Citation:

Manan Buddhadev, 2025. "Ethics, Privacy, and Security: Analyzing Data Breaches and their Impact", ESP Journal of Engineering & Technology Advancements  5(2): 62-74.

Abstract:

Privacy has been a fundamental concern for humanity since early civilization, and the rapid increase in information sharing has only intensified this issue. Social media has become a primary medium for communication and connection worldwide. Notably, a January 2018 report from Facebook stated that the platform had over 2.2 billion active monthly users [1], illustrating the vast number of people who share personal information online. This paper examines data privacy breaches and the ethical policies designed to protect data privacy. Additionally, it presents a cause-and-effect model analyzing significant data privacy breaches from the past.

References:

[1] Facebook, "Company Info — Facebook Newsroom." [Online]. Available: https://newsroom.fb.com/company-info/. Accessed: Mar. 25, 2025.

[2] Association for Computing Machinery, "ACM Code of Ethics and Professional Conduct," ACM, 2018.

[3] G. G. Fuster and S. Gutwirth, "Ethics, law and privacy: Disentangling law from ethics in privacy discourse," in Proc. IEEE Int. Symp. Ethics in Eng., Sci., and Technol., 2014, p. 12.

[4] R. Sengupta, "‘Vigilante hacker’ flags security concerns in Aadhaar, govt websites again," The Times of India, 2018.

[5] W. W. Lee, W. Zhang, and H. Chang, "An ethical approach to data privacy protection," ISACA, 2016.

[6] P. Shrivastava, "All you need to know about GDPR - Explained," Hacker Noon. [Online]. Available: https://hackernoon.com/all-you-need-to-know-about-gdpr-explained-8e336a1987ea. Accessed: Mar. 25, 2025.

[7] B. Duncan, "Can EU General Data Protection Regulation compliance be achieved when using cloud computing?" CLOUD COMPUTING 2018, p. 11, 2018.

[8] European Union, "General Data Protection Regulation." [Online]. Available: https://gdpr-info.eu/. Accessed: Mar. 16, 2025.

[9] M. Cornock, "General Data Protection Regulation (GDPR) and implications for research," Elsevier, 2018.

[10] D. Allen, A. Berg, C. Berg, and J. Potts, "Some economic consequences of the GDPR," 2018.

[11] A. Chang, "The Facebook and Cambridge Analytica scandal, explained with a simple diagram," Vox, 2018. [Online]. Available: https://www.vox.com/policy-and-politics/2018/3/23/17151916/facebook-cambridge-analytica-trump-diagram. Accessed: Mar. 25, 2025.

[12] The Verge, "Facebook’s Cambridge Analytica data scandal, explained – YouTube," YouTube, 2018. [Online]. Available: https://www.youtube.com/watch?v=VDR8qGmyEQg. Accessed: Mar. 25, 2025.

[13] S. B. Psaila, "Cambridge Analytica explained: The facts, implications, and open questions," GIP Digital Watch, 2018. [Online]. Available: https://dig.watch/trends/cambridge-analytica. Accessed: Mar. 25, 2025.

[14] C. Duhigg, "How companies learn your secrets," The New York Times, Feb. 16, 2012

[15] F. Z. Maksood and G. Achuthan, "Analysis of data mining techniques and its applications," Analysis, vol. 140, no. 3, 2016.

[16] K. Hill, "How Target figured out a teen girl was pregnant before her father did," Forbes, 2012.

[17] M. Moylan, "Target’s deep customer data mining raises eyebrows," MPR News, 2012. [Online]. Available: https://www.mprnews.org/story/2012/03/07/target-data-mining-privacy. Accessed: Mar. 25, 2025.

[18] A. Weldon, "Attentional commons and the common good: Technology and higher education," Intersections, vol. 2015, no. 42, p. 8, 2015.

[19] C. Doctorow, "OfficeMax sends junkmail addressed to ‘Daughter Killed In Car Crash’," Boing Boing, 2014. [Online]. Available: https://boingboing.net/2014/01/20/officemax-sends-junkmail-addre.html. Accessed: Mar. 22, 2025.

[20] HuffPost, "Mike Seay gets OfficeMax junk mail referencing daughter killed in car crash," HuffPost, 2014. [Online]. Available: https://www.huffingtonpost.com/2014/01/20/mike-seay-officemax-letten-4632822.html. Accessed: Mar. 22, 2025.

[21] M. Pearce, "OfficeMax executive apologizes over ‘daughter killed’ mailer," Los Angeles Times, 2014. [Online]. Available: http://www.latimes.com/nation/la-na-officemax-mess-20140121-story.html. Accessed: Mar. 22, 2025.

