The Difference Between Misusing And Exploiting Personal Information

There’s constant talk in the “internet space” about what can and can’t be done with personal information collected from users. The most benevolent way this data is used is when the data is mined for certain demographics and the demographics, not the data itself, is used to sell advertising on the web presence of the service. Many free services use this tactic.

But in some cases this personal information is exploited. The data itself may be sold to third parties who you may or may not want to have you data. In most of these cases you’ve actually agreed to allow this data to be shared by way of a ‘terms of service’ agreement or similar legal agreement you accepted when signing up for the service.

I’d agree that in many cases where this data is exploited there actually is no regard taken for the users. But I’d stop short of saying that all exploiters are nefarious because I don’t believe this to be the case. In fact I’d say that there are many cases where the person making the decision to use this data in such a way is just out of touch with what the users would actually allow and, in some cases, what is actually legal.

One example I can cite is an incident that occurred several years ago when I worked in online advertising. We had an agency who wanted to run an ad that included a form in which the user could enter their email address to receive more information about the advertised product. The project manager working on building our infrastructure to handle the collection of the email addresses and the mechanism to deliver them to the agency had a brilliant idea. What if we build into the contract a clause that gave use permission to keep a copy of these email addresses and use them for our own purposes? Imagine what we could do with such a list! And if we do it with one agency on one campaign we could certainly do it with others as well and eventually have a large email list that we could make a lot of money with!

Though the idea was great from a money making perspective it really sucked from an ethics point of view. I explained to the project manager, who never had a problem bragging about his MBA, about the ethical side of this and the fact that we’d be upsetting everyone who unknowingly submitted their email addresses for this project. He responded that we’d put up a legal disclosure allowing us to do it. A legal disclosure makes the practice legal but does not make it ethical.

We talked about the issue for a while and he just couldn’t step out of his own shoes, those of someone who sees an opportunity to make money and the technical means to do it, and look at it from the user angle. Hence he couldn’t understand any of the arguments I made against collecting the email list. In the end the legal department would not let him go ahead with his idea but he was kicking and screaming the whole way.

My point is this: Here’s is a smart individual (who also was a very nice guy that I will always remember as a good person) just couldn’t see that there was something not quite right or nice about a particular idea he had. It’s not that he was purposely looking to irk the people whose information he’d be collecting but rather that he couldn’t see why anybody would be upset by it. There was a disconnect that had no hope of being connected at that point in time.

How often do such disconnects end up in ill advised use of user’s personal information? I don’t know. But I’d certainly say that this happens more than people think. It may even happen more than purposely evil use of such data.


If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.


No comments yet.

Leave a comment