey is always quantitative.
The prime benefit of the survey questionnaire is that through this process large sample group can be targeted to get the research outcome. However, the question is designed based on that factors that is identified through previous researches and research papers and do not allow any respondents to share additional concerns even if they are relevant.
Data collection from the interview method is selected in order to explore the thinking, attitudes, assumptions, emotions and perceptions regarding the research topic (Saris and Gallhofer 2014). However, interviews are of three different types- structured, semi-structured or unstructured. In structured interview a list of questions is formulated which is pre-determined and these questions do not followed by any follow-up questions. The benefit of these types of interviews is that these answers are easy to administer (Brace 2018). Unstructured interview on the other hand focuses more on informal discussion and ask for personal experience regarding the research topic. Brinkmann (2014) argued that though unstructured interview sessions are interesting to conduct but suffers from many issues like difficult to identify the exact answer to the questions, confusing and need more time to conduct. On the other hand, the semi-structured interview consists of open ended question with opportunities provided to the interviewee to share some of their concern.
The prime benefit of the interview method is that it provides an in-depth analysis of the research question and often provide the opportunity to get a new direction towards the research topic. However the process suffers from the downside that it is very time consuming and the answers given by the respondent is biased and only refer to the perception of the interviewee only.
According to Wahyuni (2012), deliberately selected group of people participate in a planned discussion based on the research questions and research topic is known as focus group. Savin-Baden and Major (2013) on the other hand stated that small set of six to ten people having common characteristics like job designation, background, age group and working experience and share concern based on a particular topic is known as focus group.
The advantage of the focus group is it can allow the interviewer to obtain the exact feeing on the research topic. Petty et al. (2012) also portrays that immediate ideas reacted to the research topic can be identified and further suggestion can also be attained that can be considered as future research recommendations. This qualitative data collection method has disadvantages like not all research respondents express their honest and personal opinions in the group and thus this process do not cover maximum dept related with the research issue.
Case study analysis
Snyder (2012) stated that case studies are considered for highlighting specific issues related to the specific environment, organization and situation. The case study analysis can be categories into three parts- descriptive case studies, explanatory case studies and exploratory case studies (Savin-Baden and Major 2013). Descriptive case studies describe the outcome of the research questions through the findings of the secondary analysis. Marshall et al. (2013) depicted hat explains culture or sub-culture to define the key phenomena. On the other hand, an explanatory case study focuses on those researches that can answer the ‘how’ or ’why’ questions based on the occurrence of events. Lastly, the exploratory case studies aims for finding new direction related to the research outcome.
The benefit that can be attained through the case study analysis is that the integration of qualitative and quantitative data can be obtained. This analysis method focuses on the realty of the research related to the selected organization or industry. Lewis (2015) on the other hand argued that this type of data analysis have problem of not attaining the exact answer to the research question and suffers from lack of challenges associated with data analysis thus represents little basis for generalizations on conclusions.
Considered Methodologies Technique
Survey and Questionnaires
The research question “How the IT professional maintain privacy and anonymity of the online data?” can be better answered through the closed ended question asked by the IT professionals, who handles the users details and manipulate them according to the requirement of the organizations. Factors related to maintaining privacy and anonymity of the online user data are gathered from literature review and secondary analysis based on which the question for the research is designed. Furthermore, the managers or the team lead of the IT organizations will also be considered for the for the survey method where questions related to the handling online data for maintaining privacy and anonymity, present system and information on the future improvements will be asked. The survey question is distributed to 200 It professionals regarding the issue faced for the maintaining privacy and anonymity of the data.
The second research question developed for the research is “What are the issues faced by these professional while maintaining privacy and anonymity of user data?” This research question cannot be answered through the questionnaire method as not all the employee faces same issues or the issues highlighted in the questionnaires. Thus, the employee, who handles the online data and maintain all the regulation for protecting those data need to be interviewed. Questions like “What are major issue you think comes while maintaining privacy and anonymity of online data?’, “What issues you faces the most of the time while handling the data?” and “How you manage to cope up with the occurred issues regarding maintaining privacy and anonymity of user data?” can be easily asked from the employees in order to get accurate response and answer to the research questions. The interview is asked from 10 IT professionals including managers.
The research aims for investigating on the topic ‘ethics of privacy and anonymity for handling online data’. This topic is selected in order to highlight the issue of confidentiality breaches where technology has been developed to such an extent that almost all the work are accomplished through online and world wide web. Several research papers have been evaluated to gather the overview of the privacy and anonymity of online data and how IT professional maintains privacy and anonymity of the online data while maintaining the user’s requirements and regulations. This research also highlights to utilize the method of survey and questionnaires for answering the first research question that is “How the IT professional maintain privacy and anonymity of the online data?” and interview method for answering the research question “What are the issues faced by these professional while maintaining privacy and anonymity of user data?”
Ethical Review Form
The ethics review form highlighted some of the ethics that is related with the research topic. This research will protect all the research data collected from the respondents under the legislation Data Protection Act 1998. These data will be collected only from the humans and are used only for the research purpose. The collected data will be deleted once the research outcome will be obtained (Refer Appendix, section 10.2).
All the research respondents will be provided with the consent form which represents that all the respondents agree on participating in the research. The consent form provides the participants with the full details of the research objectives in the understandable language that is English. These concert forms are duly signed by the research respondents prior starting take participation to answer the research questions. The respondents also have the provision to quit from the research anytime they want (Refer Appendix, section 10.3).