[22] A. Merrick, "A death in the database," The New Yorker, 2014. [Online]. Available: https://www.newyorker.com/business/currency/a-death-in-the-database. Accessed: Mar. 22, 2025.

[23] R. Orlove, "How does OfficeMax know this man’s daughter was killed in a car crash?" Jalopnik, 2014. [Online]. Available: https://jalopnik.com/how-does-officemax-know-this-mans-daughter-was-killed-i-1505042599. Accessed: Mar. 22, 2025.

[24] N. Kwan, "OfficeMax sends letter to ‘Daughter Killed in Car Crash’," NBC Chicago, 2014. [Online]. Available: https://www.nbcchicago.com/news/local/OfficeMax-Sends-Letter-to-Daughter-Killed-in-Car-Crash-240941291.html. Accessed: Mar. 22, 2025.

[25] N. Kwan, "OfficeMax apologizes for ‘Daughter Killed in Car Crash’ letter," NBC Chicago, 2014. [Online]. Available: https://www.nbcchicago.com/news/local/OfficeMax-Apologizes-Illinois-Family-Letter-241147581.html. Accessed: Mar. 22, 2025

[26] J. Howerton, "OfficeMax letter includes shocking note about recipient’s dead daughter," Business Insider, 2014. [Online]. Available: http://www.businessinsider.com/officemax-letter-includes-shocking-note-about-recipients-dead-daughter-2014-1. Accessed: Mar. 22, 2025.

[27] Fox News Insider, "OfficeMax junk mail letter mentions death of couple’s daughter," 2014. [Online]. Available: http://insider.foxnews.com/2014/01/20/officemax-junk-mail-letter-mentions-death-couples-daughter. Accessed: Mar. 22, 2025.

[28] R. Morgan, "Uber settles federal probe over ‘God View’ spy software," New York Post, 2017. [Online]. Available: https://nypost.com/2017/08/15/uber-settles-federal-probe-over-god-view-spy-software/. Accessed: Mar. 15, 2025.

[29] C. Smith, "Uber allegedly spied on celebrities like Beyoncé for years," New York Post, 2016. [Online]. Available: https://nypost.com/2016/12/13/uber-allegedly-spied-on-celebrities-like-beyonce-for-years/. Accessed: Mar. 15, 2025.

[30] S. Frizell, "What is Uber really doing with your data?" Time, 2014. [Online]. Available: http://time.com/3595025/uber-data/. Accessed: Mar. 15, 2025

[31] E. Bacharach, "Uber has a ‘God View’ tool and was allegedly using it to spy on celebs," Cosmopolitan, 2016. [Online]. Available: https://www.cosmopolitan.com/lifestyle/a8495499/uber-using-god-view-tool-to-spy-on-celebs/. Accessed: Mar. 15, 2025.

[32] C. Welch, "Uber will pay $20,000 fine in settlement over ‘God View’ tracking," The Verge, 2016. [Online]. Available: https://www.theverge.com/2016/1/6/10726004/uber-god-mode-settlement-fine. Accessed: Mar. 15, 2025.

[33] A. Hern, "Uber employees ‘spied on ex-partners, politicians and Beyoncé’," The Guardian, 2016. [Online]. Available: https://www.theguardian.com/technology/2016/dec/13/uber-employees-spying-ex-partners-politicians-beyonce. Accessed: Mar. 15, 2025.

[34] J. Bhuiyan, "‘God View’: Uber investigates its top New York executive for privacy violations," BuzzFeed News, 2014. [Online]. Available: https://www.buzzfeednews.com/article/johanabhuiyan/uber-is-investigating-its-top-new-york-executive-for-privacy#.eyoM7RdDZv. Accessed: Mar. 15, 2025.

[35] M. Farber, "Uber tracked Lyft drivers with secret ‘Hell’ program," Fortune, 2017. [Online]. Available: http://fortune.com/2017/04/13/uber-lyft-hell/. Accessed: Mar. 15, 2025.

[36] B. M. Wolfe, "Uber’s ‘God View’ is alive and well, say former employees," AppAdvice. [Online]. Available: https://appadvice.com/post/ubers-god-view/731803. Accessed: Mar. 15, 2025.

[37] R. L. Trope and L. L. Hantover, "Reckoning with the hacker age: Cybersecurity developments," Bus. Law., vol. 73, p. 227, 2017.

[38] C. Page, "Uber facing criminal probe over data-mining Greyball software — V3," 2017. [Online]. Available: https://www.v3.co.uk/v3-uk/news/3009582/uber-facing-criminal-probe-over-data-mining-greyball-software. Accessed: Mar. 15, 2025.

[39] R. Felton, "Uber employees use secret tools to target drivers and undercut competition," Jalopnik, 2017. [Online]. Available: https://jalopnik.com/uber-employees-use-secret-tools-to-target-drivers-and-u-1793495814. Accessed: Mar. 15, 2025.

