The importance of ethics in information management

Advancements in data collection and processing may tempt information management professionals to use as much customer data as possible. Yet, more data use means less privacy.

Technological innovation can improve society, but without guardrails, it can cause massive harm.

Humanity's ability to collect and process information has increased greatly over the last few decades, with no signs of slowing down. On the one hand, this has made life easier for people and organizations. For example, retailers who track customers' web behavior and social media interests can anticipate people's needs and send them relevant product recommendations. Additionally, AI in medical settings can analyze patterns in large data sets, diagnose diseases and save lives.

However, as authors Daragh O Brien and Katherine O'Keefe note in their book, Data Ethics, 2nd Edition, organizations must pair a passion for technology with a reverence for ethics to prevent the misuse of information.

"If we're technologists or passionate about a particular field, we want to push the envelope. Ethical use of data requires us to step back and ask not simply, 'Is this something we can do?' but 'Is this something we should do?'" O Brien said.

Excitement for technological innovation and profit can cause information management professionals to collect and process people's personal information without serious consideration for privacy. For example, in 2013, the political consulting firm Cambridge Analytica collected personal data from millions of Facebook users without their consent, resulting in bankruptcy for the firm and a $5 billion fine for Meta, formerly Facebook.

Unethical uses of data like the Cambridge Analytica scandal have led to data privacy regulations like the GDPR and CCPA. To preserve stakeholders' privacy and avoid compliance failures, information management professionals should implement ethical information management frameworks in their businesses. To do this, organizations must first identify data ethics principles based on broad values in their society, O Brien said.

The ethical challenge data leaders face

A society's values can vary depending on region, but common data ethics principles in the U.S. and Europe include the following:

  • Ownership. Individuals own their personal information, and organizations need their consent to collect it.
  • Transparency. Organizations that collect people's personal data must clearly outline how and why they use it.
  • Individual agency. Individuals should be able to prompt organizations to delete any personal data they no longer want them to store.
  • Privacy. Organizations must use security protocols to protect personal information from data leaks and breaches.
  • Accountability. Organizations must take responsibility for data leaks and breaches of stakeholder information.

After information management professionals identify broad data ethics principles, they must then translate those principles into actionable policies and procedures, O Brien said. For example, if a generative AI vendor claims to value transparency, it must create clear policies to ensure customers understand how the tool works and how developers trained it.

The front cover of the book 'Data Ethics.'Click to learn more about
this book.

In Chapter 7 of Data Ethics, 2nd Edition, "Introducing the Ethical Enterprise Information Management (E2IM) framework," O Brien and O'Keefe introduce a model to help organizations implement an ethical information management strategy.

The E2IM framework encourages organizations to align their business, information and technology strategies with each other, because misalignments can cause ethical information management strategies to fail. For example, an organization that misaligns its technology and information strategies might purchase a CRM system that lacks the necessary security features to support its commitment to privacy.

Additionally, the E2IM model asks organizations to align their ethical principles with the ethics of society, which is what society generally considers good and bad behavior. This requires organizations to comply with data privacy regulations, but it also asks them to do more. Regulations often lag technological innovation by many years, so organizations might encounter scenarios where society views a perfectly legal business practice as unethical. In this sense, the E2IM encourages organizations to prioritize the ethical use of data, whether it's enforced by law or not.

"It's simply a way of thinking about how society and organizations interact with each other," O Brien said.

To learn more about the E2IM framework, download this free chapter excerpt from Data Ethics, 2nd Edition.

Editor's note: This extract from Data Ethics, 2nd Edition by Katherine O'Keefe and Daragh O Brien is copyright 2023 and reproduced with permission from Kogan Page Ltd.

Tim Murphy is associate site editor for TechTarget's Customer Experience and Content Management sites.

Next Steps

 Information governance challenges and how to overcome them

Compare information governance vs. records management

Dig Deeper on Information management and governance