The pilot study comprised of the quantitative and qualitative research questions based on the research topic. The quantitative research question is asked by the IT professional on how they maintain the privacy and anonymity of the online data users and the qualitative research questions are asked to the managers of the company on how they maintain the privacy and anonymity of the online data and also about their strategies for future improvement for maintaining privacy and anonymity (Refer Appendix, section 10.4).
Barocas, S. and Nissenbaum, H., 2014. Big data's end run around procedural privacy protections. Communications of the ACM, 57(11), pp.31-33.
Barocas, S. and Nissenbaum, H., 2014. Big data's end run around procedural privacy protections. Communications of the ACM, 57(11), pp.31-33.
Brace, I., 2018. Questionnaire design: How to plan, structure and write survey material for effective market research. Kogan Page Publishers.
Brinkmann, S., 2014. Interview. In Encyclopedia of critical psychology (pp. 1008-1010). Springer New York.
Chen, D. and Zhao, H., 2012, March. Data security and privacy protection issues in cloud computing. In Computer Science and Electronics Engineering (ICCSEE), 2012 International Conference on (Vol. 1, pp. 647-651). IEEE.
Cleary, M., Horsfall, J. and Hayter, M., 2014. Data collection and sampling in qualitative research: does size matter?. Journal of advanced nursing, 70(3), pp.473-475.
Davis, K., 2012. Ethics of Big Data: Balancing risk and innovation. " O'Reilly Media, Inc.".
Dawson, P., 2014. Our anonymous online research participants are not always anonymous: Is this a problem?. British Journal of Educational Technology, 45(3), pp.428-437.
De Vaus, D. and de Vaus, D., 2013. Surveys in social research. Routledge.
di Vimercati, S.D.C., Erbacher, R.F., Foresti, S., Jajodia, S., Livraga, G. and Samarati, P., 2014. Encryption and fragmentation for data confidentiality in the cloud. In Foundations of Security Analysis and Design VII (pp. 212-243). Springer, Cham.
Fowler Jr, F.J., 2013. Survey research methods. Sage publications.
Hashem, I.A.T., Yaqoob, I., Anuar, N.B., Mokhtar, S., Gani, A. and Khan, S.U., 2015. The rise of “big data” on cloud computing: Review and open research issues. Information Systems, 47, pp.98-115.
Hashizume, K., Rosado, D.G., Fernández-Medina, E. and Fernandez, E.B., 2013. An analysis of security issues for cloud computing. Journal of internet services and applications, 4(1), p.5.
Laurila, J.K., Gatica-Perez, D., Aad, I., Bornet, O., Do, T.M.T., Dousse, O., Eberle, J. and Miettinen, M., 2012. The mobile data challenge: Big data for mobile computing research. In Pervasive Computing (No. EPFL-CONF-192489).
Lewis, S., 2015. Qualitative inquiry and research design: Choosing among five approaches. Health promotion practice, 16(4), pp.473-475.
Liu, X., Zhang, Y., Wang, B. and Yan, J., 2013. Mona: Secure multi-owner data sharing for dynamic groups in the cloud. ieee transactions on parallel and distributed systems, 24(6), pp.1182-1191.
Marshall, B., Cardon, P., Poddar, A. and Fontenot, R., 2013. Does sample size matter in qualitative research?: A review of qualitative interviews in IS research. Journal of Computer Information Systems, 54(1), pp.11-22.
Neuman, W.L., 2013. Social research methods: Qualitative and quantitative approaches. Pearson education.
Pardo, A. and Siemens, G., 2014. Ethical and privacy principles for learning analytics. British Journal of Educational Technology, 45(3), pp.438-450.
Petty, N.J., Thomson, O.P. and Stew, G., 2012. Ready for a paradigm shift? Part 2: Introducing qualitative research methodologies and methods. Manual therapy, 17(5), pp.378-384.
Rainie, L., Kiesler, S., Kang, R., Madden, M., Duggan, M., Brown, S. and Dabbish, L., 2013. Anonymity, privacy, and security online. Pew Research Center, 5.
Robson, C., 2016. How to do a research project: a guide for undergraduate students. John Wiley & Sons Incorporated.
Saris, W.E. and Gallhofer, I.N., 2014. Design, evaluation, and analysis of questionnaires for survey research. John Wiley & Sons.
Savin-Baden, M. and Major, C.H., 2013. Qualitative research: The essential guide to theory and practice.
Schadt, E.E., 2012. The changing privacy landscape in the era of big data. Molecular systems biology, 8(1), p.612.
Snyder, C., 2012. A case study of a case study: Analysis of a robust qualitative research methodology. The Qualitative Report, 17(13), p.1.
Spiekermann, S., Acquisti, A., Böhme, R. and Hui, K.L., 2015. The challenges of personal data markets and privacy. Electronic Markets, 25(2), pp.161-167.
Taddei, S. and Contena, B., 2013. Privacy, trust and control: Which relationships with online self-disclosure?. Computers in Human Behavior, 29(3), pp.821-826.
Taylor, S.J., Bogdan, R. and DeVault, M., 2015. Introduction to qualitative research methods: A guidebook and resource. John Wiley & Sons.
Wahyuni, D., 2012. The research design maze: Understanding paradigms, cases, methods and methodologies.
Wilkowska, W. and Ziefle, M., 2012. Privacy and data security in E-health: Requirements from the user’s perspective. Health informatics journal, 18(3), pp.191-201.
Zyskind, G. and Nathan, O., 2015, May. Decentralizing privacy: Using blockchain to protect personal data. In Security and Privacy Workshops (SPW), 2015 IEEE (pp. 180-184). IEEE.