Please send questions to
st10@humboldt.edu .
What are some questions/issues related to databases,
society, and ethics?
(list compiled during our in-class discussion --
questions/issues given by class members)
(sorry for typos below... 8-) )
* how do you maintain confidentiality, availabilty,
and security when a database has to violate some of
those just to work?
* in how many databases is your personal information
(and how trustworthy are their administrators?)
* what should be the repercussions when we see that
data is being misused? And how do we address that
when we discover it?
* what are the "snowball" issues of getting too used
to being willing to give out information about ourselves?
* what are the checks and balances to prevent
falsified info from being input?
* how do you insure double-blindness? (that user
is trustworthy, as well as the db administrator)
* what are the ethics of targeted advertising?
* how long can/should a university keep information
on its former students? how long should any
organization keep information on former members?
* how easy should it be to be able to remove one's
information from a database/data store?
* what's appropriate to be asking of your users?
* what about proprietary informaiton or trade
secrets?
* who can you release information to, and what are
repercussions?
* who should be liable if the client information
was false? (provider of the information, or
the disseminator?) (consider ebay...)
* because break-ins are likely never completely
preventable -- what data is it OK to store at
all?
* how safe is my data if security is broken?
if something really important gets out?
* what are an organization's obligations to
help when information they have stored on
someone gets out? what is their obligation
to the affected person?
* who should - are should someone - be responsible
if there is a data breach?
...who is at fault? is it your fault for
giving the information to the database,
or those in charge of the database?
* who is who? what about old/abandoned databases?
old/defunct companies or websites, etc.?
* what is OK with regard to selling data? why do
we allow that?
* what access level is required when you post,
say, a resume? Can anyone see, or should you
be able to restrict access to just companies
you approve?
* what information should be public? what government
information, what business information, etc.
(Wikileaks!)
* how should sensitive data be encrypted?
* should there be multiple levels of security?
is encryption enough? or also other levels;
* as a user, how do I know that a database is safe?
(how do I know they're going to handle it
using reasonably secure means?)
* how does one balance curiosity about database
functions with security considerations?
(doctors take the hippocratic oath, for
example)
* corporations selling your data to other
corporations for their profit;
* to what extent is it permissible to have
falsified data in a database?
* cookies! is it OK to save data session
informaiton? data mining public data --
is this OK?
* are we aware how much data is being kept
on everyone -- and some charge for access to
it!
* how should the rights be given to users to
use a database, but unauthorized users be
kept out?
* how transparent are the privacy settings?
how obvious is it what can be shared and what
can't?
* if a Web 2.0 company -- where your business
depends on lots of people -- how do you manage
that information without angering people?
* google car -- gathering open wifi passwords...?
* unforeseen combination of databases that are
out there!
* how can one correct information about oneself
that is inaccurate? How do you know what's out
there? Can you ask for info to be removed?
The issues are many -- and, even after just this one
course, you know more about databases and querying them
than the vast majority of the general public.
You someday may be in a position of having to make decisions
or to help shape policy in some of these areas, and it would be
good for you to think about them, and learn more about
them... 8-)