[40] C. Doctorow, "Uber uses data-mining to identify and block riders who may be cops, investigators or regulators / Boing Boing," 2017. [Online]. Available: https://boingboing.net/2017/03/04/sounds-legit.html. Accessed: Mar. 15, 2025.

[41] Wikipedia contributors, "Controversies surrounding Uber — Wikipedia, The Free Encyclopedia," 2018. [Online]. Available: https://en.wikipedia.org/wiki/Controversies_surrounding_Uber. Accessed: Mar. 15, 2025.

[42] M. Isaac, "How Uber deceives the authorities worldwide," 2017.

[43] M. Isaac, "Uber faces federal inquiry over use of Greyball tool to evade authorities," 2017.

[44] A. Sulleyman, "Greyball: What is the creepy feature that got Uber banned in London?," 2017.

[45] G. Harrison, "What is Greyball and why is the Uber software so controversial?," 2017.

[46] Reuters, "Uber: Portland probe finds Greyball used to evade officials," 2017.

[47] T. G. Siracusa Jr, "The Equifax breach: What we learned and how we can protect consumer data," Loy. Consumer L. Rev., vol. 30, p. 460, 2017.

[48] LastWeekTonight, "Equifax: Last Week Tonight with John Oliver (HBO) - YouTube," 2017. [Online]. Available: https://www.youtube.com/watch?v=mPjgRKWJmk. Accessed: Mar. 18, 2025.

[49] B. Fung, "Equifax’s massive 2017 data breach keeps getting worse," 2018.

[50] Federal Trade Commission, "Equifax data breach settlement — Federal Trade Commission," 2017. [Online]. Available: https://www.ftc.gov/enforcement/refunds/equifax-data-breach-settlement. Accessed: Mar. 25, 2025.

[51] Federal Trade Commission et al., "The Equifax data breach: What to do," 2017

[52] J. W. et al., "How the Equifax data breach happened: What we know now," 2017

[53] H. Green, "How the massive Equifax data breach happened," SciShow, 2017. [Online]. Available: https://www.youtube.com/watch?v=6Qbslgpw8U. Accessed: Mar. 19, 2025

[54] J. Luszcz, "Apache Struts 2: how technical and development gaps caused the Equifax breach," Network Security, vol. 2018, no. 1, pp. 5–8, 2018

[55] Y. Swamynathan, "Equifax reveals hack that likely exposed data of 143 million customers," 2017

[56] L. Nicholson et al., "Does the Equifax Inc breach have implications for Australian companies?," Governance Directions, vol. 70, no. 3, p. 134, 2018

[57] J. Chrisos, "Credit agency mistakenly sends 300 confidential reports to Maine woman — State," 2015

[58] Bank of America, "Core Checking® Account - Before You Apply," 2018. [Online]. Available: https://tinyurl.com/bofarequirements. Accessed: Mar. 19, 2025

[59] Federal Trade Commission, "The Equifax data breach: What to do," 2017. [Online]. Available: https://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do. Accessed: Mar. 20, 2025

[60] LifeLock, "Identity theft protection," 2018. [Online]. Available: https://www.lifelock.com/. Accessed: Mar. 20, 2025

[61] Federal Trade Commission et al., "LifeLock will pay 12 million to settle charges by the FTC and 35 states that identity theft prevention and data security claims were false," 2010

[62] L. Vetter, G. Schuepfer, S. P. Kuster, and M. Rossi, "A hospital-wide outbreak of Serratia marcescens, and Ishikawa’s 'fishbone' analysis to support outbreak control," Quality Management in Health Care, vol. 25, no. 1, p. 1, 2016

[63] G. Ilie and C. N. Ciocoiu, "Application of fishbone diagram to determine the risk of an event with multiple causes," Management Research and Practice, vol. 2, no. 1, pp. 1–20, 2010

[64] T. Armerding, "The 17 biggest data breaches of the 21st century," CSO Online, 2018. [Online]. Available: https://www.csoonline.com/article/2130877/data-breach/the-biggest-data-breaches-of-the-21st-century.html. Accessed: Mar. 24, 2025

[65] J. Wakefield, "eBay faces investigations over massive data breach," BBC News, 2014

[66] S. Coty, "The eBay breach explained," SC Magazine. [Online]. Available: https://www.scmagazine.com/the-ebay-breach-explained/article/537762/. Accessed: Mar. 24, 2025

[67] J. Bort, "How the hackers broke into Sony," Business Insider, 2014. [Online]. Available: https://www.businessinsider.com/how-the-hackers-broke-into-sony-2014-12. Accessed: Mar. 24, 2025

