Privacy vs Ethics Dilemma

Posted on by Justin PinedaIn COMSEC1, Information Security, Lessons, Social issues4 Minutes Read

Privacy vs Ethics Dilemma

Instructions

  1. Read your assigned case carefully.
  2. Discuss the situation as a group.
  3. Determine what action you would take.
  4. Identify which privacy and ethical theories support your decision.
  5. Identify which privacy and ethical theories oppose your decision.
  6. Prepare a 5-minute presentation defending your position.
  7. There are no absolute right or wrong answers. The objective is to justify your decision using privacy and ethics concepts.

 

CASE 1 (Odd Number Groups)

The Silent Passenger

Background

It is the year 2030.

A major typhoon has struck several provinces in the Philippines. Flooding, landslides, and power outages have affected hundreds of thousands of people.

The government has deployed emergency rescue teams, military personnel, and humanitarian organizations to evacuate civilians.

To improve rescue efforts, the government recently launched a mobile application called SafePath. Citizens voluntarily installed the app during the previous year. The application continuously collects:

  • GPS location
  • Travel history
  • Family member information
  • Emergency contacts
  • Health conditions
  • Mobility limitations
  • Personal identification details

The government assured citizens that all collected information would only be used for emergency preparedness and would remain private.

 

The Incident

During rescue operations, emergency analysts discover something alarming.

Satellite imagery shows that a passenger bus carrying approximately 50 people disappeared near a mountainous area that recently experienced a massive landslide.

Authorities believe the passengers may still be alive but trapped somewhere within a 30-kilometer search zone.

Every hour that passes significantly decreases their chance of survival.

Rescue teams have already searched multiple locations with no success.

A government data analyst realizes that SafePath contains detailed historical location data of several passengers believed to be on the bus.

By analyzing their movement patterns, travel history, and social connections, authorities could predict the likely route the bus took and significantly narrow the search area.

However:

  • The passengers never consented to this specific use of their data.
  • The government’s privacy policy explicitly states that collected data will not be used outside its originally stated purpose.
  • Accessing the data would violate internal privacy rules and national privacy commitments.
  • Once this precedent is established, future governments may justify similar access for less noble reasons.

Without accessing the data, rescue teams estimate only a 25% chance of finding survivors.

With access to the data, rescue teams estimate a 90% chance of locating survivors before conditions worsen.

 

Your Role

You are a member of the National Emergency Ethics Committee.

You must decide whether to authorize the use of the private data.

 

Discussion Questions

  1. Should the government access the SafePath data?
  2. Would your answer change if only one person was trapped instead of fifty?
  3. What are the short-term benefits?
  4. What are the long-term risks?
  5. Would citizens lose trust in government after learning of the decision?
  6. If you approve access, where should limits be established?

 

Privacy Schools of Thought to Consider

  • Privacy as Control Over Personal Information
  • Privacy as a Human Right
  • Privacy as a Derivative Right
  • Privacy as Limited Access
  • Privacy as Contextual Integrity

 

Ethical Theories to Consider

  • Utilitarianism
  • Deontology
  • Virtue Ethics
  • Social Contract Theory
  • Rights-Based Ethics

 

CASE 2 (Even Number Groups)

The Hospital Firewall

Background

A sophisticated ransomware group has launched attacks against hospitals throughout Southeast Asia.

Several hospitals have already been affected.

Patients have died after critical medical systems became unavailable.

The Philippine Department of Health receives intelligence from an international cybersecurity alliance indicating that a local hospital network may be the next target.

The alliance provides a list of suspicious internet accounts, encrypted messaging channels, and online identities believed to belong to the attackers.

 

The Problem

The intelligence agency requests emergency authorization to conduct covert monitoring of the suspects.

The proposed monitoring would include:

  • Reading private messages
  • Monitoring online conversations
  • Tracking digital communications
  • Mapping personal relationships
  • Monitoring location information
  • Collecting metadata without a court warrant

The agency believes the attackers are preparing to launch ransomware within the next 48 hours.

If the attack succeeds:

  • Hospital operations may be disrupted.
  • Emergency rooms may become unavailable.
  • Surgeries may be postponed.
  • Life-support systems may be affected.
  • Patient deaths are considered highly likely.

However:

  • None of the suspects have yet committed a crime.
  • The intelligence is not 100% certain.
  • Some monitored individuals may ultimately be innocent.
  • Conducting surveillance without judicial authorization violates established privacy protections.
  • Once such surveillance becomes acceptable, governments may later expand it to journalists, activists, political opponents, or ordinary citizens.

Analysts estimate:

  • If monitoring is approved, there is an 80% chance the attack can be prevented.
  • If monitoring is denied, there is only a 35% chance of stopping the attack before it occurs.

The Twist

Twelve hours after the request is submitted, hospitals begin reporting suspicious network activity that appears consistent with the intelligence warning.

The threat now appears increasingly credible.

You have only one hour to make a decision.

Your Role

You are a special panel advising the President and National Security Council.

You must determine whether emergency surveillance should be authorized.

 

Discussion Questions

  1. Should privacy protections be temporarily suspended?
  2. Does the possibility of saving lives justify surveillance?
  3. What if the suspects are later found innocent?
  4. What safeguards should exist if monitoring is approved?
  5. How should governments balance privacy and national security?
  6. Could this decision be abused in the future?

Privacy Schools of Thought to Consider

  • Privacy as a Human Right
  • Privacy as Control
  • Privacy as Contextual Integrity
  • Privacy as Limited Access
  • Privacy as Protection from State Intrusion

Ethical Theories to Consider

  • Utilitarianism
  • Deontology
  • Rights-Based Ethics
  • Virtue Ethics
  • Social Contract Theory

 

 

Deliverable

Each group must present:

Requirement Description
Decision What action did your group choose?
Privacy Analysis Which privacy theories support your position?
Ethical Analysis Which ethical theories support your position?
Opposing View What theories would disagree with your decision?
Risks Potential negative consequences of your decision
Final Justification Why your decision is the most defensible option

Important: Your goal is not to find the “correct” answer. Your goal is to demonstrate how ethical reasoning and privacy theories can lead reasonable people to different conclusions when human lives, privacy rights, trust, and societal interests collide.

 

Leave a Reply