Moral and regulatory knowledge of data science

1、 Data double edge

Data science itself is a double-edged sword , The State implements the big data strategy , Promote the construction of data infrastructure , Encourage and support data in all industries 、 Innovative applications in various fields , For example, developing and utilizing data , Providing intelligent public services 、 Improve health care 、 Reduce insurance costs 、 Build a smart city, etc ; However , meanwhile , It can also be used to monitor private life , Send spam , Control our behavior in an open and hidden way .Ofter Has been publishing data science related content , Data security should be the most important part of data science , therefore , This issue popularizes the knowledge about data security .

2、 Data discrimination ： User portrait

at present , It is very popular at home and abroad to establish various user portraits . These portrait data are built by integrating data from multiple data sources , Often mixed with noise and missing , It often misleads the users of data . Unexpectedly, these marketing portraits may also be sold to companies in various industries , The result is predictable , The marketing evaluation of one person can penetrate into many fields .

A simple example , My colleagues and I ofter To travel together , I booked a hotel big bed room on a platform , It took 400 element / On the evening of , however ofter A room of the same specification is also booked on the platform , It took 300 element / On the evening of . By what kind of mobile phone , Usual consumption habits, etc , The platform will classify different people into different consumption confidence intervals .

For this differentiated pricing , The platform has constituted consumer discrimination . More Than This , This abuse of algorithms will also affect social fairness , For example, a recruitment platform tends to show high paying jobs to candidates whose portrait data is marked as male , Not female candidates , This constitutes sexism .

3、 Data protection regulations and supervision

“ Snowden incident ” After the outbreak , The EU is dissatisfied with Facebook、 Multinational companies such as Google have repeatedly violated citizens' privacy , On 2018 Issued in “ The most stringent data protection law in history ”—— GDPR《 General data protection regulations 》, The general content is as follows ：

• Definition of personal sensitive data
• Accountability mechanisms — Start with design privacy protection and default privacy protection
• Rights of data subjects ： The right to know 、 Access right 、 Right of correction 、 Portability 、 Right to delete 、 Limit the right to deal with 、 The right to object and the right to automate individual decision-making .
• The responsibility of the data processor
• Data protection supervision

We can see from the following table the fines imposed by EU on companies violating data protection regulations , It can also be seen that the EU has raised personal data protection to the top priority and put it into action .

surface 3-1

The meaning of data protection regulations is not just to make fines , At the same time, it is also causing business activities to develop in a good direction . If there are no laws and regulations related to data protection , Enterprises will still abuse people's data without restraint .

4、 Domestic data security

China has introduced 3 Department of complementary data protection regulations ：《 Data security law of the people's Republic of China 》、《 Network security law of the people's Republic of China 》、《 Personal information protection law of the people's Republic of China 》.

National data security is stipulated in a large part of the data security law , What is national data security ？ Is it only related to military affairs 、 Is data such as strategy called national data security ？ Like a person's genetic sequence 、 Photo 、 video 、 Bodybuilding 、 shopping 、 When data such as motion increases to a certain level , It will also become a sharp blade hanging over our heads .

A kind of fitness in America APP-Polar The incident is a very typical case , adopt 6000 A number of Polar User's fitness information , Restore more than 200 individual “ Confidential area ” Coordinates of ： Include 48 At the nuclear weapons Repository 、18 An intelligence agency 、6 A drone base 、2 Nuclear power plant 、2 Royal residence, etc . An insignificant software still involves such an important secret , The data collected by other kinds of applications will only be more shocking .

surface 3-1 Both China and Europe are EU countries / Law enforcement arising from the special investigation of enterprises by regional data committees or similar authorities , The behavior of the above-mentioned enterprises can be found everywhere in China . For foreign social platforms , And a platform that could potentially threaten Chinese data , In terms of data security alone , Domestic measures are negative , All shielded . This can really help , But many people will try to bypass this kind of shielding through various means and ways . and , The development of domestic economy , A large number of young people will study abroad 、 Work 、 settle , Even immigrants , They may disclose personal data intentionally or unintentionally ; Under the process of globalization, domestic enterprises will also set up companies in other countries , How to prevent them from divulging the collected and abused Chinese data to other countries ？ in addition , A large number of servers in some enterprises are deployed abroad , How to control it ？

therefore , The most important problem we need to solve is how to ensure that large-scale technology 、 signal communication 、 Companies such as banks do not abuse and process data . If we can't make these enterprises strictly comply with data security related regulations , Then our privacy and data rights will never be guaranteed . Besides , We also need to popularize and strengthen personal data security awareness , Prevent big data from maturing 、 Leakage of personal privacy and sensitive information .

5、 Privacy protection for special groups

For some special groups , Like a minor 、 People with disabilities 、 aged , They should be given extra protection , They generally lack a sense of risk 、 Knowledge of safeguards and rights related to the processing of personal data . We need to protect their privacy , Prevent inappropriate advertising 、 The pop-up window appeared in front of them . This involves designers , Need to consciously 、 Actively consider embedding privacy protection into technology and Architecture .

6、 Recommendations for data security

Because the European Union gives top priority to personal data security , Therefore, the guidelines for the preparation of personal data security are relatively detailed , It can be used as a reference to learn .

• Collection restriction principle ： Personal data should only be legally obtained with the knowledge and consent of the data subject .
• Data quality principles ： The personal data collected must be relevant to the purpose ; They should be accurate 、 Complete and up-to-date .
• Principle of clear use ： When collecting personal data , The data subject should be informed of the purpose of the information . Besides , Although the change of use is allowed , However, they should not be introduced arbitrarily （ The new use must be compatible with the original use ）, And shall indicate to the data subject .
• Use restriction principle ： The use of personal data is limited to the purposes known to the data subject , Without the consent or legal authorization of the data subject , Relevant information shall not be disclosed to a third party .
• Safety and security principles ： Personal data should be secured , In case of deletion 、 Theft 、 Disclosure 、 Modification or unauthorized use .
• Principle of openness ： The data subject should be able to collect 、 Storage and use of personal data , Obtain data in a reasonable and convenient manner .
• The principle of individual participation ： The data subject has the right to access and question personal data .
• Principle of accountability ： The data controller is responsible for complying with these principles .

Strengthen the right of data subject to data ： The data collector shall clearly and accurately indicate the scope and results of data processing . Data subjects are free to make informed decisions according to their wishes 、 Agree to process personal data related to it . And use stronger laws and regulations to correct the abuse of personal data .

secondly , With data integration 、 reusing 、 Strengthening of analysis and positioning , The public's attitude towards data privacy may become more rigid in the next few years , This has led to stricter regulation . Consciously 、 Transparent 、 Ethical action , Is the best way to ensure that a secure data science is built .