Ethics in data management

Beyond the already known potential privacy problems associated with open data, which has already been debated in depth and for which practical solutions and guides are already being offered, a more general and complementary debate has recently emerged around the application of ethical standards in the collection, management and use of data made by organizations.

Each organization must establish its own specific ethical guidelines based on the data use made in each case. There are also global organizations that work to establish reference guidelines in their respective knowledge areas that we could adopt directly, such as the ethical guidelines for the data protection and privacy of the European Commission, the interest group on ethical aspects and social data from the Research Data Alliance or the ethical framework of data science of the government of the United Kingdom.

In any case, when we begin to raise our own ethical guidelines and responsible use of data, we must first leave behind some of the false myths usually established:

• In general, it is often mistakenly believed that ethics in the use of data is something that should only be applied when there is personal data involved, however it is something that involves all types of data in very different ways. For example, if we publish data on pollution in a city and we only do it for less polluted areas, we would be making a clearly unethical and unresponsible use of that data.
• If we comply with the corresponding data protection laws and directives, we may think that we have guaranteed an ethical and responsible use of the data we manage. Nevertheless, although the legislation on data protection is very varied among the different countries and in some cases also very complete, it does not usually cover more general ethical aspects, so they should be seen as a complement rather than a substitute for the standards, defined for our data.
• It can also be wrongly believed again that ethics is something that should only be taken into account when using data. Ethics must be present in all stages of the life cycle and data management, because if, for example, we ignore certain groups during the data collection phase (for example based on their ethnicity, social position or gender), this will have serious consequences later because these groups simply will not exist as part of the population represented in these data and will therefore be discriminated against in any subsequent use made of them.

We also have a very useful resource offered by the Open Data Institute to help us define our own ethical guidelines through the Data Ethics Canvas, which guides us through the main elements that must be taken into account:

Description of our data sources

• Which are your principal characteristics?
• Who has rights and permits over them and with whom are they shared?
• Are there any limitations in them?

What policies and laws shape the use of data?

• Purpose of the use of the data
• Do people understand what their purpose is?
• Who can be positively or negatively affected?
• How can we minimize the negative impact?
• How could those affected interact with the organization?

Risk management

• What is the risk review policy?
• What actions are planned?

This useful resource is also accompanied by a brief practical guide and an extensive application manual. Both will undoubtedly be of great help in dealing with the ethical problems that we increasingly face when we work with data in our organizations.