[68] I. Munro, "Whistle-blowing and the politics of truth: Mobilizing ‘truth games’ in the WikiLeaks case," Human Relations, vol. 70, no. 5, pp. 519–543, 2017

[69] M. Isaac, K. Benner, and S. Frenkel, "Uber hid 2016 breach, paying hackers to delete stolen data," New York Times, Nov. 21, 2017

[70] B. Hawkins, "Case study: The Home Depot data breach," 2015. [Online]. Available: Retrieved Jan. 19, 2016

[71] N. Manworren, J. Letwat, and O. Daily, "Why you should care about the Target data breach," Business Horizons, vol. 59, no. 3, pp. 257–266, 2016

[72] D. MacMillan, "Tech’s ‘dirty secret’: The app developers sifting through your Gmail," Wall Street Journal, 2018. [Online]. Available: https://www.wsj.com/articles/techs-dirty-secret-the-app-developers-sifting-through-your-gmail-1530544442. Accessed: Mar. 25, 2025

[73] J. Constine, "Former employees say Lyft staffers spied on passengers," 2018

[74] N. E. Weiss and R. S. Miller, "The Target and other financial data breaches: Frequently asked questions," Congressional Research Service, vol. 4, Feb. 2015

[75] K. Zetter, "VeriSign hit by hackers in 2010," Wired, 2012. [Online]. Available: https://www.wired.com/2012/02/verisign-hacked-in-2010/. Accessed: Mar. 24, 2025

[76] K. Finklea, M. D. Christensen, E. A. Fischer, S. V. Lawrence, and C. A. Theohary, "Cyber intrusion into US Office of Personnel Management: In brief," Congressional Research Service, Library of Congress, Washington, DC, 2015

[77] B. Krebs, "Adobe breach impacted at least 38 million users," Krebs on Security, 2013

[78] B. Krebs, "Adobe to announce source code, customer data breach," Krebs on Security, 2013

[79] D. Green and M. Hanbury, "Companies with data breaches in 2018," Business Insider. [Online]. Available: https://www.businessinsider.com/data-breaches-2018-4

[80] I. Mangla, "Macy’s & Bloomingdale’s data breach: What you need to know," Experian, 2018. [Online]. Available: https://www.experian.com/blogs/ask-experian/macys-bloomingdales-data-breach-what-you-need-to-know/. Accessed: Mar. 24, 2025

[81] H. George-Parkin, "Macy’s data breach: Customer emails, credit cards compromised," Footwear News, 2018. [Online]. Available: https://footwearnews.com/2018/business/retail/macys-data-breach-emails-credit-cards-1202585526/. Accessed: Mar. 24, 2025

[82] K. Bhasin, "Adidas says millions of U.S. customers being alerted of breach," Bloomberg, 2018. [Online]. Available: https://www.bloomberg.com/news/articles/2018-06-28/adidas-says-millions-of-u-s-customers-being-alerted-of-breach. Accessed: Mar. 24, 2025

[83] D. Green, "Adidas warns customers of potential data breach," Business Insider, 2018. [Online]. Available: https://ww.businessinsider.com/adidas-warns-customers-potential-data-breach-2018-6. Accessed: Mar. 24, 2025

[84] Indiatimes, "An online researcher hacked into Aadhaar’s official Android app to show how poorly it’s secured," 2018. [Online]. Available: https://tinyurl.com/aadharbreach. Accessed: Mar. 24, 2025

[85] S. Ragan, "Adult Friend Finder confirms data breach, 3.5 million records exposed," CSO Online, 2015. [Online]. Available: https://www.csoonline.com/article/551561/adult-friend-finder-confirms-data-breach-3-5-million-records-exposed.html. Accessed: Mar. 24, 2025

[86] J. S. Cheney, "Heartland Payment Systems: Lessons learned from a data breach," FRB of Philadelphia – Payment Cards Center Discussion Paper, vol. 10, no. 1, 2010

[87] W. Xu, G. Grant, H. Nguyen, and X. Dai, "Security breach: The case of TJX Companies, Inc.," Communications of the Association for Information Systems, vol. 23, no. 1, p. 31, 2008

[88] J. Leyden, "RSA explains how attackers breached its systems," The Register, vol. 4, 2011

[89] R. Langner, "Stuxnet: Dissecting a cyberwarfare weapon," IEEE Security & Privacy, vol. 9, no. 3, pp. 49–51, 2011

[90] S. Larson, "Every single Yahoo account was hacked—3 billion in all," CNN Tech, Oct. 4, 2017

[91] P. Paganini, "Cybercrime exploits Anthem data breach in phishing campaigns," 2015

Keywords:

Ethics, AI, Privacy, Data Governance, Data Science, Data Engineering, Data Breaches.